001/*
002 * Copyright 2016-2022 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2016-2022 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2016-2022 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.ldap.sdk.unboundidds.tools;
037
038
039
040import java.util.ArrayList;
041import java.util.Arrays;
042import java.util.Collections;
043import java.util.HashMap;
044import java.util.List;
045
046import com.unboundid.ldap.sdk.unboundidds.extensions.
047            PasswordPolicyStateOperation;
048import com.unboundid.util.NotNull;
049import com.unboundid.util.Nullable;
050import com.unboundid.util.StaticUtils;
051
052import static com.unboundid.ldap.sdk.unboundidds.tools.ToolMessages.*;
053
054
055
056/**
057 * This enum provides information about all of the subcommands available for
058 * use with the manage-account tool.
059 * <BR>
060 * <BLOCKQUOTE>
061 *   <B>NOTE:</B>  This class, and other classes within the
062 *   {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only
063 *   supported for use against Ping Identity, UnboundID, and
064 *   Nokia/Alcatel-Lucent 8661 server products.  These classes provide support
065 *   for proprietary functionality or for external specifications that are not
066 *   considered stable or mature enough to be guaranteed to work in an
067 *   interoperable way with other types of LDAP servers.
068 * </BLOCKQUOTE>
069 */
070public enum ManageAccountSubCommandType
071{
072  /**
073   * The subcommand used to get all state information for a user.
074   */
075  GET_ALL("get-all", INFO_MANAGE_ACCT_SC_DESC_GET_ALL.get(), -1),
076
077
078
079  /**
080   * The subcommand used to get the DN of a user's password policy.
081   */
082  GET_PASSWORD_POLICY_DN("get-password-policy-dn",
083       INFO_MANAGE_ACCT_SC_DESC_GET_POLICY_DN.get(),
084       PasswordPolicyStateOperation.OP_TYPE_GET_PW_POLICY_DN),
085
086
087
088  /**
089   * The subcommand used to determine whether an account is usable.
090   */
091  GET_ACCOUNT_IS_USABLE("get-account-is-usable",
092       INFO_MANAGE_ACCT_SC_DESC_GET_IS_USABLE.get(),
093       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_USABLE),
094
095
096
097  /**
098   * The subcommand used to retrieve the set of password policy state account
099   * usability notice messages for a user.
100   */
101  GET_ACCOUNT_USABILITY_NOTICES("get-account-usability-notice-messages",
102       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_NOTICES.get(),
103       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_NOTICES),
104
105
106
107  /**
108   * The subcommand used to retrieve the set of password policy state account
109   * usability warning messages for a user.
110   */
111  GET_ACCOUNT_USABILITY_WARNINGS("get-account-usability-warning-messages",
112       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_WARNINGS.get(),
113       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_WARNINGS),
114
115
116
117  /**
118   * The subcommand used to retrieve the set of password policy state account
119   * usability error messages for a user.
120   */
121  GET_ACCOUNT_USABILITY_ERRORS("get-account-usability-error-messages",
122       INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_ERRORS.get(),
123       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_USABILITY_ERRORS),
124
125
126
127  /**
128   * The subcommand used to get the password changed time for a user.
129   */
130  GET_PASSWORD_CHANGED_TIME("get-password-changed-time",
131       INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_TIME.get(),
132       PasswordPolicyStateOperation.OP_TYPE_GET_PW_CHANGED_TIME),
133
134
135
136  /**
137   * The subcommand used to set the password changed time for a user.
138   */
139  SET_PASSWORD_CHANGED_TIME("set-password-changed-time",
140       INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_TIME.get(),
141       PasswordPolicyStateOperation.OP_TYPE_SET_PW_CHANGED_TIME),
142
143
144
145  /**
146   * The subcommand used to clear the password changed time for a user.
147   */
148  CLEAR_PASSWORD_CHANGED_TIME("clear-password-changed-time",
149       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_TIME.get(),
150       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_CHANGED_TIME),
151
152
153
154  /**
155   * The subcommand used to determine whether a user account is administratively
156   * disabled.
157   */
158  GET_ACCOUNT_IS_DISABLED("get-account-is-disabled",
159       INFO_MANAGE_ACCT_SC_DESC_GET_IS_DISABLED.get(),
160       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_DISABLED_STATE),
161
162
163
164  /**
165   * The subcommand used to specify whether a user account is administratively
166   * disabled.
167   */
168  SET_ACCOUNT_IS_DISABLED("set-account-is-disabled",
169       INFO_MANAGE_ACCT_SC_DESC_SET_IS_DISABLED.get(),
170       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_DISABLED_STATE),
171
172
173
174  /**
175   * The subcommand used to clear the account disabled state for a user.
