125 lines
8.4 KiB
PowerShell
125 lines
8.4 KiB
PowerShell
. $PSScriptRoot\..\..\Load-PesterModules.ps1
|
|
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
|
|
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
|
|
$global:functionPath = Join-Path -Path $here -ChildPath $sut
|
|
|
|
InModuleScope -ModuleName Alkami.DevOps.SystemEngineering -ScriptBlock {
|
|
Write-Host "InModuleScope - Overriding SUT: $global:functionPath"
|
|
Import-Module $global:functionPath -Force
|
|
$inScopeModule = "Alkami.DevOps.SystemEngineering"
|
|
|
|
Describe "New-ServerlessServiceAccountActiveDirectoryUserPair" {
|
|
|
|
Mock -CommandName Get-LogLeadName -ModuleName $inScopeModule -MockWith { return 'New-ServerlessServiceAccountActiveDirectoryUserPair.tests' }
|
|
Mock -CommandName Get-DomainNameDistinguishedName -ModuleName $inScopeModule -MockWith { return 'DC=fh,DC=local' }
|
|
Mock -CommandName Write-Error -ModuleName $inScopeModule -MockWith {}
|
|
Mock -CommandName Add-ADGroupMember -ModuleName $inScopeModule -MockWith {}
|
|
|
|
$testCredential = New-Object 'Management.Automation.PsCredential' 'Test', ( ConvertTo-SecureString -AsPlainText -Force -String 'Test' )
|
|
|
|
$testList = @()
|
|
$testList += ( New-Object 'Management.Automation.PsCredential' 'test1', ( ConvertTo-SecureString -AsPlainText -Force -String 'test1' ))
|
|
$testList += ( New-Object 'Management.Automation.PsCredential' 'test2', ( ConvertTo-SecureString -AsPlainText -Force -String 'test2' ))
|
|
|
|
Context "Parameter Validation" {
|
|
|
|
It "Throws if UserDataList has too few elements" {
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList @() } | Should -Throw
|
|
}
|
|
|
|
It "Throws if UserDataList has too many elements" {
|
|
$badTestList = @()
|
|
$badTestList += ( New-Object 'Management.Automation.PsCredential' 'test1', ( ConvertTo-SecureString -AsPlainText -Force -String 'test1' ))
|
|
$badTestList += ( New-Object 'Management.Automation.PsCredential' 'test2', ( ConvertTo-SecureString -AsPlainText -Force -String 'test2' ))
|
|
$badTestList += ( New-Object 'Management.Automation.PsCredential' 'test3', ( ConvertTo-SecureString -AsPlainText -Force -String 'test3' ))
|
|
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $badTestList } | Should -Throw
|
|
}
|
|
|
|
It "Throws if UserOuPathCommon Is Null" {
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon $null } | Should -Throw
|
|
}
|
|
|
|
It "Throws if UserOuPathCommon Is Empty" {
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon '' } | Should -Throw
|
|
}
|
|
|
|
It "Throws if Environment Is Not In Approved List" {
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon 'Test' -Environment 'Test' } | Should -Throw
|
|
}
|
|
|
|
It "Throws if TicketNumber Does Not Match Regex" {
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon 'Test' -Environment 'Dev' -TicketNumber 'Test!' } | Should -Throw
|
|
}
|
|
}
|
|
|
|
Context "Logic" {
|
|
|
|
It "Writes Error and Throws if SQL Group Not Found" {
|
|
|
|
Mock -CommandName Get-ADGroup -ModuleName $inScopeModule -MockWith { return $null }
|
|
Mock -CommandName Get-ADUser -ModuleName $inScopeModule -MockWith { return $null }
|
|
Mock -CommandName New-ADUser -ModuleName $inScopeModule -MockWith {}
|
|
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon 'Test' `
|
|
-Environment 'Dev' -TicketNumber 'Test-123' } | Should -Throw "Unable to find Active Directory group"
|
|
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Write-Error -Times 1 -Exactly -Scope It `
|
|
-ParameterFilter { $Message -match 'Unable to find Active Directory group named' }
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADGroup -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADUser -Times 0 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName New-ADUser -Times 0 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Add-ADGroupMember -Times 0 -Exactly -Scope It
|
|
}
|
|
|
|
It "Writes Error and Throws if User Already Exists" {
|
|
|
|
Mock -CommandName Get-ADGroup -ModuleName $inScopeModule -MockWith { return $true }
|
|
Mock -CommandName Get-ADUser -ModuleName $inScopeModule -MockWith { return $true }
|
|
Mock -CommandName New-ADUser -ModuleName $inScopeModule -MockWith {}
|
|
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon 'Test' `
|
|
-Environment 'Dev' -TicketNumber 'Test-123' } | Should -Throw "Found pre-existing user"
|
|
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Write-Error -Times 1 -Exactly -Scope It `
|
|
-ParameterFilter { $Message -match 'Found pre-existing user named' }
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADGroup -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADUser -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName New-ADUser -Times 0 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Add-ADGroupMember -Times 0 -Exactly -Scope It
|
|
}
|
|
|
|
It "Writes Error and Throws if User Creation Fails" {
|
|
|
|
Mock -CommandName Get-ADGroup -ModuleName $inScopeModule -MockWith { return $true }
|
|
Mock -CommandName Get-ADUser -ModuleName $inScopeModule -MockWith { return $null }
|
|
Mock -CommandName New-ADUser -ModuleName $inScopeModule -MockWith { throw "Test" }
|
|
|
|
{ New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon 'Test' `
|
|
-Environment 'Dev' -TicketNumber 'Test-123' } | Should -Throw "Creation of user 'test1' failed"
|
|
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Write-Error -Times 1 -Exactly -Scope It `
|
|
-ParameterFilter { $Message -match "Creation of user 'test1' failed" }
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADGroup -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADUser -Times 2 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName New-ADUser -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Add-ADGroupMember -Times 0 -Exactly -Scope It
|
|
}
|
|
|
|
It "Creates Users and Adds Users to Group" {
|
|
|
|
Mock -CommandName Get-ADGroup -ModuleName $inScopeModule -MockWith { return New-Object Microsoft.ActiveDirectory.Management.ADPrincipal }
|
|
Mock -CommandName Get-ADUser -ModuleName $inScopeModule -MockWith { return $null }
|
|
Mock -CommandName New-ADUser -ModuleName $inScopeModule -MockWith {}
|
|
|
|
New-ServerlessServiceAccountActiveDirectoryUserPair -Cred $testCredential -UserDataList $testList -UserOuPathCommon 'Test' -Environment 'Dev' -TicketNumber 'Test-123'
|
|
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Write-Error -Times 0 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADGroup -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Get-ADUser -Times 2 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName New-ADUser -Times 2 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $inScopeModule -CommandName Add-ADGroupMember -Times 4 -Exactly -Scope It
|
|
}
|
|
}
|
|
}
|
|
} |