}

// append single byte to scratch buffer
func (s *scratch) add(c byte) {
	if s.fill+1 >= cap(s.data) {
		s.grow()
	}

	s.data[s.fill] = c
	s.fill++
}

// append encoded rune to scratch buffer
func (s *scratch) addRune(r rune) int {
	if s.fill+utf8.UTFMax >= cap(s.data) {
		s.grow()
	}

	n := utf8.EncodeRune(s.data[s.fill:], r)
	s.fill += n
	return n

    }

    public static boolean hasActionRole(final String role) {
        final String[] roles;
        if (role.endsWith(FessAdminAction.VIEW)) {
            roles = new String[] { role, role.substring(0, role.length() - FessAdminAction.VIEW.length()) };
        } else {
            roles = new String[] { role };
        }

	"strings"
	"text/scanner"

	"cmd/internal/src"
)

// A ScanToken represents an input item. It is a simple wrapping of rune, as
// returned by text/scanner.Scanner, plus a couple of extra values.
type ScanToken rune

const (
	// Asm defines some two-character lexemes. We make up
	// a rune/ScanToken value for them - ugly but simple.
	LSH          ScanToken = -1000 - iota // << Left shift.

KIND, either express or implied.  See the License for the
specific language governing permissions and limitations
under the License.
-->

<plexus>
  <components>
    <component>
      <role>org.apache.maven.wagon.Wagon</role>
      <role-hint>testfile</role-hint>
      <implementation>org.apache.maven.artifact.resolver.TestFileWagon</implementation>
      <instantiation-strategy>per-lookup</instantiation-strategy>
    </component>
  </components>

    protected String getActionRole() {
        return ROLE;
    }

    // ===================================================================================
    //                                                                      Search Execute
    //                                                                      ==============
    @Execute
    @Secured({ ROLE, ROLE + VIEW })
    public HtmlResponse index() {

  mtls:
    mode: STRICT
  portLevelMtls:
    9090:
      mode: PERMISSIVE
```

will be translated into this `Authorization`:

```yaml
action: DENY
groups:
- rules:
  - matches:
    - notPrincipals:
      - presence: {}
- rules:
  - matches:
    - notDestinationPorts:
      - 9090
name: converted_peer_authentication_strict-and-permissive-mtls
scope: WORKLOAD_SELECTOR
```

    namespaceSelector:
      matchLabels:
        istio.io/deactivated: never-match
    objectSelector:
      matchLabels:
        istio.io/deactivated: never-match
    reinvocationPolicy: Never
    rules:
      - apiGroups:
          - ""
        apiVersions:
          - v1
        operations:
          - CREATE
        resources:
          - pods
        scope: '*'
    sideEffects: None

                                        if (subResult.isEmpty()) {
                                            final Role role = new Role();
                                            role.setName(name);
                                            insert(role);
                                        }
                                        final List<ModificationItem> modifyList = new ArrayList<>();

authentication.admin.users=admin
authentication.admin.roles=admin

role.search.default.permissions=
role.search.default.display.permissions={role}guest
role.search.guest.permissions={role}guest

role.search.user.prefix=1
role.search.group.prefix=2
role.search.role.prefix=R
role.search.denied.prefix=D

# ----------------------------------------------------------

    protected String getActionRole() {
        return ROLE;
    }

    // ===================================================================================
    //                                                                      Search Execute
    //                                                                      ==============

    @Execute
    @Secured({ ROLE, ROLE + VIEW })
    public HtmlResponse index() {