diff --git a/test/module/Entra/Add-EntraLifecyclePolicyGroup.Tests.ps1 b/test/module/Entra/Add-EntraLifecyclePolicyGroup.Tests.ps1 new file mode 100644 index 000000000..ed2bfc30d --- /dev/null +++ b/test/module/Entra/Add-EntraLifecyclePolicyGroup.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Value" = "True" + "AdditionalProperties" = "{[@odata.context, https://graph.microsoft.com/v1.0/$metadata#Edm.Boolean]}" + "Parameters" = $args + } + ) + } + + Mock -CommandName Add-MgGroupToLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "Add-EntraLifecyclePolicyGroup" { + Context "Test for Add-EntraLifecyclePolicyGroup" { + It "Should return created LifecyclePolicyGroup" { + $result = Add-EntraLifecyclePolicyGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff + $result | Should -Not -BeNullOrEmpty" + $result.Value | should -Be "True" + + Should -Invoke -CommandName Add-MgGroupToLifecyclePolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Id is invalid" { + { Add-EntraLifecyclePolicyGroup -Id "" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + It "Should fail when Id is empty" { + { Add-EntraLifecyclePolicyGroup -Id -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when GroupId is invalid" { + { Add-EntraLifecyclePolicyGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string.*" + } + It "Should fail when GroupId is empty" { + { Add-EntraLifecyclePolicyGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraLifecyclePolicyGroup" + + Add-EntraLifecyclePolicyGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraLifecyclePolicyGroup" + + Should -Invoke -CommandName Add-MgGroupToLifecyclePolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraLifecyclePolicyGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Get-EntraAuthorizationPolicy.Tests.ps1 b/test/module/Entra/Get-EntraAuthorizationPolicy.Tests.ps1 new file mode 100644 index 000000000..8328a29a0 --- /dev/null +++ b/test/module/Entra/Get-EntraAuthorizationPolicy.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DefaultUserRolePermissions" = @{AllowedToCreateApps = "False"; AllowedToCreateSecurityGroups = "False"; AllowedToCreateTenants = "True"; + AllowedToReadBitlockerKeysForOwnedDevice = "True"; AllowedToReadOtherUsers = "False"; PermissionGrantPoliciesAssigned = ""; + AdditionalProperties = "" + } + "DeletedDateTime" = $null + "GuestUserRoleId" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DisplayName" = "AuthorizationPolicy" + "Description" = "AuthorizationPolicy" + "AllowEmailVerifiedUsersToJoinOrganization" = $True + "AllowedToSignUpEmailBasedSubscriptions" = $True + "AllowInvitesFrom" = "everyone" + "AllowUserConsentForRiskyApps" = "" + "AllowedToUseSspr" = $True + "BlockMsolPowerShell" = $True + "Id" = "authorizationPolicy" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgPolicyAuthorizationPolicy -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "Get-EntraAuthorizationPolicy" { + Context "Test for Get-EntraAuthorizationPolicy" { + It "Should return AuthorizationPolicy" { + $result = Get-EntraAuthorizationPolicy + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'authorizationPolicy' + $result.DisplayName | should -Be 'AuthorizationPolicy' + $result.Description | should -Be 'AuthorizationPolicy' + $result.AllowInvitesFrom | should -Be 'everyone' + $result.GuestUserRoleId | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.AllowEmailVerifiedUsersToJoinOrganization | should -Be $True + $result.AllowedToSignUpEmailBasedSubscriptions | should -Be $True + $result.AllowedToUseSspr | should -Be $True + $result.BlockMsolPowerShell | should -Be $True + + Should -Invoke -CommandName Get-MgPolicyAuthorizationPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Property parameter should work" { + $result = Get-EntraAuthorizationPolicy -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'AuthorizationPolicy' + + Should -Invoke -CommandName Get-MgPolicyAuthorizationPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraAuthorizationPolicy -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAuthorizationPolicy" + + Get-EntraAuthorizationPolicy + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAuthorizationPolicy" + + Should -Invoke -CommandName Get-MgPolicyAuthorizationPolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraAuthorizationPolicy -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Get-EntraPermissionGrantPolicy.Tests.ps1 b/test/module/Entra/Get-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 000000000..a30a4470a --- /dev/null +++ b/test/module/Entra/Get-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "microsoft-all-application-permissions" + "DeletedDateTime" = "2/8/2024 6:39:16 AM" + "Description" = "Includes all application permissions (app roles), for all