001/*
002 * Copyright 2016-2018 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright (C) 2016-2018 Ping Identity Corporation
007 *
008 * This program is free software; you can redistribute it and/or modify
009 * it under the terms of the GNU General Public License (GPLv2 only)
010 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
011 * as published by the Free Software Foundation.
012 *
013 * This program is distributed in the hope that it will be useful,
014 * but WITHOUT ANY WARRANTY; without even the implied warranty of
015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
016 * GNU General Public License for more details.
017 *
018 * You should have received a copy of the GNU General Public License
019 * along with this program; if not, see <http://www.gnu.org/licenses>.
020 */
021package com.unboundid.ldap.sdk.unboundidds.tools;
022
023
024
025import java.util.ArrayList;
026import java.util.Arrays;
027import java.util.Collections;
028import java.util.HashMap;
029import java.util.List;
030
031import com.unboundid.ldap.sdk.unboundidds.extensions.
032            PasswordPolicyStateOperation;
033import com.unboundid.util.StaticUtils;
034
035import static com.unboundid.ldap.sdk.unboundidds.tools.ToolMessages.*;
036
037
038
039/**
040 * This enum provides information about all of the subcommands available for
041 * use with the manage-account tool.
042 * <BR>
043 * <BLOCKQUOTE>
044 *   <B>NOTE:</B>  This class, and other classes within the
045 *   {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only
046 *   supported for use against Ping Identity, UnboundID, and Alcatel-Lucent 8661
047 *   server products.  These classes provide support for proprietary
048 *   functionality or for external specifications that are not considered stable
049 *   or mature enough to be guaranteed to work in an interoperable way with
050 *   other types of LDAP servers.
051 * </BLOCKQUOTE>
052 */
053public enum ManageAccountSubCommandType
054{
055  /**
056   * The subcommand used to get all state information for a user.
057   */
058  GET_ALL("get-all", INFO_MANAGE_ACCT_SC_DESC_GET_ALL.get(), -1),
059
060
061
062  /**
063   * The subcommand used to get the DN of a user's password policy.
064   */
065  GET_PASSWORD_POLICY_DN("get-password-policy-dn",
066       INFO_MANAGE_ACCT_SC_DESC_GET_POLICY_DN.get(),
067       PasswordPolicyStateOperation.OP_TYPE_GET_PW_POLICY_DN),
068
069
070
071  /**
072   * The subcommand used to determine whether an account is usable.
073   */
074  GET_ACCOUNT_IS_USABLE("get-account-is-usable",
075       INFO_MANAGE_ACCT_SC_DESC_GET_IS_USABLE.get(),
076       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_USABLE),
077
078
079
080  /**
081   * The subcommand used to retrieve the set of password policy state account
082   * usability notice messages for a user.
083   */
084  GET_ACCOUNT_USABILITY_NOTICES("get-account-usability-notice-messages",
085       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_NOTICES.get(),
086       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_NOTICES),
087
088
089
090  /**
091   * The subcommand used to retrieve the set of password policy state account
092   * usability warning messages for a user.
093   */
094  GET_ACCOUNT_USABILITY_WARNINGS("get-account-usability-warning-messages",
095       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_WARNINGS.get(),
096       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_WARNINGS),
097
098
099
100  /**
101   * The subcommand used to retrieve the set of password policy state account
102   * usability error messages for a user.
103   */
104  GET_ACCOUNT_USABILITY_ERRORS("get-account-usability-error-messages",
105       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_ERRORS.get(),
106       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_ERRORS),
107
108
109
110  /**
111   * The subcommand used to get the password changed time for a user.
112   */
113  GET_PASSWORD_CHANGED_TIME("get-password-changed-time",
114       INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_TIME.get(),
115       PasswordPolicyStateOperation.OP_TYPE_GET_PW_CHANGED_TIME),
116
117
118
119  /**
120   * The subcommand used to set the password changed time for a user.
121   */
122  SET_PASSWORD_CHANGED_TIME("set-password-changed-time",
123       INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_TIME.get(),
124       PasswordPolicyStateOperation.OP_TYPE_SET_PW_CHANGED_TIME),
125
126
127
128  /**
129   * The subcommand used to clear the password changed time for a user.
130   */
131  CLEAR_PASSWORD_CHANGED_TIME("clear-password-changed-time",
132       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_TIME.get(),
133       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_CHANGED_TIME),
134
135
136
137  /**
138   * The subcommand used to determine whether a user account is administratively
139   * disabled.
140   */
141  GET_ACCOUNT_IS_DISABLED("get-account-is-disabled",
142       INFO_MANAGE_ACCT_SC_DESC_GET_IS_DISABLED.get(),
143       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_DISABLED_STATE),
144
145
146
147  /**
148   * The subcommand used to specify whether a user account is administratively
149   * disabled.
