001/*
002 * Copyright 2016-2020 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2016-2020 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2016-2020 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.ldap.sdk.unboundidds.tools;
037
038
039
040import java.util.ArrayList;
041import java.util.Arrays;
042import java.util.Collections;
043import java.util.HashMap;
044import java.util.List;
045
046import com.unboundid.ldap.sdk.unboundidds.extensions.
047            PasswordPolicyStateOperation;
048import com.unboundid.util.StaticUtils;
049
050import static com.unboundid.ldap.sdk.unboundidds.tools.ToolMessages.*;
051
052
053
054/**
055 * This enum provides information about all of the subcommands available for
056 * use with the manage-account tool.
057 * <BR>
058 * <BLOCKQUOTE>
059 *   <B>NOTE:</B>  This class, and other classes within the
060 *   {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only
061 *   supported for use against Ping Identity, UnboundID, and
062 *   Nokia/Alcatel-Lucent 8661 server products.  These classes provide support
063 *   for proprietary functionality or for external specifications that are not
064 *   considered stable or mature enough to be guaranteed to work in an
065 *   interoperable way with other types of LDAP servers.
066 * </BLOCKQUOTE>
067 */
068public enum ManageAccountSubCommandType
069{
070  /**
071   * The subcommand used to get all state information for a user.
072   */
073  GET_ALL("get-all", INFO_MANAGE_ACCT_SC_DESC_GET_ALL.get(), -1),
074
075
076
077  /**
078   * The subcommand used to get the DN of a user's password policy.
079   */
080  GET_PASSWORD_POLICY_DN("get-password-policy-dn",
081       INFO_MANAGE_ACCT_SC_DESC_GET_POLICY_DN.get(),
082       PasswordPolicyStateOperation.OP_TYPE_GET_PW_POLICY_DN),
083
084
085
086  /**
087   * The subcommand used to determine whether an account is usable.
088   */
089  GET_ACCOUNT_IS_USABLE("get-account-is-usable",
090       INFO_MANAGE_ACCT_SC_DESC_GET_IS_USABLE.get(),
091       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_USABLE),
092
093
094
095  /**
096   * The subcommand used to retrieve the set of password policy state account
097   * usability notice messages for a user.
098   */
099  GET_ACCOUNT_USABILITY_NOTICES("get-account-usability-notice-messages",
100       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_NOTICES.get(),
101       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_NOTICES),
102
103
104
105  /**
106   * The subcommand used to retrieve the set of password policy state account
107   * usability warning messages for a user.
108   */
109  GET_ACCOUNT_USABILITY_WARNINGS("get-account-usability-warning-messages",
110       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_WARNINGS.get(),
111       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_WARNINGS),
112
113
114
115  /**
116   * The subcommand used to retrieve the set of password policy state account
117   * usability error messages for a user.
118   */
119  GET_ACCOUNT_USABILITY_ERRORS("get-account-usability-error-messages",
120       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_ERRORS.get(),
121       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_ERRORS),
122
123
124
125  /**
126   * The subcommand used to get the password changed time for a user.
127   */
128  GET_PASSWORD_CHANGED_TIME("get-password-changed-time",
129       INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_TIME.get(),
130       PasswordPolicyStateOperation.OP_TYPE_GET_PW_CHANGED_TIME),
131
132
133
134  /**
135   * The subcommand used to set the password changed time for a user.
136   */
137  SET_PASSWORD_CHANGED_TIME("set-password-changed-time",
138       INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_TIME.get(),
139       PasswordPolicyStateOperation.OP_TYPE_SET_PW_CHANGED_TIME),
140
141
142
143  /**
144   * The subcommand used to clear the password changed time for a user.
145   */
146  CLEAR_PASSWORD_CHANGED_TIME("clear-password-changed-time",
147       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_TIME.get(),
148       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_CHANGED_TIME),
149
150
151
152  /**
153   * The subcommand used to determine whether a user account is administratively
154   * disabled.
155   */
156  GET_ACCOUNT_IS_DISABLED("get-account-is-disabled",
157       INFO_MANAGE_ACCT_SC_DESC_GET_IS_DISABLED.get(),
158       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_DISABLED_STATE),
159
160
161
162  /**
163   * The subcommand used to specify whether a user account is administratively
164   * disabled.
165   */
166  SET_ACCOUNT_IS_DISABLED("set-account-is-disabled",
167       INFO_MANAGE_ACCT_SC_DESC_SET_IS_DISABLED.get(),
168       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_DISABLED_STATE),
169
170
171
172  /**
173   * The subcommand used to clear the account disabled state for a user.