APIs, for any client application." + "DisplayName" = "All application" + "Excludes" = @{} + "Includes" = @("00aa00aa-bb11-cc22-dd33-44ee44ee44ee") + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgPolicyPermissionGrantPolicy -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "Get-EntraPermissionGrantPolicy" { + Context "Test for Get-EntraPermissionGrantPolicy" { + It "Should return specific PermissionGrantPolicy" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "microsoft-all-application-permissions" + + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraPermissionGrantPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraPermissionGrantPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'. Specify a parameter of type 'System.String' and try again." + } + It "Result should Contain ObjectId" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result.ObjectId | should -Be "microsoft-all-application-permissions" + } + It "Should contain PermissionGrantPolicyId in parameters when passed ObjectId to it" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $params = Get-Parameters -data $result.Parameters + $params.PermissionGrantPolicyId | Should -Be "microsoft-all-application-permissions" + } + It "Property parameter should work" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'All application' + + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPermissionGrantPolicy" + + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 b/test/module/Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 new file mode 100644 index 000000000..18f3a261f --- /dev/null +++ b/test/module/Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "T2qU_E28O0GgkLLIYRPsTwE" + "Classification" = "low" + "PermissionId" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "PermissionName" = "LicenseManager.AccessAsUser" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "Get-EntraServicePrincipalDelegatedPermissionClassification" { + Context "Test for Get-EntraServicePrincipalDelegatedPermissionClassification" { + It "Should return specific ServicePrincipalDelegatedPermissionClassification" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "T2qU_E28O0GgkLLIYRPsTwE" + + Should -Invoke -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when ServicePrincipalId is invalid" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should return specific ServicePrincipalDelegatedPermissionClassification when Id passed to it" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id 'T2qU_E28O0GgkLLIYRPsTwE' + $params = Get-Parameters -data $result.Parameters + $params.DelegatedPermissionClassificationId | should -Be "T2qU_E28O0GgkLLIYRPsTwE" + } + It "Should fail when Id is invalid" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + It "Should fail when Id is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should return specific ServicePrincipalDelegatedPermissionClassification when applied filter to it" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Filter "PermissionName eq 'LicenseManager.AccessAsUser'" + $result.PermissionName | should -Be "LicenseManager.AccessAsUser" + $result.ObjectId | should -Be "T2qU_E28O0GgkLLIYRPsTwE" + } + It "Should fail when Filter is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Filter } | Should -Throw "Missing an argument for parameter 'Filter'.*" + } + It "Property parameter should work" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Property PermissionName + $result | Should -Not -BeNullOrEmpty + $result.PermissionName | Should -Be 'LicenseManager.AccessAsUser' + + Should -Invoke -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalDelegatedPermissionClassification" + + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalDelegatedPermissionClassification" + + Should -Invoke -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/New-EntraGroupLifecyclePolicy.Tests.ps1 b/test/module/Entra/New-EntraGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 000000000..9d7c2fb5f --- /dev/null +++ b/test/module/Entra/New-EntraGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "AlternateNotificationEmails" = "example@contoso.com" + "GroupLifetimeInDays" = "99" + "ManagedGroupTypes" = "Selected" + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgGroupLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "New-EntraGroupLifecyclePolicy" { + Context "Test for New-EntraGroupLifecyclePolicy" { + It "Should return created GroupLifecyclePolicy" { + $result = New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result.GroupLifetimeInDays | should -Be "99" + $result.ManagedGroupTypes | should -Be "Selected" + $result.AlternateNotificationEmails | should -Be "example@contoso.com" + + Should -Invoke -CommandName New-MgGroupLifecyclePolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when GroupLifetimeInDays is invalid" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot process argument transformation on parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when GroupLifetimeInDays is empty" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when ManagedGroupTypes is invalid" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot bind argument to parameter 'ManagedGroupTypes' because it is an empty string.