tests/Routes-Groups.tests.ps1
|
[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '')] Param() Import-Module "$PSScriptRoot/../PwshZendesk.psm1" -Force Describe 'Groups Routes' { InModuleScope PwshZendesk { $IsInteractive = [Environment]::GetCommandLineArgs() -join ' ' -notmatch '-NonI|\.ps1' $context = @{ Organization = 'company' BaseUrl = 'https://company.testdesk.com' Credential = [System.Management.Automation.PSCredential]::New('email', ('api-key' | ConvertTo-SecureString -AsPlainText -Force)) User = [PSCustomObject]@{ role = '' } } $context | Add-Member -TypeName 'ZendeskContext' Mock -ModuleName PwshZendesk Invoke-RestMethod { [PSCustomObject]@{ group = $null; groups = $null } } Context 'List Groups' { It 'Matches the endpoint' { if ($IsInteractive) { throw 'Please run test in non-interactive mode' } $context.User.role = 'admin' { Get-Group -Context $context } | Should -Not -Throw Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/groups\.json' } -Scope It } It 'Does not allow end users to call' { $context.User.role = 'end-user' { Get-Group -Context $context } | Should -Throw 'Authenticated user must have role' } It 'Allows agents to call' { $context.User.role = 'agent' { Get-Group -Context $context } | Should -Not -Throw } It 'Allows admins to call' { $context.User.role = 'admin' { Get-Group -Context $context } | Should -Not -Throw } } Context 'List Groups by user' { It 'Matches the endpoint' { if ($IsInteractive) { throw 'Please run test in non-interactive mode' } $context.User.role = 'admin' { Get-Group -Context $context -UserId 1 } | Should -Not -Throw Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/users/\d+/groups\.json' } -Scope It } It 'Does not allow end users to call' { $context.User.role = 'end-user' { Get-Group -Context $context -UserId 1 } | Should -Throw 'Authenticated user must have role' } It 'Allows agents to call' { $context.User.role = 'agent' { Get-Group -Context $context -UserId 1 } | Should -Not -Throw } It 'Allows admins to call' { $context.User.role = 'admin' { Get-Group -Context $context -UserId 1 } | Should -Not -Throw } } Context 'Show assignable groups' { It 'Matches the endpoint' { if ($IsInteractive) { throw 'Please run test in non-interactive mode' } $context.User.role = 'admin' { Get-Group -Context $context -Assignable } | Should -Not -Throw Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/groups/assignable.json' } -Scope It } It 'Does not allow end users to call' { $context.User.role = 'end-user' { Get-Group -Context $context -Assignable } | Should -Throw 'Authenticated user must have role' } It 'Allows agents to call' { $context.User.role = 'agent' { Get-Group -Context $context -Assignable } | Should -Not -Throw } It 'Allows admins to call' { $context.User.role = 'admin' { Get-Group -Context $context -Assignable } | Should -Not -Throw } } Context 'Show Group' { It 'Matches the endpoint' { if ($IsInteractive) { throw 'Please run test in non-interactive mode' } $context.User.role = 'admin' { Get-Group -Context $context -Id 1 } | Should -Not -Throw Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/groups/\d+\.json' } -Scope It } It 'Does not allow end users to call' { $context.User.role = 'end-user' { Get-Group -Context $context -Id 1 } | Should -Throw 'Authenticated user must have role' } It 'Allows agents to call' { $context.User.role = 'agent' { Get-Group -Context $context -Id 1 } | Should -Not -Throw } It 'Allows admins to call' { $context.User.role = 'admin' { Get-Group -Context $context -Id 1 } | Should -Not -Throw } } Context 'Create Group' { It 'Matches the endpoint' { if ($IsInteractive) { throw 'Please run test in non-interactive mode' } $context.User.role = 'admin' { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Not -Throw Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Post' -and $Uri -match '/api/v2/groups\.json' } -Scope It } It 'Does not allow end users to call' { $context.User.role = 'end-user' { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Throw 'Authenticated user must have role' } It 'Does not allow agents to call' { $context.User.role = 'agent' { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Throw 'Authenticated user must have role' } It 'Allows admins to call' { $context.User.role = 'admin' { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Not -Throw } } Context 'Update Group' { It 'Matches the endpoint' { if ($IsInteractive) { throw 'Please run test in non-interactive mode' } $context.User.role = 'admin' { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Not -Throw Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Put' -and $Uri -match '/api/v2/groups/\d+\.json' } -Scope It } It 'Does not allow end users to call' { $context.User.role = 'end-user' { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Throw 'Authenticated user must have role' } It 'Does not allow agents to call' { $context.User.role = 'agent' { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Throw 'Authenticated user must have role' } It 'Allows admins to call' { $context.User.role = 'admin' { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Not -Throw } } Context 'Delete Group' { It 'Matches the endpoint' { if ($IsInteractive) { throw 'Please run test in non-interactive mode' } $context.User.role = 'admin' { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Not -Throw Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Delete' -and $Uri -match '/api/v2/groups/\d+\.json' } -Scope It } It 'Does not allow end users to call' { $context.User.role = 'end-user' { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Throw 'Authenticated user must have role' } It 'Does not allow agents to call' { $context.User.role = 'agent' { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Throw 'Authenticated user must have role' } It 'Allows admins to call' { $context.User.role = 'admin' { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Not -Throw } } } } |