150   */
151  SET_ACCOUNT_IS_DISABLED("set-account-is-disabled",
152       INFO_MANAGE_ACCT_SC_DESC_SET_IS_DISABLED.get(),
153       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_DISABLED_STATE),
154
155
156
157  /**
158   * The subcommand used to clear the account disabled state for a user.
159   */
160  CLEAR_ACCOUNT_IS_DISABLED("clear-account-is-disabled",
161       INFO_MANAGE_ACCT_SC_DESC_CLEAR_IS_DISABLED.get(
162            SET_ACCOUNT_IS_DISABLED.primaryName, "accountIsDisabled"),
163       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_DISABLED_STATE),
164
165
166
167  /**
168   * The subcommand used to get the account activation time for a user.
169   */
170  GET_ACCOUNT_ACTIVATION_TIME("get-account-activation-time",
171       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_ACT_TIME.get(),
172       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_ACTIVATION_TIME),
173
174
175
176  /**
177   * The subcommand used to set the account activation time for a user.
178   */
179  SET_ACCOUNT_ACTIVATION_TIME("set-account-activation-time",
180       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_ACT_TIME.get(),
181       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_ACTIVATION_TIME),
182
183
184
185  /**
186   * The subcommand used to clear the account activation time for a user.
187   */
188  CLEAR_ACCOUNT_ACTIVATION_TIME("clear-account-activation-time",
189       INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_ACT_TIME.get(),
190       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_ACTIVATION_TIME),
191
192
193
194  /**
195   * The subcommand used to retrieve the length of time until a user's account
196   * becomes active.
197   */
198  GET_SECONDS_UNTIL_ACCOUNT_ACTIVATION("get-seconds-until-account-activation",
199       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_ACT.get(),
200       PasswordPolicyStateOperation.
201            OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_ACTIVATION),
202
203
204
205  /**
206   * The subcommand used to determine whether a user's account is not yet
207   * active.
208   */
209  GET_ACCOUNT_IS_NOT_YET_ACTIVE("get-account-is-not-yet-active",
210       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_NOT_YET_ACTIVE.get(),
211       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_NOT_YET_ACTIVE),
212
213
214
215  /**
216   * The subcommand used to get the account expiration time for a user.
217   */
218  GET_ACCOUNT_EXPIRATION_TIME("get-account-expiration-time",
219       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_EXP_TIME.get(),
220       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_EXPIRATION_TIME),
221
222
223
224  /**
225   * The subcommand used to set the account expiration time for a user.
226   */
227  SET_ACCOUNT_EXPIRATION_TIME("set-account-expiration-time",
228       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_EXP_TIME.get(),
229       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_EXPIRATION_TIME),
230
231
232
233  /**
234   * The subcommand used to clear the account expiration time for a user.
235   */
236  CLEAR_ACCOUNT_EXPIRATION_TIME("clear-account-expiration-time",
237       INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_EXP_TIME.get(),
238       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_EXPIRATION_TIME),
239
240
241
242  /**
243   * The subcommand used to retrieve the length of time until a user's account
244   * expires.
245   */
246  GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION("get-seconds-until-account-expiration",
247       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_EXP.get(),
248       PasswordPolicyStateOperation.
249            OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION),
250
251
252
253  /**
254   * The subcommand used to determine whether a user's account is expired.
255   */
256  GET_ACCOUNT_IS_EXPIRED("get-account-is-expired",
257       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_EXPIRED.get(),
258       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_EXPIRED),
259
260
261
262  /**
263   * The subcommand used to retrieve the time a user received the first warning
264   * about an upcoming password expiration.
265   *
266   */
267  GET_PASSWORD_EXPIRATION_WARNED_TIME("get-password-expiration-warned-time",
268       INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_WARNED_TIME.get(),
269       PasswordPolicyStateOperation.OP_TYPE_GET_PW_EXPIRATION_WARNED_TIME),
270
271
272
273  /**
274   * The subcommand used to specify the time a user received the first warning
275   * about an upcoming password expiration.
276   */
277  SET_PASSWORD_EXPIRATION_WARNED_TIME("set-password-expiration-warned-time",
278       INFO_MANAGE_ACCT_SC_DESC_SET_PW_EXP_WARNED_TIME.get(),
279       PasswordPolicyStateOperation.OP_TYPE_SET_PW_EXPIRATION_WARNED_TIME),
280
281
282
283  /**
284   * The subcommand used to clear the password expiration warned time for a
285   * user.
286   */
287  CLEAR_PASSWORD_EXPIRATION_WARNED_TIME("clear-password-expiration-warned-time",
288       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_EXP_WARNED_TIME.get(),
289       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_EXPIRATION_WARNED_TIME),
290
291
292
293  /**
294   * The subcommand used to get the length of time in seconds until a user may
295   * start to receive warnings about an upcoming expiration.
