activityHelper.access(OptionalThing.empty(), "/", "aaa");
        assertEquals("action:ACCESS\tuser:-\tpath:/\texecute:aaa", localLogMsg.get());

        activityHelper.access(createUser("testuser", new String[0]), "/aaa", "bbb");
        assertEquals("action:ACCESS\tuser:testuser\tpath:/aaa\texecute:bbb", localLogMsg.get());

    public void test_corsHeaderConstants() {
        assertEquals("Access-Control-Allow-Origin", CorsHandler.ACCESS_CONTROL_ALLOW_ORIGIN);
        assertEquals("Access-Control-Allow-Headers", CorsHandler.ACCESS_CONTROL_ALLOW_HEADERS);
        assertEquals("Access-Control-Allow-Methods", CorsHandler.ACCESS_CONTROL_ALLOW_METHODS);
        assertEquals("Access-Control-Allow-Private-Network", CorsHandler.ACCESS_CONTROL_ALLOW_PRIVATE_NETWORK);

     *
     * @param buffer memory buffer to register
     * @param access access permissions for the memory region
     * @return registered memory region
     * @throws IOException if memory registration fails
     */
    RdmaMemoryRegion registerMemory(ByteBuffer buffer, EnumSet<RdmaAccess> access) throws IOException;

    /**
     * Get provider name (e.g., "InfiniBand", "iWARP", "RoCE", "TCP Fallback")

OPA is enabled through MinIO's Access Management Plugin feature.

## Get started

### 1. Start OPA in a container

```sh
podman run -it \
    --name opa \
    --publish 8181:8181 \
    docker.io/openpolicyagent/opa:0.40.0-rootless \

 */

package jcifs.smb1.smb1;

import java.io.IOException;

/**
 * Represents a Windows security descriptor containing access control information.
 * This class encodes and decodes security descriptors that define ownership
 * and access permissions for SMB resources.
 */
public class SecurityDescriptor {

    SID owner_user, owner_group;
    /**

     */
    @Test
    void testMsrpcSamrConnect4() {
        // Given
        final String server = "test-server";
        final int access = 1;

        // When
        final MsrpcSamrConnect4 request = new MsrpcSamrConnect4(server, access, this.policyHandle);

        // Then
        assertEquals(0, request.getPtype());
        assertEquals(DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG, request.getFlags());
    }

			expectedRespStatus: http.StatusForbidden,
			lifecycleResponse:  []byte(""),
			errorResponse: APIErrorResponse{
				Resource: SlashSeparator + bucketName + SlashSeparator,
				Code:     "AccessDenied",
				Message:  "Access Denied.",
			},
			shouldPass: false,
		},
		// GET wrong credentials
		{
			method: http.MethodGet, bucketName: bucketName,
			accessKey:          "abcd",
			secretKey:          "abcd",

## Scope

- All IAM Credentials are allowed access excluding rotating credentials, rotating credentials
  are not allowed to login via FTP/SFTP ports, you must use S3 API port for if you are using
  rotating credentials.

- Access to bucket(s) and object(s) are governed via IAM policies associated with the incoming
  login credentials.

- Allows authentication and access for all

        /** The desired access rights to the SAM server */
        public int access_mask;
        /** The returned handle to the SAM server */
        public rpc.policy_handle handle;

        /**
         * Constructs a SamrConnect2 request.
         *
         * @param system_name The NetBIOS name of the server
         * @param access_mask The desired access rights

        /** The desired access rights to the SAM server */
        public int access_mask;
        /** The returned handle to the SAM server */
        public rpc.policy_handle handle;

        /**
         * Constructs a SamrConnect2 request.
         *
         * @param system_name The NetBIOS name of the server
         * @param access_mask The desired access rights