-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add role assertions and route tests to group functions
- Loading branch information
Showing
5 changed files
with
249 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,241 @@ | ||
| [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '')] | ||
| Param() | ||
|
|
||
| Import-Module "$PSScriptRoot/../PwshZendesk.psm1" -Force | ||
|
|
||
| Describe 'Groups Routes' { | ||
|
|
||
| InModuleScope PwshZendesk { | ||
|
|
||
| $IsInteractive = [Environment]::GetCommandLineArgs() -join ' ' -notmatch '-NonI' | ||
|
|
||
| $context = @{ | ||
| Organization = 'company' | ||
| BaseUrl = 'https://company.testdesk.com' | ||
| Credential = [System.Management.Automation.PSCredential]::New('email', ('api-key' | ConvertTo-SecureString -AsPlainText -Force)) | ||
| User = [PSCustomObject]@{ role = '' } | ||
| } | ||
| $context | Add-Member -TypeName 'ZendeskContext' | ||
|
|
||
| Mock -ModuleName PwshZendesk Invoke-RestMethod { [PSCustomObject]@{ group = $null; groups = $null } } | ||
|
|
||
| Context 'List Groups' { | ||
| It 'Matches the endpoint' { | ||
| if ($IsInteractive) { | ||
| throw 'Please run test in non-interactive mode' | ||
| } | ||
|
|
||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context } | Should -Not -Throw | ||
| Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/groups\.json' } -Scope It | ||
| } | ||
|
|
||
| It 'Does not allow end users to call' { | ||
| $context.User.role = 'end-user' | ||
|
|
||
| { Get-Group -Context $context } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Allows agents to call' { | ||
| $context.User.role = 'agent' | ||
|
|
||
| { Get-Group -Context $context } | Should -Not -Throw | ||
| } | ||
|
|
||
| It 'Allows admins to call' { | ||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context } | Should -Not -Throw | ||
| } | ||
| } | ||
|
|
||
| Context 'List Groups by user' { | ||
| It 'Matches the endpoint' { | ||
| if ($IsInteractive) { | ||
| throw 'Please run test in non-interactive mode' | ||
| } | ||
|
|
||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context -UserId 1 } | Should -Not -Throw | ||
| Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/users/\d+/groups\.json' } -Scope It | ||
| } | ||
|
|
||
| It 'Does not allow end users to call' { | ||
| $context.User.role = 'end-user' | ||
|
|
||
| { Get-Group -Context $context -UserId 1 } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Allows agents to call' { | ||
| $context.User.role = 'agent' | ||
|
|
||
| { Get-Group -Context $context -UserId 1 } | Should -Not -Throw | ||
| } | ||
|
|
||
| It 'Allows admins to call' { | ||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context -UserId 1 } | Should -Not -Throw | ||
| } | ||
| } | ||
|
|
||
| Context 'Show assignable groups' { | ||
| It 'Matches the endpoint' { | ||
| if ($IsInteractive) { | ||
| throw 'Please run test in non-interactive mode' | ||
| } | ||
|
|
||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context -Assignable } | Should -Not -Throw | ||
| Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/groups/assignable.json' } -Scope It | ||
| } | ||
|
|
||
| It 'Does not allow end users to call' { | ||
| $context.User.role = 'end-user' | ||
|
|
||
| { Get-Group -Context $context -Assignable } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Allows agents to call' { | ||
| $context.User.role = 'agent' | ||
|
|
||
| { Get-Group -Context $context -Assignable } | Should -Not -Throw | ||
| } | ||
|
|
||
| It 'Allows admins to call' { | ||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context -Assignable } | Should -Not -Throw | ||
| } | ||
| } | ||
|
|
||
| Context 'Show Group' { | ||
| It 'Matches the endpoint' { | ||
| if ($IsInteractive) { | ||
| throw 'Please run test in non-interactive mode' | ||
| } | ||
|
|
||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context -Id 1 } | Should -Not -Throw | ||
| Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Get' -and $Uri -match '/api/v2/groups/\d+\.json' } -Scope It | ||
| } | ||
|
|
||
| It 'Does not allow end users to call' { | ||
| $context.User.role = 'end-user' | ||
|
|
||
| { Get-Group -Context $context -Id 1 } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Allows agents to call' { | ||
| $context.User.role = 'agent' | ||
|
|
||
| { Get-Group -Context $context -Id 1 } | Should -Not -Throw | ||
| } | ||
|
|
||
| It 'Allows admins to call' { | ||
| $context.User.role = 'admin' | ||
|
|
||
| { Get-Group -Context $context -Id 1 } | Should -Not -Throw | ||
| } | ||
| } | ||
|
|
||
| Context 'Create Group' { | ||
| It 'Matches the endpoint' { | ||
| if ($IsInteractive) { | ||
| throw 'Please run test in non-interactive mode' | ||
| } | ||
|
|
||
| $context.User.role = 'admin' | ||
|
|
||
| { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Not -Throw | ||
| Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Post' -and $Uri -match '/api/v2/groups\.json' } -Scope It | ||
| } | ||
|
|
||
| It 'Does not allow end users to call' { | ||
| $context.User.role = 'end-user' | ||
|
|
||
| { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Does not allow agents to call' { | ||
| $context.User.role = 'agent' | ||
|
|
||
| { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Allows admins to call' { | ||
| $context.User.role = 'admin' | ||
|
|
||
| { New-Group -Context $context -Name 'New' -Confirm:$false } | Should -Not -Throw | ||
| } | ||
| } | ||
|
|
||
| Context 'Update Group' { | ||
| It 'Matches the endpoint' { | ||
| if ($IsInteractive) { | ||
| throw 'Please run test in non-interactive mode' | ||
| } | ||
|
|
||
| $context.User.role = 'admin' | ||
|
|
||
| { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Not -Throw | ||
| Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Put' -and $Uri -match '/api/v2/groups/\d+\.json' } -Scope It | ||
| } | ||
|
|
||
| It 'Does not allow end users to call' { | ||
| $context.User.role = 'end-user' | ||
|
|
||
| { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Does not allow agents to call' { | ||
| $context.User.role = 'agent' | ||
|
|
||
| { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Allows admins to call' { | ||
| $context.User.role = 'admin' | ||
|
|
||
| { Update-Group -Context $context -Id 1 -Name 'Newer' -Confirm:$false } | Should -Not -Throw | ||
| } | ||
| } | ||
|
|
||
| Context 'Delete Group' { | ||
| It 'Matches the endpoint' { | ||
| if ($IsInteractive) { | ||
| throw 'Please run test in non-interactive mode' | ||
| } | ||
|
|
||
| $context.User.role = 'admin' | ||
|
|
||
| { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Not -Throw | ||
| Assert-MockCalled Invoke-RestMethod -Exactly 1 -ParameterFilter { $Method -eq 'Delete' -and $Uri -match '/api/v2/groups/\d+\.json' } -Scope It | ||
| } | ||
|
|
||
| It 'Does not allow end users to call' { | ||
| $context.User.role = 'end-user' | ||
|
|
||
| { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Does not allow agents to call' { | ||
| $context.User.role = 'agent' | ||
|
|
||
| { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Throw 'Authenticated user must have role' | ||
| } | ||
|
|
||
| It 'Allows admins to call' { | ||
| $context.User.role = 'admin' | ||
|
|
||
| { Remove-Group -Context $context -Id 1 -Confirm:$false } | Should -Not -Throw | ||
| } | ||
| } | ||
|
|
||
| } | ||
|
|
||
| } |