174   */
175  CLEAR_ACCOUNT_IS_DISABLED("clear-account-is-disabled",
176       INFO_MANAGE_ACCT_SC_DESC_CLEAR_IS_DISABLED.get(
177            SET_ACCOUNT_IS_DISABLED.primaryName, "accountIsDisabled"),
178       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_DISABLED_STATE),
179
180
181
182  /**
183   * The subcommand used to get the account activation time for a user.
184   */
185  GET_ACCOUNT_ACTIVATION_TIME("get-account-activation-time",
186       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_ACT_TIME.get(),
187       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_ACTIVATION_TIME),
188
189
190
191  /**
192   * The subcommand used to set the account activation time for a user.
193   */
194  SET_ACCOUNT_ACTIVATION_TIME("set-account-activation-time",
195       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_ACT_TIME.get(),
196       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_ACTIVATION_TIME),
197
198
199
200  /**
201   * The subcommand used to clear the account activation time for a user.
202   */
203  CLEAR_ACCOUNT_ACTIVATION_TIME("clear-account-activation-time",
204       INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_ACT_TIME.get(),
205       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_ACTIVATION_TIME),
206
207
208
209  /**
210   * The subcommand used to retrieve the length of time until a user's account
211   * becomes active.
212   */
213  GET_SECONDS_UNTIL_ACCOUNT_ACTIVATION("get-seconds-until-account-activation",
214       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_ACT.get(),
215       PasswordPolicyStateOperation.
216            OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_ACTIVATION),
217
218
219
220  /**
221   * The subcommand used to determine whether a user's account is not yet
222   * active.
223   */
224  GET_ACCOUNT_IS_NOT_YET_ACTIVE("get-account-is-not-yet-active",
225       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_NOT_YET_ACTIVE.get(),
226       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_NOT_YET_ACTIVE),
227
228
229
230  /**
231   * The subcommand used to get the account expiration time for a user.
232   */
233  GET_ACCOUNT_EXPIRATION_TIME("get-account-expiration-time",
234       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_EXP_TIME.get(),
235       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_EXPIRATION_TIME),
236
237
238
239  /**
240   * The subcommand used to set the account expiration time for a user.
241   */
242  SET_ACCOUNT_EXPIRATION_TIME("set-account-expiration-time",
243       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_EXP_TIME.get(),
244       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_EXPIRATION_TIME),
245
246
247
248  /**
249   * The subcommand used to clear the account expiration time for a user.
250   */
251  CLEAR_ACCOUNT_EXPIRATION_TIME("clear-account-expiration-time",
252       INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_EXP_TIME.get(),
253       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_EXPIRATION_TIME),
254
255
256
257  /**
258   * The subcommand used to retrieve the length of time until a user's account
259   * expires.
260   */
261  GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION("get-seconds-until-account-expiration",
262       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_EXP.get(),
263       PasswordPolicyStateOperation.
264            OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION),
265
266
267
268  /**
269   * The subcommand used to determine whether a user's account is expired.
270   */
271  GET_ACCOUNT_IS_EXPIRED("get-account-is-expired",
272       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_EXPIRED.get(),
273       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_EXPIRED),
274
275
276
277  /**
278   * The subcommand used to retrieve the time a user received the first warning
279   * about an upcoming password expiration.
280   *
281   */
282  GET_PASSWORD_EXPIRATION_WARNED_TIME("get-password-expiration-warned-time",
283       INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_WARNED_TIME.get(),
284       PasswordPolicyStateOperation.OP_TYPE_GET_PW_EXPIRATION_WARNED_TIME),
285
286
287
288  /**
289   * The subcommand used to specify the time a user received the first warning
290   * about an upcoming password expiration.
291   */
292  SET_PASSWORD_EXPIRATION_WARNED_TIME("set-password-expiration-warned-time",
293       INFO_MANAGE_ACCT_SC_DESC_SET_PW_EXP_WARNED_TIME.get(),
294       PasswordPolicyStateOperation.OP_TYPE_SET_PW_EXPIRATION_WARNED_TIME),
295
296
297
298  /**
299   * The subcommand used to clear the password expiration warned time for a
300   * user.
301   */
302  CLEAR_PASSWORD_EXPIRATION_WARNED_TIME("clear-password-expiration-warned-time",
303       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_EXP_WARNED_TIME.get(),
304       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_EXPIRATION_WARNED_TIME),
305
306
307
308  /**
309   * The subcommand used to get the length of time in seconds until a user may
310   * start to receive warnings about an upcoming expiration.
311   */
312  GET_SECONDS_UNTIL_PASSWORD_EXPIRATION_WARNING(
313       "get-seconds-until-password-expiration-warning",
314       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP_WARNING.get(),
315       PasswordPolicyStateOperation.
316            OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION_WARNING),
317
318
319
320  /**
321   * The subcommand used to retrieve the password expiration time for a user.
