ps/Modules/Alkami.DevOps.SystemEngineering/Public/Update-SftpPassword.tests.ps1

. $PSScriptRoot\..\..\Load-PesterModules.ps1
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
$functionPath = Join-Path -Path $here -ChildPath $sut
Write-Host "Overriding SUT: $functionPath"
Import-Module $functionPath -Force
$moduleForMock = ''

Describe 'Update-SftpPassword' {

    $fakeAccountName = 'FakeyMcFakeAccount-SFTP'
    $fakePassword = 'ThisIsAPassword'
    $generatedPassword = '@ut0Generated'

    Mock -CommandName Get-SupportedAwsRegions -ModuleName $moduleForMock -MockWith { return @( 'us-east-1' ) }
    Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'New-SftpUser.tests' }
    Mock -CommandName New-SecurePassword -ModuleName $moduleForMock -MockWith { return $generatedPassword }
    Mock -CommandName Update-SECSecret -ModuleName $moduleForMock -MockWith {}
    Mock -CommandName Write-Error -ModuleName $moduleForMock -MockWith {}
    Mock -CommandName ConvertFrom-Json -ModuleName $moduleForMock -MockWith { return New-Object -TypeName PSObject -Property @{ Password = $fakePassword } }
    Mock -CommandName ConvertTo-Json -ModuleName $moduleForMock -MockWith { return '{}' }
    Mock -CommandName Import-AWSModule -ModuleName $moduleForMock -MockWith {}

    Context 'Parameter Validation' {

        It 'Throws if Username is Null' {
            { Update-SftpPassword -Username $null } | Should -Throw
        }

        It 'Throws if Username is Empty' {
            { Update-SftpPassword -Username '' } | Should -Throw
        }

        It 'Throws if Password is Null' {
            { Update-SftpPassword -Username $fakeAccountName -Password $null } | Should -Throw
        }

        It 'Throws if Password is Empty' {
            { Update-SftpPassword -Username $fakeAccountName -Password '' } | Should -Throw
        }

        It 'Throws if Profile Name is Null' {
            { Update-SftpPassword -Username $fakeAccountName -ProfileName $null } | Should -Throw
        }

        It 'Throws if Profile Name is Empty' {
            { Update-SftpPassword -Username $fakeAccountName -ProfileName '' } | Should -Throw
        }

        It 'Throws if Profile Name is Not in Supported List' {
            { Update-SftpPassword -Username $fakeAccountName -ProfileName 'temp-test' } | Should -Throw
        }

        It 'Throws if Region is Not in Supported List' {
            { Update-SftpPassword -Username $fakeAccountName -Region 'Test' } | Should -Throw
        }
    }

    Context 'Error Handling' {

        Mock -CommandName Get-SECSecretValue -ModuleName $moduleForMock -MockWith { return $null }

        It 'Writes Error and Returns Null If Password Hash Fails' {

            Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $null }

            Update-SftpPassword -Username $fakeAccountName | Should -BeNull

            Assert-MockCalled -CommandName Write-Error `
                -ParameterFilter { $Message -match 'Unable to generate password hash for SFTP user.' } -Times 1 -Exactly -Scope It
            Assert-MockCalled -CommandName Update-SECSecret -Times 0 -Exactly -Scope It
            Assert-MockCalled -CommandName Get-SECSecretValue -Times 0 -Exactly -Scope It
        }

        It 'Writes Error and Returns Null if AWS Lookup Fails' {

            Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $fakePassword }

            Update-SftpPassword -Username $fakeAccountName | Should -BeNull

            Assert-MockCalled -CommandName Write-Error `
                -ParameterFilter { $Message -match 'Unable to retrieve secret for user' } -Times 1 -Exactly -Scope It
            Assert-MockCalled -CommandName Update-SECSecret -Times 0 -Exactly -Scope It
            Assert-MockCalled -CommandName Get-SECSecretValue -Times 1 -Exactly -Scope It
        }
    }

    Context 'Logic' {

        Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $fakePassword }
        Mock -CommandName Get-SECSecretValue -ModuleName $moduleForMock -MockWith { return '{}' }

        It 'Does Not Modify Username' {

            $result = Update-SftpPassword -Username $fakeAccountName
            $result.Username | Should -BeExactly $fakeAccountName
        }

        It 'Uses Password if Provided' {

            $result = Update-SftpPassword -Username $fakeAccountName -Password $fakePassword
            $result.Password | Should -BeExactly $fakePassword
        }

        It 'Uses Generated Password if Not Provided' {

            $result = Update-SftpPassword -Username $fakeAccountName
            $result.Password | Should -BeExactly $generatedPassword
        }
    }
}
First full commit 2023-05-30 22:51:22 -07:00			`. $PSScriptRoot\..\..\Load-PesterModules.ps1`
			`$here = Split-Path -Parent $MyInvocation.MyCommand.Path`
			`$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'`
			`$functionPath = Join-Path -Path $here -ChildPath $sut`
			`Write-Host "Overriding SUT: $functionPath"`
			`Import-Module $functionPath -Force`
			`$moduleForMock = ''`

