err = s.adm.UpdateGroupMembers(ctx, madmin.GroupAddRemove{
		Group:   "test-group",
		Members: []string{accessKey},
	})
	if err != nil {
		c.Fatalf("unable to add user to group: %v", err)
	}

	_, err = s.adm.AttachPolicy(ctx, madmin.PolicyAssociationReq{
		Policies: []string{policy},
		Group:    "test-group",
	})
	if err != nil {
		c.Fatalf("Unable to attach policy: %v", err)
	}

		Group:    group,
		IsRemove: true,
	})
	if err == nil {
		c.Fatalf("group was removed!")
	}
	groupInfo, err = s.adm.GetGroupDescription(ctx, group)
	if err != nil {
		c.Fatalf("group desc err: %v", err)
	}
	c.Assert(groupInfo.Name, group)

	// 7. Remove user from group and verify access is revoked.
	err = s.adm.UpdateGroupMembers(ctx, madmin.GroupAddRemove{
		Group:    group,

        assertEquals("2group$special", permissionHelper.encode("{group}group$special"));
    }

    @Test
    public void test_decode_withComplexValues() {
        assertEquals("{user}******@****.***", permissionHelper.decode("******@****.***"));
        assertEquals("{group}group/subgroup", permissionHelper.decode("2group/subgroup"));

	} else {
		// Check if group already exists
		if _, gerr := globalIAMSys.GetGroupDescription(updReq.Group); gerr != nil {
			// If group does not exist, then check if the group has beginning and end space characters
			// we will reject such group names.
			if errors.Is(gerr, errNoSuchGroup) && hasSpaceBE(updReq.Group) {

	var p MappedPolicy
	err := iamOS.loadIAMConfig(ctx, &p, getMappedPolicyPath(name, userType, isGroup))
	if err != nil {
		if err == errConfigNotFound {
			return p, errNoSuchPolicy
		}
		return p, err
	}
	return p, nil
}

}

func (ies *IAMEtcdStore) loadMappedPolicy(ctx context.Context, name string, userType IAMUserType, isGroup bool, m *xsync.MapOf[string, MappedPolicy]) error {
	var p MappedPolicy
	err := ies.loadIAMConfig(ctx, &p, getMappedPolicyPath(name, userType, isGroup))
	if err != nil {
		if err == errConfigNotFound {
			return errNoSuchPolicy
		}
		return err
	}
	m.Store(name, p)
	return nil
}

affinity: {}
topologySpreadConstraints: []

## Add stateful containers to have security context, if enabled MinIO will run as this
## user and group NOTE: securityContext is only enabled if persistence.enabled=true
securityContext:
  enabled: true
  runAsUser: 1000
  runAsGroup: 1000
  fsGroup: 1000
  fsGroupChangePolicy: "OnRootMismatch"

containerSecurityContext:
  readOnlyRootFilesystem: false

        "org.gradle.usage": "java-api"
      },
      "dependencies": [
        {
          "group": "com.google.guava",
          "module": "failureaccess",
          "version": {
            "requires": "1.0.3"
          }
        },
        {
          "group": "com.google.guava",
          "module": "listenablefuture",
          "version": {

        });

    }

    /**
     * Deletes a group from both LDAP and the database, and removes the group
     * association from all users that belong to this group.
     *
     * @param group the group entity to delete
     */
    public void delete(final Group group) {
        ComponentUtil.getLdapManager().delete(group);

        groupBhv.delete(group, op -> {
            op.setRefreshPolicy(Constants.TRUE);

                                    </la:info>
                                    <la:errors property="_global"/>
                                </div>
                                <div class="form-group row">
                                    <label for="name" class="col-sm-3 text-sm-right col-form-label"><la:message
                                            key="labels.name"/></label>