322   */
323  GET_PASSWORD_EXPIRATION_TIME("get-password-expiration-time",
324       INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_TIME.get(),
325       PasswordPolicyStateOperation.OP_TYPE_GET_PW_EXPIRATION_TIME),
326
327
328
329  /**
330   * The subcommand used to get the length of time in seconds until a user's
331   * password will expire.
332   */
333  GET_SECONDS_UNTIL_PASSWORD_EXPIRATION("get-seconds-until-password-expiration",
334       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP.get(),
335       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION),
336
337
338
339  /**
340   * The subcommand used to determine whether a user's password is expired.
341   */
342  GET_PASSWORD_IS_EXPIRED("get-password-is-expired",
343       INFO_MANAGE_ACCT_SC_DESC_GET_PW_IS_EXPIRED.get(),
344       PasswordPolicyStateOperation.OP_TYPE_GET_PW_IS_EXPIRED),
345
346
347
348  /**
349   * The subcommand used to determine whether a user account is failure locked.
350   */
351  GET_ACCOUNT_IS_FAILURE_LOCKED("get-account-is-failure-locked",
352       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_FAILURE_LOCKED.get(),
353       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_FAILURE_LOCKED),
354
355
356
357  /**
358   * The subcommand used to specify whether a user account is failure locked.
359   */
360  SET_ACCOUNT_IS_FAILURE_LOCKED("set-account-is-failure-locked",
361       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_FAILURE_LOCKED.get(),
362       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_IS_FAILURE_LOCKED),
363
364
365
366  /**
367   * The subcommand used to retrieve the failure lockout time for a user.
368   */
369  GET_FAILURE_LOCKOUT_TIME("get-failure-lockout-time",
370       INFO_MANAGE_ACCT_SC_DESC_GET_FAILURE_LOCKED_TIME.get(),
371       PasswordPolicyStateOperation.OP_TYPE_GET_FAILURE_LOCKOUT_TIME,
372       "get-failure-locked-time"),
373
374
375
376  /**
377   * The subcommand used to determine the length of time in seconds until a
378   * user's temporary failure lockout will expire.
379   */
380  GET_SECONDS_UNTIL_AUTHENTICATION_FAILURE_UNLOCK(
381       "get-seconds-until-authentication-failure-unlock",
382       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_FAILURE_UNLOCK.get(),
383       PasswordPolicyStateOperation.
384            OP_TYPE_GET_SECONDS_UNTIL_AUTH_FAILURE_UNLOCK),
385
386
387
388  /**
389   * The subcommand used to retrieve the times of the failed authentication
390   * attempts for a user.
391   */
392  GET_AUTHENTICATION_FAILURE_TIMES("get-authentication-failure-times",
393       INFO_MANAGE_ACCT_SC_DESC_GET_AUTH_FAILURE_TIMES.get(),
394       PasswordPolicyStateOperation.OP_TYPE_GET_AUTH_FAILURE_TIMES),
395
396
397
398  /**
399   * The subcommand used to add one or more values to the set of authentication
400   * failure times for a user.
401   */
402  ADD_AUTHENTICATION_FAILURE_TIME("add-authentication-failure-time",
403       INFO_MANAGE_ACCT_SC_DESC_ADD_AUTH_FAILURE_TIME.get(),
404       PasswordPolicyStateOperation.OP_TYPE_ADD_AUTH_FAILURE_TIME),
405
406
407
408  /**
409   * The subcommand used to replace the set of authentication failure times for
410   * a user.
411   */
412  SET_AUTHENTICATION_FAILURE_TIMES("set-authentication-failure-times",
413       INFO_MANAGE_ACCT_SC_DESC_SET_AUTH_FAILURE_TIMES.get(),
414       PasswordPolicyStateOperation.OP_TYPE_SET_AUTH_FAILURE_TIMES),
415
416
417
418  /**
419   * The subcommand used to clear the set of authentication failure times for a
420   * user.
421   */
422  CLEAR_AUTHENTICATION_FAILURE_TIMES("clear-authentication-failure-times",
423       INFO_MANAGE_ACCT_SC_DESC_CLEAR_AUTH_FAILURE_TIMES.get(),
424       PasswordPolicyStateOperation.OP_TYPE_CLEAR_AUTH_FAILURE_TIMES),
425
426
427
428  /**
429   * The subcommand used to determine the number of remaining failed
430   * authentication attempts for a user before the account is locked.
431   */
432  GET_REMAINING_AUTHENTICATION_FAILURE_COUNT(
433       "get-remaining-authentication-failure-count",
434       INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_FAILURE_COUNT.get(),
435       PasswordPolicyStateOperation.OP_TYPE_GET_REMAINING_AUTH_FAILURE_COUNT),
436
437
438
439  /**
440   * The subcommand used to determine whether a user account is idle locked.
