From 3f3310f0093cd9e0175795c67b064afe2fe183d1 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Wed, 4 Sep 2024 20:37:24 +0200
Subject: [PATCH 01/12] UserGroup: Add Add-FGTUserGroup for add User(Local) to
 UserGroup

---
 PowerFGT/Public/cmdb/user/group.ps1 | 83 +++++++++++++++++++++++++++++
 1 file changed, 83 insertions(+)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 547702630..89acacee0 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -4,6 +4,89 @@
 # SPDX-License-Identifier: Apache-2.0
 #
 
+function Add-FGTUserGroup {
+
+    <#
+        .SYNOPSIS
+        Add a FortiGate User Group
+
+        .DESCRIPTION
+        Add a FortiGate User Group
+
+        .EXAMPLE
+        Add-FGTUserGroup -name MyUserGroup -member MyUser1
+
+        Add User Group with member MyUser1
+
+        .EXAMPLE
+        Add-FGTUserGroup -name MyUserGroup -member MyUser1, MyUser2
+
+        Add User Group with members MyUser1 and MyUser2
+
+        .EXAMPLE
+        $data = @{ "authtimeout" = 23 }
+        PS C:\>Add-FGTUserGroup -name MyUserGroup -member MyUser1 -data $data
+
+        Add User Group with member MyUser1and authtimeout (23) via -data parameter
+    #>
+
+    Param(
+        [Parameter (Mandatory = $true)]
+        [string]$name,
+        [Parameter (Mandatory = $true)]
+        [string[]]$member,
+        [Parameter (Mandatory = $false)]
+        [hashtable]$data,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        if ( Get-FGTUserGroup @invokeParams -name $name -connection $connection) {
+            Throw "Already an User Group object using the same name"
+        }
+
+        $uri = "api/v2/cmdb/user/group"
+
+        $usergroup = new-Object -TypeName PSObject
+
+        $usergroup | add-member -name "name" -membertype NoteProperty -Value $name
+
+        #Add member to members Array
+        $members = @( )
+        foreach ( $m in $member ) {
+            $member_name = @{ }
+            $member_name.add( 'name', $m)
+            $members += $member_name
+        }
+        $usergroup | add-member -name "member" -membertype NoteProperty -Value $members
+
+        if ( $PsBoundParameters.ContainsKey('data') ) {
+            $data.GetEnumerator() | ForEach-Object {
+                $usergroup | Add-member -name $_.key -membertype NoteProperty -Value $_.value
+            }
+        }
+
+        Invoke-FGTRestMethod -method "POST" -body $usergroup -uri $uri -connection $connection @invokeParams | Out-Null
+
+        Get-FGTUserGroup -connection $connection @invokeParams -name $name
+    }
+
+    End {
+    }
+}
+
 function Get-FGTUserGroup {
 
     <#

From d9383675feb7ac8c38d33c78b6ed1a8677e1e847 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Wed, 4 Sep 2024 20:43:21 +0200
Subject: [PATCH 02/12] UserGroup: Add Remove-FGTUserGroup for remove member
 group

---
 PowerFGT/Public/cmdb/user/group.ps1 | 55 +++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 89acacee0..124f1568c 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -198,3 +198,58 @@ function Get-FGTUserGroup {
     End {
     }
 }
+
+function Remove-FGTUserGroup {
+
+    <#
+        .SYNOPSIS
+        Remove a FortiGate User
+
+        .DESCRIPTION
+        Remove an User Group object on the FortiGate
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Remove-FGTUserGroup
+
+        Remove User Group object $MyFGTUserGroup
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Remove-FGTUserGroup -confirm:$false
+
+        Remove User object $MyFGTUserGroup with no confirmation
+
+    #>
+
+    [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')]
+    Param(
+        [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)]
+        [ValidateScript( { Confirm-FGTUserGroup $_ })]
+        [psobject]$usergroup,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        $uri = "api/v2/cmdb/user/group"
+
+        if ($PSCmdlet.ShouldProcess($usergroup.name, 'Remove User Group')) {
+            $null = Invoke-FGTRestMethod -method "DELETE" -uri $uri -uri_escape $usergroup.name -connection $connection @invokeParams
+        }
+    }
+
+    End {
+    }
+}
\ No newline at end of file

From de9adcba083796186ed0908623605489d9fd6fc2 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Thu, 5 Sep 2024 21:02:22 +0200
Subject: [PATCH 03/12] UserGroup: add Confirm-FGTUserGroup for check usergroup
 PS object

---
 PowerFGT/Private/Confirm.ps1 | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/PowerFGT/Private/Confirm.ps1 b/PowerFGT/Private/Confirm.ps1
index 1852d3493..de81b0845 100644
--- a/PowerFGT/Private/Confirm.ps1
+++ b/PowerFGT/Private/Confirm.ps1
@@ -479,4 +479,25 @@ Function Confirm-FGTUserLocal {
 
     $true
 
+}
+
+Function Confirm-FGTUserGroup {
+
+    Param (
+        [Parameter (Mandatory = $true)]
+        [object]$argument
+    )
+
+    if ( -not ( $argument | get-member -name name -Membertype Properties)) {
+        throw "Element specified does not contain a name property."
+    }
+    if ( -not ( $argument | get-member -name id -Membertype Properties)) {
+        throw "Element specified does not contain an id property."
+    }
+    if ( -not ( $argument | get-member -name group-type -Membertype Properties)) {
+        throw "Element specified does not contain a group-type property."
+    }
+
+    $true
+
 }
\ No newline at end of file

From 81505e5fa64d7702aa25c053bf492156b33c9cdb Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Thu, 5 Sep 2024 21:11:22 +0200
Subject: [PATCH 04/12] UserGroup: add Set-FGTUserGroup

for configure member and (re)name
---
 PowerFGT/Public/cmdb/user/group.ps1 | 100 ++++++++++++++++++++++++++++
 1 file changed, 100 insertions(+)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 124f1568c..0523f17ca 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -199,6 +199,106 @@ function Get-FGTUserGroup {
     }
 }
 