			`Describe 'Update-SftpPassword' {`

			`$fakeAccountName = 'FakeyMcFakeAccount-SFTP'`
			`$fakePassword = 'ThisIsAPassword'`
			`$generatedPassword = '@ut0Generated'`

			`Mock -CommandName Get-SupportedAwsRegions -ModuleName $moduleForMock -MockWith { return @( 'us-east-1' ) }`
			`Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'New-SftpUser.tests' }`
			`Mock -CommandName New-SecurePassword -ModuleName $moduleForMock -MockWith { return $generatedPassword }`
			`Mock -CommandName Update-SECSecret -ModuleName $moduleForMock -MockWith {}`
			`Mock -CommandName Write-Error -ModuleName $moduleForMock -MockWith {}`
			`Mock -CommandName ConvertFrom-Json -ModuleName $moduleForMock -MockWith { return New-Object -TypeName PSObject -Property @{ Password = $fakePassword } }`
			`Mock -CommandName ConvertTo-Json -ModuleName $moduleForMock -MockWith { return '{}' }`
			`Mock -CommandName Import-AWSModule -ModuleName $moduleForMock -MockWith {}`

			`Context 'Parameter Validation' {`

			`It 'Throws if Username is Null' {`
			`{ Update-SftpPassword -Username $null } \| Should -Throw`
			`}`

			`It 'Throws if Username is Empty' {`
			`{ Update-SftpPassword -Username '' } \| Should -Throw`
			`}`

			`It 'Throws if Password is Null' {`
			`{ Update-SftpPassword -Username $fakeAccountName -Password $null } \| Should -Throw`
			`}`

			`It 'Throws if Password is Empty' {`
			`{ Update-SftpPassword -Username $fakeAccountName -Password '' } \| Should -Throw`
			`}`

			`It 'Throws if Profile Name is Null' {`
			`{ Update-SftpPassword -Username $fakeAccountName -ProfileName $null } \| Should -Throw`
			`}`

			`It 'Throws if Profile Name is Empty' {`
			`{ Update-SftpPassword -Username $fakeAccountName -ProfileName '' } \| Should -Throw`
			`}`

			`It 'Throws if Profile Name is Not in Supported List' {`
			`{ Update-SftpPassword -Username $fakeAccountName -ProfileName 'temp-test' } \| Should -Throw`
			`}`

			`It 'Throws if Region is Not in Supported List' {`
			`{ Update-SftpPassword -Username $fakeAccountName -Region 'Test' } \| Should -Throw`
			`}`
			`}`

			`Context 'Error Handling' {`

			`Mock -CommandName Get-SECSecretValue -ModuleName $moduleForMock -MockWith { return $null }`

			`It 'Writes Error and Returns Null If Password Hash Fails' {`

			`Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $null }`

			`Update-SftpPassword -Username $fakeAccountName \| Should -BeNull`

			Assert-MockCalled -CommandName Write-Error `
			`-ParameterFilter { $Message -match 'Unable to generate password hash for SFTP user.' } -Times 1 -Exactly -Scope It`
			`Assert-MockCalled -CommandName Update-SECSecret -Times 0 -Exactly -Scope It`
			`Assert-MockCalled -CommandName Get-SECSecretValue -Times 0 -Exactly -Scope It`
			`}`

			`It 'Writes Error and Returns Null if AWS Lookup Fails' {`

			`Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $fakePassword }`

			`Update-SftpPassword -Username $fakeAccountName \| Should -BeNull`

			Assert-MockCalled -CommandName Write-Error `
			`-ParameterFilter { $Message -match 'Unable to retrieve secret for user' } -Times 1 -Exactly -Scope It`
			`Assert-MockCalled -CommandName Update-SECSecret -Times 0 -Exactly -Scope It`
			`Assert-MockCalled -CommandName Get-SECSecretValue -Times 1 -Exactly -Scope It`
			`}`
			`}`

			`Context 'Logic' {`

			`Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $fakePassword }`
			`Mock -CommandName Get-SECSecretValue -ModuleName $moduleForMock -MockWith { return '{}' }`

			`It 'Does Not Modify Username' {`

			`$result = Update-SftpPassword -Username $fakeAccountName`
			`$result.Username \| Should -BeExactly $fakeAccountName`
			`}`

			`It 'Uses Password if Provided' {`

			`$result = Update-SftpPassword -Username $fakeAccountName -Password $fakePassword`
			`$result.Password \| Should -BeExactly $fakePassword`
			`}`

			`It 'Uses Generated Password if Not Provided' {`

			`$result = Update-SftpPassword -Username $fakeAccountName`
			`$result.Password \| Should -BeExactly $generatedPassword`
			`}`
			`}`
			`}`