From 3f3310f0093cd9e0175795c67b064afe2fe183d1 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Wed, 4 Sep 2024 20:37:24 +0200 Subject: [PATCH 01/12] UserGroup: Add Add-FGTUserGroup for add User(Local) to UserGroup --- PowerFGT/Public/cmdb/user/group.ps1 | 83 +++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 547702630..89acacee0 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -4,6 +4,89 @@ # SPDX-License-Identifier: Apache-2.0 # +function Add-FGTUserGroup { + + <# + .SYNOPSIS + Add a FortiGate User Group + + .DESCRIPTION + Add a FortiGate User Group + + .EXAMPLE + Add-FGTUserGroup -name MyUserGroup -member MyUser1 + + Add User Group with member MyUser1 + + .EXAMPLE + Add-FGTUserGroup -name MyUserGroup -member MyUser1, MyUser2 + + Add User Group with members MyUser1 and MyUser2 + + .EXAMPLE + $data = @{ "authtimeout" = 23 } + PS C:\>Add-FGTUserGroup -name MyUserGroup -member MyUser1 -data $data + + Add User Group with member MyUser1and authtimeout (23) via -data parameter + #> + + Param( + [Parameter (Mandatory = $true)] + [string]$name, + [Parameter (Mandatory = $true)] + [string[]]$member, + [Parameter (Mandatory = $false)] + [hashtable]$data, + [Parameter(Mandatory = $false)] + [String[]]$vdom, + [Parameter(Mandatory = $false)] + [psobject]$connection = $DefaultFGTConnection + ) + + Begin { + } + + Process { + + $invokeParams = @{ } + if ( $PsBoundParameters.ContainsKey('vdom') ) { + $invokeParams.add( 'vdom', $vdom ) + } + + if ( Get-FGTUserGroup @invokeParams -name $name -connection $connection) { + Throw "Already an User Group object using the same name" + } + + $uri = "api/v2/cmdb/user/group" + + $usergroup = new-Object -TypeName PSObject + + $usergroup | add-member -name "name" -membertype NoteProperty -Value $name + + #Add member to members Array + $members = @( ) + foreach ( $m in $member ) { + $member_name = @{ } + $member_name.add( 'name', $m) + $members += $member_name + } + $usergroup | add-member -name "member" -membertype NoteProperty -Value $members + + if ( $PsBoundParameters.ContainsKey('data') ) { + $data.GetEnumerator() | ForEach-Object { + $usergroup | Add-member -name $_.key -membertype NoteProperty -Value $_.value + } + } + + Invoke-FGTRestMethod -method "POST" -body $usergroup -uri $uri -connection $connection @invokeParams | Out-Null + + Get-FGTUserGroup -connection $connection @invokeParams -name $name + } + + End { + } +} + function Get-FGTUserGroup { <# From d9383675feb7ac8c38d33c78b6ed1a8677e1e847 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Wed, 4 Sep 2024 20:43:21 +0200 Subject: [PATCH 02/12] UserGroup: Add Remove-FGTUserGroup for remove member group --- PowerFGT/Public/cmdb/user/group.ps1 | 55 +++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 89acacee0..124f1568c 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -198,3 +198,58 @@ function Get-FGTUserGroup { End { } } + +function Remove-FGTUserGroup { + + <# + .SYNOPSIS + Remove a FortiGate User + + .DESCRIPTION + Remove an User Group object on the FortiGate + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Remove-FGTUserGroup + + Remove User Group object $MyFGTUserGroup + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Remove-FGTUserGroup -confirm:$false + + Remove User object $MyFGTUserGroup with no confirmation + + #> + + [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')] + Param( + [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)] + [ValidateScript( { Confirm-FGTUserGroup $_ })] + [psobject]$usergroup, + [Parameter(Mandatory = $false)] + [String[]]$vdom, + [Parameter(Mandatory = $false)] + [psobject]$connection = $DefaultFGTConnection + ) + + Begin { + } + + Process { + + $invokeParams = @{ } + if ( $PsBoundParameters.ContainsKey('vdom') ) { + $invokeParams.add( 'vdom', $vdom ) + } + + $uri = "api/v2/cmdb/user/group" + + if ($PSCmdlet.ShouldProcess($usergroup.name, 'Remove User Group')) { + $null = Invoke-FGTRestMethod -method "DELETE" -uri $uri -uri_escape $usergroup.name -connection $connection @invokeParams + } + } + + End { + } +} \ No newline at end of file From de9adcba083796186ed0908623605489d9fd6fc2 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Thu, 5 Sep 2024 21:02:22 +0200 Subject: [PATCH 03/12] UserGroup: add Confirm-FGTUserGroup for check usergroup PS object --- PowerFGT/Private/Confirm.ps1 | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/PowerFGT/Private/Confirm.ps1 b/PowerFGT/Private/Confirm.ps1 index 1852d3493..de81b0845 100644 --- a/PowerFGT/Private/Confirm.ps1 +++ b/PowerFGT/Private/Confirm.ps1 @@ -479,4 +479,25 @@ Function Confirm-FGTUserLocal { $true +} + +Function Confirm-FGTUserGroup { + + Param ( + [Parameter (Mandatory = $true)] + [object]$argument + ) + + if ( -not ( $argument | get-member -name name -Membertype Properties)) { + throw "Element specified does not contain a name property." + } + if ( -not ( $argument | get-member -name id -Membertype Properties)) { + throw "Element specified does not contain an id property." + } + if ( -not ( $argument | get-member -name group-type -Membertype Properties)) { + throw "Element specified does not contain a group-type property." + } + + $true + } \ No newline at end of file From 81505e5fa64d7702aa25c053bf492156b33c9cdb Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Thu, 5 Sep 2024 21:11:22 +0200 Subject: [PATCH 04/12] UserGroup: add Set-FGTUserGroup for configure member and (re)name --- PowerFGT/Public/cmdb/user/group.ps1 | 100 ++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 124f1568c..0523f17ca 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -199,6 +199,106 @@ function Get-FGTUserGroup { } } +function Set-FGTUserGroup { + + <# + .SYNOPSIS + Configure a FortiGate Address Group + + .DESCRIPTION + Change a FortiGate User Group (name, member...) + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -member MyUser1 + + Change MyFGTUserGroup member to MyUser1 + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -member MyUser1, MyUser2 + + Change MyFGTUserGroup member to MyUser1 and MyUser2 + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -name MyFGTUserGroup2 + + Rename MyFGTUserGroup member to MyFGTUserGroup2 + + .EXAMPLE + $data = @{ "authtimeout" = 23 } + PS C:\>$MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Set-FGTUserGroup -data $data + + Change MyFGTUserGroup to set authtimeout (23) using -data + #> + + [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')] + Param( + [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)] + [ValidateScript( { Confirm-FGTUserGroup $_ })] + [psobject]$usergroup, + [Parameter (Mandatory = $false)] + [string]$name, + [Parameter (Mandatory = $false)] + [string[]]$member, + [Parameter (Mandatory = $false)] + [hashtable]$data, + [Parameter(Mandatory = $false)] + [String[]]$vdom, + [Parameter(Mandatory = $false)] + [psobject]$connection = $DefaultFGTConnection + ) + + Begin { + } + + Process { + + $invokeParams = @{ } + if ( $PsBoundParameters.ContainsKey('vdom') ) { + $invokeParams.add( 'vdom', $vdom ) + } + + $uri = "api/v2/cmdb/user/group" + $old_name = $usergroup.name + $_usergroup = new-Object -TypeName PSObject + + if ( $PsBoundParameters.ContainsKey('name') ) { + #TODO check if there is no already a object with this name ? + $_usergroup | add-member -name "name" -membertype NoteProperty -Value $name + $usergroup.name = $name + } + + if ( $PsBoundParameters.ContainsKey('member') ) { + #Add member to Member Array + $members = @( ) + foreach ( $m in $member ) { + $member_name = @{ } + $member_name.add( 'name', $m) + $members += $member_name + } + $_usergroup | add-member -name "member" -membertype NoteProperty -Value $members + } + + if ( $PsBoundParameters.ContainsKey('data') ) { + $data.GetEnumerator() | ForEach-Object { + $_usergroup | Add-member -name $_.key -membertype NoteProperty -Value $_.value + } + } + + if ($PSCmdlet.ShouldProcess($usergroup.name, 'Configure User Group')) { + Invoke-FGTRestMethod -method "PUT" -body $_usergroup -uri $uri -uri_escape $old_name -connection $connection @invokeParams | out-Null + + Get-FGTUserGroup -connection $connection @invokeParams -name $usergroup.name + } + } + + End { + } +} + function Remove-FGTUserGroup { <# From 68de71d589549079d3051ab7f37049c88fad27ec Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Thu, 5 Sep 2024 21:15:38 +0200 Subject: [PATCH 05/12] UserGroup: Add Add-FGTFirewallUserGroupMember for add member to UserGroup --- PowerFGT/Public/cmdb/user/group.ps1 | 69 +++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 0523f17ca..022efba00 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -87,6 +87,75 @@ function Add-FGTUserGroup { } } +function Add-FGTUserGroupMember { + + <# + .SYNOPSIS + Add a FortiGate User Group Member + + .DESCRIPTION + Add a FortiGate User Group Member + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Add-FGTUserGroupMember -member MyUser1 + + Add MyUser1 member to MyFGTUserGroup + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Add-FGTUserGroupMember -member MyUser1, MyUser2 + + Add MyUser1 and MyUser2 member to MyFGTUserGroup + + #> + + Param( + [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)] + [ValidateScript( { Confirm-FGTUserGroup $_ })] + [psobject]$usergroup, + [Parameter(Mandatory = $false)] + [string[]]$member, + [Parameter(Mandatory = $false)] + [String[]]$vdom, + [Parameter(Mandatory = $false)] + [psobject]$connection = $DefaultFGTConnection + ) + + Begin { + } + + Process { + + $invokeParams = @{ } + if ( $PsBoundParameters.ContainsKey('vdom') ) { + $invokeParams.add( 'vdom', $vdom ) + } + + $uri = "api/v2/cmdb/user/group" + + $_usergroup = new-Object -TypeName PSObject + + if ( $PsBoundParameters.ContainsKey('member') ) { + #Add member to existing usergroup member + $members = $usergroup.member + foreach ( $m in $member ) { + $member_name = @{ } + $member_name.add( 'name', $m) + $members += $member_name + } + $_usergroup | add-member -name "member" -membertype NoteProperty -Value $members + } + + Invoke-FGTRestMethod -method "PUT" -body $_usergroup -uri $uri -uri_escape $usergroup.name -connection $connection @invokeParams | out-Null + + Get-FGTUserGroup -connection $connection @invokeParams -name $usergroup.name + } + + End { + } +} + function Get-FGTUserGroup { <# From 53589e82ef9336307127d54bfcfee5b017d243df Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Thu, 5 Sep 2024 21:16:05 +0200 Subject: [PATCH 06/12] UserGroup: Fix typo (Address -> User) --- PowerFGT/Public/cmdb/user/group.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 022efba00..41efd6790 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -272,7 +272,7 @@ function Set-FGTUserGroup { <# .SYNOPSIS - Configure a FortiGate Address Group + Configure a FortiGate User Group .DESCRIPTION Change a FortiGate User Group (name, member...) From a71a7412bce06f97fb7dc7afc9a18f34b747f2d1 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Fri, 6 Sep 2024 08:17:11 +0200 Subject: [PATCH 07/12] UserGroup: Add Remove-FGTUserGroupMember --- PowerFGT/Public/cmdb/user/group.ps1 | 89 +++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 41efd6790..f1233e706 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -419,6 +419,95 @@ function Remove-FGTUserGroup { } } + End { + } +} + +function Remove-FGTUserGroupMember { + + <# + .SYNOPSIS + Remove a FortiGate User Group Member + + .DESCRIPTION + Remove a FortiGate User Group Member + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Remove-FGTUserGroupMember -member MyUser1 + + Remove MyUser1 member to MyFGTUserGroup + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Remove-FGTUserGroupMember -member MyUser1, MyUser2 + + Remove MyUser1 and MyUser2 member to MyFGTUserGroup + + #> + + [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')] + Param( + [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)] + [ValidateScript( { Confirm-FGTUserGroup $_ })] + [psobject]$usergroup, + [Parameter(Mandatory = $false)] + [string[]]$member, + [Parameter(Mandatory = $false)] + [String[]]$vdom, + [Parameter(Mandatory = $false)] + [psobject]$connection = $DefaultFGTConnection + ) + + Begin { + } + + Process { + + $invokeParams = @{ } + if ( $PsBoundParameters.ContainsKey('vdom') ) { + $invokeParams.add( 'vdom', $vdom ) + } + + $uri = "api/v2/cmdb/user/group" + + $_usergroup = new-Object -TypeName PSObject + + if ( $PsBoundParameters.ContainsKey('member') ) { + #Create a new array + $members = @() + foreach ($m in $usergroup.member) { + $member_name = @{ } + $member_name.add( 'name', $m.name) + $members += $member_name + } + + #Remove member + foreach ($remove_member in $member) { + #May be a better (and faster) solution... + $members = $members | Where-Object { $_.name -ne $remove_member } + } + + #check if there is always a member... (it