296   */
297  GET_SECONDS_UNTIL_PASSWORD_EXPIRATION_WARNING(
298       "get-seconds-until-password-expiration-warning",
299       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP_WARNING.get(),
300       PasswordPolicyStateOperation.
301            OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION_WARNING),
302
303
304
305  /**
306   * The subcommand used to retrieve the password expiration time for a user.
307   */
308  GET_PASSWORD_EXPIRATION_TIME("get-password-expiration-time",
309       INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_TIME.get(),
310       PasswordPolicyStateOperation.OP_TYPE_GET_PW_EXPIRATION_TIME),
311
312
313
314  /**
315   * The subcommand used to get the length of time in seconds until a user's
316   * password will expire.
317   */
318  GET_SECONDS_UNTIL_PASSWORD_EXPIRATION("get-seconds-until-password-expiration",
319       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP.get(),
320       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION),
321
322
323
324  /**
325   * The subcommand used to determine whether a user's password is expired.
326   */
327  GET_PASSWORD_IS_EXPIRED("get-password-is-expired",
328       INFO_MANAGE_ACCT_SC_DESC_GET_PW_IS_EXPIRED.get(),
329       PasswordPolicyStateOperation.OP_TYPE_GET_PW_IS_EXPIRED),
330
331
332
333  /**
334   * The subcommand used to determine whether a user account is failure locked.
335   */
336  GET_ACCOUNT_IS_FAILURE_LOCKED("get-account-is-failure-locked",
337       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_FAILURE_LOCKED.get(),
338       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_FAILURE_LOCKED),
339
340
341
342  /**
343   * The subcommand used to specify whether a user account is failure locked.
344   */
345  SET_ACCOUNT_IS_FAILURE_LOCKED("set-account-is-failure-locked",
346       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_FAILURE_LOCKED.get(),
347       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_IS_FAILURE_LOCKED),
348
349
350
351  /**
352   * The subcommand used to retrieve the failure lockout time for a user.
353   */
354  GET_FAILURE_LOCKOUT_TIME("get-failure-lockout-time",
355       INFO_MANAGE_ACCT_SC_DESC_GET_FAILURE_LOCKED_TIME.get(),
356       PasswordPolicyStateOperation.OP_TYPE_GET_FAILURE_LOCKOUT_TIME,
357       "get-failure-locked-time"),
358
359
360
361  /**
362   * The subcommand used to determine the length of time in seconds until a
363   * user's temporary failure lockout will expire.
364   */
365  GET_SECONDS_UNTIL_AUTHENTICATION_FAILURE_UNLOCK(
366       "get-seconds-until-authentication-failure-unlock",
367       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_FAILURE_UNLOCK.get(),
368       PasswordPolicyStateOperation.
369            OP_TYPE_GET_SECONDS_UNTIL_AUTH_FAILURE_UNLOCK),
370
371
372
373  /**
374   * The subcommand used to retrieve the times of the failed authentication
375   * attempts for a user.
376   */
377  GET_AUTHENTICATION_FAILURE_TIMES("get-authentication-failure-times",
378       INFO_MANAGE_ACCT_SC_DESC_GET_AUTH_FAILURE_TIMES.get(),
379       PasswordPolicyStateOperation.OP_TYPE_GET_AUTH_FAILURE_TIMES),
380
381
382
383  /**
384   * The subcommand used to add one or more values to the set of authentication
385   * failure times for a user.
386   */
387  ADD_AUTHENTICATION_FAILURE_TIME("add-authentication-failure-time",
388       INFO_MANAGE_ACCT_SC_DESC_ADD_AUTH_FAILURE_TIME.get(),
389       PasswordPolicyStateOperation.OP_TYPE_ADD_AUTH_FAILURE_TIME),
390
391
392
393  /**
394   * The subcommand used to replace the set of authentication failure times for
395   * a user.
396   */
397  SET_AUTHENTICATION_FAILURE_TIMES("set-authentication-failure-times",
398       INFO_MANAGE_ACCT_SC_DESC_SET_AUTH_FAILURE_TIMES.get(),
399       PasswordPolicyStateOperation.OP_TYPE_SET_AUTH_FAILURE_TIMES),
400
401
402
403  /**
404   * The subcommand used to clear the set of authentication failure times for a
405   * user.
406   */
407  CLEAR_AUTHENTICATION_FAILURE_TIMES("clear-authentication-failure-times",
408       INFO_MANAGE_ACCT_SC_DESC_CLEAR_AUTH_FAILURE_TIMES.get(),
409       PasswordPolicyStateOperation.OP_TYPE_CLEAR_AUTH_FAILURE_TIMES),
410
411
412
413  /**
414   * The subcommand used to determine the number of remaining failed
415   * authentication attempts for a user before the account is locked.