*" + } + It "Should fail when ManagedGroupTypes is empty" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'ManagedGroupTypes'.*" + } + It "Should fail when AlternateNotificationEmails is invalid" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "" } | Should -Throw "Cannot bind argument to parameter 'AlternateNotificationEmails' because it is an empty string.*" + } + It "Should fail when AlternateNotificationEmails is empty" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails } | Should -Throw "Missing an argument for parameter 'AlternateNotificationEmails'.*" + } + It "Result should Contain ObjectId" { + $result = New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" + $result.ObjectId | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroupLifecyclePolicy" + + $result = New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroupLifecyclePolicy" + + Should -Invoke -CommandName New-MgGroupLifecyclePolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/New-EntraNamedLocationPolicy.Tests.ps1 b/test/module/Entra/New-EntraNamedLocationPolicy.Tests.ps1 new file mode 100644 index 000000000..0b471c63e --- /dev/null +++ b/test/module/Entra/New-EntraNamedLocationPolicy.Tests.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "CreatedDateTime" = "5/7/2024 10:52:23 AM" + "DisplayName" = "NamedLocation" + "ModifiedDateTime" = "5/7/2024 10:52:23 AM" + "AdditionalProperties" = @{ + "isTrusted" = "False" + "ipRanges" = @( + @{"@odata.type" = "#microsoft.graph.iPv4CidrRange"; cidrAddress = 6.5.4.1 / 30 } + @{"@odata.type" = "#microsoft.graph.iPv4CidrRange"; cidrAddress = 6.5.4.2 / 30 } + ) + "countriesAndRegions" = @('US', 'ID', 'CA') + "includeUnknownCountriesAndRegions" = "True" + "countryLookupMethod" = "clientIpAddress" + } + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgIdentityConditionalAccessNamedLocation -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "New-EntraNamedLocationPolicy" { + Context "Test for New-EntraNamedLocationPolicy" { + It "Should return created NamedLocationPolicy" { + $ipRanges1 = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange + $ipRanges1.cidrAddress = "6.5.4.1/30" + $ipRanges2 = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange + $ipRanges2.cidrAddress = "6.5.4.2/30" + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "NamedLocation" -IpRanges @($ipRanges1, $ipRanges2) -IsTrusted $false + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + + Should -Invoke -CommandName New-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when OdataType is empty" { + { New-EntraNamedLocationPolicy -OdataType } | Should -Throw "Missing an argument for parameter 'OdataType'. Specify a parameter of type 'System.String' and try again." + } + It "Should fail when DisplayName is empty" { + { New-EntraNamedLocationPolicy -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'. Specify a parameter of type 'System.String' and try again." + } + It "Should fail when IpRanges is empty" { + { New-EntraNamedLocationPolicy -IpRanges } | Should -Throw "Missing an argument for parameter 'IpRanges'.*" + } + It "Should fail when IsTrusted is empty" { + { New-EntraNamedLocationPolicy -IsTrusted } | Should -Throw "Missing an argument for parameter 'IsTrusted'.*" + } + It "Should fail when CountriesAndRegions is empty" { + { New-EntraNamedLocationPolicy -CountriesAndRegions } | Should -Throw "Missing an argument for parameter 'CountriesAndRegions'.*" + } + It "Should fail when IncludeUnknownCountriesAndRegions is empty" { + { New-EntraNamedLocationPolicy -IncludeUnknownCountriesAndRegions } | Should -Throw "Missing an argument for parameter 'IncludeUnknownCountriesAndRegions'.*" + } + It "Result should Contain ObjectId" { + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.countryNamedLocation" -DisplayName "NamedLocation" -CountriesAndRegions @("US", "ID", "CA") -IncludeUnknownCountriesAndRegions $true + $result.ObjectId | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + It "Should contain params inside BodyParameter" { + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.countryNamedLocation" -DisplayName "NamedLocation" -CountriesAndRegions @("US", "ID", "CA") -IncludeUnknownCountriesAndRegions $true + $params = Get-Parameters -data $result.Parameters + $BodyParameters = $params.BodyParameter.AdditionalProperties + $BodyParameters.includeUnknownCountriesAndRegions | Should -Be "True" + $BodyParameters.'