176   */
177  CLEAR_ACCOUNT_IS_DISABLED("clear-account-is-disabled",
178       INFO_MANAGE_ACCT_SC_DESC_CLEAR_IS_DISABLED.get(
179            SET_ACCOUNT_IS_DISABLED.primaryName, "accountIsDisabled"),
180       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_DISABLED_STATE),
181
182
183
184  /**
185   * The subcommand used to get the account activation time for a user.
186   */
187  GET_ACCOUNT_ACTIVATION_TIME("get-account-activation-time",
188       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_ACT_TIME.get(),
189       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_ACTIVATION_TIME),
190
191
192
193  /**
194   * The subcommand used to set the account activation time for a user.
195   */
196  SET_ACCOUNT_ACTIVATION_TIME("set-account-activation-time",
197       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_ACT_TIME.get(),
198       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_ACTIVATION_TIME),
199
200
201
202  /**
203   * The subcommand used to clear the account activation time for a user.
204   */
205  CLEAR_ACCOUNT_ACTIVATION_TIME("clear-account-activation-time",
206       INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_ACT_TIME.get(),
207       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_ACTIVATION_TIME),
208
209
210
211  /**
212   * The subcommand used to retrieve the length of time until a user's account
213   * becomes active.
214   */
215  GET_SECONDS_UNTIL_ACCOUNT_ACTIVATION("get-seconds-until-account-activation",
216       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_ACT.get(),
217       PasswordPolicyStateOperation.
218            OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_ACTIVATION),
219
220
221
222  /**
223   * The subcommand used to determine whether a user's account is not yet
224   * active.
225   */
226  GET_ACCOUNT_IS_NOT_YET_ACTIVE("get-account-is-not-yet-active",
227       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_NOT_YET_ACTIVE.get(),
228       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_NOT_YET_ACTIVE),
229
230
231
232  /**
233   * The subcommand used to get the account expiration time for a user.
234   */
235  GET_ACCOUNT_EXPIRATION_TIME("get-account-expiration-time",
236       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_EXP_TIME.get(),
237       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_EXPIRATION_TIME),
238
239
240
241  /**
242   * The subcommand used to set the account expiration time for a user.
243   */
244  SET_ACCOUNT_EXPIRATION_TIME("set-account-expiration-time",
245       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_EXP_TIME.get(),
246       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_EXPIRATION_TIME),
247
248
249
250  /**
251   * The subcommand used to clear the account expiration time for a user.
252   */
253  CLEAR_ACCOUNT_EXPIRATION_TIME("clear-account-expiration-time",
254       INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_EXP_TIME.get(),
255       PasswordPolicyStateOperation.OP_TYPE_CLEAR_ACCOUNT_EXPIRATION_TIME),
256
257
258
259  /**
260   * The subcommand used to retrieve the length of time until a user's account
261   * expires.
262   */
263  GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION("get-seconds-until-account-expiration",
264       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_EXP.get(),
265       PasswordPolicyStateOperation.
266            OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION),
267
268
269
270  /**
271   * The subcommand used to determine whether a user's account is expired.
272   */
273  GET_ACCOUNT_IS_EXPIRED("get-account-is-expired",
274       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_EXPIRED.get(),
275       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_EXPIRED),
276
277
278
279  /**
280   * The subcommand used to retrieve the time a user received the first warning
281   * about an upcoming password expiration.
282   *
283   */
284  GET_PASSWORD_EXPIRATION_WARNED_TIME("get-password-expiration-warned-time",
285       INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_WARNED_TIME.get(),
286       PasswordPolicyStateOperation.OP_TYPE_GET_PW_EXPIRATION_WARNED_TIME),
287
288
289
290  /**
291   * The subcommand used to specify the time a user received the first warning
292   * about an upcoming password expiration.
293   */
294  SET_PASSWORD_EXPIRATION_WARNED_TIME("set-password-expiration-warned-time",
295       INFO_MANAGE_ACCT_SC_DESC_SET_PW_EXP_WARNED_TIME.get(),
296       PasswordPolicyStateOperation.OP_TYPE_SET_PW_EXPIRATION_WARNED_TIME),
297
298
299
300  /**
301   * The subcommand used to clear the password expiration warned time for a
302   * user.
303   */
304  CLEAR_PASSWORD_EXPIRATION_WARNED_TIME("clear-password-expiration-warned-time",
305       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_EXP_WARNED_TIME.get(),
306       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_EXPIRATION_WARNED_TIME),
307
308
309
310  /**
311   * The subcommand used to get the length of time in seconds until a user may
312   * start to receive warnings about an upcoming expiration.
313   */
314  GET_SECONDS_UNTIL_PASSWORD_EXPIRATION_WARNING(
315       "get-seconds-until-password-expiration-warning",
316       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP_WARNING.get(),
317       PasswordPolicyStateOperation.
318            OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION_WARNING),
319
320
321
322  /**
323   * The subcommand used to retrieve the password expiration time for a user.
