62 lines
3.1 KiB
PowerShell
62 lines
3.1 KiB
PowerShell
. $PSScriptRoot\..\..\Load-PesterModules.ps1
|
|
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
|
|
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
|
|
$functionPath = Join-Path -Path $here -ChildPath $sut
|
|
Write-Host "Overriding SUT: $functionPath"
|
|
Import-Module $functionPath -Force
|
|
$moduleForMock = ""
|
|
|
|
Describe "Move-AccountToDisabledOU" {
|
|
|
|
$fakeAccountName = "FakeyMcFakeAccount"
|
|
|
|
Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Move-AccountToDisabledOU.tests' }
|
|
Mock -CommandName Move-ADObject -ModuleName $moduleForMock -MockWith { }
|
|
Mock -CommandName Write-Warning -ModuleName $moduleForMock -MockWith { }
|
|
|
|
Context "User Permissions" {
|
|
|
|
It "Writes a Warning and Exits Early if the User Does Not Have Domain Admin Rights" {
|
|
|
|
Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $false }
|
|
|
|
Move-AccountToDisabledOU -AccountDistinguishedName "CN=$fakeAccountName,CN=Managed Service Accounts,OU=Disabled Accounts,DC=fh,DC=local"
|
|
|
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
|
|
-ParameterFilter { $Message -match "You must have domain administrative privileges" } -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Move-ADObject -Times 0 -Exactly -Scope It
|
|
}
|
|
}
|
|
|
|
Context "Logic" {
|
|
|
|
Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $true }
|
|
|
|
It "Writes a Warning and Does Not Move the User if it is already in the Disabled Users OU" {
|
|
|
|
Move-AccountToDisabledOU -AccountDistinguishedName "CN=$fakeAccountName,CN=Managed Service Accounts,OU=Disabled Accounts,DC=fh,DC=local"
|
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Write-Warning `
|
|
-ParameterFilter { $Message -match "is already in Disabled Accounts OU" } -Times 1 -Exactly -Scope It
|
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Move-ADObject -Times 0 -Exactly -Scope It
|
|
}
|
|
|
|
It "Moves the User to the Disabled Users OU" {
|
|
|
|
Move-AccountToDisabledOU -AccountDistinguishedName "CN=$fakeAccountName,CN=Managed Service Accounts,OU=Active Accounts,DC=foo,DC=bar"
|
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Move-ADObject -Times 1 -Exactly -Scope It `
|
|
-ParameterFilter { ($Identity -match "$fakeAccountName") -and ($TargetPath -eq "OU=Disabled Accounts,DC=fh,DC=local") }
|
|
}
|
|
}
|
|
|
|
Context "Parameter Validation" {
|
|
|
|
Mock Test-IsUserDomainAdmin -ModuleName $moduleForMock -MockWith { return $true }
|
|
|
|
It "Uses the Supplied Domain and OU for the Disabled OU" {
|
|
|
|
Move-AccountToDisabledOU -AccountDistinguishedName "CN=$fakeAccountName,CN=Managed Service Accounts,DC=foo,DC=bar" -DisabledAccountOU "Foobar" -DomainName "foo.bar"
|
|
Assert-MockCalled -ModuleName $moduleForMock -CommandName Move-ADObject -Times 1 -Exactly -Scope It `
|
|
-ParameterFilter { ($Identity -match "$fakeAccountName") -and ($TargetPath -eq "OU=Foobar,DC=foo,DC=bar") }
|
|
}
|
|
}
|
|
} |