+function Set-FGTUserGroup {
+
+    <#
+        .SYNOPSIS
+        Configure a FortiGate Address Group
+
+        .DESCRIPTION
+        Change a FortiGate User Group (name, member...)
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -member MyUser1
+
+        Change MyFGTUserGroup member to MyUser1
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -member MyUser1, MyUser2
+
+        Change MyFGTUserGroup member to MyUser1 and MyUser2
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -name MyFGTUserGroup2
+
+        Rename MyFGTUserGroup member to MyFGTUserGroup2
+
+        .EXAMPLE
+        $data = @{ "authtimeout" = 23 }
+        PS C:\>$MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -data $data
+
+        Change MyFGTUserGroup to set authtimeout (23) using -data
+    #>
+
+    [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')]
+    Param(
+        [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)]
+        [ValidateScript( { Confirm-FGTUserGroup $_ })]
+        [psobject]$usergroup,
+        [Parameter (Mandatory = $false)]
+        [string]$name,
+        [Parameter (Mandatory = $false)]
+        [string[]]$member,
+        [Parameter (Mandatory = $false)]
+        [hashtable]$data,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        $uri = "api/v2/cmdb/user/group"
+        $old_name = $usergroup.name
+        $_usergroup = new-Object -TypeName PSObject
+
+        if ( $PsBoundParameters.ContainsKey('name') ) {
+            #TODO check if there is no already a object with this name ?
+            $_usergroup | add-member -name "name" -membertype NoteProperty -Value $name
+            $usergroup.name = $name
+        }
+
+        if ( $PsBoundParameters.ContainsKey('member') ) {
+            #Add member to Member Array
+            $members = @( )
+            foreach ( $m in $member ) {
+                $member_name = @{ }
+                $member_name.add( 'name', $m)
+                $members += $member_name
+            }
+            $_usergroup | add-member -name "member" -membertype NoteProperty -Value $members
+        }
+
+        if ( $PsBoundParameters.ContainsKey('data') ) {
+            $data.GetEnumerator() | ForEach-Object {
+                $_usergroup | Add-member -name $_.key -membertype NoteProperty -Value $_.value
+            }
+        }
+
+        if ($PSCmdlet.ShouldProcess($usergroup.name, 'Configure User Group')) {
+            Invoke-FGTRestMethod -method "PUT" -body $_usergroup -uri $uri -uri_escape $old_name -connection $connection @invokeParams | out-Null
+
+            Get-FGTUserGroup -connection $connection @invokeParams -name $usergroup.name
+        }
+    }
+
+    End {
+    }
+}
+
 function Remove-FGTUserGroup {
 
     <#

From 68de71d589549079d3051ab7f37049c88fad27ec Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Thu, 5 Sep 2024 21:15:38 +0200
Subject: [PATCH 05/12] UserGroup: Add Add-FGTFirewallUserGroupMember for add
 member to UserGroup

---
 PowerFGT/Public/cmdb/user/group.ps1 | 69 +++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 0523f17ca..022efba00 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -87,6 +87,75 @@ function Add-FGTUserGroup {
     }
 }
 
+function Add-FGTUserGroupMember {
+
+    <#
+        .SYNOPSIS
+        Add a FortiGate User Group Member
+
+        .DESCRIPTION
+        Add a FortiGate User Group Member
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Add-FGTUserGroupMember -member MyUser1
+
+        Add MyUser1 member to MyFGTUserGroup
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Add-FGTUserGroupMember -member MyUser1, MyUser2
+
+        Add MyUser1 and MyUser2 member to MyFGTUserGroup
+
+    #>
+
+    Param(
+        [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)]
+        [ValidateScript( { Confirm-FGTUserGroup $_ })]
+        [psobject]$usergroup,
+        [Parameter(Mandatory = $false)]
+        [string[]]$member,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        $uri = "api/v2/cmdb/user/group"
+
+        $_usergroup = new-Object -TypeName PSObject
+
+        if ( $PsBoundParameters.ContainsKey('member') ) {
+            #Add member to existing usergroup member
+            $members = $usergroup.member
+            foreach ( $m in $member ) {
+                $member_name = @{ }
+                $member_name.add( 'name', $m)
+                $members += $member_name
+            }
+            $_usergroup | add-member -name "member" -membertype NoteProperty -Value $members
+        }
+
+        Invoke-FGTRestMethod -method "PUT" -body $_usergroup -uri $uri -uri_escape $usergroup.name -connection $connection @invokeParams | out-Null
+
+        Get-FGTUserGroup -connection $connection @invokeParams -name $usergroup.name
+    }
+
+    End {
+    }
+}
+
 function Get-FGTUserGroup {
 
     <#

From 53589e82ef9336307127d54bfcfee5b017d243df Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Thu, 5 Sep 2024 21:16:05 +0200
Subject: [PATCH 06/12] UserGroup: Fix typo (Address -> User)

---
 PowerFGT/Public/cmdb/user/group.ps1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 022efba00..41efd6790 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -272,7 +272,7 @@ function Set-FGTUserGroup {
 
     <#
         .SYNOPSIS
-        Configure a FortiGate Address Group
+        Configure a FortiGate User Group
 
         .DESCRIPTION
         Change a FortiGate User Group (name, member...)

