if accessKey == "" {
		return np, grid.NewRemoteErr(errors.New("service account name is missing"))
	}

	if err := globalIAMSys.DeleteServiceAccount(context.Background(), accessKey, false); err != nil {
		return np, grid.NewRemoteErr(err)
	}

	return
}

// LoadServiceAccountHandler - reloads a service account on the server.

}

// AddServiceAccount - add a new service account
func (store *IAMStoreSys) AddServiceAccount(ctx context.Context, cred auth.Credentials) (updatedAt time.Time, err error) {
	cache := store.lock()
	defer store.unlock()

	accessKey := cred.AccessKey
	parentUser := cred.ParentUser

	// Found newly requested service account, to be an existing account -

	// service account should inherit parent policy.
	//
	// However, for a policy like `{"Statement":[]}`, the intention is to not
	// provide any permissions via the session policy - i.e. the service account
	// can do nothing (such a JSON could be generated by an external application
	// as the policy for the service account). Inheriting the parent policy in

		// ignored because the plugin allows it.
		c.mustListObjects(ctx, svcClient, bucket)
	}

	// 4. Check that service account's secret key and account status can be
	// updated.
	c.assertSvcAccSecretKeyAndStatusUpdate(ctx, s, userAdmClient, value.AccessKeyID, bucket)

	// 5. Check that service account can be deleted.
	c.assertSvcAccDeletion(ctx, s, userAdmClient, value.AccessKeyID, bucket)

	},
	ErrAccountNotEligible: {
		Code:           "XMinioInvalidIAMCredentials",
		Description:    "The account key is not eligible for this operation",
		HTTPStatusCode: http.StatusForbidden,
	},
	ErrAdminServiceAccountNotFound: {
		Code:           "XMinioInvalidIAMCredentials",
		Description:    "The specified service account is not found",
		HTTPStatusCode: http.StatusNotFound,
	},
	ErrPostPolicyConditionInvalidFormat: {

	if err := DB.Migrator().CreateView("users_pets", gorm.ViewOption{Query: query}); err != nil {
		t.Fatalf("Failed to crate view, got %v", err)
	}

	var count int64
	if err := DB.Table("users_pets").Count(&count).Error; err != nil {
		t.Fatalf("should found created view")
	}

	if err := DB.Migrator().DropView("users_pets"); err != nil {
		t.Fatalf("Failed to drop view, got %v", err)
	}

	}

	if globalIAMSys.GetUsersSysType() == MinIOUsersSysType && targetUser != cred.AccessKey {
		// For internal IDP, ensure that the targetUser's parent account exists.
		// It could be a regular user account or the root account.
		_, isRegularUser := globalIAMSys.GetUser(ctx, targetUser)
		if !isRegularUser && targetUser != globalActiveCred.AccessKey {
			apiErr := toAdminAPIErr(ctx, errNoSuchUser)

	}

	if totalBatch != 6 {
		t.Errorf("incorrect total batch, expects: %v, got %v", 6, totalBatch)
	}

	var count int64
	DB.Model(&User{}).Where("name = ?", "find_in_batches_new").Count(&count)
	if count != 6 {
		t.Errorf("incorrect count after update, expects: %v, got %v", 6, count)
	}
}

func TestFindInBatchesWithOffsetLimit(t *testing.T) {
	users := []User{

	if s3Error != ErrNone {
		writeErrorResponse(ctx, w, errorCodes.ToAPIErr(s3Error), r.URL)
		return
	}

	// check if client is attempting to create more buckets, complain about it.
	if currBuckets := globalBucketMetadataSys.Count(); currBuckets+1 > maxBuckets {
		internalLogIf(ctx, fmt.Errorf("Please avoid creating more buckets %d beyond recommended %d", currBuckets+1, maxBuckets), logger.WarningKind)
	}