441   */
442  GET_ACCOUNT_IS_IDLE_LOCKED("get-account-is-idle-locked",
443       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IDLE_LOCKED.get(),
444       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_IDLE_LOCKED),
445
446
447
448  /**
449   * The subcommand used to determine the length of time in seconds until a
450   * user's account will be idle locked.
451   */
452  GET_SECONDS_UNTIL_IDLE_LOCKOUT("get-seconds-until-idle-lockout",
453       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_IDLE_LOCKOUT.get(),
454       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_IDLE_LOCKOUT),
455
456
457
458  /**
459   * The subcommand used to determine the time that a user's account was/will be
460   * idle locked.
461   */
462  GET_IDLE_LOCKOUT_TIME("get-idle-lockout-time",
463       INFO_MANAGE_ACCT_SC_DESC_GET_IDLE_LOCKOUT_TIME.get(),
464       PasswordPolicyStateOperation.OP_TYPE_GET_IDLE_LOCKOUT_TIME,
465       "get-idle-locked-time"),
466
467
468
469  /**
470   * The subcommand used to determine whether a user's password has been
471   * administratively reset.
472   */
473  GET_MUST_CHANGE_PASSWORD("get-must-change-password",
474       INFO_MANAGE_ACCT_SC_DESC_GET_MUST_CHANGE_PW.get(),
475       PasswordPolicyStateOperation.OP_TYPE_GET_PW_RESET_STATE,
476       "get-password-is-reset"),
477
478
479
480  /**
481   * The subcommand used to specify whether a user's password has been
482   * administratively reset.
483   */
484  SET_MUST_CHANGE_PASSWORD("set-must-change-password",
485       INFO_MANAGE_ACCT_SC_DESC_SET_MUST_CHANGE_PW.get(),
486       PasswordPolicyStateOperation.OP_TYPE_SET_PW_RESET_STATE,
487       "set-password-is-reset"),
488
489
490
491  /**
492   * The subcommand used to clear whether a user's password has been
493   * administratively reset.
494   */
495  CLEAR_MUST_CHANGE_PASSWORD("clear-must-change-password",
496       INFO_MANAGE_ACCT_SC_DESC_CLEAR_MUST_CHANGE_PW.get(),
497       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_RESET_STATE,
498       "clear-password-is-reset"),
499
500
501
502  /**
503   * The subcommand used to determine whether a user's account is reset locked.
504   */
505  GET_ACCOUNT_IS_PASSWORD_RESET_LOCKED("get-account-is-password-reset-locked",
506       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_RESET_LOCKED.get(),
507       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_RESET_LOCKED),
508
509
510
511  /**
512   * The subcommand used to determine the length of time in seconds until a
513   * user's account is reset locked.
514   */
515  GET_SECONDS_UNTIL_PASSWORD_RESET_LOCKOUT(
516       "get-seconds-until-password-reset-lockout",
517       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_RESET_LOCKOUT.get(),
518       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_PW_RESET_LOCKOUT),
519
520
521
522  /**
523   * The subcommand used to determine the time a user's account was/will be
524   * reset locked.
525   */
526  GET_PASSWORD_RESET_LOCKOUT_TIME("get-password-reset-lockout-time",
527       INFO_MANAGE_ACCT_SC_DESC_GET_RESET_LOCKOUT_TIME.get(),
528       PasswordPolicyStateOperation.OP_TYPE_GET_RESET_LOCKOUT_TIME,
529       "get-password-reset-locked-time"),
530
531
532
533  /**
534   * The subcommand used to retrieve the last login time for a user.
535   */
536  GET_LAST_LOGIN_TIME("get-last-login-time",
537       INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_TIME.get(),
538       PasswordPolicyStateOperation.OP_TYPE_GET_LAST_LOGIN_TIME),
539
540
541
542  /**
543   * The subcommand used to specify the last login time for a user.
544   */
545  SET_LAST_LOGIN_TIME("set-last-login-time",
546       INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_TIME.get(),
547       PasswordPolicyStateOperation.OP_TYPE_SET_LAST_LOGIN_TIME),
548
549
550
551  /**
552   * The subcommand used to clear the last login time for a user.
553   */
554  CLEAR_LAST_LOGIN_TIME("clear-last-login-time",
555       INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_TIME.get(),
556       PasswordPolicyStateOperation.OP_TYPE_CLEAR_LAST_LOGIN_TIME),
557
558
559
560  /**
561   * The subcommand used to retrieve the last login IP address for a user.
562   */
563  GET_LAST_LOGIN_IP_ADDRESS("get-last-login-ip-address",
564       INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_IP.get(),
565       PasswordPolicyStateOperation.OP_TYPE_GET_LAST_LOGIN_IP_ADDRESS),
566
567
568
569  /**
570   * The subcommand used to specify the last login IP address for a user.
