}
}

func TestScopes(t *testing.T) {
	users := []*User{
		GetUser("ScopeUser1", Config{}),
		GetUser("ScopeUser2", Config{}),
		GetUser("ScopeUser3", Config{}),
	}

	DB.Create(&users)

	var users1, users2, users3 []User
	DB.Scopes(NameIn1And2).Find(&users1)
	if len(users1) != 2 {
		t.Errorf("Should found two users's name in 1, 2, but got %v", len(users1))
	}

	DB.Scopes(NameIn1And2, NameIn2And3).Find(&users2)

     * Handles user authentication setup and database persistence.
     * If the surname is blank, it will be set to the user's name.
     *
     * @param user the user entity to store
     */
    public void store(final User user) {
        if (StringUtil.isBlank(user.getSurname())) {
            user.setSurname(user.getName());
        }

        ComponentUtil.getAuthenticationManager().insert(user);

 */
package org.codelibs.fess.opensearch.user.cbean.ca.bs;

import org.codelibs.fess.opensearch.user.allcommon.EsAbstractConditionAggregation;
import org.codelibs.fess.opensearch.user.allcommon.EsAbstractConditionQuery;
import org.codelibs.fess.opensearch.user.cbean.ca.UserCA;
import org.codelibs.fess.opensearch.user.cbean.cq.UserCQ;
import org.codelibs.fess.opensearch.user.cbean.cq.bs.BsUserCQ;

        // Make attempts from same IP with different users
        for (int i = 1; i <= 5; i++) {
            assertTrue(rateLimiter.checkAttempt("user" + i, ip), "Attempt " + i + " should be allowed");
            rateLimiter.recordFailure("user" + i, ip);
        }

        // 6th attempt from same IP should be blocked
        assertFalse(rateLimiter.checkAttempt("user6", ip), "Should block after IP rate limit");
    }

///

### About `**user_in.dict()` { #about-user-in-dict }

#### Pydantic's `.dict()` { #pydantics-dict }

`user_in` is a Pydantic model of class `UserIn`.

Pydantic models have a `.dict()` method that returns a `dict` with the model's data.

So, if we create a Pydantic object `user_in` like:

```Python
user_in = UserIn(username="john", password="secret", email="******@****.***")
```

Now, whenever a browser is creating a user with a password, the API will return the same password in the response.

In this case, it might not be a problem, because it's the same user sending the password.

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

{"index":{"_index":"fess_user.user","_id":"YWRtaW4="}}

import org.codelibs.fess.Constants;
import org.codelibs.fess.entity.FessUser;
import org.codelibs.fess.mylasta.direction.FessConfig;
import org.codelibs.fess.opensearch.user.bsentity.BsUser;
import org.codelibs.fess.util.ComponentUtil;

/**
 * @author FreeGen
 */
public class User extends BsUser implements FessUser {

    private static final long serialVersionUID = 1L;

    private String originalPassword;

			return
		}
		for user := range users {
			checkedUserList = append(checkedUserList, user)
		}
		checkedUserList = append(checkedUserList, globalActiveCred.AccessKey)
	} else {
		for _, user := range users {
			// Validate the user
			_, ok := globalIAMSys.GetUser(ctx, user)
			if !ok {
				continue
			}
			checkedUserList = append(checkedUserList, user)
		}
	}

			sql: "INNER JOIN `user` ON `user_info`.`user_id` = `users`.`id`",
		},
		{
			name: "CROSS JOIN",
			join: clause.Join{
				Type:  clause.CrossJoin,
				Table: clause.Table{Name: "user"},
				ON: clause.Where{
					Exprs: []clause.Expression{clause.Eq{clause.Column{Table: "user_info", Name: "user_id"}, clause.PrimaryColumn}},
				},
			},
			sql: "CROSS JOIN `user` ON `user_info`.`user_id` = `users`.`id`",
		},
		{
			name: "USING",