Shinsuke Sugaya <******@****.***> 1638450896 +0900

	}

	if err := DB.Delete(&user).Error; err != nil {
		t.Fatalf("No error should happen when soft delete user, but got %v", err)
	}

	if sql.NullTime(user.DeletedAt).Time.IsZero() {
		t.Fatalf("user's deleted at is zero")
	}

	sql := DB.Session(&gorm.Session{DryRun: true}).Delete(&user).Statement.SQL.String()

		return nil, err
	}

	m.Range(func(user string, mappedPolicy MappedPolicy) bool {
		if userPredicate != nil && !userPredicate(user) {
			return true
		}
		stsMap[user] = mappedPolicy.Policies
		return true
	})

	for user := range store.getParentUsers(cache) {
		if _, ok := stsMap[user]; !ok {
			if userPredicate != nil && !userPredicate(user) {
				continue
			}
			stsMap[user] = ""

## Получить пользователя { #get-the-user }

`get_current_user` будет использовать созданную нами (ненастоящую) служебную функцию, которая принимает токен типа `str` и возвращает нашу Pydantic-модель `User`:

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## Внедрить текущего пользователя { #inject-the-current-user }

As it's running **locally**, and not in the open internet, you decide to **not have any authentication** set up, just trusting the access to the local network.

Then one of your users could install it and run it locally.

Then they could open a malicious website, e.g. something like

```
https://evilhackers.example.com
```

Esto será especialmente útil cuando lo uses en una **gran code base** donde uses **las mismas dependencias** una y otra vez en **muchas *path operations***.

## Usar `async` o no usar `async` { #to-async-or-not-to-async }

	if user6.Name != "find or init" || user6.ID == 0 || user6.Age != 44 {
		t.Errorf("user should be found and updated with assigned attrs")
	}
}

func TestFindOrCreate(t *testing.T) {
	var user1, user2, user3, user4, user5, user6, user7, user8 User
	if err := DB.Where(&User{Name: "find or create", Age: 33}).FirstOrCreate(&user1).Error; err != nil {
		t.Errorf("no error should happen when FirstOrInit, but got %v", err)
	}

	userIdentities := make([]UserIdentity, len(users))
	g := errgroup.WithNErrs(len(users))

	for index := range users {
		g.Go(func() error {
			userName := path.Dir(users[index])
			user, err := iamOS.loadUserIdentity(ctx, userName, userType)
			if err != nil && !errors.Is(err, errNoSuchUser) {
				return fmt.Errorf("unable to load the user `%s`: %w", userName, err)

# If the first character of an item is a question mark, the load will silently fail if the file does not exist.
${includes} = ?"${maven.user.conf}/maven-user.properties", \

## Récupérer l'utilisateur { #get-the-user }

`get_current_user` utilisera une fonction utilitaire (factice) que nous avons créée, qui prend un token en `str` et retourne notre modèle Pydantic `User` :

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## Injecter l'utilisateur actuel { #inject-the-current-user }