From a71a7412bce06f97fb7dc7afc9a18f34b747f2d1 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Fri, 6 Sep 2024 08:17:11 +0200
Subject: [PATCH 07/12] UserGroup: Add Remove-FGTUserGroupMember

---
 PowerFGT/Public/cmdb/user/group.ps1 | 89 +++++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 41efd6790..f1233e706 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -419,6 +419,95 @@ function Remove-FGTUserGroup {
         }
     }
 
+    End {
+    }
+}
+
+function Remove-FGTUserGroupMember {
+
+    <#
+        .SYNOPSIS
+        Remove a FortiGate User Group Member
+
+        .DESCRIPTION
+        Remove a FortiGate User Group Member
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Remove-FGTUserGroupMember -member MyUser1
+
+        Remove MyUser1 member to MyFGTUserGroup
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Remove-FGTUserGroupMember -member MyUser1, MyUser2
+
+        Remove MyUser1 and MyUser2 member to MyFGTUserGroup
+
+    #>
+
+    [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')]
+    Param(
+        [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)]
+        [ValidateScript( { Confirm-FGTUserGroup $_ })]
+        [psobject]$usergroup,
+        [Parameter(Mandatory = $false)]
+        [string[]]$member,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        $uri = "api/v2/cmdb/user/group"
+
+        $_usergroup = new-Object -TypeName PSObject
+
+        if ( $PsBoundParameters.ContainsKey('member') ) {
+            #Create a new array
+            $members = @()
+            foreach ($m in $usergroup.member) {
+                $member_name = @{ }
+                $member_name.add( 'name', $m.name)
+                $members += $member_name
+            }
+
+            #Remove member
+            foreach ($remove_member in $member) {
+                #May be a better (and faster) solution...
+                $members = $members | Where-Object { $_.name -ne $remove_member }
+            }
+
+            #check if there is always a member... (it is not possible don't have member on User Group)
+            #if ( $members.count -eq 0 ) {
+            #    Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group"
+            #}
+
+            #if there is only One member force to be an array
+            if ( $members.count -eq 1 ) {
+                $members = @($members)
+            }
+
+            $_usergroup | add-member -name "member" -membertype NoteProperty -Value $members
+        }
+
+        if ($PSCmdlet.ShouldProcess($usergroup.name, 'Remove User Group Member')) {
+            Invoke-FGTRestMethod -method "PUT" -body $_usergroup -uri $uri -uri_escape $usergroup.name -connection $connection @invokeParams | Out-Null
+
+            Get-FGTUserGroup -connection $connection @invokeParams -name $usergroup.name
+        }
+    }
+
     End {
     }
 }
\ No newline at end of file

From be59e1afd4567f50a34f1a8e216e1519bc3d3311 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Fri, 6 Sep 2024 08:18:40 +0200
Subject: [PATCH 08/12] UserGroup: Add Copy-FGTUserGroup for clone an User
 Group

---
 PowerFGT/Public/cmdb/user/group.ps1 | 55 +++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index f1233e706..144b974aa 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -156,6 +156,61 @@ function Add-FGTUserGroupMember {
     }
 }
 
+function Copy-FGTUserGroup {
+
+    <#
+        .SYNOPSIS
+        Copy/Clone a FortiGate User Group
+
+        .DESCRIPTION
+        Copy/Clone a FortiGate User Group (name, member...)
+
+        .EXAMPLE
+        $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup
+        PS C:\>$MyFGTUserGroup | Copy-FGTUserGroup -name MyFGTUserGroup_copy
+
+        Copy / Clone MyFGTUserGroup and name MyFGTUser_copy
+
+    #>
+
+    Param(
+        [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)]
+        [ValidateScript( { Confirm-FGTUserGroup $_ })]
+        [psobject]$usergroup,
+        [Parameter (Mandatory = $true)]
+        [string]$name,
+        [Parameter(Mandatory = $false)]
+        [String[]]$vdom,
+        [Parameter(Mandatory = $false)]
+        [psobject]$connection = $DefaultFGTConnection
+    )
+
+    Begin {
+    }
+
+    Process {
+
+        $invokeParams = @{ }
+        if ( $PsBoundParameters.ContainsKey('vdom') ) {
+            $invokeParams.add( 'vdom', $vdom )
+        }
+
+        if ( Get-FGTUserGroup @invokeParams -name $name -connection $connection) {
+            Throw "Already an User Group object using the same name"
+        }
+
+        $uri = "api/v2/cmdb/user/group"
+        $extra = "action=clone&nkey=$($name)"
+
+        Invoke-FGTRestMethod -method "POST" -uri $uri -uri_escape $usergroup.name -extra $extra -connection $connection @invokeParams | Out-Null
+
+        Get-FGTUserGroup -connection $connection @invokeParams -name $name
+    }
+
+    End {
+    }
+}
+
 function Get-FGTUserGroup {
 
     <#

From ad2865820b48f1208b576603f2d27b4ba65b2555 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Fri, 6 Sep 2024 08:21:11 +0200
Subject: [PATCH 09/12] UserGroup: Add Test (WIP)

---
 Tests/integration/UserGroup.Tests.ps1 | 506 ++++++++++++++++++++++++++
 1 file changed, 506 insertions(+)
 create mode 100644 Tests/integration/UserGroup.Tests.ps1