324   */
325  GET_PASSWORD_EXPIRATION_TIME("get-password-expiration-time",
326       INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_TIME.get(),
327       PasswordPolicyStateOperation.OP_TYPE_GET_PW_EXPIRATION_TIME),
328
329
330
331  /**
332   * The subcommand used to get the length of time in seconds until a user's
333   * password will expire.
334   */
335  GET_SECONDS_UNTIL_PASSWORD_EXPIRATION("get-seconds-until-password-expiration",
336       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP.get(),
337       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION),
338
339
340
341  /**
342   * The subcommand used to determine whether a user's password is expired.
343   */
344  GET_PASSWORD_IS_EXPIRED("get-password-is-expired",
345       INFO_MANAGE_ACCT_SC_DESC_GET_PW_IS_EXPIRED.get(),
346       PasswordPolicyStateOperation.OP_TYPE_GET_PW_IS_EXPIRED),
347
348
349
350  /**
351   * The subcommand used to determine whether a user account is failure locked.
352   */
353  GET_ACCOUNT_IS_FAILURE_LOCKED("get-account-is-failure-locked",
354       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_FAILURE_LOCKED.get(),
355       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_FAILURE_LOCKED),
356
357
358
359  /**
360   * The subcommand used to specify whether a user account is failure locked.
361   */
362  SET_ACCOUNT_IS_FAILURE_LOCKED("set-account-is-failure-locked",
363       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_FAILURE_LOCKED.get(),
364       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_IS_FAILURE_LOCKED),
365
366
367
368  /**
369   * The subcommand used to retrieve the failure lockout time for a user.
370   */
371  GET_FAILURE_LOCKOUT_TIME("get-failure-lockout-time",
372       INFO_MANAGE_ACCT_SC_DESC_GET_FAILURE_LOCKED_TIME.get(),
373       PasswordPolicyStateOperation.OP_TYPE_GET_FAILURE_LOCKOUT_TIME,
374       "get-failure-locked-time"),
375
376
377
378  /**
379   * The subcommand used to determine the length of time in seconds until a
380   * user's temporary failure lockout will expire.
381   */
382  GET_SECONDS_UNTIL_AUTHENTICATION_FAILURE_UNLOCK(
383       "get-seconds-until-authentication-failure-unlock",
384       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_FAILURE_UNLOCK.get(),
385       PasswordPolicyStateOperation.
386            OP_TYPE_GET_SECONDS_UNTIL_AUTH_FAILURE_UNLOCK),
387
388
389
390  /**
391   * The subcommand used to retrieve the times of the failed authentication
392   * attempts for a user.
393   */
394  GET_AUTHENTICATION_FAILURE_TIMES("get-authentication-failure-times",
395       INFO_MANAGE_ACCT_SC_DESC_GET_AUTH_FAILURE_TIMES.get(),
396       PasswordPolicyStateOperation.OP_TYPE_GET_AUTH_FAILURE_TIMES),
397
398
399
400  /**
401   * The subcommand used to add one or more values to the set of authentication
402   * failure times for a user.
403   */
404  ADD_AUTHENTICATION_FAILURE_TIME("add-authentication-failure-time",
405       INFO_MANAGE_ACCT_SC_DESC_ADD_AUTH_FAILURE_TIME.get(),
406       PasswordPolicyStateOperation.OP_TYPE_ADD_AUTH_FAILURE_TIME),
407
408
409
410  /**
411   * The subcommand used to replace the set of authentication failure times for
412   * a user.
413   */
414  SET_AUTHENTICATION_FAILURE_TIMES("set-authentication-failure-times",
415       INFO_MANAGE_ACCT_SC_DESC_SET_AUTH_FAILURE_TIMES.get(),
416       PasswordPolicyStateOperation.OP_TYPE_SET_AUTH_FAILURE_TIMES),
417
418
419
420  /**
421   * The subcommand used to clear the set of authentication failure times for a
422   * user.
423   */
424  CLEAR_AUTHENTICATION_FAILURE_TIMES("clear-authentication-failure-times",
425       INFO_MANAGE_ACCT_SC_DESC_CLEAR_AUTH_FAILURE_TIMES.get(),
426       PasswordPolicyStateOperation.OP_TYPE_CLEAR_AUTH_FAILURE_TIMES),
427
428
429
430  /**
431   * The subcommand used to determine the number of remaining failed
432   * authentication attempts for a user before the account is locked.
433   */
434  GET_REMAINING_AUTHENTICATION_FAILURE_COUNT(
435       "get-remaining-authentication-failure-count",
436       INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_FAILURE_COUNT.get(),
437       PasswordPolicyStateOperation.OP_TYPE_GET_REMAINING_AUTH_FAILURE_COUNT),
438
439
440
441  /**
442   * The subcommand used to determine whether a user account is idle locked.
