. $PSScriptRoot\..\..\Load-PesterModules.ps1 $here = Split-Path -Parent $MyInvocation.MyCommand.Path $sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.' $functionPath = Join-Path -Path $here -ChildPath $sut Write-Host "Overriding SUT: $functionPath" Import-Module $functionPath -Force $moduleForMock = "" Describe "Get-ActiveDirectoryAccount" { $fakeAccountName = "FakeyMcFakeAccount" Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Get-ActiveDirectoryAccount.tests' } Mock -CommandName Write-Warning -ModuleName $moduleForMock -MockWith { } Context "User Permissions" { It "Writes a Warning if No Account Found and the User Does Not Have Domain Admin Rights" { Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $false } Mock Get-ADUser -ModuleName $moduleForMock -MockWith { } Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { } Get-ActiveDirectoryAccount $fakeAccountName | Should -BeNull Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning ` -ParameterFilter { $Message -match "This command is being run without domain administrative privileges" } -Times 1 -Exactly -Scope It } } Context "When Accounts Are Not Found" { Mock -CommandName Write-Verbose -ModuleName $moduleForMock -MockWith { } It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD User Found" { $expectedExceptionMessage = "Fuzzy Wuzzy Was A Bear" Mock Get-ADUser -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage } Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { } { Get-ActiveDirectoryAccount $fakeAccountName -Verbose } | Should -Not -Throw Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose ` -ParameterFilter { $Message -match "Get-ADUser: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It } It "Catches Exceptions, Writes to Verbose Stream, and Continues When no AD Service Account Found" { $expectedExceptionMessage = "Fuzzy Wuzzy Had No Hair" Mock Get-ADUser -ModuleName $moduleForMock -MockWith { } Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { throw $expectedExceptionMessage } { Get-ActiveDirectoryAccount $fakeAccountName -Verbose } | Should -Not -Throw Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Verbose ` -ParameterFilter { $Message -match "Get-ADServiceAccount: $expectedExceptionMessage" } -Times 1 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 1 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 1 -Exactly -Scope It } } Context "Parameter Validation and Manipulation" { Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $true } It "Outputs an object of type PSObject[]" { (Get-Command Get-ActiveDirectoryAccount).OutputType.Type.ToString() | Should -BeExactly "System.Management.Automation.PSObject[]" } It "Writes a Warning and Exits Early if the Identity Contains Only Whitespace Characters" { Mock Get-ADUser -ModuleName $moduleForMock -MockWith { } Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { } Get-ActiveDirectoryAccount " " | Should -BeNull Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning ` -ParameterFilter { $Message -match "Identity \[ \] must contain at least one non-whitespace character." } -Times 1 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser -Times 0 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It } It "Does Not Call Get-ADServiceAccount if Get-ADUser Returns User" { Mock Get-ADUser -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) } Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { } Get-ActiveDirectoryAccount $fakeAccountName | Should -Not -BeNull Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount -Times 0 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser ` -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It } It "Does Call Get-ADServiceAccount if Get-ADUser Returns Null" { Mock Get-ADUser -ModuleName $moduleForMock -MockWith { } Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) } Get-ActiveDirectoryAccount $fakeAccountName | Should -Not -BeNull Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser ` -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount ` -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It } It "Trims Provided Account Name" { Mock Get-ADUser -ModuleName $moduleForMock -MockWith { } Mock Get-ADServiceAccount -ModuleName $moduleForMock -MockWith { return (New-Object Microsoft.ActiveDirectory.Management.ADAccount($fakeAccountName)) } Get-ActiveDirectoryAccount " $fakeAccountName " | Should -Not -BeNull Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning -Times 0 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADUser ` -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It Assert-MockCalled -ModuleName $moduleForMock -CommandName Get-ADServiceAccount ` -ParameterFilter { $Identity.ToString() -eq $fakeAccountName } -Times 1 -Exactly -Scope It } } }