571   */
572  SET_LAST_LOGIN_IP_ADDRESS("set-last-login-ip-address",
573       INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_IP.get(),
574       PasswordPolicyStateOperation.OP_TYPE_SET_LAST_LOGIN_IP_ADDRESS),
575
576
577
578  /**
579   * The subcommand used to clear the last login IP address for a user.
580   */
581  CLEAR_LAST_LOGIN_IP_ADDRESS("clear-last-login-ip-address",
582       INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_IP.get(),
583       PasswordPolicyStateOperation.OP_TYPE_CLEAR_LAST_LOGIN_IP_ADDRESS),
584
585
586
587  /**
588   * The subcommand used to retrieve the grace login use times for a user.
589   */
590  GET_GRACE_LOGIN_USE_TIMES("get-grace-login-use-times",
591       INFO_MANAGE_ACCT_SC_DESC_GET_GRACE_LOGIN_TIMES.get(),
592       PasswordPolicyStateOperation.OP_TYPE_GET_GRACE_LOGIN_USE_TIMES),
593
594
595
596  /**
597   * The subcommand used to add one or more values to the set of grace login
598   * use times for a user.
599   */
600  ADD_GRACE_LOGIN_USE_TIME("add-grace-login-use-time",
601       INFO_MANAGE_ACCT_SC_DESC_ADD_GRACE_LOGIN_TIME.get(),
602       PasswordPolicyStateOperation.OP_TYPE_ADD_GRACE_LOGIN_USE_TIME),
603
604
605
606  /**
607   * The subcommand used to specify the grace login use times for a user.
608   */
609  SET_GRACE_LOGIN_USE_TIMES("set-grace-login-use-times",
610       INFO_MANAGE_ACCT_SC_DESC_SET_GRACE_LOGIN_TIMES.get(),
611       PasswordPolicyStateOperation.OP_TYPE_SET_GRACE_LOGIN_USE_TIMES),
612
613
614
615  /**
616   * The subcommand used to clear the grace login use times for a user.
617   */
618  CLEAR_GRACE_LOGIN_USE_TIMES("clear-grace-login-use-times",
619       INFO_MANAGE_ACCT_SC_DESC_CLEAR_GRACE_LOGIN_TIMES.get(),
620       PasswordPolicyStateOperation.OP_TYPE_CLEAR_GRACE_LOGIN_USE_TIMES),
621
622
623
624  /**
625   * The subcommand used to retrieve the number of remaining grace logins for a
626   * user.
627   */
628  GET_REMAINING_GRACE_LOGIN_COUNT("get-remaining-grace-login-count",
629       INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_GRACE_LOGIN_COUNT.get(),
630       PasswordPolicyStateOperation.OP_TYPE_GET_REMAINING_GRACE_LOGIN_COUNT),
631
632
633
634  /**
635   * The subcommand used to retrieve the most recent required password change
636   * time with which a user has complied.
637   */
638  GET_PASSWORD_CHANGED_BY_REQUIRED_TIME("get-password-changed-by-required-time",
639       INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_BY_REQ_TIME.get(),
640       PasswordPolicyStateOperation.OP_TYPE_GET_PW_CHANGED_BY_REQUIRED_TIME),
641
642
643
644  /**
645   * The subcommand used to specify the most recent required password change
646   * time with which a user has complied.
647   */
648  SET_PASSWORD_CHANGED_BY_REQUIRED_TIME("set-password-changed-by-required-time",
649       INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_BY_REQ_TIME.get(),
650       PasswordPolicyStateOperation.OP_TYPE_SET_PW_CHANGED_BY_REQUIRED_TIME),
651
652
653
654  /**
655   * The subcommand used to clear the most recent required password change
656   * time with which a user has complied.
657   */
658  CLEAR_PASSWORD_CHANGED_BY_REQUIRED_TIME(
659       "clear-password-changed-by-required-time",
660       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_BY_REQ_TIME.get(),
661       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_CHANGED_BY_REQUIRED_TIME),
662
663
664
665  /**
666   * The subcommand used to determine the length of seconds until the required
667   * password changed time for a user.
668   */
669  GET_SECONDS_UNTIL_REQUIRED_PASSWORD_CHANGE_TIME(
670       "get-seconds-until-required-password-change-time",
671       INFO_MANAGE_ACCT_SC_DESC_GET_SECS_UNTIL_REQ_CHANGE_TIME.get(),
672       PasswordPolicyStateOperation.
673            OP_TYPE_GET_SECONDS_UNTIL_REQUIRED_CHANGE_TIME,
674       "get-seconds-until-required-change-time"),
675
676
677
678  /**
679   * The subcommand used to retrieve the number of passwords in a user's
680   * password history.
