}

    public void test_constructor() {
        // Test constructor initializes fields correctly
        LdapUser user = new LdapUser(testEnv, "username");
        assertEquals("username", user.getName());
        assertSame(testEnv, user.getEnvironment());
        assertNull(user.permissions);
    }

    public void test_getName() {
        // Test getName returns the correct name

# Get Current User { #get-current-user }

In the previous chapter the security system (which is based on the dependency injection system) was giving the *path operation function* a `token` as a `str`:

{* ../../docs_src/security/tutorial001_an_py39.py hl[12] *}

But that is still not that useful.

Let's make it give us the current user.

## Create a user model { #create-a-user-model }

First, let's create a Pydantic user model.

    /** The user service for managing user settings. */
    @Resource
    private UserService userService;

    /**
     * Retrieves user settings with pagination.
     *
     * @param body the search parameters for filtering and pagination
     * @return JSON response containing user settings list
     */
    // GET /api/admin/user/settings
    // PUT /api/admin/user/settings
    @Execute

        // Test with single role - not matching
        assertFalse(fessUserBean.hasRole("user"));

        // Test with multiple roles
        testUser.setRoleNames(new String[] { "admin", "user", "manager" });
        assertTrue(fessUserBean.hasRole("admin"));
        assertTrue(fessUserBean.hasRole("user"));
        assertTrue(fessUserBean.hasRole("manager"));
        assertFalse(fessUserBean.hasRole("guest"));

```JSON
{
  "detail": "Not authenticated"
}
```

### Inactive user { #inactive-user }

Now try with an inactive user, authenticate with:

User: `alice`

Password: `secret2`

And try to use the operation `GET` with the path `/users/me`.

You will get an "Inactive user" error, like:

```JSON
{
  "detail": "Inactive user"
}
```

## Recap { #recap }

///

## Advanced User Guide { #advanced-user-guide }

There is also an **Advanced User Guide** that you can read later after this **Tutorial - User guide**.

The **Advanced User Guide** builds on this one, uses the same concepts, and teaches you some extra features.

But you should first read the **Tutorial - User Guide** (what you are reading right now).

    }

    @Test
    @DisplayName("handle: empty user/domain edge yields '@' and null password")
    void testHandleWithEmptyUserAndDomainEdge() throws Exception {
        // Default constructor results in empty strings for user and domain, null for password
        JAASAuthenticator auth = new JAASAuthenticator();
        NameCallback nc = new NameCallback("user:");
        PasswordCallback pc = new PasswordCallback("pass:", false);

        User user = createTestUser("testuser");
        User result = authenticationManager.load(user);
        assertEquals(user, result);
    }

    // Test load with single chain
    public void test_load_singleChain() {
        User user = createTestUser("testuser");
        User loadedUser = createTestUser("loadeduser");
        TestAuthenticationChain chain = new TestAuthenticationChain();

        List<User> users = new ArrayList<>();

        // Create test users
        for (int i = 0; i < 10; i++) {
            users.add(createTestUser("user" + i, "User " + i));
        }

        // Perform sequential operations
        for (User user : users) {
            chain.update(user);
            chain.changePassword(user.getName(), "newpass" + user.getName());
            chain.load(user);

            "The specified user does not exist.", "The specified network password is not correct.",
            "Logon failure: unknown user name or bad password.", "Logon failure: user account restriction.",
            "Logon failure: account logon time restriction violation.", "Logon failure: user not allowed to log on to this computer.",