from fastapi import APIRouter

router = APIRouter()


@router.get("/users/", tags=["users"])
async def read_users():
    return [{"username": "Rick"}, {"username": "Morty"}]


@router.get("/users/me", tags=["users"])
async def read_user_me():
    return {"username": "fakecurrentuser"}


@router.get("/users/{username}", tags=["users"])
async def read_user(username: str):

func TestCount(t *testing.T) {
	var (
		user1                 = *GetUser("count-1", Config{})
		user2                 = *GetUser("count-2", Config{})
		user3                 = *GetUser("count-3", Config{})
		users                 []User
		count, count1, count2 int64
	)

	DB.Save(&user1).Save(&user2).Save(&user3)

	if err := DB.Where("name = ?", user1.Name).Or("name = ?", user3.Name).Find(&users).Count(&count).Error; err != nil {

Now, whenever a browser is creating a user with a password, the API will return the same password in the response.

In this case, it might not be a problem, because it's the same user sending the password.

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

	userQuery := "SELECT .*users.*id.*users.*created_at.*users.*updated_at.*users.*deleted_at.*users.*name" +
		".*users.*age.*users.*birthday.*users.*company_id.*users.*manager_id.*users.*active.* FROM .*users.* "

	result := dryDB.Not(map[string]interface{}{"users.name": "jinzhu"}).Find(&User{})

	if !regexp.MustCompile(userQuery + "WHERE .*users.*name.* <> .+").MatchString(result.Statement.SQL.String()) {

		claims   = cred.Claims
		groups   = cred.Groups
	)

	if cred.IsTemp() || cred.IsServiceAccount() {
		// For derived credentials, check the parent user's permissions.
		username = cred.ParentUser
	}

	principalType := "Anonymous"
	if username != "" {
		principalType = "User"
		if len(claims) > 0 {
			principalType = "AssumedRole"
		}
		if username == globalActiveCred.AccessKey {
			principalType = "Account"
		}
	}

func TestMany2ManyAssociation(t *testing.T) {
	user := *GetUser("many2many", Config{Languages: 2})

	if err := DB.Create(&user).Error; err != nil {
		t.Fatalf("errors happened when create: %v", err)
	}

	CheckUser(t, user, user)

	// Find
	var user2 User
	DB.Find(&user2, "id = ?", user.ID)
	DB.Model(&user2).Association("Languages").Find(&user2.Languages)

	CheckUser(t, user2, user)

	// Count

@user_router.get("/")
def get_users():
    return [{"user_id": "u1"}, {"user_id": "u2"}]


@user_router.get("/{user_id}")
def get_user(user_id: str):
    return {"user_id": user_id}


@item_router.get("/")
def get_items(user_id: Optional[str] = None):
    if user_id is None:
        return [{"item_id": "i1", "user_id": "u1"}, {"item_id": "i2", "user_id": "u2"}]
    else:

func TestAssociationError(t *testing.T) {
	user := *GetUser("TestAssociationError", Config{Pets: 2, Company: true, Account: true, Languages: 2})
	DB.Create(&user)

	var user1 User
	DB.Preload("Company").Preload("Pets").Preload("Account").Preload("Languages").First(&user1)

	var emptyUser User
	var err error
	// belongs to
	err = DB.Model(&emptyUser).Association("Company").Delete(&user1.Company)

```

Create a new admin user `admin1` on MinIO use `mc admin user`.

```
mc admin user add myminio admin1 admin123
```

Once the user is successfully created you can now apply the `userManage` policy for this user.

```
mc admin policy attach myminio userManager --user=admin1
```

This admin user will then be allowed to perform create/delete user operations via `mc admin user`

client = TestClient(app)


@pytest.mark.parametrize(
    ("user_id", "expected_response"),
    [
        ("me", {"user_id": "the current user"}),
        ("alice", {"user_id": "alice"}),
    ],
)
def test_get_users(user_id: str, expected_response: dict):
    response = client.get(f"/users/{user_id}")
    assert response.status_code == 200, response.text
    assert response.json() == expected_response