feature, you might need to take some action immediately after upgrading. In multi-tenant clusters where not all users are trusted, you are advised to create appropriate quotas for two default priority classes, system-cluster-critical and system-node-critical, which are added to clusters by default. `ResourceQuota` should be created to limit users from creating Pods at these priorities if not all users of your cluster are trusted. We do not advise disabling this feature because critical system Pods rely on...

        runtime.registerData("adminUser",
                fessConfig.isAdminUser(username) || fessLoginAssist.getSavedUserBean()
                        .map(user -> user.hasRoles(fessConfig.getAuthenticationAdminRolesAsArray()))
                        .orElse(false));

        runtime.registerData("pageLoginLink", fessConfig.isLoginLinkEnabled());
    }

 */
package org.codelibs.fess.opensearch.user.cbean.bs;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.codelibs.fess.opensearch.user.allcommon.EsAbstractConditionBean;
import org.codelibs.fess.opensearch.user.bsentity.dbmeta.RoleDbm;
import org.codelibs.fess.opensearch.user.cbean.RoleCB;
import org.codelibs.fess.opensearch.user.cbean.ca.RoleCA;

            echo " OK"
        fi

        # Create fess user if not existing
        if ! id $FESS_USER > /dev/null 2>&1 ; then
            echo -n "Creating $FESS_USER user..."
            useradd --system \
                    -M \
                    --gid "$FESS_GROUP" \
                    --shell /sbin/nologin \
                    --comment "fess user" \
                    -d "$FESS_USER_HOME"  \

    @ValueSource(strings = { "user", "user123", "user.name", "user-name", "user_name", "user@domain.com" })
    void testValidUsernames(String username) {
        assertDoesNotThrow(() -> InputValidator.validateUsername(username));
    }

    @ParameterizedTest
    @DisplayName("Test invalid usernames")
    @ValueSource(strings = { "user name", // space
            "user#name", // invalid character

```
$ ANDROID_SDK_ROOT=/Users/myusername/Library/Android/sdk ./gradlew :regression-test:connectedCheck
...
> Task :regression-test:connectedDebugAndroidTest
...
11:55:40 V/InstrumentationResultParser: Time: 13.271
11:55:40 V/InstrumentationResultParser:
11:55:40 V/InstrumentationResultParser: OK (12 tests)
...

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.opensearch.user.exbhv;

import java.util.Map;
import java.util.regex.Pattern;
import java.util.stream.Collectors;

import org.codelibs.core.misc.Pair;
import org.codelibs.fess.opensearch.user.bsbhv.BsRoleBhv;
import org.codelibs.fess.opensearch.user.exentity.Role;
import org.codelibs.fess.util.ComponentUtil;

    }

    public void test_getUserAgentType_IE9() {
        getMockRequest().addHeader("user-agent", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)");
        assertEquals(UserAgentType.IE, userAgentHelper.getUserAgentType());
    }

    public void test_getUserAgentType_IE10() {
        getMockRequest().addHeader("user-agent", "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)");

adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection. By default, node users are authorized for create and patch requests but not delete requests against their node object. Since the NodeRestriction...

         */
        protected String[] permissions;

        /**
         * The name ID of the user.
         */
        protected String nameId;

        /**
         * The session index of the user.
         */
        protected String sessionIndex;

        /**
         * The name ID format of the user.
         */
        protected String nameIdFormat;