@odata.type' | Should -Be "#microsoft.graph.countryNamedLocation" + $BodyParameters.countriesAndRegions | Should -Be @('US', 'ID', 'CA') + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraNamedLocationPolicy" + + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.countryNamedLocation" -DisplayName "NamedLocation" -CountriesAndRegions @("US", "ID", "CA") -IncludeUnknownCountriesAndRegions $true + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraNamedLocationPolicy" + + Should -Invoke -CommandName New-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.countryNamedLocation" -DisplayName "NamedLocation" -CountriesAndRegions @("US", "ID", "CA") -IncludeUnknownCountriesAndRegions $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/New-EntraPermissionGrantPolicy.Tests.ps1 b/test/module/Entra/New-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 000000000..7525967b2 --- /dev/null +++ b/test/module/Entra/New-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "my_new_permission_grant_policy_id" + "DeletedDateTime" = "2/8/2024 6:39:16 AM" + "Description" = "My new permission grant policy" + "DisplayName" = "My new permission grant policy" + "Excludes" = @{} + "Includes" = @("22cc22cc-dd33-ee44-ff55-66aa66aa66aa") + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgPolicyPermissionGrantPolicy -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "New-EntraPermissionGrantPolicy" { + Context "Test for New-EntraPermissionGrantPolicy" { + It "Should return created PermissionGrantPolicy" { + $result = New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "my_new_permission_grant_policy_id" + $result.DisplayName | should -Be "My new permission grant policy" + $result.Description | should -Be "My new permission grant policy" + $result.Includes | should -Be @("22cc22cc-dd33-ee44-ff55-66aa66aa66aa") + $result.DeletedDateTime | should -Be "2/8/2024 6:39:16 AM" + + Should -Invoke -CommandName New-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Id is empty" { + { New-EntraPermissionGrantPolicy -Id -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when DisplayName is empty" { + { New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName -Description "My new permission grant policy" } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + It "Should fail when Description is empty" { + { New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description } | Should -Throw "Missing an argument for parameter 'Description'.*" + } + It "Result should Contain ObjectId" { + $result = New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" + $result.ObjectId | should -Be "my_new_permission_grant_policy_id" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPermissionGrantPolicy" + + $result = New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName New-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Set-EntraAuthorizationPolicy.Tests.ps1 b/test/module/Entra/Set-EntraAuthorizationPolicy.Tests.ps1 new file mode 100644 index 000000000..6e8aeb385 --- /dev/null +++ b/test/module/Entra/Set-EntraAuthorizationPolicy.Tests.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgPolicyAuthorizationPolicy -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Set-EntraAuthorizationPolicy" { + Context "Test for Set-EntraAuthorizationPolicy" { + It "Should update AuthorizationPolicy" { + $DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + $DefaultUserRolePermissions.AllowedToCreateApps = $true + $DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $true + $DefaultUserRolePermissions.AllowedToReadOtherUsers = $true + $result = Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions $false -AllowedToUseSSPR $false -AllowEmailVerifiedUsersToJoinOrganization $true -BlockMsolPowerShell $true -DefaultUserRolePermissions $DefaultUserRolePermissions -Description "test" -DisplayName "Authorization Policies" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgPolicyAuthorizationPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when AllowedToSignUpEmailBasedSubscriptions is invalid" { + { Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions 'a' } | Should -Throw "Cannot process argument transformation on parameter 'AllowedToSignUpEmailBasedSubscriptions'.*" + } + It "Should fail when AllowedToSignUpEmailBasedSubscriptions is empty" { + { Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions } | Should -Throw "Missing an argument for parameter 'AllowedToSignUpEmailBasedSubscriptions'.*" + } + It "Should fail when AllowedToUseSSPR is invalid" { + { Set-EntraAuthorizationPolicy -AllowedToUseSSPR 'a' } | Should -Throw "Cannot process argument transformation on parameter 'AllowedToUseSSPR'*" + } + It "Should fail when AllowedToUseSSPR is empty" { + { Set-EntraAuthorizationPolicy -AllowedToUseSSPR } | Should -Throw "Missing an argument for parameter 'AllowedToUseSSPR'.