416   */
417  GET_REMAINING_AUTHENTICATION_FAILURE_COUNT(
418       "get-remaining-authentication-failure-count",
419       INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_FAILURE_COUNT.get(),
420       PasswordPolicyStateOperation.OP_TYPE_GET_REMAINING_AUTH_FAILURE_COUNT),
421
422
423
424  /**
425   * The subcommand used to determine whether a user account is idle locked.
426   */
427  GET_ACCOUNT_IS_IDLE_LOCKED("get-account-is-idle-locked",
428       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IDLE_LOCKED.get(),
429       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_IDLE_LOCKED),
430
431
432
433  /**
434   * The subcommand used to determine the length of time in seconds until a
435   * user's account will be idle locked.
436   */
437  GET_SECONDS_UNTIL_IDLE_LOCKOUT("get-seconds-until-idle-lockout",
438       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_IDLE_LOCKOUT.get(),
439       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_IDLE_LOCKOUT),
440
441
442
443  /**
444   * The subcommand used to determine the time that a user's account was/will be
445   * idle locked.
446   */
447  GET_IDLE_LOCKOUT_TIME("get-idle-lockout-time",
448       INFO_MANAGE_ACCT_SC_DESC_GET_IDLE_LOCKOUT_TIME.get(),
449       PasswordPolicyStateOperation.OP_TYPE_GET_IDLE_LOCKOUT_TIME,
450       "get-idle-locked-time"),
451
452
453
454  /**
455   * The subcommand used to determine whether a user's password has been
456   * administratively reset.
457   */
458  GET_MUST_CHANGE_PASSWORD("get-must-change-password",
459       INFO_MANAGE_ACCT_SC_DESC_GET_MUST_CHANGE_PW.get(),
460       PasswordPolicyStateOperation.OP_TYPE_GET_PW_RESET_STATE,
461       "get-password-is-reset"),
462
463
464
465  /**
466   * The subcommand used to specify whether a user's password has been
467   * administratively reset.
468   */
469  SET_MUST_CHANGE_PASSWORD("set-must-change-password",
470       INFO_MANAGE_ACCT_SC_DESC_SET_MUST_CHANGE_PW.get(),
471       PasswordPolicyStateOperation.OP_TYPE_SET_PW_RESET_STATE,
472       "set-password-is-reset"),
473
474
475
476  /**
477   * The subcommand used to clear whether a user's password has been
478   * administratively reset.
479   */
480  CLEAR_MUST_CHANGE_PASSWORD("clear-must-change-password",
481       INFO_MANAGE_ACCT_SC_DESC_CLEAR_MUST_CHANGE_PW.get(),
482       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_RESET_STATE,
483       "clear-password-is-reset"),
484
485
486
487  /**
488   * The subcommand used to determine whether a user's account is reset locked.
489   */
490  GET_ACCOUNT_IS_PASSWORD_RESET_LOCKED("get-account-is-password-reset-locked",
491       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_RESET_LOCKED.get(),
492       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_RESET_LOCKED),
493
494
495
496  /**
497   * The subcommand used to determine the length of time in seconds until a
498   * user's account is reset locked.
499   */
500  GET_SECONDS_UNTIL_PASSWORD_RESET_LOCKOUT(
501       "get-seconds-until-password-reset-lockout",
502       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_RESET_LOCKOUT.get(),
503       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_PW_RESET_LOCKOUT),
504
505
506
507  /**
508   * The subcommand used to determine the time a user's account was/will be
509   * reset locked.
510   */
511  GET_PASSWORD_RESET_LOCKOUT_TIME("get-password-reset-lockout-time",
512       INFO_MANAGE_ACCT_SC_DESC_GET_RESET_LOCKOUT_TIME.get(),
513       PasswordPolicyStateOperation.OP_TYPE_GET_RESET_LOCKOUT_TIME,
514       "get-password-reset-locked-time"),
515
516
517
518  /**
519   * The subcommand used to retrieve the last login time for a user.
520   */
521  GET_LAST_LOGIN_TIME("get-last-login-time",
522       INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_TIME.get(),
523       PasswordPolicyStateOperation.OP_TYPE_GET_LAST_LOGIN_TIME),
524
525
526
527  /**
528   * The subcommand used to specify the last login time for a user.
529   */
530  SET_LAST_LOGIN_TIME("set-last-login-time",
531       INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_TIME.get(),
532       PasswordPolicyStateOperation.OP_TYPE_SET_LAST_LOGIN_TIME),
533
534
535
536  /**
537   * The subcommand used to clear the last login time for a user.
538   */
539  CLEAR_LAST_LOGIN_TIME("clear-last-login-time",
540       INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_TIME.get(),
541       PasswordPolicyStateOperation.OP_TYPE_CLEAR_LAST_LOGIN_TIME),
542
543
544
545  /**
546   * The subcommand used to retrieve the last login IP address for a user.
