final ArrayList<SID> list = new ArrayList<>(sids.length);
        int si;

        synchronized (this.sidCache) {
            for (si = 0; si < sids.length; si++) {
                final SID s = sids[si].unwrap(SID.class);
                final SID sid = this.sidCache.get(s);
                if (sid != null) {
                    s.type = sid.type;

    }

    @Nested
    @DisplayName("SID Tests")
    class SidTests {

        @Test
        @DisplayName("Should encode SID correctly")
        void testSidTEncode() throws NdrException {
            // Given: A SID with test values
            rpc.sid_t sid = new rpc.sid_t();
            sid.revision = (byte) 1;
            sid.sub_authority_count = (byte) 2;

        assertEquals(sidT1, lsarSidArrayX.sids[0].sid, "First SID should be unwrapped correctly");
        assertEquals(sidT2, lsarSidArrayX.sids[1].sid, "Second SID should be unwrapped correctly");
    }

    @Test
    void testConstructorWithJcifsSIDArrayDirectAssignment() {
        // Create mock SID objects
        SID mockSid1 = mock(SID.class);
        SID mockSid2 = mock(SID.class);

        SID[] sids = { mockSid1, mockSid2 };

        return this.aces;
    }

    /**
     * Gets the owner group SID of this security descriptor.
     *
     * @return the security identifier of the owner group
     */
    public final SID getOwnerGroupSid() {
        return this.ownerGroupSid;
    }

    /**
     * Gets the owner user SID of this security descriptor.
     *
     * @return the security identifier of the owner user
     */

 * "The .NET Developer's Guide to Windows Security" (which is also
 * available online).
 * <p>
 * Direct ACEs are evaluated first in order. The SID of the user performing
 * the operation and the desired access bits are compared to the SID
 * and access mask of each ACE. If the SID matches, the allow/deny flags
 * and access mask are considered. If the ACE is a "deny"
 * ACE and <i>any</i> of the desired access bits match bits in the access

 */
package jcifs.pac;

import jcifs.smb.SID;

/**
 * Represents a Security Identifier (SID) with associated attributes within a PAC structure.
 * This class encapsulates a SID and its attribute flags as used in Kerberos PAC data.
 */
public class PacSidAttributes {

    private final SID id;
    private final int attributes;

    /**

            if (responseData.getUrl().startsWith("smb:")) {
                final SID[] allowedSids = (SID[]) metaDataMap.get(SmbClient.SMB_ALLOWED_SID_ENTRIES);
                if (allowedSids != null) {
                    for (final SID sid : allowedSids) {
                        final String accountId = sambaHelper.getAccountId(sid);
                        if (accountId != null) {

            urlFilterService.delete(sid);
        } catch (final Exception e) {
            logger.warn("Failed to delete UrlFilter for {}", sid, e);
        }

        try {
            // clear queue
            urlQueueService.clearCache();
            urlQueueService.delete(sid);
        } catch (final Exception e) {
            logger.warn("Failed to delete UrlQueue for {}", sid, e);
        }

        try {

import jcifs.dcerpc.rpc.sid_t;
import jcifs.smb.SID;

class LsarSidArrayX extends lsarpc.LsarSidArray {

    LsarSidArrayX(final jcifs.SID[] sids) {
        this.num_sids = sids.length;
        this.sids = new lsarpc.LsarSidPtr[sids.length];
        for (int si = 0; si < sids.length; si++) {
            this.sids[si] = new lsarpc.LsarSidPtr();
            this.sids[si].sid = sids[si].unwrap(sid_t.class);
        }
    }

    private final int sid;

    /**
     * Creates a new SMB1 find close request to close a search handle.
     *
     * @param config the CIFS configuration
     * @param sid the search identifier to close
     */
    public SmbComFindClose2(final Configuration config, final int sid) {
        super(config, SMB_COM_FIND_CLOSE2);
        this.sid = sid;
    }

    @Override