*" + } + It "Should fail when AllowEmailVerifiedUsersToJoinOrganization is invalid" { + { Set-EntraAuthorizationPolicy -AllowEmailVerifiedUsersToJoinOrganization 'a' } | Should -Throw "Cannot process argument transformation on parameter 'AllowEmailVerifiedUsersToJoinOrganization'*" + } + It "Should fail when AllowEmailVerifiedUsersToJoinOrganization is empty" { + { Set-EntraAuthorizationPolicy -AllowEmailVerifiedUsersToJoinOrganization } | Should -Throw "Missing an argument for parameter 'AllowEmailVerifiedUsersToJoinOrganization'.*" + } + It "Should fail when BlockMsolPowerShell is invalid" { + { Set-EntraAuthorizationPolicy -BlockMsolPowerShell 'a' } | Should -Throw "Cannot process argument transformation on parameter 'BlockMsolPowerShell'*" + } + It "Should fail when BlockMsolPowerShell is empty" { + { Set-EntraAuthorizationPolicy -BlockMsolPowerShell } | Should -Throw "Missing an argument for parameter 'BlockMsolPowerShell'.*" + } + It "Should fail when DefaultUserRolePermissions is invalid" { + { Set-EntraAuthorizationPolicy -DefaultUserRolePermissions 'a' } | Should -Throw "Cannot process argument transformation on parameter 'DefaultUserRolePermissions'*" + } + It "Should fail when DefaultUserRolePermissions is empty" { + { Set-EntraAuthorizationPolicy -DefaultUserRolePermissions } | Should -Throw "Missing an argument for parameter 'DefaultUserRolePermissions'.*" + } + It "Should fail when Description is empty" { + { Set-EntraAuthorizationPolicy -Description } | Should -Throw "Missing an argument for parameter 'Description'.*" + } + It "Should fail when DisplayName is empty" { + { Set-EntraAuthorizationPolicy -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraAuthorizationPolicy" + + $DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + $DefaultUserRolePermissions.AllowedToCreateApps = $true + $DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $true + $DefaultUserRolePermissions.AllowedToReadOtherUsers = $true + Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions $false -AllowedToUseSSPR $false -AllowEmailVerifiedUsersToJoinOrganization $true -BlockMsolPowerShell $true -DefaultUserRolePermissions $DefaultUserRolePermissions -Description "test" -DisplayName "Authorization Policies" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraAuthorizationPolicy" + + Should -Invoke -CommandName Update-MgPolicyAuthorizationPolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + $DefaultUserRolePermissions.AllowedToCreateApps = $true + $DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $true + $DefaultUserRolePermissions.AllowedToReadOtherUsers = $true + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions $false -AllowedToUseSSPR $false -AllowEmailVerifiedUsersToJoinOrganization $true -BlockMsolPowerShell $true -DefaultUserRolePermissions $DefaultUserRolePermissions -Description "test" -DisplayName "Authorization Policies" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Set-EntraGroupLifecyclePolicy.Tests.ps1 b/test/module/Entra/Set-EntraGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 000000000..de87873ed --- /dev/null +++ b/test/module/Entra/Set-EntraGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "AlternateNotificationEmails" = "admingroup@contoso.com" + "GroupLifetimeInDays" = "100" + "ManagedGroupTypes" = "All" + "Parameters" = $args + } + ) + } + + Mock -CommandName Update-MgGroupLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra +} + +Describe "Set-EntraGroupLifecyclePolicy" { + Context "Test for Set-EntraGroupLifecyclePolicy" { + It "Should return updated GroupLifecyclePolicy" { + $result = Set-EntraGroupLifecyclePolicy -Id "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result.GroupLifetimeInDays | should -Be "100" + $result.ManagedGroupTypes | should -Be "All" + $result.AlternateNotificationEmails | should -Be "admingroup@contoso.com" + + Should -Invoke -CommandName Update-MgGroupLifecyclePolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Id is invalid" { + { Set-EntraGroupLifecyclePolicy -Id "" -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + It "Should fail when Id is empty" { + { Set-EntraGroupLifecyclePolicy -Id -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when GroupLifetimeInDays is invalid" { + { Set-EntraGroupLifecyclePolicy -Id "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot process argument transformation on parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when GroupLifetimeInDays is empty" { + { Set-EntraGroupLifecyclePolicy -Id "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when ManagedGroupTypes is empty" { + { Set-EntraGroupLifecyclePolicy -Id "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 99 -ManagedGroupTypes -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'ManagedGroupTypes'.