}
    }

    /**
     * Validates a string is not null or empty
     *
     * @param value the string to validate
     * @param fieldName the field name for error reporting
     * @return the validated string
     * @throws IllegalArgumentException if string is null or empty
     */

     */
    public void setEnableValidation(final boolean enableValidation) {
        this.enableValidation = enableValidation;
    }

    /**
     * Validates a URL length according to sitemap specification.
     * @param url the URL to validate
     * @return true if valid, false otherwise
     */
    protected boolean isValidUrl(final String url) {
        if (url == null || url.isEmpty()) {

        form.password = null;
        form.confirmPassword = null;
    }

    /**
     * Validates LDAP user attribute types using the configured LDAP manager.
     *
     * @param attributes the map of attributes to validate
     * @param throwError callback to report any validation errors
     */

     * Reloads the document index by closing and reopening it.
     *
     * @param form the action form (validated but not used for configuration)
     * @return HTML response redirecting to the maintenance page
     */
    @Execute
    @Secured({ ROLE })
    public HtmlResponse reloadDocIndex(final ActionForm form) {
        validate(form, messages -> {}, this::asIndexHtml);
        verifyToken(this::asIndexHtml);

        return normalizedPath.startsWith(normalizedBase);
    }

    /**
     * Validates that a given file is safe and does not attempt path traversal attacks.
     * <p>
     * This is a convenience method that converts File objects to Path and calls
     * {@link #isPathSafe(Path, Path)}.
     * </p>
     *
     * @param fileToCheck the file to validate (must not be {@literal null})

    //                                                                        ============

    /**
     * Validates group attributes using LDAP manager.
     *
     * @param attributes the attributes to validate
     * @param throwError the error handler
     */

    }

    /**
     * Creates an encrypted user code from a user ID.
     * The user ID is encrypted using the primary cipher and validated against the configuration.
     *
     * @param userCode the raw user ID to encrypt
     * @return the encrypted and validated user code, or null if invalid
     */
    protected String createUserCodeFromUserId(String userCode) {

      DIGIT_MATCHER.or(LETTER_MATCHER).or(DASH_MATCHER);

  /**
   * Helper method for {@link #validateSyntax(List)}. Validates that one part of a domain name is
   * valid.
   *
   * @param part The domain name part to be validated
   * @param isFinalPart Is this the final (rightmost) domain part?
   * @return Whether the part is valid
   */

    //                                                                           =========
    /**
     * Validates document fields according to index field requirements.
     *
     * @param doc the document to validate
     * @param throwError consumer to handle validation errors
     */

@ExtendWith(MockitoExtension.class)
class CredentialsInternalTest {

    @Mock
    CIFSContext mockContext;

    /**
     * Simple in-test implementation of CredentialsInternal to exercise the API surface.
     * It validates inputs, records calls, and delegates some behavior to collaborators
     * so we can verify interactions.
     */
    static class TestCredentials implements CredentialsInternal {
        private final String domain;