547   */
548  GET_LAST_LOGIN_IP_ADDRESS("get-last-login-ip-address",
549       INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_IP.get(),
550       PasswordPolicyStateOperation.OP_TYPE_GET_LAST_LOGIN_IP_ADDRESS),
551
552
553
554  /**
555   * The subcommand used to specify the last login IP address for a user.
556   */
557  SET_LAST_LOGIN_IP_ADDRESS("set-last-login-ip-address",
558       INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_IP.get(),
559       PasswordPolicyStateOperation.OP_TYPE_SET_LAST_LOGIN_IP_ADDRESS),
560
561
562
563  /**
564   * The subcommand used to clear the last login IP address for a user.
565   */
566  CLEAR_LAST_LOGIN_IP_ADDRESS("clear-last-login-ip-address",
567       INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_IP.get(),
568       PasswordPolicyStateOperation.OP_TYPE_CLEAR_LAST_LOGIN_IP_ADDRESS),
569
570
571
572  /**
573   * The subcommand used to retrieve the grace login use times for a user.
574   */
575  GET_GRACE_LOGIN_USE_TIMES("get-grace-login-use-times",
576       INFO_MANAGE_ACCT_SC_DESC_GET_GRACE_LOGIN_TIMES.get(),
577       PasswordPolicyStateOperation.OP_TYPE_GET_GRACE_LOGIN_USE_TIMES),
578
579
580
581  /**
582   * The subcommand used to add one or more values to the set of grace login
583   * use times for a user.
584   */
585  ADD_GRACE_LOGIN_USE_TIME("add-grace-login-use-time",
586       INFO_MANAGE_ACCT_SC_DESC_ADD_GRACE_LOGIN_TIME.get(),
587       PasswordPolicyStateOperation.OP_TYPE_ADD_GRACE_LOGIN_USE_TIME),
588
589
590
591  /**
592   * The subcommand used to specify the grace login use times for a user.
593   */
594  SET_GRACE_LOGIN_USE_TIMES("set-grace-login-use-times",
595       INFO_MANAGE_ACCT_SC_DESC_SET_GRACE_LOGIN_TIMES.get(),
596       PasswordPolicyStateOperation.OP_TYPE_SET_GRACE_LOGIN_USE_TIMES),
597
598
599
600  /**
601   * The subcommand used to clear the grace login use times for a user.
602   */
603  CLEAR_GRACE_LOGIN_USE_TIMES("clear-grace-login-use-times",
604       INFO_MANAGE_ACCT_SC_DESC_CLEAR_GRACE_LOGIN_TIMES.get(),
605       PasswordPolicyStateOperation.OP_TYPE_CLEAR_GRACE_LOGIN_USE_TIMES),
606
607
608
609  /**
610   * The subcommand used to retrieve the number of remaining grace logins for a
611   * user.
612   */
613  GET_REMAINING_GRACE_LOGIN_COUNT("get-remaining-grace-login-count",
614       INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_GRACE_LOGIN_COUNT.get(),
615       PasswordPolicyStateOperation.OP_TYPE_GET_REMAINING_GRACE_LOGIN_COUNT),
616
617
618
619  /**
620   * The subcommand used to retrieve the most recent required password change
621   * time with which a user has complied.
622   */
623  GET_PASSWORD_CHANGED_BY_REQUIRED_TIME("get-password-changed-by-required-time",
624       INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_BY_REQ_TIME.get(),
625       PasswordPolicyStateOperation.OP_TYPE_GET_PW_CHANGED_BY_REQUIRED_TIME),
626
627
628
629  /**
630   * The subcommand used to specify the most recent required password change
631   * time with which a user has complied.
632   */
633  SET_PASSWORD_CHANGED_BY_REQUIRED_TIME("set-password-changed-by-required-time",
634       INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_BY_REQ_TIME.get(),
635       PasswordPolicyStateOperation.OP_TYPE_SET_PW_CHANGED_BY_REQUIRED_TIME),
636
637
638
639  /**
640   * The subcommand used to clear the most recent required password change
641   * time with which a user has complied.
642   */
643  CLEAR_PASSWORD_CHANGED_BY_REQUIRED_TIME(
644       "clear-password-changed-by-required-time",
645       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_BY_REQ_TIME.get(),
646       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_CHANGED_BY_REQUIRED_TIME),
647
648
649
650  /**
651   * The subcommand used to determine the length of seconds until the required
652   * password changed time for a user.
653   */
654  GET_SECONDS_UNTIL_REQUIRED_PASSWORD_CHANGE_TIME(
655       "get-seconds-until-required-password-change-time",
656       INFO_MANAGE_ACCT_SC_DESC_GET_SECS_UNTIL_REQ_CHANGE_TIME.get(),
657       PasswordPolicyStateOperation.
658            OP_TYPE_GET_SECONDS_UNTIL_REQUIRED_CHANGE_TIME,
659       "get-seconds-until-required-change-time"),
660
661
662
663  /**
664   * The subcommand used to retrieve the number of passwords in a user's
665   * password history.
