# Access Management Plugin Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)

MinIO now includes support for using an Access Management Plugin. This is to allow object storage access control to be managed externally via a webhook.

Aditya Manthramurthy <******@****.***> 1707412520 -0800

    @Test
    void constructor_shouldOpenDomainSuccessfully() throws IOException {
        // Arrange
        int access = 0x01; // Example access value
        // Simulate successful RPC call
        doAnswer(invocation -> {
            MsrpcSamrOpenDomain rpc = invocation.getArgument(0);
            rpc.retval = 0; // Success
            return null;
        }).when(mockDcerpcHandle).sendrecv(any(MsrpcSamrOpenDomain.class));

        // Act

 * mask of the ACE, the whole access check fails. If the ACE is an "allow"
 * ACE and <i>all</i> of the bits in the desired access bits match bits in
 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"

 * mask of the ACE, the whole access check fails. If the ACE is an "allow"
 * ACE and <i>all</i> of the bits in the desired access bits match bits in
 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"

        return buffer.limit();
    }

    /**
     * Check if region has specific access permission
     *
     * @param access access permission to check
     * @return true if access is allowed, false otherwise
     */
    public boolean hasAccess(RdmaAccess access) {
        return accessFlags.contains(access);
    }

    /**
     * Check if memory region is still valid
     *

        smbComOpenAndX = new SmbComOpenAndX(fileName, access, flags, andx);
        assertEquals(0x10, smbComOpenAndX.openFunction); // OPEN_FN_CREATE | OPEN_FN_FAIL_IF_EXISTS
    }

    /**
     * Test constructor with O_CREAT flag.
     */
    @Test
    void testConstructor_CreateAndOpen() {
        int flags = SmbFile.O_CREAT;
        smbComOpenAndX = new SmbComOpenAndX(fileName, access, flags, andx);

		<name>鈴木太郎</name>
		<access kind="email"></access>
		<access kind="url">http://www.taro.com/</access>
		<image file="taro.png" />
	</item>
	<item sex="male" custid="B23456">
		<name>佐藤二朗</name>
		<access kind="email">******@****.***</access>
		<image file="jiro.png" />
	</item>
	<item sex="female" custid="C34567">
		<name>田中花子</name>
		<access kind="tel">090-xxxx-xxxx</access>
		<image file="hanako.png" />
	</item>

        String server = null;
        int access = 123;

        doAnswer(invocation -> {
            MsrpcLsarOpenPolicy2 rpc = invocation.getArgument(0);
            rpc.retval = 0; // Simulate success
            return null;
        }).when(mockDcerpcHandle).sendrecv(any(MsrpcLsarOpenPolicy2.class));

        // Act
        LsaPolicyHandle handle = new LsaPolicyHandle(mockDcerpcHandle, server, access);

        // Assert

        String server = "testServer";
        int access = 123;

        // No exception thrown by sendrecv for MsrpcSamrConnect4
        doNothing().when(mockHandle).sendrecv(any(MsrpcSamrConnect4.class));

        try (SamrPolicyHandle handle = new SamrPolicyHandle(mockHandle, server, access)) {
            assertNotNull(handle);
            // Verify that sendrecv was called with MsrpcSamrConnect4