681   */
682  GET_PASSWORD_HISTORY_COUNT("get-password-history-count",
683       INFO_MANAGE_ACCT_SC_DESC_GET_PW_HISTORY_COUNT.get(),
684       PasswordPolicyStateOperation.OP_TYPE_GET_PW_HISTORY_COUNT,
685       "get-password-history"),
686
687
688
689  /**
690   * The subcommand used to clear a user's password history.
691   */
692  CLEAR_PASSWORD_HISTORY("clear-password-history",
693       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_HISTORY.get(),
694       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_HISTORY),
695
696
697
698  /**
699   * The subcommand used to determine whether a user has a retired password.
700   */
701  GET_HAS_RETIRED_PASSWORD("get-has-retired-password",
702       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_RETIRED_PW.get(),
703       PasswordPolicyStateOperation.OP_TYPE_HAS_RETIRED_PASSWORD),
704
705
706
707  /**
708   * The subcommand used to retrieve the time that a user's former password
709   * was retired.
710   */
711  GET_PASSWORD_RETIRED_TIME("get-password-retired-time",
712       INFO_MANAGE_ACCT_SC_DESC_GET_PW_RETIRED_TIME.get(),
713       PasswordPolicyStateOperation.OP_TYPE_GET_PASSWORD_RETIRED_TIME),
714
715
716
717  /**
718   * The subcommand used to determine the time that a user's retired password
719   * will expire.
720   */
721  GET_RETIRED_PASSWORD_EXPIRATION_TIME("get-retired-password-expiration-time",
722       INFO_MANAGE_ACCT_SC_DESC_GET_RETIRED_PW_EXP_TIME.get(),
723       PasswordPolicyStateOperation.
724            OP_TYPE_GET_RETIRED_PASSWORD_EXPIRATION_TIME),
725
726
727
728  /**
729   * The subcommand used to purge a user's retired password.
730   */
731  CLEAR_RETIRED_PASSWORD("clear-retired-password",
732       INFO_MANAGE_ACCT_SC_DESC_PURGE_RETIRED_PW.get(),
733       PasswordPolicyStateOperation.OP_TYPE_PURGE_RETIRED_PASSWORD,
734       "purge-retired-password"),
735
736
737
738  /**
739   * The subcommand used to obtain a list of the SASL mechanisms that are
740   * available for a user.  This will take into account the server
741   * configuration, the user credentials, and the user authentication
742   * constraints.
743   */
744  GET_AVAILABLE_SASL_MECHANISMS("get-available-sasl-mechanisms",
745       INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_SASL_MECHS.get(),
746       PasswordPolicyStateOperation.OP_TYPE_GET_AVAILABLE_SASL_MECHANISMS),
747
748
749
750  /**
751   * The subcommand used to obtain a list of the OTP delivery mechanisms that
752   * are available for a user.  If there is a set of preferred delivery
753   * mechanisms for the user, they will be listed first.
754   */
755  GET_AVAILABLE_OTP_DELIVERY_MECHANISMS("get-available-otp-delivery-mechanisms",
756       INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_OTP_MECHS.get(),
757       PasswordPolicyStateOperation.
758            OP_TYPE_GET_AVAILABLE_OTP_DELIVERY_MECHANISMS),
759
760
761
762  /**
763   * The subcommand used to determine whether a user account has at least one
764   * TOTP shared secret.
765   */
766  GET_HAS_TOTP_SHARED_SECRET("get-has-totp-shared-secret",
767       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_TOTP_SHARED_SECRET.get(),
768       PasswordPolicyStateOperation.OP_TYPE_HAS_TOTP_SHARED_SECRET),
769
770
771
772  /**
773   * The subcommand used to add one or more TOTP shared secrets for a user.
774   */
775  ADD_TOTP_SHARED_SECRET("add-totp-shared-secret",
776       INFO_MANAGE_ACCT_SC_DESC_ADD_TOTP_SHARED_SECRET.get(),
777       PasswordPolicyStateOperation.OP_TYPE_ADD_TOTP_SHARED_SECRET),
778
779
780
781  /**
782   * The subcommand used to remove one or more TOTP shared secrets for a user.
783   */
784  REMOVE_TOTP_SHARED_SECRET("remove-totp-shared-secret",
785       INFO_MANAGE_ACCT_SC_DESC_REMOVE_TOTP_SHARED_SECRET.get(),
786       PasswordPolicyStateOperation.OP_TYPE_REMOVE_TOTP_SHARED_SECRET),
787
788
789
790  /**
791   * The subcommand used to replace the TOTP shared secrets for a user.
