* governing permissions and limitations under the License.
 */
package org.codelibs.fess.opensearch.user.cbean.cq;

import org.codelibs.fess.opensearch.user.cbean.cq.bs.BsUserCQ;

/**
 * @author ESFlute (using FreeGen)
 */
public class UserCQ extends BsUserCQ {

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.opensearch.user.cbean.ca;

import org.codelibs.fess.opensearch.user.cbean.ca.bs.BsUserCA;

/**
 * @author ESFlute (using FreeGen)
 */
public class UserCA extends BsUserCA {

        User user1 = createTestUser("user1", "User One");
        User user2 = createTestUser("user2", "User Two");
        User user3 = createTestUser("user3", "User Three");

        chain.update(user1);
        chain.update(user2);
        chain.update(user3);

        assertEquals(3, chain.updateCalls.size());
        assertEquals(user1, chain.updateCalls.get(0));

Now, whenever a browser is creating a user with a password, the API will return the same password in the response.

In this case, it might not be a problem, because it's the same user sending the password.

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

func TestCount(t *testing.T) {
	var (
		user1                 = *GetUser("count-1", Config{})
		user2                 = *GetUser("count-2", Config{})
		user3                 = *GetUser("count-3", Config{})
		users                 []User
		count, count1, count2 int64
	)

	DB.Save(&user1).Save(&user2).Save(&user3)

	if err := DB.Where("name = ?", user1.Name).Or("name = ?", user3.Name).Find(&users).Count(&count).Error; err != nil {

	}

	var user3 User
	DB.Preload("Languages").Preload("Friends").Find(&user3, "id = ?", user.ID)
	CheckUser(t, user2, user3)

	if err := DB.Session(&gorm.Session{FullSaveAssociations: true}).Save(&user).Error; err != nil {
		t.Fatalf("errors happened when update: %v", err)
	}

	var user4 User
	DB.Preload("Languages").Preload("Friends").Find(&user4, "id = ?", user.ID)
	CheckUser(t, user4, user)

		claims   = cred.Claims
		groups   = cred.Groups
	)

	if cred.IsTemp() || cred.IsServiceAccount() {
		// For derived credentials, check the parent user's permissions.
		username = cred.ParentUser
	}

	principalType := "Anonymous"
	if username != "" {
		principalType = "User"
		if len(claims) > 0 {
			principalType = "AssumedRole"
		}
		if username == globalActiveCred.AccessKey {
			principalType = "Account"
		}
	}

	if age != 20 {
		t.Errorf("Scan with Row, age expects: %v, got %v", user2.Age, age)
	}
}

func TestRows(t *testing.T) {
	user1 := User{Name: "RowsUser1", Age: 1}
	user2 := User{Name: "RowsUser2", Age: 10}
	user3 := User{Name: "RowsUser3", Age: 20}
	DB.Save(&user1).Save(&user2).Save(&user3)

	rows, err := DB.Table("users").Where("name = ? or name = ?", user2.Name, user3.Name).Select("name, age").Rows()
	if err != nil {

from fastapi import APIRouter

router = APIRouter()


@router.get("/users/", tags=["users"])
async def read_users():
    return [{"username": "Rick"}, {"username": "Morty"}]


@router.get("/users/me", tags=["users"])
async def read_user_me():
    return {"username": "fakecurrentuser"}


@router.get("/users/{username}", tags=["users"])
async def read_user(username: str):

import org.codelibs.fess.Constants;
import org.codelibs.fess.entity.FessUser;
import org.codelibs.fess.mylasta.direction.FessConfig;
import org.codelibs.fess.opensearch.user.bsentity.BsUser;
import org.codelibs.fess.util.ComponentUtil;

/**
 * @author FreeGen
 */
public class User extends BsUser implements FessUser {

    private static final long serialVersionUID = 1L;

    private String originalPassword;