diff --git a/Tests/integration/UserGroup.Tests.ps1 b/Tests/integration/UserGroup.Tests.ps1
new file mode 100644
index 000000000..a87729880
--- /dev/null
+++ b/Tests/integration/UserGroup.Tests.ps1
@@ -0,0 +1,506 @@
+#
+# Copyright 2020, Alexis La Goutte <alexis dot lagoutte at gmail dot com>
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+#include common configuration
+. ../common.ps1
+
+BeforeAll {
+    Connect-FGT @invokeParams
+}
+
+Describe "Get User Group" {
+
+    BeforeAll {
+        #Create User object
+        Add-FGTUserLocal -Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+        #Create Usergroup object with one member
+        $script:addrgrp = Add-FGTUserGroup -name $pester_Usergroup1 -member $pester_User1
+        $script:uuid = $addrgrp.uuid
+        Add-FGTUserGroup -name $pester_Usergroup2 -member $pester_User2
+    }
+
+    It "Get User Group Does not throw an error" {
+        {
+            Get-FGTUserGroup
+        } | Should -Not -Throw
+    }
+
+    It "Get ALL User Group" {
+        $Usergroup = Get-FGTUserGroup
+        $Usergroup.count | Should -Not -Be $NULL
+    }
+
+    It "Get ALL User Group with -skip" {
+        $Usergroup = Get-FGTUserGroup -skip
+        $Usergroup.count | Should -Not -Be $NULL
+    }
+
+    It "Get User Group ($pester_Usergroup1)" {
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+    }
+
+    It "Get User Group ($pester_Usergroup1) and confirm (via Confirm-FGTUserGroup)" {
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        Confirm-FGTUserGroup ($Usergroup) | Should -Be $true
+    }
+
+    It "Get User Group ($pester_Usergroup1) and meta" {
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 -meta
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.q_ref | Should -Not -BeNullOrEmpty
+        $Usergroup.q_static | Should -Not -BeNullOrEmpty
+        $Usergroup.q_no_rename | Should -Not -BeNullOrEmpty
+        $Usergroup.q_global_entry | Should -Not -BeNullOrEmpty
+        $Usergroup.q_type | Should -Not -BeNullOrEmpty
+        $Usergroup.q_path | Should -Be "user"
+        $Usergroup.q_name | Should -Be "group"
+        $Usergroup.q_mkey_type | Should -Be "string"
+        if ($DefaultFGTConnection.version -ge "6.2.0") {
+            $Usergroup.q_no_edit | Should -Not -BeNullOrEmpty
+        }
+        $Usergroup.q_class | Should -Not -BeNullOrEmpty
+    }
+
+    Context "Search" {
+
+        It "Search User Group by name ($pester_Usergroup1)" {
+            $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+            @($Usergroup).count | Should -be 1
+            $Usergroup.name | Should -Be $pester_Usergroup1
+        }
+
+        It "Search User Group by uuid ($script:uuid)" {
+            $Usergroup = Get-FGTUserGroup -uuid $script:uuid
+            @($Usergroup).count | Should -be 1
+            $Usergroup.name | Should -Be $pester_Usergroup1
+        }
+
+    }
+
+    AfterAll {
+        #Remove User group before User...
+        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
+        Get-FGTUserGroup -name $pester_Usergroup2 | Remove-FGTUserGroup -confirm:$false
+
+        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+    }
+
+}
+
+Describe "Add User Group" {
+
+    BeforeAll {
+        #Create some User object
+        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+    }
+
+    AfterEach {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
+    }
+
+    It "Add User Group $pester_Usergroup1 (with 1 member)" {
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Add User Group $pester_Usergroup1 (with 1 member and a comment)" {
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -comment "Add via PowerFGT"
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -Be "Add via PowerFGT"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Add User Group $pester_Usergroup1 (with 1 member and visibility disable)" {
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -visibility:$false
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be "disable"
+        }
+    }
+
+    It "Add User Group $pester_Usergroup1 (with 2 members)" {
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Add User Group $pester_Usergroup1 (with 1 member and data (1 field))" {
+        $data = @{ "color" = 23 }
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -BeNullOrEmpty
+        $Usergroup.color | Should -Be "23"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Add User Group $pester_Usergroup1 (with 1 member and data (2 fields))" {
+        $data = @{ "color" = 23; "comment" = "Add via PowerFGT and -data" }
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -Be "Add via PowerFGT and -data"
+        $Usergroup.color | Should -Be "23"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Try to Add User Group $pester_Usergroup1 (but there is already a object with same name)" {
+        #Add first User Group
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+        #Add Second User Group with same name
+        { Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 } | Should -Throw "Already an Usergroup object using the same name"
+
+    }
+
+    AfterAll {
+        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+    }
+
+}
+
+Describe "Add User Group Member" {
+
+    BeforeAll {
+        #Create some User object
+        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User4 -ip 192.0.2.4 -mask 255.255.255.255
+    }
+
+    BeforeEach {
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+    }
+
+    AfterEach {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
+    }
+
+    It "Add 1 member to User Group $pester_Usergroup1 (with 1 member before)" {
+        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Add 2 members to User Group $pester_Usergroup1 (with 1 member before)" {
+        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2, $pester_User3
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "3"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Add 2 members to User Group $pester_Usergroup1 (with 2 members before)" {
+        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2
+        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User3, $pester_User4
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "4"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3, $pester_User4
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    AfterAll {
+        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User4 | Remove-FGTUser -confirm:$false
+    }
+
+}
+
+Describe "Configure User Group" {
+
+    BeforeAll {
+        #Create some User object
+        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+
+        $addrgrp = Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+        $script:uuid = $addrgrp.uuid
+    }
+
+    It "Change comment" {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -comment "Modified by PowerFGT"
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -Be "Modified by PowerFGT"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Change visiblity" {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -visibility:$false
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -Be "Modified by PowerFGT"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be "disable"
+        }
+    }
+
+    It "Change 1 Member ($pester_User2)" {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User2
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User2
+        $Usergroup.comment | Should -Be "Modified by PowerFGT"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be "disable"
+        }
+    }
+
+    It "Change 2 Members ($pester_User1 and $pester_User2)" {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User1, $pester_User2
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
+        $Usergroup.comment | Should -Be "Modified by PowerFGT"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be "disable"
+        }
+    }
+
+    It "Change -data (1 field)" {
+        $data = @{ "color" = 23 }
+        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
+        $Usergroup.comment | Should -Be "Modified by PowerFGT"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be "disable"
+        }
+        $Usergroup.color | Should -Be "23"
+    }
+
+    It "Change -data (2 fields)" {
+        $data = @{ "color" = 4 ; comment = "Modified by PowerFGT via -data" }
+        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
+        $Usergroup.comment | Should -Be "Modified by PowerFGT via -data"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be "disable"
+        }
+        $Usergroup.color | Should -Be "4"
+    }
+
+    It "Change Name" {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -name "pester_Usergroup1_change"
+        $Usergroup = Get-FGTUserGroup -name "pester_Usergroup1_change"
+        $Usergroup.name | Should -Be "pester_Usergroup1_change"
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
+        $Usergroup.comment | Should -Be "Modified by PowerFGT via -data"
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be "disable"
+        }
+    }
+
+    AfterAll {
+        #Remove User group before User...
+        Get-FGTUserGroup -uuid $script:uuid | Remove-FGTUserGroup -confirm:$false
+
+        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+    }
+
+}
+
+Describe "Copy User Group" {
+
+    BeforeAll {
+        #Create some User object
+        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2
+    }
+
+
+    It "Copy User Group ($pester_Usergroup1 => copy_pester_Usergroup1)" {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Copy-FGTUserGroup -name copy_pester_Usergroup1
+        $Usergroup = Get-FGTUserGroup -name copy_pester_Usergroup1
+        $Usergroup.name | Should -Be "copy_pester_Usergroup1"
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    AfterAll {
+        #Remove User group before User...
+
+        #Remove copy_pester_User1
+        Get-FGTUserGroup -name copy_pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
+
+        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
+
+        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+    }
+
+}
+
+Describe "Remove User Group" {
+
+    BeforeEach {
+        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+    }
+
+    It "Remove User Group $pester_Usergroup1 by pipeline" {
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup | Remove-FGTUserGroup -confirm:$false
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup | Should -Be $NULL
+    }
+
+    AfterAll {
+        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
+    }
+
+}
+
+Describe "Remove User Group Member" {
+
+    BeforeAll {
+        #Create some User object
+        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+        Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255
+    }
+
+    BeforeEach {
+        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2, $pester_User3
+    }
+
+    AfterEach {
+        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
+    }
+
+    It "Remove 1 member to User Group $pester_Usergroup1 (with 3 members before)" {
+        Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "2"
+        $Usergroup.member.name | Should -BeIn $pester_User2, $pester_User3
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Remove 2 members to User Group $pester_Usergroup1 (with 3 members before)" {
+        Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User2, $pester_User3
+        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
+        $Usergroup.name | Should -Be $pester_Usergroup1
+        $Usergroup.uuid | Should -Not -BeNullOrEmpty
+        ($Usergroup.member).count | Should -Be "1"
+        $Usergroup.member.name | Should -BeIn $pester_User1
+        $Usergroup.comment | Should -BeNullOrEmpty
+        if ($DefaultFGTConnection.version -lt "6.4.0") {
+            $Usergroup.visibility | Should -Be $true
+        }
+    }
+
+    It "Try Remove 3 members to User Group $pester_Usergroup1 (with 3 members before)" {
+        {
+            Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1, $pester_User2, $pester_User3
+        } | Should -Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group"
+    }
+
+    AfterAll {
+        Get-FGTUserLocal-name $pester_User1 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal-name $pester_User2 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false
+    }
+
+}
+
+AfterAll {
+    Disconnect-FGT -confirm:$false
+}
\ No newline at end of file

