// ActionCount must be the last action and shouldn't be used as a regular action.
	ActionCount
)

// DeleteRestored - Returns true if action demands delete on restored objects
func (a Action) DeleteRestored() bool {
	return a == DeleteRestoredAction || a == DeleteRestoredVersionAction
}

// DeleteVersioned - Returns true if action demands delete on a versioned object
func (a Action) DeleteVersioned() bool {

        return releaseNotes;
    }

    public void releaseNotes(Action<? super ReleaseNotes> action) {
        action.execute(releaseNotes);
    }

    public UserManual getUserManual() {
        return userManual;
    }

    public void userManual(Action<? super UserManual> action) {
        action.execute(userManual);
    }

    public DslReference getDslReference() {

	evaluator = NewEvaluator(lc)
	gotEvents = evaluator.eval(objs, now)
	wantEvents = []Event{
		{Action: DeleteAllVersionsAction},
		{Action: NoneAction},
		{Action: NoneAction},
		{Action: NoneAction},
		{Action: NoneAction},
		{Action: NoneAction},
	}
	for i := range wantEvents {
		if gotEvents[i].Action != wantEvents[i].Action {
			t.Fatalf("test-%d: got %v, want %v", i+1, gotEvents[i], wantEvents[i])
		}
	}

func checkAdminRequestAuth(ctx context.Context, r *http.Request, action policy.AdminAction, region string) (auth.Credentials, APIErrorCode) {
	cred, owner, s3Err := validateAdminSignature(ctx, r, region)
	if s3Err != ErrNone {
		return cred, s3Err
	}
	if globalIAMSys.IsAllowed(policy.Args{
		AccountName:     cred.AccessKey,
		Groups:          cred.Groups,
		Action:          policy.Action(action),
		ConditionValues: getConditionValues(r, "", cred),

	}

	anonGetBucketLocationArgs := policy.BucketPolicyArgs{
		AccountName:     "Q3AM3UQ867SPQQA43P2F",
		Action:          policy.GetBucketLocationAction,
		BucketName:      "mybucket",
		ConditionValues: map[string][]string{},
	}

	anonPutObjectActionArgs := policy.BucketPolicyArgs{
		AccountName: "Q3AM3UQ867SPQQA43P2F",
		Action:      policy.PutObjectAction,
		BucketName:  "mybucket",
		ConditionValues: map[string][]string{

	if len(m.LifeTimeOps) == 0 {
		m.LifeTimeOps = nil
	}

	m.LastMinute.Actions = make(map[string]madmin.TimedAction, scannerMetricLastRealtime)
	for i := range scannerMetricLastRealtime {
		lm := p.lastMinute(i)
		if lm.N > 0 {
			m.LastMinute.Actions[i.String()] = lm.asTimedAction()
		}
	}
	if len(m.LastMinute.Actions) == 0 {
		m.LastMinute.Actions = nil
	}

	// ILM
	m.LifeTimeILM = make(map[string]uint64)

iam-assets/policies.json {"consoleAdmin":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["admin:*"]},{"Effect":"Allow","Action":["kms:*"]},{"Effect":"Allow","Action":["s3:*"],"Resource":["arn:aws:s3:::*"]}]},diagnostics":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["admin:TopLocksInfo","admin:BandwidthMonitor","admin:ConsoleLog","admin:OBDInfo","admin:Profiling","admin:Prometheus","admin:ServerInfo","admin:ServerTrace"],"Resource":["arn:aws:s3:::*"]}]},rea...

name: "Code scanning - action"

on:
  push:
    branches: [ main, master, release ]
  schedule:
    - cron: '0 5 * * *'

permissions: {}

jobs:
  CodeQL-Build:
    permissions:
      actions: read  # for github/codeql-action/init to get workflow details
      contents: read  # for actions/checkout to fetch code
      security-events: write  # for github/codeql-action/analyze to upload SARIF results
    runs-on: ubuntu-latest

			policy: `{"Effect": "Allow",
				"Action": ["kms:CreateKey"] }`,

			wantStatusCode: http.StatusOK,
		},
		{
			name:   "create key as user set policy to allow want success",
			method: http.MethodPost,
			path:   kmsKeyCreatePath,
			query:  map[string]string{"key-id": "second-new-test-key"},
			asRoot: false,

			policy: `{"Effect": "Allow",
				"Action": ["kms:CreateKey"],

// Err implements error so we can use it anywhere
type Err struct {
	msg    string
	detail string
	action string
	hint   string
}

// Clone returns a new Err struct with the same information
func (u Err) Clone() Err {
	return Err{
		msg:    u.msg,
		detail: u.detail,
		action: u.action,
		hint:   u.hint,
	}
}

// Error returns the error message
func (u Err) Error() string {