. $PSScriptRoot\..\..\Load-PesterModules.ps1 $here = Split-Path -Parent $MyInvocation.MyCommand.Path $sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.' $functionPath = Join-Path -Path $here -ChildPath $sut Write-Host "Overriding SUT: $functionPath" Import-Module $functionPath -Force $moduleForMock = '' Describe 'Update-SftpPassword' { $fakeAccountName = 'FakeyMcFakeAccount-SFTP' $fakePassword = 'ThisIsAPassword' $generatedPassword = '@ut0Generated' Mock -CommandName Get-SupportedAwsRegions -ModuleName $moduleForMock -MockWith { return @( 'us-east-1' ) } Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'New-SftpUser.tests' } Mock -CommandName New-SecurePassword -ModuleName $moduleForMock -MockWith { return $generatedPassword } Mock -CommandName Update-SECSecret -ModuleName $moduleForMock -MockWith {} Mock -CommandName Write-Error -ModuleName $moduleForMock -MockWith {} Mock -CommandName ConvertFrom-Json -ModuleName $moduleForMock -MockWith { return New-Object -TypeName PSObject -Property @{ Password = $fakePassword } } Mock -CommandName ConvertTo-Json -ModuleName $moduleForMock -MockWith { return '{}' } Mock -CommandName Import-AWSModule -ModuleName $moduleForMock -MockWith {} Context 'Parameter Validation' { It 'Throws if Username is Null' { { Update-SftpPassword -Username $null } | Should -Throw } It 'Throws if Username is Empty' { { Update-SftpPassword -Username '' } | Should -Throw } It 'Throws if Password is Null' { { Update-SftpPassword -Username $fakeAccountName -Password $null } | Should -Throw } It 'Throws if Password is Empty' { { Update-SftpPassword -Username $fakeAccountName -Password '' } | Should -Throw } It 'Throws if Profile Name is Null' { { Update-SftpPassword -Username $fakeAccountName -ProfileName $null } | Should -Throw } It 'Throws if Profile Name is Empty' { { Update-SftpPassword -Username $fakeAccountName -ProfileName '' } | Should -Throw } It 'Throws if Profile Name is Not in Supported List' { { Update-SftpPassword -Username $fakeAccountName -ProfileName 'temp-test' } | Should -Throw } It 'Throws if Region is Not in Supported List' { { Update-SftpPassword -Username $fakeAccountName -Region 'Test' } | Should -Throw } } Context 'Error Handling' { Mock -CommandName Get-SECSecretValue -ModuleName $moduleForMock -MockWith { return $null } It 'Writes Error and Returns Null If Password Hash Fails' { Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $null } Update-SftpPassword -Username $fakeAccountName | Should -BeNull Assert-MockCalled -CommandName Write-Error ` -ParameterFilter { $Message -match 'Unable to generate password hash for SFTP user.' } -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Update-SECSecret -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Get-SECSecretValue -Times 0 -Exactly -Scope It } It 'Writes Error and Returns Null if AWS Lookup Fails' { Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $fakePassword } Update-SftpPassword -Username $fakeAccountName | Should -BeNull Assert-MockCalled -CommandName Write-Error ` -ParameterFilter { $Message -match 'Unable to retrieve secret for user' } -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Update-SECSecret -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Get-SECSecretValue -Times 1 -Exactly -Scope It } } Context 'Logic' { Mock -CommandName New-SftpPasswordHash -ModuleName $moduleForMock -MockWith { return $fakePassword } Mock -CommandName Get-SECSecretValue -ModuleName $moduleForMock -MockWith { return '{}' } It 'Does Not Modify Username' { $result = Update-SftpPassword -Username $fakeAccountName $result.Username | Should -BeExactly $fakeAccountName } It 'Uses Password if Provided' { $result = Update-SftpPassword -Username $fakeAccountName -Password $fakePassword $result.Password | Should -BeExactly $fakePassword } It 'Uses Generated Password if Not Provided' { $result = Update-SftpPassword -Username $fakeAccountName $result.Password | Should -BeExactly $generatedPassword } } }