From 5627ba202c03287cd640dc474c185a9e99d9863b Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Fri, 6 Sep 2024 17:26:57 +0200
Subject: [PATCH 10/12] UserGroup(Tests): Fix Tests....

---
 Tests/common.ps1                      |   5 +
 Tests/integration/UserGroup.Tests.ps1 | 507 ++++++++++----------------
 2 files changed, 193 insertions(+), 319 deletions(-)

diff --git a/Tests/common.ps1 b/Tests/common.ps1
index 505585380..5d1f1fd3c 100644
--- a/Tests/common.ps1
+++ b/Tests/common.ps1
@@ -52,6 +52,11 @@ $script:pester_userldapserver2 = "pesterldapserver2.powerfgt"
 $script:pester_userldapserver3 = "pesterldapserver3.powerfgt"
 $script:pester_userldappassword = ConvertTo-SecureString "pester_userldappassword" -AsPlainText -Force
 $script:pester_userldappasswordchanged = ConvertTo-SecureString "pester_userldappasswordchanged" -AsPlainText -Force
+$script:pester_userlocal2 = "pester_userlocal2"
+$script:pester_userlocal3 = "pester_userlocal3"
+$script:pester_userlocal4 = "pester_userlocal4"
+$script:pester_usergroup1 = "pester_usergroup1"
+$script:pester_usergroup2 = "pester_usergroup2"
 
 . ../credential.ps1
 #TODO: Add check if no ipaddress/login/password info...
diff --git a/Tests/integration/UserGroup.Tests.ps1 b/Tests/integration/UserGroup.Tests.ps1
index a87729880..6e836dd45 100644
--- a/Tests/integration/UserGroup.Tests.ps1
+++ b/Tests/integration/UserGroup.Tests.ps1
@@ -15,12 +15,11 @@ Describe "Get User Group" {
 
     BeforeAll {
         #Create User object
-        Add-FGTUserLocal -Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
-        Add-FGTUserLocal -Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword
         #Create Usergroup object with one member
-        $script:addrgrp = Add-FGTUserGroup -name $pester_Usergroup1 -member $pester_User1
-        $script:uuid = $addrgrp.uuid
-        Add-FGTUserGroup -name $pester_Usergroup2 -member $pester_User2
+        Add-FGTUserGroup -name $pester_usergroup1 -member $pester_userlocal
+        Add-FGTUserGroup -name $pester_usergroup2 -member $pester_userlocal2
     }
 
     It "Get User Group Does not throw an error" {
@@ -30,65 +29,59 @@ Describe "Get User Group" {
     }
 
     It "Get ALL User Group" {
-        $Usergroup = Get-FGTUserGroup
-        $Usergroup.count | Should -Not -Be $NULL
+        $usergroup = Get-FGTUserGroup
+        $usergroup.count | Should -Not -Be $NULL
     }
 
     It "Get ALL User Group with -skip" {
-        $Usergroup = Get-FGTUserGroup -skip
-        $Usergroup.count | Should -Not -Be $NULL
+        $usergroup = Get-FGTUserGroup -skip
+        $usergroup.count | Should -Not -Be $NULL
     }
 
-    It "Get User Group ($pester_Usergroup1)" {
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
+    It "Get User Group ($pester_usergroup1)" {
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
     }
 
-    It "Get User Group ($pester_Usergroup1) and confirm (via Confirm-FGTUserGroup)" {
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        Confirm-FGTUserGroup ($Usergroup) | Should -Be $true
+    It "Get User Group ($pester_usergroup1) and confirm (via Confirm-FGTUserGroup)" {
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        Confirm-FGTUserGroup ($usergroup) | Should -Be $true
     }
 
