assertEquals("Abc", StringUtil.capitalize("abc"));
        assertEquals("Abc", StringUtil.capitalize("Abc"));
        assertEquals("ABC", StringUtil.capitalize("ABC"));
        assertEquals("UserId", StringUtil.capitalize("userId"));
    }

    /**
     * @throws Exception
     */
    @Test
    public void testDecapitalize() throws Exception {
        assertEquals("abc", StringUtil.decapitalize("abc"));

     * Handles user authentication setup and database persistence.
     * If the surname is blank, it will be set to the user's name.
     *
     * @param user the user entity to store
     */
    public void store(final User user) {
        final String username = user.getName();
        final boolean isUpdate = StringUtil.isNotBlank(user.getId());

        if (logger.isDebugEnabled()) {

     * Note: If the first two characters are uppercase, the string will not be decapitalized.
     * <p>
     * Usage example:
     * </p>
     *
     * <pre>
     * StringUtil.decapitalize("UserId")  = "userId"
     * StringUtil.decapitalize("ABC")     = "ABC"
     * </pre>
     *
     * @param name
     *            the string to decapitalize
     * @return the decapitalized string
     */

                messages.addErrorsInvalidConfirmPassword(GLOBAL);
            }, validationErrorLambda);
        }

        getUserBean().ifPresent(user -> {
            final String userId = user.getUserId();
            fessLoginAssist.findLoginUser(new LocalUserCredential(userId, form.oldPassword)).orElseGet(() -> {
                throwValidationError(messages -> {
                    messages.addErrorsNoUserForChangingPassword(GLOBAL);

                getSession().map(session -> (String) session.getAttribute(INVALID_OLD_PASSWORD)).orElse(StringUtil.EMPTY);
        getUserBean().ifPresent(user -> {
            final String userId = user.getUserId();
            fessLoginAssist.findLoginUser(new LocalUserCredential(userId, oldPassword)).orElseGet(() -> {
                throwValidationError(messages -> {
                    messages.addErrorsNoUserForChangingPassword(GLOBAL);

            "current_user": {
                "user": "user_1",
                "scopes": ["me"],
                "db_session": "db_session_1",
            },
        },
        "user_items": {
            "user_items": "user_items_1",
            "user_me": {
                "user_me": "user_me_2",
                "current_user": {
                    "user": "user_2",
                    "scopes": ["items", "me"],

{* ../../docs_src/extra_models/tutorial001_py310.py hl[7,9,14,20,22,27:28,31:33,38:39] *}

### About `**user_in.model_dump()` { #about-user-in-model-dump }

#### Pydantic's `.model_dump()` { #pydantics-model-dump }

`user_in` is a Pydantic model of class `UserIn`.

from fastapi import APIRouter

router = APIRouter()


@router.get("/users/", tags=["users"])
async def read_users():
    return [{"username": "Rick"}, {"username": "Morty"}]


@router.get("/users/me", tags=["users"])
async def read_user_me():
    return {"username": "fakecurrentuser"}


@router.get("/users/{username}", tags=["users"])
async def read_user(username: str):

Now, whenever a browser is creating a user with a password, the API will return the same password in the response.

In this case, it might not be a problem, because it's the same user sending the password.

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

@user_router.get("/")
def get_users():
    return [{"user_id": "u1"}, {"user_id": "u2"}]


@user_router.get("/{user_id}")
def get_user(user_id: str):
    return {"user_id": user_id}


@item_router.get("/")
def get_items(user_id: Optional[str] = None):
    if user_id is None:
        return [{"item_id": "i1", "user_id": "u1"}, {"item_id": "i2", "user_id": "u2"}]
    else: