private fun Sink.withThrottlingAndSocketEffect(
    policy: MockResponse,
    socketEffect: SocketEffect?,
    expectedByteCount: Long,
    socket: MockWebServerSocket,
    stream: Http2Stream? = null,
  ): Sink {
    var result: Sink = this

    if (policy.throttlePeriodNanos > 0L) {
      result =
        ThrottledSink(
          socket = socket,

            assertDoesNotThrow(() -> new MsrpcSamrConnect2("\\\\srv", -42, ph));
        }

        @Test
        @DisplayName("should handle null policy handle")
        void testNullPolicyHandleHandled() {
            // Act & Assert - The constructor accepts null policy handle without throwing
            assertDoesNotThrow(() -> new MsrpcSamrConnect2("\\\\srv", 0, null));
        }

        @Test

	humanize "github.com/dustin/go-humanize"
	"github.com/minio/madmin-go/v3"
	"github.com/minio/minio/internal/bucket/versioning"
	"github.com/minio/minio/internal/logger"
	"github.com/minio/mux"
	"github.com/minio/pkg/v3/policy"
)

const (
	bucketVersioningConfig = "versioning.xml"

	// Maximum size of bucket versioning configuration payload sent to the PutBucketVersioningHandler.
	maxBucketVersioningConfigSize = 1 * humanize.MiByte
)

	"github.com/minio/minio/internal/config/ilm"
	"github.com/minio/minio/internal/config/lambda"
	"github.com/minio/minio/internal/config/notify"
	"github.com/minio/minio/internal/config/policy/opa"
	polplugin "github.com/minio/minio/internal/config/policy/plugin"
	"github.com/minio/minio/internal/config/scanner"
	"github.com/minio/minio/internal/config/storageclass"
	"github.com/minio/minio/internal/config/subnet"

		Description:    "Policy name may not contain comma",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrAdminOpenIDNotEnabled: {
		Code:           "OpenIDNotEnabled",
		Description:    "No enabled OpenID Connect identity providers",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrPolicyTooLarge: {
		Code:           "PolicyTooLarge",
		Description:    "Policy exceeds the maximum allowed document size.",

	"net/http"
	"time"

	jwtgo "github.com/golang-jwt/jwt/v4"
	jwtreq "github.com/golang-jwt/jwt/v4/request"
	"github.com/minio/minio/internal/auth"
	xjwt "github.com/minio/minio/internal/jwt"
	"github.com/minio/pkg/v3/policy"
)

const (
	jwtAlgorithm = "Bearer"

	// Default JWT token for web handlers is one day.
	defaultJWTExpiry = 24 * time.Hour

	// Inter-node JWT token expiry is 100 years approx.

package cmd

import (
	"bytes"
	"context"
	"io"
	"net/http"
	"net/url"
	"os"
	"testing"
	"time"

	"github.com/minio/minio/internal/auth"
	"github.com/minio/pkg/v3/policy"
)

type nullReader struct{}

func (r *nullReader) Read(b []byte) (int, error) {
	return len(b), nil
}

// Test get request auth type.
func TestGetRequestAuthType(t *testing.T) {

			// Register PutBucket Policy handler.
			bucket.Methods(http.MethodPut).HandlerFunc(api.PutBucketPolicyHandler).Queries("policy", "")
		case "DeleteBucketPolicy":
			// Register Delete bucket HTTP policy handler.
			bucket.Methods(http.MethodDelete).HandlerFunc(api.DeleteBucketPolicyHandler).Queries("policy", "")
		case "GetBucketPolicy":
			// Register Get Bucket policy HTTP Handler.

			AccessKey: claims.AccessKey,
			Claims:    claims.Map(),
			Groups:    groups,
		}

		// For authenticated users apply IAM policy.
		if !globalIAMSys.IsAllowed(policy.Args{
			AccountName:     cred.AccessKey,
			Groups:          cred.Groups,
			Action:          policy.PrometheusAdminAction,
			ConditionValues: getConditionValues(r, "", cred),
			IsOwner:         owner,
			Claims:          cred.Claims,
		}) {

Date:   Sat Jun 15 11:27:17 2019 -0700

    [security] Match ${aws:username} exactly instead of prefix match (#7791)

    This PR fixes a security issue where an IAM user based
    on his policy is granted more privileges than restricted
    by the users IAM policy.

    This is due to an issue of prefix based Matcher() function
    which was incorrectly matching prefix based on resource
    prefixes instead of exact match.
```