-    It "Get User Group ($pester_Usergroup1) and meta" {
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 -meta
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.q_ref | Should -Not -BeNullOrEmpty
-        $Usergroup.q_static | Should -Not -BeNullOrEmpty
-        $Usergroup.q_no_rename | Should -Not -BeNullOrEmpty
-        $Usergroup.q_global_entry | Should -Not -BeNullOrEmpty
-        $Usergroup.q_type | Should -Not -BeNullOrEmpty
-        $Usergroup.q_path | Should -Be "user"
-        $Usergroup.q_name | Should -Be "group"
-        $Usergroup.q_mkey_type | Should -Be "string"
+    It "Get User Group ($pester_usergroup1) and meta" {
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1 -meta
+        $usergroup.name | Should -Be $pester_usergroup1
+        $usergroup.q_ref | Should -Not -BeNullOrEmpty
+        $usergroup.q_static | Should -Not -BeNullOrEmpty
+        $usergroup.q_no_rename | Should -Not -BeNullOrEmpty
+        $usergroup.q_global_entry | Should -Not -BeNullOrEmpty
+        $usergroup.q_type | Should -Not -BeNullOrEmpty
+        $usergroup.q_path | Should -Be "user"
+        $usergroup.q_name | Should -Be "group"
+        $usergroup.q_mkey_type | Should -Be "string"
         if ($DefaultFGTConnection.version -ge "6.2.0") {
-            $Usergroup.q_no_edit | Should -Not -BeNullOrEmpty
+            $usergroup.q_no_edit | Should -Not -BeNullOrEmpty
         }
-        $Usergroup.q_class | Should -Not -BeNullOrEmpty
+        $usergroup.q_class | Should -Not -BeNullOrEmpty
     }
 
     Context "Search" {
 
-        It "Search User Group by name ($pester_Usergroup1)" {
-            $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-            @($Usergroup).count | Should -be 1
-            $Usergroup.name | Should -Be $pester_Usergroup1
-        }
-
-        It "Search User Group by uuid ($script:uuid)" {
-            $Usergroup = Get-FGTUserGroup -uuid $script:uuid
-            @($Usergroup).count | Should -be 1
-            $Usergroup.name | Should -Be $pester_Usergroup1
+        It "Search User Group by name ($pester_usergroup1)" {
+            $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+            @($usergroup).count | Should -be 1
+            $usergroup.name | Should -Be $pester_usergroup1
         }
 
     }
 
     AfterAll {
         #Remove User group before User...
-        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
-        Get-FGTUserGroup -name $pester_Usergroup2 | Remove-FGTUserGroup -confirm:$false
+        Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false
+        Get-FGTUserGroup -name $pester_usergroup2 | Remove-FGTUserGroup -confirm:$false
 
-        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false
     }
 
 }
@@ -97,107 +90,62 @@ Describe "Add User Group" {
 
     BeforeAll {
         #Create some User object
-        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword
     }
 
     AfterEach {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
-    }
-
-    It "Add User Group $pester_Usergroup1 (with 1 member)" {
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+        Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false
     }
 
-    It "Add User Group $pester_Usergroup1 (with 1 member and a comment)" {
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -comment "Add via PowerFGT"
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -Be "Add via PowerFGT"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Add User Group $pester_usergroup1 (with 1 member)" {
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "1"
+        $usergroup.member.name | Should -BeIn $pester_userlocal
     }
 
-    It "Add User Group $pester_Usergroup1 (with 1 member and visibility disable)" {
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -visibility:$false
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be "disable"
-        }
+    It "Add User Group $pester_usergroup1 (with 2 members)" {
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal, $pester_userlocal2
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2
     }
 
-    It "Add User Group $pester_Usergroup1 (with 2 members)" {
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Add User Group $pester_usergroup1 (with 1 member and data (1 field))" {
+        $data = @{ "authtimeout" = 23 }
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal -data $data
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "1"
+        $usergroup.member.name | Should -BeIn $pester_userlocal
+        $usergroup.authtimeout | Should -Be "23"
     }
 
-    It "Add User Group $pester_Usergroup1 (with 1 member and data (1 field))" {
-        $data = @{ "color" = 23 }
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -BeNullOrEmpty
-        $Usergroup.color | Should -Be "23"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Add User Group $pester_usergroup1 (with 1 member and data (2 fields))" {
+        $data = @{ "authtimeout" = 23; "auth-concurrent-override" = "enable" }
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal -data $data
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "1"
+        $usergroup.member.name | Should -BeIn $pester_userlocal
+        $usergroup.authtimeout | Should -Be "23"
+        $usergroup.'auth-concurrent-override' | Should -Be "enable"
     }
 
-    It "Add User Group $pester_Usergroup1 (with 1 member and data (2 fields))" {
-        $data = @{ "color" = 23; "comment" = "Add via PowerFGT and -data" }
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -Be "Add via PowerFGT and -data"
-        $Usergroup.color | Should -Be "23"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
-    }
-
-    It "Try to Add User Group $pester_Usergroup1 (but there is already a object with same name)" {
+    It "Try to Add User Group $pester_usergroup1 (but there is already a object with same name)" {
         #Add first User Group
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal
         #Add Second User Group with same name
-        { Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 } | Should -Throw "Already an Usergroup object using the same name"
+        { Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal } | Should -Throw "Already an User Group object using the same name"
 
     }
 
     AfterAll {
-        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false
     }
 
 }
@@ -206,65 +154,50 @@ Describe "Add User Group Member" {
 
     BeforeAll {
         #Create some User object
-        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User4 -ip 192.0.2.4 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal3 -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal4 -passwd $pester_userlocalpassword
     }
 
     BeforeEach {
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal
     }
 
     AfterEach {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
-    }
-
-    It "Add 1 member to User Group $pester_Usergroup1 (with 1 member before)" {
-        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+        Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false
     }
 
