if s3Err != ErrNone {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(s3Err), r.URL)
		return
	}

	userDN := r.Form.Get("userDN")

	// If listing is requested for a specific user (who is not the request
	// sender), check that the user has permissions.
	if userDN != "" && userDN != cred.ParentUser {
		if !globalIAMSys.IsAllowed(policy.Args{
			AccountName:     cred.AccessKey,
			Groups:          cred.Groups,

///

```Python hl_lines="10"
{!> ../../docs_src/security/tutorial001.py!}
```

////

But that is still not that useful.

Let's make it give us the current user.

## Create a user model

First, let's create a Pydantic user model.

The same way we use Pydantic to declare bodies, we can use it anywhere else:

//// tab | Python 3.10+

```Python hl_lines="5  12-16"

	}

	if err := DB.Model(&users[1]).Association("Company").Append(&company); err != nil {
		t.Errorf("Error happened when append company to user, got %v", err)
	}

	if users[0].CompanyID == nil || users[1].CompanyID == nil || *users[0].CompanyID != *users[1].CompanyID {
		t.Errorf("user's company id should exists and equal, but its: %v, %v", users[0].CompanyID, users[1].CompanyID)
	}

 */
package org.codelibs.fess.es.user.exentity;

import static org.codelibs.core.stream.StreamUtil.stream;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.codelibs.fess.Constants;
import org.codelibs.fess.entity.FessUser;
import org.codelibs.fess.es.user.bsentity.BsUser;

under the License.
-->

<toolchains>
  <toolchain>
     <type>basic</type>
     <configuration>
       <user>true</user>
     </configuration>
  </toolchain>
  <toolchain>
     <type>rare</type>
     <configuration>
       <user>true</user>
     </configuration>
  </toolchain>

{"index":{"_index":"fess_user.user","_id":"YWRtaW4="}}

**Please note that when AD/LDAP is configured, MinIO will not support long term users defined internally.** Only AD/LDAP users (and the root user) are allowed. In addition to this, the server will not support operations on users or groups using `mc admin user` or `mc admin group` commands except `mc admin user info` and `mc admin group info` to list set policies for users and groups. This is because users and groups are defined externally in AD/LDAP.

## Configuring AD/LDAP on MinIO

Shinsuke Sugaya <******@****.***> 1638450896 +0900

Latency sensitive applications may notice an increased latency due to a request to the external plugin upon every authenticated request to MinIO. User are advised to provision their infrastructure such that latency and performance is acceptable.

## Quickstart

 * If the artifacts are found locally, Maven uses them directly, which speeds
 * up the build process by avoiding unnecessary downloads.</p>
 *
 * <p>By default, the local repository is located in the {@code .m2/repository}
 * directory within the user's home directory ({@code ~/.m2/repository} on
 * Unix-like systems or {@code C:\Users\YourName\.m2\repository} on Windows).