return errNoSuchUser
		}
		return err
	}
	user := extractPathPrefixAndSuffix(string(userkv.Key), basePrefix, path.Base(string(userkv.Key)))
	return ies.addUser(ctx, user, userType, u, m)
}

func (ies *IAMEtcdStore) addUser(ctx context.Context, user string, userType IAMUserType, u UserIdentity, m map[string]UserIdentity) error {
	if u.Credentials.IsExpired() {
		// Delete expired identity.

		}
		defer func() {
			_ = s.adm.DeleteServiceAccount(ctx, "restricted")
		}()
	} else {
		// Create a regular user and attach consoleAdmin policy
		err := s.adm.AddUser(ctx, "foobar", "foobar123")
		if err != nil {
			c.Fatalf("could not create user")
		}

		_, err = s.adm.AttachPolicy(ctx, madmin.PolicyAssociationReq{
			Policies: []string{"consoleAdmin"},

		adminRouter.Methods(http.MethodPut).Path(adminVersion+"/add-user").HandlerFunc(adminMiddleware(adminAPI.AddUser)).Queries("accessKey", "{accessKey:.*}")

	if !gotBuckets.Equals(shouldHaveBuckets) {
		c.Fatalf("root user should have access to all buckets")
	}

	// This must fail.
	if err := userAdmClient.AddUser(ctx, globalActiveCred.AccessKey, globalActiveCred.SecretKey); err == nil {
		c.Fatal("AddUser() for root credential must fail via root STS creds")
	}
}

// TestSTSTokenRevoke - tests the token revoke API
func (s *TestSuiteIAM) TestSTSTokenRevoke(c *check) {

			}
			accessKeys[i].Claims = claims.MapClaims
		}
		accessKeys[i].SessionToken = ""
	}

	return accessKeys, nil
}

// AddUser - adds/updates long term user account to storage.
func (store *IAMStoreSys) AddUser(ctx context.Context, accessKey string, ureq madmin.AddOrUpdateUserReq) (updatedAt time.Time, err error) {
	cache := store.lock()
	defer store.unlock()

			IsDeleteReq: false,
			UserReq: &madmin.AddOrUpdateUserReq{
				Status: madmin.AccountStatus(status),
			},
		},
		UpdatedAt: updatedAt,
	}))
}

// AddUser - PUT /minio/admin/v3/add-user?accessKey=<access_key>
func (a adminAPIHandlers) AddUser(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()

	vars := mux.Vars(r)
	accessKey := vars["accessKey"]

	// Get current object layer instance.

		return updatedAt, auth.ErrContainsReservedChars
	}

	if !auth.IsSecretKeyValid(ureq.SecretKey) {
		return updatedAt, auth.ErrInvalidSecretKeyLength
	}

	updatedAt, err = sys.store.AddUser(ctx, accessKey, ureq)
	if err != nil {
		return updatedAt, err
	}

	sys.notifyForUser(ctx, accessKey, false)
	return updatedAt, nil
}

// SetUserSecretKey - sets user secret key

    private final Adder adder;

    FailsToForwardReturnValue(Adder adder) {
      this.adder = adder;
    }

    @Override
    public int add(int a, int b) {
      return adder.add(a, b) + 1;
    }

    @Override
    public String toString() {
      return adder.toString();
    }
  }

  private static class FailsToPropagateException implements Adder {

    private final Adder adder;

    FailsToForwardReturnValue(Adder adder) {
      this.adder = adder;
    }

    @Override
    public int add(int a, int b) {
      return adder.add(a, b) + 1;
    }

    @Override
    public String toString() {
      return adder.toString();
    }
  }

  private static class FailsToPropagateException implements Adder {

            return setter;
        }

        // Try adder
        MethodInfo adder = classMethodCache.get("add" + title);
        if (adder != null && isMethodCompatible(adder.method, valueType)) {
            return adder;
        }

        // Return first found for backward compatibility
        return setter != null ? setter : adder;
    }

    /**
     * Build method cache for a class.
     */