-    It "Add 2 members to User Group $pester_Usergroup1 (with 1 member before)" {
-        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2, $pester_User3
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "3"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Add 1 member to User Group $pester_usergroup1 (with 1 member before)" {
+        Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal2
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2
     }
 
-    It "Add 2 members to User Group $pester_Usergroup1 (with 2 members before)" {
-        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2
-        Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User3, $pester_User4
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "4"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3, $pester_User4
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Add 2 members to User Group $pester_usergroup1 (with 1 member before)" {
+        Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal2, $pester_userlocal3
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "3"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2, $pester_userlocal3
+    }
+
+    It "Add 2 members to User Group $pester_usergroup1 (with 2 members before)" {
+        Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal2
+        Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal3, $pester_userlocal4
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "4"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2, $pester_userlocal3, $pester_userlocal4
     }
 
     AfterAll {
-        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User4 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal3 | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal4 | Remove-FGTUserLocal -confirm:$false
     }
 
 }
@@ -273,114 +206,64 @@ Describe "Configure User Group" {
 
     BeforeAll {
         #Create some User object
-        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword
 
-        $addrgrp = Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+        $addrgrp = Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal
         $script:uuid = $addrgrp.uuid
     }
 
-    It "Change comment" {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -comment "Modified by PowerFGT"
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -Be "Modified by PowerFGT"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Change 1 Member ($pester_userlocal2)" {
+        Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -member $pester_userlocal2
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "1"
+        $usergroup.member.name | Should -BeIn $pester_userlocal2
     }
 
-    It "Change visiblity" {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -visibility:$false
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -Be "Modified by PowerFGT"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be "disable"
-        }
-    }
-
-    It "Change 1 Member ($pester_User2)" {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User2
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User2
-        $Usergroup.comment | Should -Be "Modified by PowerFGT"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be "disable"
-        }
-    }
-
-    It "Change 2 Members ($pester_User1 and $pester_User2)" {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User1, $pester_User2
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
-        $Usergroup.comment | Should -Be "Modified by PowerFGT"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be "disable"
-        }
+    It "Change 2 Members ($pester_userlocal and $pester_userlocal2)" {
+        Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -member $pester_userlocal, $pester_userlocal2
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2
     }
 
     It "Change -data (1 field)" {
-        $data = @{ "color" = 23 }
-        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
-        $Usergroup.comment | Should -Be "Modified by PowerFGT"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be "disable"
-        }
-        $Usergroup.color | Should -Be "23"
+        $data = @{ "authtimeout" = 23 }
+        Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -data $data
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2
+        $usergroup.authtimeout | Should -Be "23"
     }
 
     It "Change -data (2 fields)" {
-        $data = @{ "color" = 4 ; comment = "Modified by PowerFGT via -data" }
-        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
-        $Usergroup.comment | Should -Be "Modified by PowerFGT via -data"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be "disable"
-        }
-        $Usergroup.color | Should -Be "4"
+        $data = @{ "authtimeout" = 44 ; "auth-concurrent-override" = "enable" }
+        Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -data $data
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2
+        $usergroup.authtimeout | Should -Be "44"
+        $usergroup.'auth-concurrent-override' | Should -Be "enable"
     }
 
     It "Change Name" {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -name "pester_Usergroup1_change"
-        $Usergroup = Get-FGTUserGroup -name "pester_Usergroup1_change"
-        $Usergroup.name | Should -Be "pester_Usergroup1_change"
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
-        $Usergroup.comment | Should -Be "Modified by PowerFGT via -data"
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be "disable"
-        }
+        Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -name "pester_usergroup1_change"
+        $usergroup = Get-FGTUserGroup -name "pester_usergroup1_change"
+        $usergroup.name | Should -Be "pester_usergroup1_change"
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2
     }
 
     AfterAll {
         #Remove User group before User...
-        Get-FGTUserGroup -uuid $script:uuid | Remove-FGTUserGroup -confirm:$false
+        Get-FGTUserGroup -name pester_usergroup1_change | Remove-FGTUserGroup -confirm:$false
 
-        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false
     }
 
 }
@@ -389,24 +272,19 @@ Describe "Copy User Group" {
 
     BeforeAll {
         #Create some User object
-        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword
 
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal, $pester_userlocal2
     }
 
 
-    It "Copy User Group ($pester_Usergroup1 => copy_pester_Usergroup1)" {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Copy-FGTUserGroup -name copy_pester_Usergroup1
-        $Usergroup = Get-FGTUserGroup -name copy_pester_Usergroup1
-        $Usergroup.name | Should -Be "copy_pester_Usergroup1"
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Copy User Group ($pester_usergroup1 => copy_pester_Usergroup1)" {
+        Get-FGTUserGroup -name $pester_usergroup1 | Copy-FGTUserGroup -name copy_pester_Usergroup1
+        $usergroup = Get-FGTUserGroup -name copy_pester_Usergroup1
+        $usergroup.name | Should -Be "copy_pester_Usergroup1"
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2
     }
 
     AfterAll {
@@ -415,10 +293,10 @@ Describe "Copy User Group" {
         #Remove copy_pester_User1
         Get-FGTUserGroup -name copy_pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
 
-        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
+        Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false
 
-        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false
     }
 
 }
@@ -426,20 +304,20 @@ Describe "Copy User Group" {
 Describe "Remove User Group" {
 
     BeforeEach {
-        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword
 
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal
     }
 
-    It "Remove User Group $pester_Usergroup1 by pipeline" {
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup | Remove-FGTUserGroup -confirm:$false
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup | Should -Be $NULL
+    It "Remove User Group $pester_usergroup1 by pipeline" {
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup | Remove-FGTUserGroup -confirm:$false
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup | Should -Be $NULL
     }
 
     AfterAll {
-        Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false
     }
 
 }
@@ -448,55 +326,46 @@ Describe "Remove User Group Member" {
 
     BeforeAll {
         #Create some User object
-        Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255
-        Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255
+        Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword
+        Add-FGTUserLocal -Name $pester_userlocal3 -passwd $pester_userlocalpassword
     }
 
     BeforeEach {
-        Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2, $pester_User3
+        Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal, $pester_userlocal2, $pester_userlocal3
     }
 
