/*
     * TODO(cpovirk): move ForwardingTestCase somewhere common, and use it to
     * test the forwarded methods
     */
  }

  @AndroidIncompatible // Mocking ExecutorService is forbidden there. TODO(b/218700094): Don't mock.
  public void testListeningDecorator_noWrapExecuteTask() {
    ExecutorService delegate = mock(ExecutorService.class);
    ListeningExecutorService service = listeningDecorator(delegate);

    /*
     * TODO(cpovirk): move ForwardingTestCase somewhere common, and use it to
     * test the forwarded methods
     */
  }

  @AndroidIncompatible // Mocking ExecutorService is forbidden there. TODO(b/218700094): Don't mock.
  public void testListeningDecorator_noWrapExecuteTask() {
    ExecutorService delegate = mock(ExecutorService.class);
    ListeningExecutorService service = listeningDecorator(delegate);

func TestKMSHandlersCreateKey(t *testing.T) {
	adminTestBed, tearDown := setupKMSTest(t, true)
	defer tearDown()

	tests := []kmsTestCase{
		// Create key test
		{
			name:   "create key as user with no policy want forbidden",
			method: http.MethodPost,
			path:   kmsKeyCreatePath,
			query:  map[string]string{"key-id": "new-test-key"},
			asRoot: false,

			wantStatusCode: http.StatusForbidden,

    assertEscaping(xmlEscaper, "\uFFFD", '\uFFFF');

    assertEquals(
        "0xFFFE is forbidden and should be replaced during escaping",
        "[\uFFFD]",
        xmlEscaper.escape("[\ufffe]"));
    assertEquals(
        "0xFFFF is forbidden and should be replaced during escaping",
        "[\uFFFD]",
        xmlEscaper.escape("[\uffff]"));
  }

    return {"name": fake_items_db[item_id]["name"], "item_id": item_id}


@router.put(
    "/{item_id}",
    tags=["custom"],
    responses={403: {"description": "Operation forbidden"}},
)
async def update_item(item_id: str):
    if item_id != "plumbus":
        raise HTTPException(
            status_code=403, detail="You can only update the item: plumbus"
        )

    return {"name": fake_items_db[item_id]["name"], "item_id": item_id}


@router.put(
    "/{item_id}",
    tags=["custom"],
    responses={403: {"description": "Operation forbidden"}},
)
async def update_item(item_id: str):
    if item_id != "plumbus":
        raise HTTPException(
            status_code=403, detail="You can only update the item: plumbus"
        )

    return {"name": fake_items_db[item_id]["name"], "item_id": item_id}


@router.put(
    "/{item_id}",
    tags=["custom"],
    responses={403: {"description": "Operation forbidden"}},
)
async def update_item(item_id: str):
    if item_id != "plumbus":
        raise HTTPException(
            status_code=403, detail="You can only update the item: plumbus"
        )

    }

  fun test(component: Component) =
    apply {
      for ((codePoint, encoding) in encodings) {
        val codePointString = Encoding.IDENTITY.encode(codePoint)
        if (encoding == Encoding.FORBIDDEN) {
          testForbidden(codePoint, codePointString, component)
          continue
        }
        if (encoding == Encoding.PUNYCODE) {
          testPunycode(codePointString, component)
          continue

   * with {@code FeatureSpecificTestSuiteBuilder.suppressing()} until <a
   * href="http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6409434">Sun bug 6409434</a> is fixed.
   * It's unclear whether nulls were to be permitted or forbidden, but presumably the eventual fix
   * will be to permit them, as it seems more likely that code would depend on that behavior than on
   * the other. Thus, we say the bug is in set(), which fails to support null.
   */

  //  2. Permitted subjects: and behavior when a disallowed subject is requested.
  //  3. Required, permitted, or forbidden x509 extensions in the request (including whether subjectAltNames are allowed, which types, restrictions on allowed values) and behavior when a disallowed extension is requested.
  //  4. Required, permitted, or forbidden key usages / extended key usages.