. $PSScriptRoot\..\..\Load-PesterModules.ps1
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
$functionPath = Join-Path -Path $here -ChildPath $sut
Write-Host "Overriding SUT: $functionPath"
Import-Module $functionPath -Force
$moduleForMock = ""

Describe "Get-BitLockerRecoveryKeys" {

    Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Get-BitLockerRecoveryKeys.tests' }
    Mock -CommandName Write-Warning   -ModuleName $moduleForMock -MockWith { }

    Context "User Permissions" {
        
        It "Writes a Warning and Exits Early if the User Does Not Have Domain Admin Rights" {

            Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $false }
            Mock Get-ADComputer         -ModuleName $moduleForMock -MockWith { }
            Mock Get-ADObject           -ModuleName $moduleForMock -MockWith { }

            Get-BitLockerRecoveryKeys "FAKEHOST123" | Should -BeNull
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
                -ParameterFilter { $Message -match "You must have domain administrative privileges" } -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADComputer -Times 0 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADObject   -Times 0 -Exactly -Scope It
        }
    }

    Context "Parameter Validation and Manipulation" {

        Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $true }
        Mock Get-ADObject           -ModuleName $moduleForMock -MockWith { return $null }

        It "Writes a Warning and Continues if the Computer Is Not Found" {

            Mock Get-ADComputer -ModuleName $moduleForMock -MockWith { return $null }

            Get-BitLockerRecoveryKeys "FAKEHOST123" | Should -HaveCount 0
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
                -ParameterFilter { $Message -match "Unable to find host \[FAKEHOST123\] in AD; verify your hostname." } -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADComputer -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADObject   -Times 0 -Exactly -Scope It
        }

        It "Writes a Warning and Continues if the AD Object Is Not Found" {

            Mock Get-ADComputer -ModuleName $moduleForMock -MockWith { return @{ DistinguishedName = 'CN=Test,CN=Managed Service Accounts,DC=foo,DC=bar'} }

            Get-BitLockerRecoveryKeys "FAKEHOST123" | Should -HaveCount 0
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
                -ParameterFilter { $Message -match "Unable to retrieve BitLocker Recovery value for host: \[FAKEHOST123\]" } -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADComputer -Times 1 -Exactly -Scope It
            Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADObject `
                -ParameterFilter { ($SearchBase -match "CN=Test,CN=Managed Service Accounts,DC=foo,DC=bar")} -Times 1 -Exactly -Scope It
        }
    }
}