is not possible don't have member on User Group) + #if ( $members.count -eq 0 ) { + # Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group" + #} + + #if there is only One member force to be an array + if ( $members.count -eq 1 ) { + $members = @($members) + } + + $_usergroup | add-member -name "member" -membertype NoteProperty -Value $members + } + + if ($PSCmdlet.ShouldProcess($usergroup.name, 'Remove User Group Member')) { + Invoke-FGTRestMethod -method "PUT" -body $_usergroup -uri $uri -uri_escape $usergroup.name -connection $connection @invokeParams | Out-Null + + Get-FGTUserGroup -connection $connection @invokeParams -name $usergroup.name + } + } + End { } } \ No newline at end of file From be59e1afd4567f50a34f1a8e216e1519bc3d3311 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Fri, 6 Sep 2024 08:18:40 +0200 Subject: [PATCH 08/12] UserGroup: Add Copy-FGTUserGroup for clone an User Group --- PowerFGT/Public/cmdb/user/group.ps1 | 55 +++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index f1233e706..144b974aa 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -156,6 +156,61 @@ function Add-FGTUserGroupMember { } } +function Copy-FGTUserGroup { + + <# + .SYNOPSIS + Copy/Clone a FortiGate User Group + + .DESCRIPTION + Copy/Clone a FortiGate User Group (name, member...) + + .EXAMPLE + $MyFGTUserGroup = Get-FGTUserGroup -name MyFGTUserGroup + PS C:\>$MyFGTUserGroup | Copy-FGTUserGroup -name MyFGTUserGroup_copy + + Copy / Clone MyFGTUserGroup and name MyFGTUser_copy + + #> + + Param( + [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1)] + [ValidateScript( { Confirm-FGTUserGroup $_ })] + [psobject]$usergroup, + [Parameter (Mandatory = $true)] + [string]$name, + [Parameter(Mandatory = $false)] + [String[]]$vdom, + [Parameter(Mandatory = $false)] + [psobject]$connection = $DefaultFGTConnection + ) + + Begin { + } + + Process { + + $invokeParams = @{ } + if ( $PsBoundParameters.ContainsKey('vdom') ) { + $invokeParams.add( 'vdom', $vdom ) + } + + if ( Get-FGTUserGroup @invokeParams -name $name -connection $connection) { + Throw "Already an User Group object using the same name" + } + + $uri = "api/v2/cmdb/user/group" + $extra = "action=clone&nkey=$($name)" + + Invoke-FGTRestMethod -method "POST" -uri $uri -uri_escape $usergroup.name -extra $extra -connection $connection @invokeParams | Out-Null + + Get-FGTUserGroup -connection $connection @invokeParams -name $name + } + + End { + } +} + function Get-FGTUserGroup { <# From ad2865820b48f1208b576603f2d27b4ba65b2555 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Fri, 6 Sep 2024 08:21:11 +0200 Subject: [PATCH 09/12] UserGroup: Add Test (WIP) --- Tests/integration/UserGroup.Tests.ps1 | 506 ++++++++++++++++++++++++++ 1 file changed, 506 insertions(+) create mode 100644 Tests/integration/UserGroup.Tests.ps1 diff --git a/Tests/integration/UserGroup.Tests.ps1 b/Tests/integration/UserGroup.Tests.ps1 new file mode 100644 index 000000000..a87729880 --- /dev/null +++ b/Tests/integration/UserGroup.Tests.ps1 @@ -0,0 +1,506 @@ +# +# Copyright 2020, Alexis La Goutte <alexis dot lagoutte at gmail dot com> +# +# SPDX-License-Identifier: Apache-2.0 +# + +#include common configuration +. ../common.ps1 + +BeforeAll { + Connect-FGT @invokeParams +} + +Describe "Get User Group" { + + BeforeAll { + #Create User object + Add-FGTUserLocal -Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + #Create Usergroup object with one member + $script:addrgrp = Add-FGTUserGroup -name $pester_Usergroup1 -member $pester_User1 + $script:uuid = $addrgrp.uuid + Add-FGTUserGroup -name $pester_Usergroup2 -member $pester_User2 + } + + It "Get User Group Does not throw an error" { + { + Get-FGTUserGroup + } | Should -Not -Throw + } + + It "Get ALL User Group" { + $Usergroup = Get-FGTUserGroup + $Usergroup.count | Should -Not -Be $NULL + } + + It "Get ALL User Group with -skip" { + $Usergroup = Get-FGTUserGroup -skip + $Usergroup.count | Should -Not -Be $NULL + } + + It "Get User Group ($pester_Usergroup1)" { + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + } + + It "Get User Group ($pester_Usergroup1) and confirm (via Confirm-FGTUserGroup)" { + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + Confirm-FGTUserGroup ($Usergroup) | Should -Be $true + } + + It "Get User Group ($pester_Usergroup1) and meta" { + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 -meta + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.q_ref | Should -Not -BeNullOrEmpty + $Usergroup.q_static | Should -Not -BeNullOrEmpty + $Usergroup.q_no_rename | Should -Not -BeNullOrEmpty + $Usergroup.q_global_entry | Should -Not -BeNullOrEmpty + $Usergroup.q_type | Should -Not -BeNullOrEmpty + $Usergroup.q_path | Should -Be "user" + $Usergroup.q_name | Should -Be "group" + $Usergroup.q_mkey_type | Should -Be "string" + if ($DefaultFGTConnection.version -ge "6.2.0") { + $Usergroup.q_no_edit | Should -Not -BeNullOrEmpty + } + $Usergroup.q_class | Should -Not -BeNullOrEmpty + } + + Context "Search" { + + It "Search User Group by name ($pester_Usergroup1)" { + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + @($Usergroup).count | Should -be 1 + $Usergroup.name | Should -Be $pester_Usergroup1 + } + + It "Search User Group by uuid ($script:uuid)" { + $Usergroup = Get-FGTUserGroup -uuid $script:uuid + @($Usergroup).count | Should -be 1 + $Usergroup.name | Should -Be $pester_Usergroup1 + } + + } + + AfterAll { + #Remove User group before User... + Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false + Get-FGTUserGroup -name $pester_Usergroup2 | Remove-FGTUserGroup -confirm:$false + + Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + } + +} + +Describe "Add User Group" { + + BeforeAll { + #Create some User object + Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + } + + AfterEach { + Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false + } + + It "Add User Group $pester_Usergroup1 (with 1 member)" { + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Add User Group $pester_Usergroup1 (with 1 member and a comment)" { + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -comment "Add via PowerFGT" + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -Be "Add via PowerFGT" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Add User Group $pester_Usergroup1 (with 1 member and visibility disable)" { + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -visibility:$false + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be "disable" + } + } + + It "Add User Group $pester_Usergroup1 (with 2 members)" { + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Add User Group $pester_Usergroup1 (with 1 member and data (1 field))" { + $data = @{ "color" = 23 } + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -BeNullOrEmpty + $Usergroup.color | Should -Be "23" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Add User Group $pester_Usergroup1 (with 1 member and data (2 fields))" { + $data = @{ "color" = 23; "comment" = "Add via PowerFGT and -data" } + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -Be "Add via PowerFGT and -data" + $Usergroup.color | Should -Be "23" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Try to Add User Group $pester_Usergroup1 (but there is already a object with same name)" { + #Add first User Group + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + #Add Second User Group with same name + { Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 } | Should -Throw "Already an Usergroup object using the same name" + + } + + AfterAll { + Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + } + +} + +Describe "Add User Group Member" { + + BeforeAll { + #Create some User object + Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User4 -ip 192.0.2.4 -mask 255.255.255.255 + } + + BeforeEach { + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + } + + AfterEach { + Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false + } + + It "Add 1 member to User Group $pester_Usergroup1 (with 1 member before)" { + Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Add 2 members to User Group $pester_Usergroup1 (with 1 member before)" { + Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2, $pester_User3 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "3" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Add 2 members to User Group $pester_Usergroup1 (with 2 members before)" { + Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2 + Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User3, $pester_User4 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "4" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3, $pester_User4 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + AfterAll { + Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User4 | Remove-FGTUser -confirm:$false + } + +} + +Describe "Configure User Group" { + + BeforeAll { + #Create some User object + Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + + $addrgrp = Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + $script:uuid = $addrgrp.uuid + } + + It "Change comment" { + Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -comment "Modified by PowerFGT" + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -Be "Modified by PowerFGT" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Change visiblity" { + Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -visibility:$false + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -Be "Modified by PowerFGT" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be "disable" + } + } + + It "Change 1 Member ($pester_User2)" { + Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User2 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User2 + $Usergroup.comment | Should -Be "Modified by PowerFGT" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be "disable" + } + } + + It "Change 2 Members ($pester_User1 and $pester_User2)" { + Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User1, $pester_User2 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 + $Usergroup.comment | Should -Be "Modified by PowerFGT" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be "disable" + } + } + + It "Change -data (1 field)" { + $data = @{ "color" = 23 } + Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 + $Usergroup.comment | Should -Be "Modified by PowerFGT" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be "disable" + } + $Usergroup.color | Should -Be "23" + } + + It "Change -data (2 fields)" { + $data = @{ "color" = 4 ; comment = "Modified by PowerFGT via -data" } + Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 + $Usergroup.comment | Should -Be "Modified by PowerFGT via -data" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be "disable" + } + $Usergroup.color | Should -Be "4" + } + + It "Change Name" { + Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -name "pester_Usergroup1_change" + $Usergroup = Get-FGTUserGroup -name "pester_Usergroup1_change" + $Usergroup.name | Should -Be "pester_Usergroup1_change" + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 + $Usergroup.comment | Should -Be "Modified by PowerFGT via -data" + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be "disable" + } + } + + AfterAll { + #Remove User group before User... + Get-FGTUserGroup -uuid $script:uuid | Remove-FGTUserGroup -confirm:$false + + Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + } + +} + +Describe "Copy User Group" { + + BeforeAll { + #Create some User object + Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2 + } + + + It "Copy User Group ($pester_Usergroup1 => copy_pester_Usergroup1)" { + Get-FGTUserGroup -name $pester_Usergroup1 | Copy-FGTUserGroup -name copy_pester_Usergroup1 + $Usergroup = Get-FGTUserGroup -name copy_pester_Usergroup1 + $Usergroup.name | Should -Be "copy_pester_Usergroup1" + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + AfterAll { + #Remove User group before User... + + #Remove copy_pester_User1 + Get-FGTUserGroup -name copy_pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false + + Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false + + Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + } + +} + +Describe "Remove User Group" { + + BeforeEach { + Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + } + + It "Remove User Group $pester_Usergroup1 by pipeline" { + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup | Remove-FGTUserGroup -confirm:$false + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup | Should -Be $NULL + } + + AfterAll { + Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false + } + +} + +Describe "Remove User Group Member" { + + BeforeAll { + #Create some User object + Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255 + } + + BeforeEach { + Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2, $pester_User3 + } + + AfterEach { + Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false + } + + It "Remove 1 member to User Group $pester_Usergroup1 (with 3 members before)" { + Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "2" + $Usergroup.member.name | Should -BeIn $pester_User2, $pester_User3 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Remove 2 members to User Group $pester_Usergroup1 (with 3 members before)" { + Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User2, $pester_User3 + $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 + $Usergroup.name | Should -Be $pester_Usergroup1 + $Usergroup.uuid | Should -Not -BeNullOrEmpty + ($Usergroup.member).count | Should -Be "1" + $Usergroup.member.name | Should -BeIn $pester_User1 + $Usergroup.comment | Should -BeNullOrEmpty + if ($DefaultFGTConnection.version -lt "6.4.0") { + $Usergroup.visibility | Should -Be $true + } + } + + It "Try Remove 3 members to User Group $pester_Usergroup1 (with 3 members before)" { + { + Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1, $pester_User2, $pester_User3 + } | Should -Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group" + } + + AfterAll { + Get-FGTUserLocal-name $pester_User1 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal-name $pester_User2 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false + } + +} + +AfterAll { + Disconnect-FGT -confirm:$false +} \ No newline at end of file From 5627ba202c03287cd640dc474c185a9e99d9863b Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Fri, 6 Sep 2024 17:26:57 +0200 Subject: [PATCH 10/12] UserGroup(Tests): Fix Tests.... --- Tests/common.ps1 | 5 + Tests/integration/UserGroup.Tests.ps1 | 507 ++++++++++---------------- 2 files changed, 193 insertions(+), 319 deletions(-) diff --git a/Tests/common.ps1 b/Tests/common.ps1 index 505585380..5d1f1fd3c 100644 --- a/Tests/common.ps1 +++ b/Tests/common.ps1 @@ -52,6 +52,11 @@ $script:pester_userldapserver2 = "pesterldapserver2.powerfgt" $script:pester_userldapserver3 = "pesterldapserver3.powerfgt" $script:pester_userldappassword = ConvertTo-SecureString "pester_userldappassword" -AsPlainText -Force $script:pester_userldappasswordchanged = ConvertTo-SecureString "pester_userldappasswordchanged" -AsPlainText -Force +$script:pester_userlocal2 = "pester_userlocal2" +$script:pester_userlocal3 = "pester_userlocal3" +$script:pester_userlocal4 = "pester_userlocal4" +$script:pester_usergroup1 = "pester_usergroup1" +$script:pester_usergroup2 = "pester_usergroup2" . ../credential.ps1 #TODO: Add check if no ipaddress/login/password info... diff --git a/Tests/integration/UserGroup.Tests.ps1 b/Tests/integration/UserGroup.Tests.ps1 index a87729880..6e836dd45 100644 --- a/Tests/integration/UserGroup.Tests.ps1 +++ b/Tests/integration/UserGroup.Tests.ps1 @@ -15,12 +15,11 @@ Describe "Get User Group" { BeforeAll { #Create User object - Add-FGTUserLocal -Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 - Add-FGTUserLocal -Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword #Create Usergroup object with one member - $script:addrgrp = Add-FGTUserGroup -name $pester_Usergroup1 -member $pester_User1 - $script:uuid = $addrgrp.uuid - Add-FGTUserGroup -name $pester_Usergroup2 -member $pester_User2 + Add-FGTUserGroup -name $pester_usergroup1 -member $pester_userlocal + Add-FGTUserGroup -name $pester_usergroup2 -member $pester_userlocal2 } It "Get User Group Does not throw an error" { @@ -30,65 +29,59 @@ Describe "Get User Group" { } It "Get ALL User Group" { - $Usergroup = Get-FGTUserGroup - $Usergroup.count | Should -Not -Be $NULL + $usergroup = Get-FGTUserGroup + $usergroup.count | Should -Not -Be $NULL } It "Get ALL User Group with -skip" { - $Usergroup = Get-FGTUserGroup -skip - $Usergroup.count | Should -Not -Be $NULL + $usergroup = Get-FGTUserGroup -skip + $usergroup.count | Should -Not -Be $NULL } - It "Get User Group ($pester_Usergroup1)" { - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 + It "Get User Group ($pester_usergroup1)" { + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 } - It "Get User Group ($pester_Usergroup1) and confirm (via Confirm-FGTUserGroup)" { - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - Confirm-FGTUserGroup ($Usergroup) | Should -Be $true + It "Get User Group ($pester_usergroup1) and confirm (via Confirm-FGTUserGroup)" { + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + Confirm-FGTUserGroup ($usergroup) | Should -Be $true } - It "Get User Group ($pester_Usergroup1) and meta" { - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 -meta - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.q_ref | Should -Not -BeNullOrEmpty - $Usergroup.q_static | Should -Not -BeNullOrEmpty - $Usergroup.q_no_rename | Should -Not -BeNullOrEmpty - $Usergroup.q_global_entry | Should -Not -BeNullOrEmpty - $Usergroup.q_type | Should -Not -BeNullOrEmpty - $Usergroup.q_path | Should -Be "user" - $Usergroup.q_name | Should -Be "group" - $Usergroup.q_mkey_type | Should -Be "string" + It "Get User Group ($pester_usergroup1) and meta" { + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 -meta + $usergroup.name | Should -Be $pester_usergroup1 + $usergroup.q_ref | Should -Not -BeNullOrEmpty + $usergroup.q_static | Should -Not -BeNullOrEmpty + $usergroup.q_no_rename | Should -Not -BeNullOrEmpty + $usergroup.q_global_entry | Should -Not -BeNullOrEmpty + $usergroup.q_type | Should -Not -BeNullOrEmpty + $usergroup.q_path | Should -Be "user" + $usergroup.q_name | Should -Be "group" + $usergroup.q_mkey_type | Should -Be "string" if ($DefaultFGTConnection.version -ge "6.2.0") { - $Usergroup.q_no_edit | Should -Not -BeNullOrEmpty + $usergroup.q_no_edit | Should -Not -BeNullOrEmpty } - $Usergroup.q_class | Should -Not -BeNullOrEmpty + $usergroup.q_class | Should -Not -BeNullOrEmpty } Context "Search" { - It "Search User Group by name ($pester_Usergroup1)" { - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - @($Usergroup).count | Should -be 1 - $Usergroup.name | Should -Be $pester_Usergroup1 - } - - It "Search User Group by uuid ($script:uuid)" { - $Usergroup = Get-FGTUserGroup -uuid $script:uuid - @($Usergroup).count | Should -be 1 - $Usergroup.name | Should -Be $pester_Usergroup1 + It "Search User Group by name ($pester_usergroup1)" { + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + @($usergroup).count | Should -be 1 + $usergroup.name | Should -Be $pester_usergroup1 } } AfterAll { #Remove User group before User... - Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false - Get-FGTUserGroup -name $pester_Usergroup2 | Remove-FGTUserGroup -confirm:$false + Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false + Get-FGTUserGroup -name $pester_usergroup2 | Remove-FGTUserGroup -confirm:$false - Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false } } @@ -97,107 +90,62 @@ Describe "Add User Group" { BeforeAll { #Create some User object - Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword } AfterEach { - Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false - } - - It "Add User Group $pester_Usergroup1 (with 1 member)" { - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false } - It "Add User Group $pester_Usergroup1 (with 1 member and a comment)" { - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -comment "Add via PowerFGT" - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -Be "Add via PowerFGT" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Add User Group $pester_usergroup1 (with 1 member)" { + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "1" + $usergroup.member.name | Should -BeIn $pester_userlocal } - It "Add User Group $pester_Usergroup1 (with 1 member and visibility disable)" { - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -visibility:$false - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be "disable" - } + It "Add User Group $pester_usergroup1 (with 2 members)" { + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal, $pester_userlocal2 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2 } - It "Add User Group $pester_Usergroup1 (with 2 members)" { - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Add User Group $pester_usergroup1 (with 1 member and data (1 field))" { + $data = @{ "authtimeout" = 23 } + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal -data $data + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "1" + $usergroup.member.name | Should -BeIn $pester_userlocal + $usergroup.authtimeout | Should -Be "23" } - It "Add User Group $pester_Usergroup1 (with 1 member and data (1 field))" { - $data = @{ "color" = 23 } - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -BeNullOrEmpty - $Usergroup.color | Should -Be "23" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Add User Group $pester_usergroup1 (with 1 member and data (2 fields))" { + $data = @{ "authtimeout" = 23; "auth-concurrent-override" = "enable" } + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal -data $data + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "1" + $usergroup.member.name | Should -BeIn $pester_userlocal + $usergroup.authtimeout | Should -Be "23" + $usergroup.'auth-concurrent-override' | Should -Be "enable" } - It "Add User Group $pester_Usergroup1 (with 1 member and data (2 fields))" { - $data = @{ "color" = 23; "comment" = "Add via PowerFGT and -data" } - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 -data $data - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -Be "Add via PowerFGT and -data" - $Usergroup.color | Should -Be "23" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } - } - - It "Try to Add User Group $pester_Usergroup1 (but there is already a object with same name)" { + It "Try to Add User Group $pester_usergroup1 (but there is already a object with same name)" { #Add first User Group - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal #Add Second User Group with same name - { Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 } | Should -Throw "Already an Usergroup object using the same name" + { Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal } | Should -Throw "Already an User Group object using the same name" } AfterAll { - Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false } } @@ -206,65 +154,50 @@ Describe "Add User Group Member" { BeforeAll { #Create some User object - Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User4 -ip 192.0.2.4 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal3 -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal4 -passwd $pester_userlocalpassword } BeforeEach { - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal } AfterEach { - Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false - } - - It "Add 1 member to User Group $pester_Usergroup1 (with 1 member before)" { - Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false } - It "Add 2 members to User Group $pester_Usergroup1 (with 1 member before)" { - Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2, $pester_User3 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "3" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Add 1 member to User Group $pester_usergroup1 (with 1 member before)" { + Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal2 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2 } - It "Add 2 members to User Group $pester_Usergroup1 (with 2 members before)" { - Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User2 - Get-FGTUserGroup -Name $pester_Usergroup1 | Add-FGTUserGroupMember -member $pester_User3, $pester_User4 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "4" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2, $pester_User3, $pester_User4 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Add 2 members to User Group $pester_usergroup1 (with 1 member before)" { + Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal2, $pester_userlocal3 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "3" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2, $pester_userlocal3 + } + + It "Add 2 members to User Group $pester_usergroup1 (with 2 members before)" { + Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal2 + Get-FGTUserGroup -Name $pester_usergroup1 | Add-FGTUserGroupMember -member $pester_userlocal3, $pester_userlocal4 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "4" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2, $pester_userlocal3, $pester_userlocal4 } AfterAll { - Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User4 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal3 | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal4 | Remove-FGTUserLocal -confirm:$false } } @@ -273,114 +206,64 @@ Describe "Configure User Group" { BeforeAll { #Create some User object - Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword - $addrgrp = Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + $addrgrp = Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal $script:uuid = $addrgrp.uuid } - It "Change comment" { - Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -comment "Modified by PowerFGT" - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -Be "Modified by PowerFGT" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Change 1 Member ($pester_userlocal2)" { + Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -member $pester_userlocal2 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "1" + $usergroup.member.name | Should -BeIn $pester_userlocal2 } - It "Change visiblity" { - Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -visibility:$false - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -Be "Modified by PowerFGT" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be "disable" - } - } - - It "Change 1 Member ($pester_User2)" { - Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User2 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User2 - $Usergroup.comment | Should -Be "Modified by PowerFGT" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be "disable" - } - } - - It "Change 2 Members ($pester_User1 and $pester_User2)" { - Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -member $pester_User1, $pester_User2 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 - $Usergroup.comment | Should -Be "Modified by PowerFGT" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be "disable" - } + It "Change 2 Members ($pester_userlocal and $pester_userlocal2)" { + Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -member $pester_userlocal, $pester_userlocal2 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2 } It "Change -data (1 field)" { - $data = @{ "color" = 23 } - Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 - $Usergroup.comment | Should -Be "Modified by PowerFGT" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be "disable" - } - $Usergroup.color | Should -Be "23" + $data = @{ "authtimeout" = 23 } + Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -data $data + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2 + $usergroup.authtimeout | Should -Be "23" } It "Change -data (2 fields)" { - $data = @{ "color" = 4 ; comment = "Modified by PowerFGT via -data" } - Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -data $data - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 - $Usergroup.comment | Should -Be "Modified by PowerFGT via -data" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be "disable" - } - $Usergroup.color | Should -Be "4" + $data = @{ "authtimeout" = 44 ; "auth-concurrent-override" = "enable" } + Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -data $data + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2 + $usergroup.authtimeout | Should -Be "44" + $usergroup.'auth-concurrent-override' | Should -Be "enable" } It "Change Name" { - Get-FGTUserGroup -name $pester_Usergroup1 | Set-FGTUserGroup -name "pester_Usergroup1_change" - $Usergroup = Get-FGTUserGroup -name "pester_Usergroup1_change" - $Usergroup.name | Should -Be "pester_Usergroup1_change" - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 - $Usergroup.comment | Should -Be "Modified by PowerFGT via -data" - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be "disable" - } + Get-FGTUserGroup -name $pester_usergroup1 | Set-FGTUserGroup -name "pester_usergroup1_change" + $usergroup = Get-FGTUserGroup -name "pester_usergroup1_change" + $usergroup.name | Should -Be "pester_usergroup1_change" + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2 } AfterAll { #Remove User group before User... - Get-FGTUserGroup -uuid $script:uuid | Remove-FGTUserGroup -confirm:$false + Get-FGTUserGroup -name pester_usergroup1_change | Remove-FGTUserGroup -confirm:$false - Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false } } @@ -389,24 +272,19 @@ Describe "Copy User Group" { BeforeAll { #Create some User object - Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2 + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal, $pester_userlocal2 } - It "Copy User Group ($pester_Usergroup1 => copy_pester_Usergroup1)" { - Get-FGTUserGroup -name $pester_Usergroup1 | Copy-FGTUserGroup -name copy_pester_Usergroup1 - $Usergroup = Get-FGTUserGroup -name copy_pester_Usergroup1 - $Usergroup.name | Should -Be "copy_pester_Usergroup1" - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User1, $pester_User2 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Copy User Group ($pester_usergroup1 => copy_pester_Usergroup1)" { + Get-FGTUserGroup -name $pester_usergroup1 | Copy-FGTUserGroup -name copy_pester_Usergroup1 + $usergroup = Get-FGTUserGroup -name copy_pester_Usergroup1 + $usergroup.name | Should -Be "copy_pester_Usergroup1" + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal, $pester_userlocal2 } AfterAll { @@ -415,10 +293,10 @@ Describe "Copy User Group" { #Remove copy_pester_User1 Get-FGTUserGroup -name copy_pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false - Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false + Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false - Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User2 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false } } @@ -426,20 +304,20 @@ Describe "Copy User Group" { Describe "Remove User Group" { BeforeEach { - Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1 + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal } - It "Remove User Group $pester_Usergroup1 by pipeline" { - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup | Remove-FGTUserGroup -confirm:$false - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup | Should -Be $NULL + It "Remove User Group $pester_usergroup1 by pipeline" { + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup | Remove-FGTUserGroup -confirm:$false + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup | Should -Be $NULL } AfterAll { - Get-FGTUserLocal -name $pester_User1 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false } } @@ -448,55 +326,46 @@ Describe "Remove User Group Member" { BeforeAll { #Create some User object - Add-FGTUserLocal-Name $pester_User1 -ip 192.0.2.1 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User2 -ip 192.0.2.2 -mask 255.255.255.255 - Add-FGTUserLocal-Name $pester_User3 -ip 192.0.2.3 -mask 255.255.255.255 + Add-FGTUserLocal -Name $pester_userlocal -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal2 -passwd $pester_userlocalpassword + Add-FGTUserLocal -Name $pester_userlocal3 -passwd $pester_userlocalpassword } BeforeEach { - Add-FGTUserGroup -Name $pester_Usergroup1 -member $pester_User1, $pester_User2, $pester_User3 + Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal, $pester_userlocal2, $pester_userlocal3 } AfterEach { - Get-FGTUserGroup -name $pester_Usergroup1 | Remove-FGTUserGroup -confirm:$false - } - - It "Remove 1 member to User Group $pester_Usergroup1 (with 3 members before)" { - Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "2" - $Usergroup.member.name | Should -BeIn $pester_User2, $pester_User3 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false } - It "Remove 2 members to User Group $pester_Usergroup1 (with 3 members before)" { - Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User2, $pester_User3 - $Usergroup = Get-FGTUserGroup -name $pester_Usergroup1 - $Usergroup.name | Should -Be $pester_Usergroup1 - $Usergroup.uuid | Should -Not -BeNullOrEmpty - ($Usergroup.member).count | Should -Be "1" - $Usergroup.member.name | Should -BeIn $pester_User1 - $Usergroup.comment | Should -BeNullOrEmpty - if ($DefaultFGTConnection.version -lt "6.4.0") { - $Usergroup.visibility | Should -Be $true - } + It "Remove 1 member to User Group $pester_usergroup1 (with 3 members before)" { + Get-FGTUserGroup -Name $pester_usergroup1 | Remove-FGTUserGroupMember -member $pester_userlocal + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "2" + $usergroup.member.name | Should -BeIn $pester_userlocal2, $pester_userlocal3 } - It "Try Remove 3 members to User Group $pester_Usergroup1 (with 3 members before)" { - { - Get-FGTUserGroup -Name $pester_Usergroup1 | Remove-FGTUserGroupMember -member $pester_User1, $pester_User2, $pester_User3 - } | Should -Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group" + It "Remove 2 members to User Group $pester_usergroup1 (with 3 members before)" { + Get-FGTUserGroup -Name $pester_usergroup1 | Remove-FGTUserGroupMember -member $pester_userlocal2, $pester_userlocal3 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "1" + $usergroup.member.name | Should -BeIn $pester_userlocal + } + + It "Remove 3 members to User Group $pester_usergroup1 (with 3 members before)" { + Get-FGTUserGroup -Name $pester_usergroup1 | Remove-FGTUserGroupMember -member $pester_userlocal, $pester_userlocal2, $pester_userlocal3 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "0" } AfterAll { - Get-FGTUserLocal-name $pester_User1 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal-name $pester_User2 | Remove-FGTUser -confirm:$false - Get-FGTUserLocal -name $pester_User3 | Remove-FGTUser -confirm:$false + Get-FGTUserLocal -name $pester_userlocal | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal2 | Remove-FGTUserLocal -confirm:$false + Get-FGTUserLocal -name $pester_userlocal3 | Remove-FGTUserLocal -confirm:$false } } From 1b0dc2bbbd4c8108769e1e3adf106352537c7ea5 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Fri, 6 Sep 2024 17:35:12 +0200 Subject: [PATCH 11/12] UserGroup: Fix when no members --- PowerFGT/Public/cmdb/user/group.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 144b974aa..27d36970f 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -543,10 +543,10 @@ function Remove-FGTUserGroupMember { $members = $members | Where-Object { $_.name -ne $remove_member } } - #check if there is always a member... (it is not possible don't have member on User Group) - #if ( $members.count -eq 0 ) { - # Throw "You can't remove all members. Use Remove-FGTUserGroup to remove User Group" - #} + #check if there is always a member... (and force array) + if ( $members.count -eq 0 ) { + $members = @() + } #if there is only One member force to be an array if ( $members.count -eq 1 ) { From bdf7230e716008bfe6861927eec0b1000a38e904 Mon Sep 17 00:00:00 2001 From: Alexis La Goutte <alexis.lagoutte@gmail.com> Date: Fri, 13 Sep 2024 15:32:18 +0200 Subject: [PATCH 12/12] UserGroup: Add User Group with no member Add also Tests --- PowerFGT/Public/cmdb/user/group.ps1 | 18 ++++++++++-------- Tests/integration/UserGroup.Tests.ps1 | 7 +++++++ 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/PowerFGT/Public/cmdb/user/group.ps1 b/PowerFGT/Public/cmdb/user/group.ps1 index 27d36970f..e16d9f3ba 100644 --- a/PowerFGT/Public/cmdb/user/group.ps1 +++ b/PowerFGT/Public/cmdb/user/group.ps1 @@ -33,7 +33,7 @@ function Add-FGTUserGroup { Param( [Parameter (Mandatory = $true)] [string]$name, - [Parameter (Mandatory = $true)] + [Parameter (Mandatory = $false)] [string[]]$member, [Parameter (Mandatory = $false)] [hashtable]$data, @@ -63,14 +63,16 @@ function Add-FGTUserGroup { $usergroup | add-member -name "name" -membertype NoteProperty -Value $name - #Add member to members Array - $members = @( ) - foreach ( $m in $member ) { - $member_name = @{ } - $member_name.add( 'name', $m) - $members += $member_name + if ( $PsBoundParameters.ContainsKey('member') ) { + #Add member to members Array + $members = @( ) + foreach ( $m in $member ) { + $member_name = @{ } + $member_name.add( 'name', $m) + $members += $member_name + } + $usergroup | add-member -name "member" -membertype NoteProperty -Value $members } - $usergroup | add-member -name "member" -membertype NoteProperty -Value $members if ( $PsBoundParameters.ContainsKey('data') ) { $data.GetEnumerator() | ForEach-Object { diff --git a/Tests/integration/UserGroup.Tests.ps1 b/Tests/integration/UserGroup.Tests.ps1 index 6e836dd45..62bf5c024 100644 --- a/Tests/integration/UserGroup.Tests.ps1 +++ b/Tests/integration/UserGroup.Tests.ps1 @@ -98,6 +98,13 @@ Describe "Add User Group" { Get-FGTUserGroup -name $pester_usergroup1 | Remove-FGTUserGroup -confirm:$false } + It "Add User Group $pester_usergroup1 (with 0 member)" { + Add-FGTUserGroup -Name $pester_usergroup1 + $usergroup = Get-FGTUserGroup -name $pester_usergroup1 + $usergroup.name | Should -Be $pester_usergroup1 + ($usergroup.member).count | Should -Be "0" + } + It "Add User Group $pester_usergroup1 (with 1 member)" { Add-FGTUserGroup -Name $pester_usergroup1 -member $pester_userlocal $usergroup = Get-FGTUserGroup -name $pester_usergroup1