-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Created first unit test case * Created second test case * Added beforeAll condition to declare vars and added another unit test case
- Loading branch information
Showing
3 changed files
with
111 additions
and
0 deletions.
There are no files selected for viewing
33 changes: 33 additions & 0 deletions
33
...T GLOBAL ADMINS ACCOUNT/Audit/Check-BreakGlassAccountIdentityProtectionLicense.Tests.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| Import-Module ".\src\GUARDRAIL 1 PROTECT ROOT GLOBAL ADMINS ACCOUNT\Audit\Check-BreakGlassAccountIdentityProtectionLicense.psm1" | ||
|
|
||
| Describe "Get-BreakGlassAccountLicense Function" { | ||
| BeforeAll { | ||
| $FirstBreakGlassUPN = "[email protected]" | ||
| $SecondBreakGlassUPN = "[email protected]" | ||
| $ControlName = "Guardrails1" | ||
| $ItemName = "Break Glass Microsoft Entra ID P2" | ||
| $itsgcode = "AC2(7)" | ||
|
|
||
| $msgTable = @{ | ||
| firstBgAccount = "First BG Account" | ||
| secondBgAccount = "Second BG Account" | ||
| bgValidLicenseAssigned = "has a valid license assigned" | ||
| bgNoValidLicenseAssigned = "does not have a valid license assigned" | ||
| } | ||
| } | ||
|
|
||
| It "Should return compliant results when both accounts have a valid license" { | ||
| $result = Get-BreakGlassAccountLicense -FirstBreakGlassUPN $FirstBreakGlassUPN -SecondBreakGlassUPN $SecondBreakGlassUPN -ControlName $ControlName -ItemName $ItemName -itsgcode $itsgcode -msgTable $msgTable -ReportTime "2024-01-01" | ||
| $result.ComplianceResults.ComplianceStatus | Should -Be $true | ||
| } | ||
|
|
||
| It "Should return non-compliant results when the first account does not have a valid license" { | ||
| $result = Get-BreakGlassAccountLicense -FirstBreakGlassUPN $FirstBreakGlassUPN -SecondBreakGlassUPN $SecondBreakGlassUPN -ControlName $ControlName -ItemName $ItemName -itsgcode $itsgcode -msgTable $msgTable -ReportTime "2024-01-01" | ||
| $result.ComplianceResults.ComplianceStatus | Should -Be $false | ||
| } | ||
|
|
||
| It "Should return non-compliant results when the second account does not have a valid license" { | ||
| $result = Get-BreakGlassAccountLicense -FirstBreakGlassUPN $FirstBreakGlassUPN -SecondBreakGlassUPN $SecondBreakGlassUPN -ControlName $ControlName -ItemName $ItemName -itsgcode $itsgcode -msgTable $msgTable -ReportTime "2024-01-01" | ||
| $result.ComplianceResults.ComplianceStatus | Should -Be $false | ||
| } | ||
| } |
33 changes: 33 additions & 0 deletions
33
...TECT ROOT GLOBAL ADMINS ACCOUNT/Audit/Check-BreakGlassAccountOwnersInformation.Tests.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| Import-Module '.\src\GUARDRAIL 1 PROTECT ROOT GLOBAL ADMINS ACCOUNT\Audit\Check-BreakGlassAccountOwnersInformation.psm1' | ||
|
|
||
| Describe "Get-BreakGlassOwnerinformation Function" { | ||
| BeforeAll{ | ||
| $FirstBreakGlassUPNOwner = "[email protected]" | ||
| $SecondBreakGlassUPNOwner = "[email protected]" | ||
| $ControlName = "Guardrails1" | ||
| $ItemName = "Break Glass Account Owners Contact information" | ||
| $itsgcode = "AC2" | ||
|
|
||
|
|
||
| $msgTable = @{ | ||
| bgAccountHasManager = "{0} has a manager listed in the directory." | ||
| bgAccountNoManager = "{0} doesn't have a manager listed in the directory." | ||