     AfterEach {
-        Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false
-    }
-
-    It "Remove 1 member to User Group $pester_Usergroup1 (with 3 members before)" {
-        Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "2"
-        $Usergroup.member.name | Should -BeIn $pester_User2, $pester_User3
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+        Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false
     }
 
-    It "Remove 2 members to User Group $pester_Usergroup1 (with 3 members before)" {
-        Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User2, $pester_User3
-        $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1
-        $Usergroup.name | Should -Be $pester_Usergroup1
-        $Usergroup.uuid | Should -Not -BeNullOrEmpty
-        ($Usergroup.member).count | Should -Be "1"
-        $Usergroup.member.name | Should -BeIn $pester_User1
-        $Usergroup.comment | Should -BeNullOrEmpty
-        if ($DefaultFGTConnection.version -lt "6.4.0") {
-            $Usergroup.visibility | Should -Be $true
-        }
+    It "Remove 1 member to User Group $pester_usergroup1 (with 3 members before)" {
+        Get-FGTUserGroup -Name $pester_usergroup1 | Remove-FGTUserGroupMember -member $pester_userlocal
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "2"
+        $usergroup.member.name | Should -BeIn $pester_userlocal2, $pester_userlocal3
     }
 
-    It "Try Remove 3 members to User Group $pester_Usergroup1 (with 3 members before)" {
-        {
-            Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1, $pester_User2, $pester_User3
-        } | Should -Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group"
+    It "Remove 2 members to User Group $pester_usergroup1 (with 3 members before)" {
+        Get-FGTUserGroup -Name $pester_usergroup1 | Remove-FGTUserGroupMember -member $pester_userlocal2, $pester_userlocal3
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "1"
+        $usergroup.member.name | Should -BeIn $pester_userlocal
+    }
+
+    It "Remove 3 members to User Group $pester_usergroup1 (with 3 members before)" {
+        Get-FGTUserGroup -Name $pester_usergroup1 | Remove-FGTUserGroupMember -member $pester_userlocal, $pester_userlocal2, $pester_userlocal3
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "0"
     }
 
     AfterAll {
-        Get-FGTUserLocal-name $pester_User1 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal-name $pester_User2 | Remove-FGTUser -confirm:$false
-        Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false
+        Get-FGTUserLocal -name $pester_userlocal3 | Remove-FGTUserLocal -confirm:$false
     }
 
 }

From 1b0dc2bbbd4c8108769e1e3adf106352537c7ea5 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Fri, 6 Sep 2024 17:35:12 +0200
Subject: [PATCH 11/12] UserGroup: Fix when no members

---
 PowerFGT/Public/cmdb/user/group.ps1 | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 144b974aa..27d36970f 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -543,10 +543,10 @@ function Remove-FGTUserGroupMember {
                 $members = $members | Where-Object { $_.name -ne $remove_member }
             }
 
-            #check if there is always a member... (it is not possible don't have member on User Group)
-            #if ( $members.count -eq 0 ) {
-            #    Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group"
-            #}
+            #check if there is always a member... (and force array)
+            if ( $members.count -eq 0 ) {
+                $members = @()
+            }
 
             #if there is only One member force to be an array
             if ( $members.count -eq 1 ) {

From bdf7230e716008bfe6861927eec0b1000a38e904 Mon Sep 17 00:00:00 2001
From: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date: Fri, 13 Sep 2024 15:32:18 +0200
Subject: [PATCH 12/12] UserGroup: Add User Group with no member

Add also Tests
---
 PowerFGT/Public/cmdb/user/group.ps1   | 18 ++++++++++--------
 Tests/integration/UserGroup.Tests.ps1 |  7 +++++++
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1
index 27d36970f..e16d9f3ba 100644
--- a/PowerFGT/Public/cmdb/user/group.ps1
+++ b/PowerFGT/Public/cmdb/user/group.ps1
@@ -33,7 +33,7 @@ function Add-FGTUserGroup {
     Param(
         [Parameter (Mandatory = $true)]
         [string]$name,
-        [Parameter (Mandatory = $true)]
+        [Parameter (Mandatory = $false)]
         [string[]]$member,
         [Parameter (Mandatory = $false)]
         [hashtable]$data,
@@ -63,14 +63,16 @@ function Add-FGTUserGroup {
 
         $usergroup | add-member -name "name" -membertype NoteProperty -Value $name
 
-        #Add member to members Array
-        $members = @( )
-        foreach ( $m in $member ) {
-            $member_name = @{ }
-            $member_name.add( 'name', $m)
-            $members += $member_name
+        if ( $PsBoundParameters.ContainsKey('member') ) {
+            #Add member to members Array
+            $members = @( )
+            foreach ( $m in $member ) {
+                $member_name = @{ }
+                $member_name.add( 'name', $m)
+                $members += $member_name
+            }
+            $usergroup | add-member -name "member" -membertype NoteProperty -Value $members
         }
-        $usergroup | add-member -name "member" -membertype NoteProperty -Value $members
 
         if ( $PsBoundParameters.ContainsKey('data') ) {
             $data.GetEnumerator() | ForEach-Object {
diff --git a/Tests/integration/UserGroup.Tests.ps1 b/Tests/integration/UserGroup.Tests.ps1
index 6e836dd45..62bf5c024 100644
--- a/Tests/integration/UserGroup.Tests.ps1
+++ b/Tests/integration/UserGroup.Tests.ps1
@@ -98,6 +98,13 @@ Describe "Add User Group" {
         Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false
     }
 
+    It "Add User Group $pester_usergroup1 (with 0 member)" {
+        Add-FGTUserGroup -Name $pester_usergroup1
+        $usergroup = Get-FGTUserGroup -name $pester_usergroup1
+        $usergroup.name | Should -Be $pester_usergroup1
+        ($usergroup.member).count | Should -Be "0"
+    }
+
     It "Add User Group $pester_usergroup1 (with 1 member)" {
         Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal
         $usergroup = Get-FGTUserGroup -name $pester_usergroup1