666   */
667  GET_PASSWORD_HISTORY_COUNT("get-password-history-count",
668       INFO_MANAGE_ACCT_SC_DESC_GET_PW_HISTORY_COUNT.get(),
669       PasswordPolicyStateOperation.OP_TYPE_GET_PW_HISTORY_COUNT,
670       "get-password-history"),
671
672
673
674  /**
675   * The subcommand used to clear a user's password history.
676   */
677  CLEAR_PASSWORD_HISTORY("clear-password-history",
678       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_HISTORY.get(),
679       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_HISTORY),
680
681
682
683  /**
684   * The subcommand used to determine whether a user has a retired password.
685   */
686  GET_HAS_RETIRED_PASSWORD("get-has-retired-password",
687       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_RETIRED_PW.get(),
688       PasswordPolicyStateOperation.OP_TYPE_HAS_RETIRED_PASSWORD),
689
690
691
692  /**
693   * The subcommand used to retrieve the time that a user's former password
694   * was retired.
695   */
696  GET_PASSWORD_RETIRED_TIME("get-password-retired-time",
697       INFO_MANAGE_ACCT_SC_DESC_GET_PW_RETIRED_TIME.get(),
698       PasswordPolicyStateOperation.OP_TYPE_GET_PASSWORD_RETIRED_TIME),
699
700
701
702  /**
703   * The subcommand used to determine the time that a user's retired password
704   * will expire.
705   */
706  GET_RETIRED_PASSWORD_EXPIRATION_TIME("get-retired-password-expiration-time",
707       INFO_MANAGE_ACCT_SC_DESC_GET_RETIRED_PW_EXP_TIME.get(),
708       PasswordPolicyStateOperation.
709            OP_TYPE_GET_RETIRED_PASSWORD_EXPIRATION_TIME),
710
711
712
713  /**
714   * The subcommand used to purge a user's retired password.
715   */
716  CLEAR_RETIRED_PASSWORD("clear-retired-password",
717       INFO_MANAGE_ACCT_SC_DESC_PURGE_RETIRED_PW.get(),
718       PasswordPolicyStateOperation.OP_TYPE_PURGE_RETIRED_PASSWORD,
719       "purge-retired-password"),
720
721
722
723  /**
724   * The subcommand used to obtain a list of the SASL mechanisms that are
725   * available for a user.  This will take into account the server
726   * configuration, the user credentials, and the user authentication
727   * constraints.
728   */
729  GET_AVAILABLE_SASL_MECHANISMS("get-available-sasl-mechanisms",
730       INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_SASL_MECHS.get(),
731       PasswordPolicyStateOperation.OP_TYPE_GET_AVAILABLE_SASL_MECHANISMS),
732
733
734
735  /**
736   * The subcommand used to obtain a list of the OTP delivery mechanisms that
737   * are available for a user.  If there is a set of preferred delivery
738   * mechanisms for the user, they will be listed first.
739   */
740  GET_AVAILABLE_OTP_DELIVERY_MECHANISMS("get-available-otp-delivery-mechanisms",
741       INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_OTP_MECHS.get(),
742       PasswordPolicyStateOperation.
743            OP_TYPE_GET_AVAILABLE_OTP_DELIVERY_MECHANISMS),
744
745
746
747  /**
748   * The subcommand used to determine whether a user account has at least one
749   * TOTP shared secret.
750   */
751  GET_HAS_TOTP_SHARED_SECRET("get-has-totp-shared-secret",
752       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_TOTP_SHARED_SECRET.get(),
753       PasswordPolicyStateOperation.OP_TYPE_HAS_TOTP_SHARED_SECRET),
754
755
756
757  /**
758   * The subcommand used to add one or more TOTP shared secrets for a user.
759   */
760  ADD_TOTP_SHARED_SECRET("add-totp-shared-secret",
761       INFO_MANAGE_ACCT_SC_DESC_ADD_TOTP_SHARED_SECRET.get(),
762       PasswordPolicyStateOperation.OP_TYPE_ADD_TOTP_SHARED_SECRET),
763
764
765
766  /**
767   * The subcommand used to remove one or more TOTP shared secrets for a user.
768   */
769  REMOVE_TOTP_SHARED_SECRET("remove-totp-shared-secret",
770       INFO_MANAGE_ACCT_SC_DESC_REMOVE_TOTP_SHARED_SECRET.get(),
771       PasswordPolicyStateOperation.OP_TYPE_REMOVE_TOTP_SHARED_SECRET),
772
773
774
775  /**
776   * The subcommand used to replace the TOTP shared secrets for a user.