792   */
793  SET_TOTP_SHARED_SECRETS("set-totp-shared-secrets",
794       INFO_MANAGE_ACCT_SC_DESC_SET_TOTP_SHARED_SECRETS.get(),
795       PasswordPolicyStateOperation.OP_TYPE_SET_TOTP_SHARED_SECRETS),
796
797
798
799  /**
800   * The subcommand used to clear the TOTP shared secrets for a user.
801   */
802  CLEAR_TOTP_SHARED_SECRETS("clear-totp-shared-secrets",
803       INFO_MANAGE_ACCT_SC_DESC_CLEAR_TOTP_SHARED_SECRETS.get(),
804       PasswordPolicyStateOperation.OP_TYPE_CLEAR_TOTP_SHARED_SECRETS),
805
806
807
808  /**
809   * The subcommand used to determine whether a user account has at least one
810   * registered YubiKey OTP device public ID.
811   */
812  GET_HAS_REGISTERED_YUBIKEY_PUBLIC_ID("get-has-registered-yubikey-public-id",
813       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_YUBIKEY_ID.get(),
814       PasswordPolicyStateOperation.OP_TYPE_HAS_REGISTERED_YUBIKEY_PUBLIC_ID),
815
816
817
818  /**
819   * The subcommand used to retrieve the set of registered YubiKey OTP device
820   * public IDs for a user.
821   */
822  GET_REGISTERED_YUBIKEY_PUBLIC_IDS("get-registered-yubikey-public-ids",
823       INFO_MANAGE_ACCT_SC_DESC_GET_YUBIKEY_IDS.get(),
824       PasswordPolicyStateOperation.OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS),
825
826
827
828  /**
829   * The subcommand used to add one or more registered YubiKey OTP device public
830   * IDs for a user.
831   */
832  ADD_REGISTERED_YUBIKEY_PUBLIC_ID("add-registered-yubikey-public-id",
833       INFO_MANAGE_ACCT_SC_DESC_ADD_YUBIKEY_ID.get(),
834       PasswordPolicyStateOperation.OP_TYPE_ADD_REGISTERED_YUBIKEY_PUBLIC_ID),
835
836
837
838  /**
839   * The subcommand used to remove one or more registered YubiKey OTP device
840   * public IDs for a user.
841   */
842  REMOVE_REGISTERED_YUBIKEY_PUBLIC_ID("remove-registered-yubikey-public-id",
843       INFO_MANAGE_ACCT_SC_DESC_REMOVE_YUBIKEY_ID.get(),
844       PasswordPolicyStateOperation.
845            OP_TYPE_REMOVE_REGISTERED_YUBIKEY_PUBLIC_ID),
846
847
848
849  /**
850   * The subcommand used to replace the set of registered YubiKey OTP device
851   * public IDs for a user.
852   */
853  SET_REGISTERED_YUBIKEY_PUBLIC_IDS("set-registered-yubikey-public-ids",
854       INFO_MANAGE_ACCT_SC_DESC_SET_YUBIKEY_IDS.get(),
855       PasswordPolicyStateOperation.OP_TYPE_SET_REGISTERED_YUBIKEY_PUBLIC_IDS),
856
857
858
859  /**
860   * The subcommand used to clear the set of registered YubiKey OTP device
861   * public IDs for a user.
862   */
863  CLEAR_REGISTERED_YUBIKEY_PUBLIC_IDS("clear-registered-yubikey-public-ids",
864       INFO_MANAGE_ACCT_SC_DESC_CLEAR_YUBIKEY_IDS.get(),
865       PasswordPolicyStateOperation.
866            OP_TYPE_CLEAR_REGISTERED_YUBIKEY_PUBLIC_IDS),
867
868
869
870  /**
871   * The subcommand used to determine whether a user account has at least one
872   * static password.
873   */
874  GET_HAS_STATIC_PASSWORD("get-has-static-password",
875       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_STATIC_PW.get(),
876       PasswordPolicyStateOperation.OP_TYPE_HAS_STATIC_PASSWORD);
877
878
879
880  /**
881   * The map of subcommand types indexed by password policy state operation
882   * type.
883   */
884  private static HashMap<Integer,ManageAccountSubCommandType> typesByOpType =
885       null;
886
887
888
889  /**
890   * The map of subcommand types indexed by name.
891   */
892  private static HashMap<String,ManageAccountSubCommandType> typesByName = null;
893
894
895
896  // The password policy state operation type value that corresponds to this
897  // subcommand type.
898  private final int operationType;
899
900  // A list containing the primary name and all alternate names for this
901  // subcommand.
902  private final List<String> allNames;
903
904  // A list of alternate names for this subcommand.
905  private final List<String> alternateNames;
906
907  // The description for this subcommand.
908  private final String description;
909
910  // The primary name for this subcommand.
911  private final String primaryName;
912
913
914
915  /**
916   * Creates a new manage-account subcommand type value with the provided
917   * information.
