// Create key test
		{
			name:   "create key as user with no policy want forbidden",
			method: http.MethodPost,
			path:   kmsKeyCreatePath,
			query:  map[string]string{"key-id": "new-test-key"},
			asRoot: false,

			wantStatusCode: http.StatusForbidden,
			wantResp:       []string{"AccessDenied"},
		},
		{
			name:   "create key as user with no resources specified want success",
			method: http.MethodPost,

	if err == nil {
		c.Fatalf("user account was not disabled!")
	}

	// 5. Check that user can be deleted and verify it.
	err = s.adm.RemoveUser(ctx, accessKey)
	if err != nil {
		c.Fatalf("user could not be deleted: %v", err)
	}
	usersMap, err = s.adm.ListUsers(ctx)
	if err != nil {
		c.Fatalf("error listing: %v", err)
	}
	_, ok = usersMap[accessKey]
	if ok {
		c.Fatalf("user not deleted: %s", accessKey)
	}

    #  You can set additional users.
    #  Elements of this map are as below:
    #   o key of map: User Definition Name (userDefName)
    #   o url: (NotRequired - Default same as one of main schema)
    #   o schema: (NotRequired - Default treated as no schema setting)
    #   o user: (Required)
    #   o password: password plainly or path to password file (with default password)

     * @throws IOException if any
     * @throws XmlPullParserException if any
     */
    Settings buildSettings(File userSettingsFile) throws IOException, XmlPullParserException;

    /**
     * @param userSettingsFile a given user settings file
     * @param useCachedSettings if true, doesn't reload the user settings
     * @return a <code>Settings</code> object from the user settings file.
     * @throws IOException if any

pkg os/user, func LookupGroup(string) (*Group, error)
pkg os/user, func LookupGroupId(string) (*Group, error)
pkg os/user, method (*User) GroupIds() ([]string, error)
pkg os/user, method (UnknownGroupError) Error() string
pkg os/user, method (UnknownGroupIdError) Error() string
pkg os/user, type Group struct
pkg os/user, type Group struct, Gid string
pkg os/user, type Group struct, Name string

)

func TestHasOneAssociation(t *testing.T) {
	user := *GetUser("hasone", Config{Account: true})

	if err := DB.Create(&user).Error; err != nil {
		t.Fatalf("errors happened when create: %v", err)
	}

	CheckUser(t, user, user)

	// Find
	var user2 User
	DB.Find(&user2, "id = ?", user.ID)
	DB.Model(&user2).Association("Account").Find(&user2.Account)
	CheckUser(t, user2, user)

	// Count

/**
 * The reason why a cached entry was removed.
 *
 * @author Charles Fry
 * @since 10.0
 */
@GwtCompatible
public enum RemovalCause {
  /**
   * The entry was manually removed by the user. This can result from the user invoking {@link
   * Cache#invalidate}, {@link Cache#invalidateAll(Iterable)}, {@link Cache#invalidateAll()}, {@link
   * Map#remove}, {@link ConcurrentMap#remove}, or {@link Iterator#remove}.
   */
  EXPLICIT {

    }

    /**
     * Returns the user account control flags.
     * @return the user account control value
     */
    public int getUserAccountControl() {
        return this.userAccountControl;
    }

    /**
     * Returns the user flags indicating PAC content.
     * @return the user flags value
     */
    public int getUserFlags() {
        return this.userFlags;
    }

 */
package org.codelibs.fess.opensearch.user.bsbhv;

import java.util.List;
import java.util.Map;

import org.codelibs.fess.opensearch.user.allcommon.EsAbstractBehavior;
import org.codelibs.fess.opensearch.user.allcommon.EsAbstractEntity.RequestOptionCall;
import org.codelibs.fess.opensearch.user.bsentity.dbmeta.RoleDbm;
import org.codelibs.fess.opensearch.user.cbean.RoleCB;

                String user = index != -1 ? auth.substring(0, index) : auth;
                final String password = index != -1 ? auth.substring(index + 1) : "";
                index = user.indexOf('\\');
                if (index == -1) {
                    index = user.indexOf('/');
                }
                final String domain = index != -1 ? user.substring(0, index) : defaultDomain;