Do not test PAM authentication by default (#9027)

* Do not test PAM authentication by default

* Disable PAM tests if PAM is not enabled

.env.test

@@ -3,7 +3,3 @@ NODE_ENV=test
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
-# test pam authentication
-PAM_ENABLED=true
-PAM_DEFAULT_SERVICE=pam_test
-PAM_CONTROLLED_SERVICE=pam_test_controlled

spec/controllers/auth/sessions_controller_spec.rb

@@ -55,53 +55,55 @@ RSpec.describe Auth::SessionsController, type: :controller do
       request.env['devise.mapping'] = Devise.mappings[:user]
     end
 
-    context 'using PAM authentication' do
-      context 'using a valid password' do
-        before do
-          post :create, params: { user: { email: "pam_user1", password: '123456' } }
-        end
+    if ENV['PAM_ENABLED'] == 'true'
+      context 'using PAM authentication' do
+        context 'using a valid password' do
+          before do
+            post :create, params: { user: { email: "pam_user1", password: '123456' } }
+          end
 
-        it 'redirects to home' do
-          expect(response).to redirect_to(root_path)
-        end
+          it 'redirects to home' do
+            expect(response).to redirect_to(root_path)
+          end
 
-        it 'logs the user in' do
-          expect(controller.current_user).to be_instance_of(User)
+          it 'logs the user in' do
+            expect(controller.current_user).to be_instance_of(User)
+          end
         end
-      end
 
-      context 'using an invalid password' do
-        before do
-          post :create, params: { user: { email: "pam_user1", password: 'WRONGPW' } }
-        end
+        context 'using an invalid password' do
+          before do
+            post :create, params: { user: { email: "pam_user1", password: 'WRONGPW' } }
+          end
 
-        it 'shows a login error' do
-          expect(flash[:alert]).to match I18n.t('devise.failure.invalid', authentication_keys: 'Email')
-        end
+          it 'shows a login error' do
+            expect(flash[:alert]).to match I18n.t('devise.failure.invalid', authentication_keys: 'Email')
+          end
 
-        it "doesn't log the user in" do
-          expect(controller.current_user).to be_nil
+          it "doesn't log the user in" do
+            expect(controller.current_user).to be_nil
+          end
         end
-      end
 
-      context 'using a valid email and existing user' do
-        let(:user) do
-          account = Fabricate.build(:account, username: 'pam_user1')
-          account.save!(validate: false)
-          user = Fabricate(:user, email: 'pam@example.com', password: nil, account: account)
-          user
-        end
+        context 'using a valid email and existing user' do
+          let(:user) do
+            account = Fabricate.build(:account, username: 'pam_user1')
+            account.save!(validate: false)
+            user = Fabricate(:user, email: 'pam@example.com', password: nil, account: account)
+            user
+          end
 
-        before do
-          post :create, params: { user: { email: user.email, password: '123456' } }
-        end
+          before do
+            post :create, params: { user: { email: user.email, password: '123456' } }
+          end
 
-        it 'redirects to home' do
-          expect(response).to redirect_to(root_path)
-        end
+          it 'redirects to home' do
+            expect(response).to redirect_to(root_path)
+          end
 
-        it 'logs the user in' do
-          expect(controller.current_user).to eq user
+          it 'logs the user in' do
+            expect(controller.current_user).to eq user
+          end
         end
       end
     end