| bgBothHaveManager = "Both Break Glass Accounts have a manager listed in the directory." | ||
| } | ||
| } | ||
|
|
||
| It "Should return compliant results when both accounts have a manager listed" { | ||
| $result = Get-BreakGlassOwnerinformation -FirstBreakGlassUPNOwner $FirstBreakGlassUPNOwner -SecondBreakGlassUPNOwner $SecondBreakGlassUPNOwner -ControlName $ControlName -ItemName $ItemName -itsgcode $itsgcode -msgTable $msgTable -ReportTime "2024-01-01" | ||
| $result.ComplianceResults.ComplianceStatus | Should -Be $true | ||
| } | ||
|
|
||
| It "Should return non-compliant results when the first account doesn't have a manager listed" { | ||
| $result = Get-BreakGlassOwnerinformation -FirstBreakGlassUPNOwner "[email protected]" -SecondBreakGlassUPNOwner $SecondBreakGlassUPNOwner -ControlName $ControlName -ItemName $ItemName -itsgcode $itsgcode -msgTable $msgTable -ReportTime "2024-01-01" | ||
| $result.ComplianceResults.ComplianceStatus | Should -Be $false | ||
| } | ||
|
|
||
| It "Should return non-compliant results when the second account doesn't have a manager listed" { | ||
| $result = Get-BreakGlassOwnerinformation -FirstBreakGlassUPNOwner $FirstBreakGlassUPNOwner -SecondBreakGlassUPNOwner $SecondBreakGlassUPNOwner -ControlName $ControlName -ItemName $ItemName -itsgcode $itsgcode -msgTable $msgTable -ReportTime "2024-01-01" | ||
| $result.ComplianceResults.ComplianceStatus | Should -Be $false | ||
| } | ||
| } |
45 changes: 45 additions & 0 deletions
45
tests/GUARDRAIL 1 PROTECT ROOT GLOBAL ADMINS ACCOUNT/Audit/Get-AzureADLicenseType.Tests.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| Describe "Get-ADLicenseType Function Tests" { | ||
| Context "When AAD_PREMIUM_P2 license is found" { | ||
| BeforeAll { | ||
| $ControlName = "GUARDRAIL 1 PROTECT ROOT GLOBAL ADMINS ACCOUNT" | ||
| $ItemName = "Microsoft Entra ID License Type" | ||
| $itsgcode = "AC2(7)" | ||
| $msgTable = @{ | ||
| MSEntIDLicenseTypeNotFound = "Required Microsoft Entra ID license type not found" | ||
| MSEntIDLicenseTypeFound = "Found correct license type" | ||
| } | ||
| $ReportTime = Get-Date | ||
|
|
||
| # Mocking Invoke-GraphQuery function | ||
| Mock Invoke-GraphQuery { | ||
| return @{ | ||
| Content = @{ | ||
| "value" = @( | ||
| @{ | ||
| "servicePlans" = @( | ||
| @{ | ||
| "ServicePlanName" = "AAD_PREMIUM_P2" | ||
| } | ||
| ) | ||
| } | ||
| ) | ||
| } | ||
| } | ||
| } | ||
| } | ||
| It "Should return compliant status" { | ||
| $result = Get-ADLicenseType -ControlName $ControlName -itsgcode $itsgcode -msgTable $msgTable -ItemName $ItemName -ReportTime $ReportTime | ||
| $result.ComplianceResults.ComplianceStatus | Should -Be $true | ||
| } | ||
|
|
||
| It "Should return correct license type" { | ||
| $result = Get-ADLicenseType -ControlName $ControlName -itsgcode $itsgcode -msgTable $msgTable -ItemName $ItemName -ReportTime $ReportTime | ||
| $result.ComplianceResults.ADLicenseType | Should -Be "AAD_PREMIUM_P2" | ||
| } | ||
|
|
||
| It "Should return correct comments" { | ||
| $result = Get-ADLicenseType -ControlName $ControlName -itsgcode $itsgcode -msgTable $msgTable -ItemName $ItemName -ReportTime $ReportTime | ||
| $result.ComplianceResults.Comments | Should -Be $msgTable.MSEntIDLicenseTypeFound | ||
| } | ||
| } | ||
| } |