run --server \
           --log-format=json-pretty \
           --log-level=debug \
           --set=decision_logs.console=true
```

### 2. Create a sample OPA Policy

In another terminal, create a policy that allows root user all access and for all other users denies `PutObject`:

```sh
cat > example.rego <<EOF
package httpapi.authz

import input

default allow = false

        File repoDir = new File(getBasedir(), "src/test/remote-repo").getAbsoluteFile();

        RepositoryPolicy policy = new RepositoryPolicy();
        policy.setEnabled(true);
        policy.setChecksumPolicy("ignore");
        policy.setUpdatePolicy("always");

        Repository repository = new Repository();
        repository.setId(RepositorySystem.DEFAULT_REMOTE_REPO_ID);

    }

    public void merge(ArtifactRepositoryPolicy policy) {
        if (policy != null && policy.isEnabled()) {
            setEnabled(true);

            if (ordinalOfCksumPolicy(policy.getChecksumPolicy()) < ordinalOfCksumPolicy(getChecksumPolicy())) {
                setChecksumPolicy(policy.getChecksumPolicy());
            }

            if (ordinalOfUpdatePolicy(policy.getUpdatePolicy()) < ordinalOfUpdatePolicy(getUpdatePolicy())) {

	var objectAPI ObjectLayer
	switch serviceSig {
	case serviceRestart:
		objectAPI, _ = validateAdminReq(ctx, w, r, policy.ServiceRestartAdminAction)
	case serviceStop:
		objectAPI, _ = validateAdminReq(ctx, w, r, policy.ServiceStopAdminAction)
	case serviceFreeze, serviceUnFreeze:
		objectAPI, _ = validateAdminReq(ctx, w, r, policy.ServiceFreezeAdminAction)
	}
	if objectAPI == nil {
		return
	}

     }
    ]
   }
EOF
mc admin policy create source repladmin-policy ./repladmin-policy-source.json
cat ./repladmin-policy-source.json

#assign this replication policy to repladmin
mc admin policy attach source repladmin-policy --user=repladmin

### on dest alias
# Create a replication user : repluser on dest alias
mc admin user add dest repluser repluser123

# create a replication policy for repluser

./mc ready myminio

./mc admin user add myminio/ minio123 minio123
./mc admin user add myminio/ minio12345 minio12345

./mc admin policy create myminio/ rw ./docs/distributed/rw.json
./mc admin policy create myminio/ lake ./docs/distributed/rw.json

./mc admin policy attach myminio/ rw --user=minio123
./mc admin policy attach myminio/ lake --user=minio12345

./mc mb -l myminio/versioned

./mc mirror internal myminio/versioned/ --quiet >/dev/null

				return ErrNone
			}
		}

		return ErrAccessDenied
	}
	if action == policy.DeleteObjectAction && versionID != "" {
		if !globalIAMSys.IsAllowed(policy.Args{
			AccountName:     cred.AccessKey,
			Groups:          cred.Groups,
			Action:          policy.Action(policy.DeleteObjectVersionAction),
			BucketName:      bucket,
			ConditionValues: getConditionValues(r, "", cred),

     * @return The artifact quality this metadata refers to.
     */
    int getNature();

    /**
     * Gets the policy that applies to this metadata regarding the specified repository.
     *
     * @param repository The repository for which to determine the policy, must not be {@code null}.
     * @return The policy, never {@code null}.
     */
    ArtifactRepositoryPolicy getPolicy(ArtifactRepository repository);

        SmbOperationException.RetryPolicy policy = new SmbOperationException.RetryPolicy(10, 1000, 5000, 2.0, true);

        // When - Calculate delays for increasing attempts
        long delay1 = policy.getDelayMs(1);
        long delay2 = policy.getDelayMs(2);
        long delay3 = policy.getDelayMs(3);
        long delay4 = policy.getDelayMs(4);
        long delay10 = policy.getDelayMs(10);

        // Then

//	policy mapping
//
//	policy=... -> repeatable query parameter, specifying policy to query for
//	user/group mapping
//
// When all query parameters are omitted, returns mappings for all policies.
func (a adminAPIHandlers) ListLDAPPolicyMappingEntities(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()

	// Check authorization.

	objectAPI, cred := validateAdminReq(ctx, w, r,