}
}

func CheckUserUnscoped(t *testing.T, user User, expect User) {
	doCheckUser(t, user, expect, true)
}

func CheckUser(t *testing.T, user User, expect User) {
	doCheckUser(t, user, expect, false)
}

func doCheckUser(t *testing.T, user User, expect User, unscoped bool) {
	if user.ID != 0 {
		var newUser User
		if err := db(unscoped).Where("id = ?", user.ID).First(&newUser).Error; err != nil {

            "The specified user does not exist.", "The specified network password is not correct.",
            "Logon failure: unknown user name or bad password.", "Logon failure: user account restriction.",
            "Logon failure: account logon time restriction violation.", "Logon failure: user not allowed to log on to this computer.",

Following is a sample directory structure for MinIO server with TLS certificates.

```sh
$ mc tree --files ~/.minio
/home/user1/.minio
└─ certs
   ├─ CAs
   ├─ private.key
   └─ public.crt
```

You can provide a custom certs directory using `--certs-dir` command line option.

#### Credentials

     * Note: If the first two characters are uppercase, the string will not be decapitalized.
     * <p>
     * Usage example:
     * </p>
     *
     * <pre>
     * StringUtil.decapitalize("UserId")  = "userId"
     * StringUtil.decapitalize("ABC")     = "ABC"
     * </pre>
     *
     * @param name
     *            the string to decapitalize
     * @return the decapitalized string
     */

  /**
   * The request that initiated this HTTP response. This is not necessarily the same request issued
   * by the application:
   *
   * * It may be transformed by the user's interceptors. For example, an application interceptor
   *   may add headers like `User-Agent`.
   * * It may be the request generated in response to an HTTP redirect or authentication
   *   challenge. In this case the request URL may be different than the initial request URL.

            "The specified user does not exist.", "The specified network password is not correct.",
            "Logon failure: unknown user name or bad password.", "Logon failure: user account restriction.",
            "Logon failure: account logon time restriction violation.", "Logon failure: user not allowed to log on to this computer.",

    Library.  A suitable mechanism is one that (1) uses at run time a
    copy of the library already present on the user's computer system,
    rather than copying library functions into the executable, and (2)
    will operate properly with a modified version of the library, if
    the user installs one, as long as the modified version is
    interface-compatible with the version that the work was made with.

That way, you can create a token with an expiration of, let's say, 1 week. And then when the user comes back the next day with the token, you know that user is still logged in to your system.

	if err == nil {
		c.Fatalf("user account was not disabled!")
	}

	// 5. Check that user can be deleted and verify it.
	err = s.adm.RemoveUser(ctx, accessKey)
	if err != nil {
		c.Fatalf("user could not be deleted: %v", err)
	}
	usersMap, err = s.adm.ListUsers(ctx)
	if err != nil {
		c.Fatalf("error listing: %v", err)
	}
	_, ok = usersMap[accessKey]
	if ok {
		c.Fatalf("user not deleted: %s", accessKey)
	}

      // This also avoids a race where if outputFuture is cancelled, it will call taskFuture.cancel,
      // which will call newFuture.setFuture(oldFuture), to allow the next task in the queue to run
      // without waiting for the user's executor to run our submitted Runnable. However, this can
      // interact poorly with the reentrancy-avoiding behavior of this executor - when the operation