## Quickstart

To easily try out the feature, run the included demo Access Management Plugin program in this directory:

```sh
go run access-manager-plugin.go
```

This program, lets the admin user perform any action and prevents all other users from performing `s3:Put*` operations.

In another terminal start MinIO:

```sh
export MINIO_CI_CD=1
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123

        run: uv pip install -r requirements-github-actions.txt -r requirements-translations.txt
      # Allow debugging with tmate
      - name: Setup tmate session
        uses: mxschmitt/action-tmate@v3
        if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
        with:
          limit-access-to-actor: true
        env:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:*"
      ],
      "Resource": [
        "arn:aws:s3:::${ldap:username}/*"
      ]
    }
  ]

import org.codelibs.fess.app.web.base.FessSearchAction;
import org.lastaflute.web.Execute;
import org.lastaflute.web.response.ActionResponse;

/**
 * OSDD (OpenSearch Description Document) action.
 */
public class OsddAction extends FessSearchAction {

    /**
     * Default constructor.
     */
    public OsddAction() {
        super();
    }

 MERCHANTABILITY,    FITNESS    FOR    A   PARTICULAR    PURPOSE    AND
 NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE,  ARISING FROM, OUT OF OR IN CONNECTION

import org.codelibs.fess.opensearch.config.cbean.cq.CrawlingInfoCQ;
import org.codelibs.fess.opensearch.config.cbean.cq.bs.BsCrawlingInfoCQ;
import org.dbflute.cbean.ConditionQuery;
import org.opensearch.action.search.SearchRequestBuilder;
import org.opensearch.index.query.QueryBuilder;

/**
 * @author ESFlute (using FreeGen)
 */
public class BsCrawlingInfoCB extends EsAbstractConditionBean {

import org.codelibs.fess.opensearch.log.cbean.cq.FavoriteLogCQ;
import org.codelibs.fess.opensearch.log.cbean.cq.bs.BsFavoriteLogCQ;
import org.dbflute.cbean.ConditionQuery;
import org.opensearch.action.search.SearchRequestBuilder;
import org.opensearch.index.query.QueryBuilder;

/**
 * @author ESFlute (using FreeGen)
 */
public class BsFavoriteLogCB extends EsAbstractConditionBean {

     * didn't see that discussed in the review, which included many other
     * changes: https://mail.openjdk.org/pipermail/core-libs-dev/2013-May/thread.html#17367
     *
     * TODO(cpovirk): decide what the best long-term action here is: force users
     * to suppress (as we do now), stop testing entrySet().add() at all, make
     * entrySet().add() tests tolerant of either behavior, introduce a map

    /*
    public void test_component() throws Exception {
        // ## Arrange ##
        String appWebPkg = ".app.web.";
        String actionSuffix = "Action";

        // ## Act ##
        policeStoryOfJavaClassChase((srcFile, clazz) -> {
            if (clazz.isInterface() || Modifier.isAbstract(clazz.getModifiers())) { // e.g. BaseAction
                return;

FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE