Mocking an admin user

Welcome Forums Pester Mocking an admin user

Viewing 2 reply threads
  • Author
    • #111998
      Topics: 2
      Replies: 1
      Points: 21
      Rank: Member

      Is there any way to mock a user with admin privileges?

      I have a function that tests to see if a user has admin rights or not

      function Test-AdminPrivileges{
      	$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
      	return $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)

      However, when running invoke-pester it obviously runs as the currently logged in user (i.e. me), which by default is not in the admin group.

      I saw over on the Pester wiki that adding a tag to my describe block is one way around this, so I would have to run my testing twice (RequireAdminOnWindows/NonAdminOnWindows), however I’m wondering if there is a way to mock the existence of an admin user without the actual need to enter additional credentials or use the tag method?

      I’m fully expecting this to not be possible and that I probably need to get a proper CI pipeline sorted out to run in the individual contexts, but as I haven’t been able to find any answers to this question I thought I would pose it in case someone else comes across the same issue.

    • #112021
      Senior Moderator
      Topics: 9
      Replies: 1265
      Points: 4,582
      Helping Hand
      Rank: Community Hero

      I didn’t get

      I saw over on the Pester wiki that adding a tag to my describe block

      Tags in describe blocks are used to categorize Tests, so that we can control the test cases by using -Tag option of Invoke-Pester cmdlet. Are you having RequireAdminOnWindows and NonAdminOnWindows as tags here ?

      IMO, there is no way to switch context in pester, its always the caller context.

    • #112100
      Topics: 18
      Replies: 4872
      Points: 1,903
      Helping HandTeam Member
      Rank: Community Hero

      That’s correct. Keep in mind that a Pester script runs in a single process; there’s no way, in Windows, to change the security token for an existing process. You’d have to launch a new process instead, which isn’t what happens -inside- a Pester script. Obviously, you could run the Pester script as another user, but that would again affect the entire script.

Viewing 2 reply threads
  • The topic ‘Mocking an admin user’ is closed to new replies.