*" + } + It "Should fail when AlternateNotificationEmails is empty" { + { Set-EntraGroupLifecyclePolicy -Id "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails } | Should -Throw "Missing an argument for parameter 'AlternateNotificationEmails'.*" + } + It "Result should Contain ObjectId" { + $result = Set-EntraGroupLifecyclePolicy -Id "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result.ObjectId | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraGroupLifecyclePolicy" + + $result = Set-EntraGroupLifecyclePolicy -Id "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraGroupLifecyclePolicy" + + Should -Invoke -CommandName Update-MgGroupLifecyclePolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraGroupLifecyclePolicy -Id "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Set-EntraPermissionGrantPolicy.Tests.ps1 b/test/module/Entra/Set-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 000000000..bc7e6030f --- /dev/null +++ b/test/module/Entra/Set-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,59 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra) -eq $null) { + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgPolicyPermissionGrantPolicy -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Set-EntraPermissionGrantPolicy" { + Context "Test for Set-EntraPermissionGrantPolicy" { + It "Should return updated PermissionGrantPolicy" { + $result = Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName "Test" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Id is empty" { + { Set-EntraPermissionGrantPolicy -Id -Description "test" -DisplayName "Test" } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when Id is invalid" { + { Set-EntraPermissionGrantPolicy -Id "" -Description "test" -DisplayName "Test" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + It "Should fail when Description is empty" { + { Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description -DisplayName "Test" } | Should -Throw "Missing an argument for parameter 'Description'.*" + } + It "Should fail when DisplayName is empty" { + { Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPermissionGrantPolicy" + + Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName "Test" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName "Test" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/EntraBeta/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 b/test/module/EntraBeta/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 000000000..faa1cb932 --- /dev/null +++ b/test/module/EntraBeta/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null) { + Import-Module Microsoft.Graph.Entra.Beta + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "microsoft-all-application-permissions" + "DeletedDateTime" = "2/8/2024 6:39:16 AM" + "Description" = "Includes all application permissions (app roles), for all APIs, for any client application." + "DisplayName" = "All application" + "Excludes" = @{} + "Includes" = @("00aa00aa-bb11-cc22-dd33-44ee44ee44ee") + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaPolicyPermissionGrantPolicy -MockWith $scriptblock -ModuleName Microsoft.Graph.Entra.Beta +} + +Describe "Get-EntraBetaPermissionGrantPolicy" { + Context "Test for Get-EntraBetaPermissionGrantPolicy" { + It "Should return specific PermissionGrantPolicy" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "microsoft-all-application-permissions" + + Should -Invoke -CommandName Get-MgBetaPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraBetaPermissionGrantPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraBetaPermissionGrantPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'. Specify a parameter of type 'System.String' and try again." + } + It "Result should Contain ObjectId" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result.ObjectId | should -Be "microsoft-all-application-permissions" + } + It "Should contain PermissionGrantPolicyId in parameters when passed ObjectId to it" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $params = Get-Parameters -data $result.Parameters + $params.PermissionGrantPolicyId | Should -Be "microsoft-all-application-permissions" + } + It "Property parameter should work" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'All application' + + Should -Invoke -CommandName Get-MgBetaPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPermissionGrantPolicy" + + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPermissionGrantPolicy" + + Should -Invoke -CommandName Get-MgBetaPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file