777   */
778  SET_TOTP_SHARED_SECRETS("set-totp-shared-secrets",
779       INFO_MANAGE_ACCT_SC_DESC_SET_TOTP_SHARED_SECRETS.get(),
780       PasswordPolicyStateOperation.OP_TYPE_SET_TOTP_SHARED_SECRETS),
781
782
783
784  /**
785   * The subcommand used to clear the TOTP shared secrets for a user.
786   */
787  CLEAR_TOTP_SHARED_SECRETS("clear-totp-shared-secrets",
788       INFO_MANAGE_ACCT_SC_DESC_CLEAR_TOTP_SHARED_SECRETS.get(),
789       PasswordPolicyStateOperation.OP_TYPE_CLEAR_TOTP_SHARED_SECRETS),
790
791
792
793  /**
794   * The subcommand used to determine whether a user account has at least one
795   * registered YubiKey OTP device public ID.
796   */
797  GET_HAS_REGISTERED_YUBIKEY_PUBLIC_ID("get-has-registered-yubikey-public-id",
798       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_YUBIKEY_ID.get(),
799       PasswordPolicyStateOperation.OP_TYPE_HAS_REGISTERED_YUBIKEY_PUBLIC_ID),
800
801
802
803  /**
804   * The subcommand used to retrieve the set of registered YubiKey OTP device
805   * public IDs for a user.
806   */
807  GET_REGISTERED_YUBIKEY_PUBLIC_IDS("get-registered-yubikey-public-ids",
808       INFO_MANAGE_ACCT_SC_DESC_GET_YUBIKEY_IDS.get(),
809       PasswordPolicyStateOperation.OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS),
810
811
812
813  /**
814   * The subcommand used to add one or more registered YubiKey OTP device public
815   * IDs for a user.
816   */
817  ADD_REGISTERED_YUBIKEY_PUBLIC_ID("add-registered-yubikey-public-id",
818       INFO_MANAGE_ACCT_SC_DESC_ADD_YUBIKEY_ID.get(),
819       PasswordPolicyStateOperation.OP_TYPE_ADD_REGISTERED_YUBIKEY_PUBLIC_ID),
820
821
822
823  /**
824   * The subcommand used to remove one or more registered YubiKey OTP device
825   * public IDs for a user.
826   */
827  REMOVE_REGISTERED_YUBIKEY_PUBLIC_ID("remove-registered-yubikey-public-id",
828       INFO_MANAGE_ACCT_SC_DESC_REMOVE_YUBIKEY_ID.get(),
829       PasswordPolicyStateOperation.
830            OP_TYPE_REMOVE_REGISTERED_YUBIKEY_PUBLIC_ID),
831
832
833
834  /**
835   * The subcommand used to replace the set of registered YubiKey OTP device
836   * public IDs for a user.
837   */
838  SET_REGISTERED_YUBIKEY_PUBLIC_IDS("set-registered-yubikey-public-ids",
839       INFO_MANAGE_ACCT_SC_DESC_SET_YUBIKEY_IDS.get(),
840       PasswordPolicyStateOperation.OP_TYPE_SET_REGISTERED_YUBIKEY_PUBLIC_IDS),
841
842
843
844  /**
845   * The subcommand used to clear the set of registered YubiKey OTP device
846   * public IDs for a user.
847   */
848  CLEAR_REGISTERED_YUBIKEY_PUBLIC_IDS("clear-registered-yubikey-public-ids",
849       INFO_MANAGE_ACCT_SC_DESC_CLEAR_YUBIKEY_IDS.get(),
850       PasswordPolicyStateOperation.
851            OP_TYPE_CLEAR_REGISTERED_YUBIKEY_PUBLIC_IDS),
852
853
854
855  /**
856   * The subcommand used to determine whether a user account has at least one
857   * static password.
858   */
859  GET_HAS_STATIC_PASSWORD("get-has-static-password",
860       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_STATIC_PW.get(),
861       PasswordPolicyStateOperation.OP_TYPE_HAS_STATIC_PASSWORD);
862
863
864
865  /**
866   * The map of subcommand types indexed by password policy state operation
867   * type.
868   */
869  private static HashMap<Integer,ManageAccountSubCommandType> typesByOpType =
870       null;
871
872
873
874  /**
875   * The map of subcommand types indexed by name.
876   */
877  private static HashMap<String,ManageAccountSubCommandType> typesByName = null;
878
879
880
881  // The password policy state operation type value that corresponds to this
882  // subcommand type.
883  private final int operationType;
884
885  // A list containing the primary name and all alternate names for this
886  // subcommand.
887  private final List<String> allNames;
888
889  // A list of alternate names for this subcommand.
890  private final List<String> alternateNames;
891
892  // The description for this subcommand.
893  private final String description;
894
895  // The primary name for this subcommand.
