<Rule>
			<ApplyServerSideEncryptionByDefault>
			<SSEAlgorithm>AES256</SSEAlgorithm>
			</ApplyServerSideEncryptionByDefault>
			</Rule>
			</ServerSideEncryptionConfiguration>`,
			expectedErr: nil,
			shouldPass:  true,
		},
		// Unsupported XML
		{
			inputXML: `<ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
			<Rule>
			<ApplyServerSideEncryptionByDefault>

	if err != nil {
		return nil, err
	}

	res := make([]madmin.IDPCfgInfo, 0, len(kvsrcs))
	for _, kvsrc := range kvsrcs {
		// skip default values.
		if kvsrc.Src == config.ValueSourceDef {
			continue
		}
		res = append(res, madmin.IDPCfgInfo{
			Key:   kvsrc.Key,
			Value: kvsrc.Value,
			IsCfg: true,
			IsEnv: kvsrc.Src == config.ValueSourceEnv,

          @Override
          public @Nullable Integer computeNext() {
            if (alreadyCalledEndOfData) {
              fail("Should not have been invoked again");
            }
            alreadyCalledEndOfData = true;
            return endOfData();
          }
        };

    /*
     * We test multiple calls to peek() to make sure that one bad call doesn't interfere with its

          @Override
          public @Nullable Integer computeNext() {
            if (alreadyCalledEndOfData) {
              fail("Should not have been invoked again");
            }
            alreadyCalledEndOfData = true;
            return endOfData();
          }
        };

    /*
     * We test multiple calls to peek() to make sure that one bad call doesn't interfere with its

    private String suppliedDomain;

    private String suppliedWorkstation;

    static {
        DEFAULT_FLAGS = NTLMSSP_NEGOTIATE_NTLM
                | (Config.getBoolean("jcifs.smb1.smb.client.useUnicode", true) ? NTLMSSP_NEGOTIATE_UNICODE : NTLMSSP_NEGOTIATE_OEM);
        DEFAULT_DOMAIN = Config.getProperty("jcifs.smb1.smb.client.domain", null);
        String defaultWorkstation = null;
        try {

<%@page pageEncoding="UTF-8" contentType="text/html; charset=UTF-8"%><!DOCTYPE html>
${fe:html(true)}
<head>
    <meta charset="UTF-8">
    <title><la:message key="labels.admin_brand_title"/> | <la:message
            key="labels.reqheader_configuration"/></title>
    <jsp:include page="/WEB-INF/view/common/admin/head.jsp"></jsp:include>
</head>
<body class="hold-transition sidebar-mini">
<div class="wrapper">

        + "usergroups:read usergroups:write users:read users:write identify";

    if (true) {
      client.requestOauthSession(scopes, null);
    } else {
      OAuthSession session = new OAuthSession(true,
          "xoxp-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXXX-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
          scopes, "UXXXXXXXX", "My Slack Group", "TXXXXXXXX");

           --set=decision_logs.console=true
```

### 2. Create a sample OPA Policy

In another terminal, create a policy that allows root user all access and for all other users denies `PutObject`:

```sh
cat > example.rego <<EOF
package httpapi.authz

import input

default allow = false

# Allow the root user to perform any action.
allow {
 input.owner == true
}

).absolute()


@pytest.mark.parametrize(
    "copy_test_files",
    [(f"{data_path}/en_doc.md", f"{data_path}/translated_doc_mermaid_translated.md")],
    indirect=True,
)
def test_translated(runner: CliRunner, root_dir: Path, copy_test_files):
    result = runner.invoke(
        cli,
        ["fix-pages", "docs/lang/docs/doc.md"],
    )
    assert result.exit_code == 0, result.output

                                          body="grant_type=client_credentials",
                                          headers=headers,
                                          preload_content=True,
                                          )
            if response.status != 200:
                message = "Credential refresh failed, response: %s"
                raise CredentialRetrievalError(