///

### Create a *path operation* to test it { #create-a-path-operation-to-test-it }

Now, to be able to test that everything works, create a *path operation*:

{* ../../docs_src/custom_docs_ui/tutorial001.py hl[36:38] *}

### Test it { #test-it }

        private volatile Instant lastAttempt = Instant.now();
        private volatile Instant windowStart = Instant.now();
        private volatile Instant blockExpiry = null;
        private final AtomicBoolean blocked = new AtomicBoolean(false);

        void recordAttempt() {
            Instant now = Instant.now();

            // Reset window if more than 1 minute has passed

			case rebalErr := <-doneCh:
				quit = true
				notify = true
				now := time.Now()
				var status rebalStatus

				switch {
				case errors.Is(rebalErr, context.Canceled):
					status = rebalStopped
					traceMsg = fmt.Sprintf("stopped at %s", now)
				case rebalErr == nil:
					status = rebalCompleted
					traceMsg = fmt.Sprintf("completed at %s", now)
				default:
					status = rebalFailed

<img src="/img/tutorial/sql-databases/image01.png">
</div>

## Update the App with Multiple Models { #update-the-app-with-multiple-models }

Now let's **refactor** this app a bit to increase **security** and **versatility**.

If you check the previous app, in the UI you can see that, up to now, it lets the client decide the `id` of the `Hero` to create. 😱

        final long now = System.currentTimeMillis();
        assertTrue(now + ">=" + current + " : " + (now - current), now >= current);
        assertTrue(now - 1000 + "<" + current + " : " + (current - now + 1000), now - 1000 < current);
    }

    public void test_getLogFilePath() {

You can actually skip that extra header and it would still work.

But it's provided here to be compliant with the specifications.

Also, there might be tools that expect and use it (now or in the future) and that might be useful for you or your users, now or in the future.

That's the benefit of standards...

///

## See it in action { #see-it-in-action }

		t.Fatalf("Failed to marshal versioning config: %v", err)
	}

	bucket := "bucket"
	now := time.Now()
	meta := BucketMetadata{
		Name:                      bucket,
		Created:                   now,
		LifecycleConfigXML:        []byte(lcXML),
		VersioningConfigXML:       vcfgXML,
		VersioningConfigUpdatedAt: now,
		LifecycleConfigUpdatedAt:  now,
		lifecycleConfig:           lc,
		versioningConfig:          &vcfg,
	}

func (c *LRU[K, V]) Add(key K, value V) (evicted bool) {
	c.mu.Lock()
	defer c.mu.Unlock()
	now := time.Now()

	// Check for existing item
	if ent, ok := c.items[key]; ok {
		c.evictList.MoveToFront(ent)
		c.removeFromBucket(ent) // remove the entry from its current bucket as expiresAt is renewed
		ent.Value = value
		ent.ExpiresAt = now.Add(c.ttl)
		c.addToBucket(ent)
		return false
	}

	// Add new item

{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

Now let's review those changes step by step.

## OAuth2 Security scheme { #oauth2-security-scheme }

The first change is that now we are declaring the OAuth2 security scheme with two available scopes, `me` and `items`.

        before

### Breaking Changes

*   `tf.summary.trace_on` now takes a `profiler_outdir` argument. This must be
    set if `profiler` arg is set to `True`.

    *   `tf.summary.trace_export`'s `profiler_outdir` arg is now a no-op.
        Enabling the profiler now requires setting `profiler_outdir` in
        `trace_on`.

*   `tf.estimator`