pam: add test case Error_when_user_is_disabled while selecting broker

Author: shiv-tyagi

internal/services/pam/pam_test.go

@@ -193,6 +193,7 @@ func TestSelectBroker(t *testing.T) {
 		brokerID    string
 		username    string
 		sessionMode string
+		existingDB  string
 
 		currentUserNotRoot bool
 
@@ -209,13 +210,24 @@ func TestSelectBroker(t *testing.T) {
 		"Error_when_broker_does_not_exist":                {username: "no broker", brokerID: "does not exist", wantErr: true},
 		"Error_when_broker_does_not_provide_a_session_ID": {username: "NS_no_id", wantErr: true},
 		"Error_when_starting_the_session":                 {username: "NS_error", wantErr: true},
+		"Error_when_user_is_disabled":                     {username: "disabled", wantErr: true, existingDB: "cache-with-disabled-user.db"},
 	}
 	for name, tc := range tests {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
+			cacheDir := t.TempDir()
+			if tc.existingDB != "" {
+				err := db.Z_ForTests_CreateDBFromYAML(filepath.Join(testutils.TestFamilyPath(t), tc.existingDB), cacheDir)
+				require.NoError(t, err, "Setup: could not create database from testdata")
+			}
+
+			m, err := users.NewManager(users.DefaultConfig, cacheDir)
+			require.NoError(t, err, "Setup: could not create user manager")
+			t.Cleanup(func() { _ = m.Stop() })
+
 			pm := newPermissionManager(t, tc.currentUserNotRoot)
-			client := newPamClient(t, nil, globalBrokerManager, &pm)
+			client := newPamClient(t, m, globalBrokerManager, &pm)
 
 			switch tc.brokerID {
 			case "":

internal/services/pam/testdata/TestSelectBroker/cache-with-disabled-user.db

@@ -0,0 +1,16 @@
+users:
+    - name: TestSelectBroker/Error_when_user_is_disabled_separator_disabled
+      uid: 1111
+      gid: 11111
+      gecos: gecos for other user
+      dir: /home/disabled
+      shell: /bin/bash
+      broker_id: broker-id
+      disabled: true
+groups:
+    - name: group1
+      gid: 11111
+      ugid: ugid
+users_to_groups:
+    - uid: 1111
+      gid: 11111