918   *
919   * @param  primaryName     The primary name for this subcommand.  It must not
920   *                         be {@code null}.
921   * @param  description     The description for this subcommand.  It must not
922   *                         be {@code null}.
923   * @param  operationType   The password policy state operation type value that
924   *                         corresponds to this subcommand type.
925   * @param  alternateNames  The set of alternate names that may be used to
926   *                         invoke this subcommand.  It may be empty but not
927   *                         {@code null}.
928   */
929  ManageAccountSubCommandType(final String primaryName,
930                              final String description, final int operationType,
931                              final String... alternateNames)
932  {
933    this.primaryName    = primaryName;
934    this.description    = description;
935    this.operationType  = operationType;
936
937    this.alternateNames =
938         Collections.unmodifiableList(Arrays.asList(alternateNames));
939
940    final ArrayList<String> allNamesList =
941         new ArrayList<>(alternateNames.length + 1);
942    allNamesList.add(primaryName);
943    allNamesList.addAll(this.alternateNames);
944
945    allNames = Collections.unmodifiableList(allNamesList);
946  }
947
948
949
950  /**
951   * Retrieves the primary name for the subcommand.
952   *
953   * @return  The primary name for the subcommand.
954   */
955  public String getPrimaryName()
956  {
957    return primaryName;
958  }
959
960
961
962  /**
963   * Retrieves the alternate names for this subcommand, if any.
964   *
965   * @return  The alternate names for this subcommand, or an empty list if
966   *          there are no alternate names.
967   */
968  public List<String> getAlternateNames()
969  {
970    return alternateNames;
971  }
972
973
974
975  /**
976   * Retrieves a list containing all names (primary and alternate) for this
977   * subcommand.
978   *
979   * @return  A list containing all names for ths subcommand.
980   */
981  public List<String> getAllNames()
982  {
983    return allNames;
984  }
985
986
987
988  /**
989   * Retrieves the description for the subcommand.
990   *
991   * @return  The description for the subcommand.
992   */
993  public String getDescription()
994  {
995    return description;
996  }
997
998
999
1000  /**
1001   * Retrieves the password policy state operation type value that corresponds
1002   * to this subcommand type.
1003   *
1004   * @return  The password policy state operation type value that corresponds
1005   *          to this subcommand type.
1006   */
1007  public int getPasswordPolicyStateOperationType()
1008  {
1009    return operationType;
1010  }
1011
1012
1013
1014  /**
1015   * Retrieves the subcommand type with the specified name.
1016   *
1017   * @param  name  The name of the subcommand type to retrieve.  It must not be
1018   *               {@code null}.
1019   *
1020   * @return  The subcommand type with the specified name, or {@code null} if
1021   *          there is no subcommand type for the given name.
1022   */
1023  public static ManageAccountSubCommandType forName(final String name)
1024  {
1025    ensureMapsPopulated();
1026
1027    return typesByName.get(StaticUtils.toLowerCase(name));
1028  }
1029
1030
1031
1032  /**
1033   * Retrieves the subcommand type with the specified password policy state
1034   * operation type.
1035   *
1036   * @param  opType  The password policy state operation type for the subcommand
1037   *                 type to retrieve.
1038   *
1039   * @return  The subcommand type with the specified password policy state
1040   *          operation type, or {@code null} if there is no subcommand type for
1041   *          the given operation type.
1042   */
1043  public static ManageAccountSubCommandType forOperationType(final int opType)
1044  {
1045    ensureMapsPopulated();
1046
1047    return typesByOpType.get(opType);
1048  }
1049
1050
1051
1052  /**
1053   * Ensures that the maps allowing subcommand types to be retrieved by name and
1054   * by password policy state operation types are populated.  They can't be
1055   * automatically populated by the constructor because enum constructors can't
1056   * interact with static
1057   */
1058  private static synchronized void ensureMapsPopulated()
1059  {
1060    if (typesByName == null)
1061    {
1062      final ManageAccountSubCommandType[] values =
1063           ManageAccountSubCommandType.values();
1064      typesByName =
1065           new HashMap<>(StaticUtils.computeMapCapacity(2*values.length));
1066      typesByOpType =
1067           new HashMap<>(StaticUtils.computeMapCapacity(values.length));
1068
1069      for (final ManageAccountSubCommandType t :  values)
1070      {
1071        typesByName.put(StaticUtils.toLowerCase(t.primaryName), t);
1072        for (final String altName : t.alternateNames)
1073        {
1074          typesByName.put(StaticUtils.toLowerCase(altName), t);
1075        }
1076
1077        if (t.operationType>= 0)
1078        {
1079          typesByOpType.put(t.operationType, t);
1080        }
1081      }
1082    }
1083  }
1084}