Mocking an admin user

Welcome Forums Pester Mocking an admin user

This topic contains 2 replies, has 3 voices, and was last updated by

 
Keymaster
1 month ago.

  • Author
    Posts
  • #111998

    Participant
    Points: 0
    Rank: Member

    Is there any way to mock a user with admin privileges?

    I have a function that tests to see if a user has admin rights or not

    function Test-AdminPrivileges{
    	$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
    	return $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
    }
    

    However, when running invoke-pester it obviously runs as the currently logged in user (i.e. me), which by default is not in the admin group.

    I saw over on the Pester wiki that adding a tag to my describe block is one way around this, so I would have to run my testing twice (RequireAdminOnWindows/NonAdminOnWindows), however I'm wondering if there is a way to mock the existence of an admin user without the actual need to enter additional credentials or use the tag method?

    I'm fully expecting this to not be possible and that I probably need to get a proper CI pipeline sorted out to run in the individual contexts, but as I haven't been able to find any answers to this question I thought I would pose it in case someone else comes across the same issue.

  • #112021

    Participant
    Points: 65
    Published
    Rank: Member

    I didn't get

    I saw over on the Pester wiki that adding a tag to my describe block

    Tags in describe blocks are used to categorize Tests, so that we can control the test cases by using -Tag option of Invoke-Pester cmdlet. Are you having RequireAdminOnWindows and NonAdminOnWindows as tags here ?

    IMO, there is no way to switch context in pester, its always the caller context.

  • #112100

    Keymaster
    Points: 7
    Rank: Member

    That's correct. Keep in mind that a Pester script runs in a single process; there's no way, in Windows, to change the security token for an existing process. You'd have to launch a new process instead, which isn't what happens -inside- a Pester script. Obviously, you could run the Pester script as another user, but that would again affect the entire script.

You must be logged in to reply to this topic.