896  private final String primaryName;
897
898
899
900  /**
901   * Creates a new manage-account subcommand type value with the provided
902   * information.
903   *
904   * @param  primaryName     The primary name for this subcommand.  It must not
905   *                         be {@code null}.
906   * @param  description     The description for this subcommand.  It must not
907   *                         be {@code null}.
908   * @param  operationType   The password policy state operation type value that
909   *                         corresponds to this subcommand type.
910   * @param  alternateNames  The set of alternate names that may be used to
911   *                         invoke this subcommand.  It may be empty but not
912   *                         {@code null}.
913   */
914  ManageAccountSubCommandType(final String primaryName,
915                              final String description, final int operationType,
916                              final String... alternateNames)
917  {
918    this.primaryName    = primaryName;
919    this.description    = description;
920    this.operationType  = operationType;
921
922    this.alternateNames =
923         Collections.unmodifiableList(Arrays.asList(alternateNames));
924
925    final ArrayList<String> allNamesList =
926         new ArrayList<String>(alternateNames.length + 1);
927    allNamesList.add(primaryName);
928    allNamesList.addAll(this.alternateNames);
929
930    allNames = Collections.unmodifiableList(allNamesList);
931  }
932
933
934
935  /**
936   * Retrieves the primary name for the subcommand.
937   *
938   * @return  The primary name for the subcommand.
939   */
940  public String getPrimaryName()
941  {
942    return primaryName;
943  }
944
945
946
947  /**
948   * Retrieves the alternate names for this subcommand, if any.
949   *
950   * @return  The alternate names for this subcommand, or an empty list if
951   *          there are no alternate names.
952   */
953  public List<String> getAlternateNames()
954  {
955    return alternateNames;
956  }
957
958
959
960  /**
961   * Retrieves a list containing all names (primary and alternate) for this
962   * subcommand.
963   *
964   * @return  A list containing all names for ths subcommand.
965   */
966  public List<String> getAllNames()
967  {
968    return allNames;
969  }
970
971
972
973  /**
974   * Retrieves the description for the subcommand.
975   *
976   * @return  The description for the subcommand.
977   */
978  public String getDescription()
979  {
980    return description;
981  }
982
983
984
985  /**
986   * Retrieves the password policy state operation type value that corresponds
987   * to this subcommand type.
988   *
989   * @return  The password policy state operation type value that corresponds
990   *          to this subcommand type.
991   */
992  public int getPasswordPolicyStateOperationType()
993  {
994    return operationType;
995  }
996
997
998
999  /**
1000   * Retrieves the subcommand type with the specified name.
1001   *
1002   * @param  name  The name of the subcommand type to retrieve.  It must not be
1003   *               {@code null}.
1004   *
1005   * @return  The subcommand type with the specified name, or {@code null} if
1006   *          there is no subcommand type for the given name.
1007   */
1008  public static ManageAccountSubCommandType forName(final String name)
1009  {
1010    ensureMapsPopulated();
1011
1012    return typesByName.get(StaticUtils.toLowerCase(name));
1013  }
1014
1015
1016
1017  /**
1018   * Retrieves the subcommand type with the specified password policy state
1019   * operation type.
1020   *
1021   * @param  opType  The password policy state operation type for the subcommand
1022   *                 type to retrieve.
1023   *
1024   * @return  The subcommand type with the specified password policy state
1025   *          operation type, or {@code null} if there is no subcommand type for
1026   *          the given operation type.
1027   */
1028  public static ManageAccountSubCommandType forOperationType(final int opType)
1029  {
1030    ensureMapsPopulated();
1031
1032    return typesByOpType.get(opType);
1033  }
1034
1035
1036
1037  /**
1038   * Ensures that the maps allowing subcommand types to be retrieved by name and
1039   * by password policy state operation types are populated.  They can't be
1040   * automatically populated by the constructor because enum constructors can't
1041   * interact with static
1042   */
1043  private static synchronized void ensureMapsPopulated()
1044  {
1045    if (typesByName == null)
1046    {
1047      final ManageAccountSubCommandType[] values =
1048           ManageAccountSubCommandType.values();
1049      typesByName =
1050           new HashMap<String,ManageAccountSubCommandType>(2*values.length);
1051      typesByOpType =
1052           new HashMap<Integer,ManageAccountSubCommandType>(values.length);
1053
1054      for (final ManageAccountSubCommandType t :  values)
1055      {
1056        typesByName.put(StaticUtils.toLowerCase(t.primaryName), t);
1057        for (final String altName : t.alternateNames)
1058        {
1059          typesByName.put(StaticUtils.toLowerCase(altName), t);
1060        }
1061
1062        if (t.operationType>= 0)
1063        {
1064          typesByOpType.put(t.operationType, t);
1065        }
1066      }
1067    }
1068  }
1069}