443   */
444  GET_ACCOUNT_IS_IDLE_LOCKED("get-account-is-idle-locked",
445       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IDLE_LOCKED.get(),
446       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_IDLE_LOCKED),
447
448
449
450  /**
451   * The subcommand used to determine the length of time in seconds until a
452   * user's account will be idle locked.
453   */
454  GET_SECONDS_UNTIL_IDLE_LOCKOUT("get-seconds-until-idle-lockout",
455       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_IDLE_LOCKOUT.get(),
456       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_IDLE_LOCKOUT),
457
458
459
460  /**
461   * The subcommand used to determine the time that a user's account was/will be
462   * idle locked.
463   */
464  GET_IDLE_LOCKOUT_TIME("get-idle-lockout-time",
465       INFO_MANAGE_ACCT_SC_DESC_GET_IDLE_LOCKOUT_TIME.get(),
466       PasswordPolicyStateOperation.OP_TYPE_GET_IDLE_LOCKOUT_TIME,
467       "get-idle-locked-time"),
468
469
470
471  /**
472   * The subcommand used to determine whether a user's password has been
473   * administratively reset.
474   */
475  GET_MUST_CHANGE_PASSWORD("get-must-change-password",
476       INFO_MANAGE_ACCT_SC_DESC_GET_MUST_CHANGE_PW.get(),
477       PasswordPolicyStateOperation.OP_TYPE_GET_PW_RESET_STATE,
478       "get-password-is-reset"),
479
480
481
482  /**
483   * The subcommand used to specify whether a user's password has been
484   * administratively reset.
485   */
486  SET_MUST_CHANGE_PASSWORD("set-must-change-password",
487       INFO_MANAGE_ACCT_SC_DESC_SET_MUST_CHANGE_PW.get(),
488       PasswordPolicyStateOperation.OP_TYPE_SET_PW_RESET_STATE,
489       "set-password-is-reset"),
490
491
492
493  /**
494   * The subcommand used to clear whether a user's password has been
495   * administratively reset.
496   */
497  CLEAR_MUST_CHANGE_PASSWORD("clear-must-change-password",
498       INFO_MANAGE_ACCT_SC_DESC_CLEAR_MUST_CHANGE_PW.get(),
499       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_RESET_STATE,
500       "clear-password-is-reset"),
501
502
503
504  /**
505   * The subcommand used to determine whether a user's account is reset locked.
506   */
507  GET_ACCOUNT_IS_PASSWORD_RESET_LOCKED("get-account-is-password-reset-locked",
508       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_RESET_LOCKED.get(),
509       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_RESET_LOCKED),
510
511
512
513  /**
514   * The subcommand used to determine the length of time in seconds until a
515   * user's account is reset locked.
516   */
517  GET_SECONDS_UNTIL_PASSWORD_RESET_LOCKOUT(
518       "get-seconds-until-password-reset-lockout",
519       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_RESET_LOCKOUT.get(),
520       PasswordPolicyStateOperation.OP_TYPE_GET_SECONDS_UNTIL_PW_RESET_LOCKOUT),
521
522
523
524  /**
525   * The subcommand used to determine the time a user's account was/will be
526   * reset locked.
527   */
528  GET_PASSWORD_RESET_LOCKOUT_TIME("get-password-reset-lockout-time",
529       INFO_MANAGE_ACCT_SC_DESC_GET_RESET_LOCKOUT_TIME.get(),
530       PasswordPolicyStateOperation.OP_TYPE_GET_RESET_LOCKOUT_TIME,
531       "get-password-reset-locked-time"),
532
533
534
535  /**
536   * The subcommand used to retrieve the last login time for a user.
537   */
538  GET_LAST_LOGIN_TIME("get-last-login-time",
539       INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_TIME.get(),
540       PasswordPolicyStateOperation.OP_TYPE_GET_LAST_LOGIN_TIME),
541
542
543
544  /**
545   * The subcommand used to specify the last login time for a user.
546   */
547  SET_LAST_LOGIN_TIME("set-last-login-time",
548       INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_TIME.get(),
549       PasswordPolicyStateOperation.OP_TYPE_SET_LAST_LOGIN_TIME),
550
551
552
553  /**
554   * The subcommand used to clear the last login time for a user.
555   */
556  CLEAR_LAST_LOGIN_TIME("clear-last-login-time",
557       INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_TIME.get(),
558       PasswordPolicyStateOperation.OP_TYPE_CLEAR_LAST_LOGIN_TIME),
559
560
561
562  /**
563   * The subcommand used to retrieve the last login IP address for a user.
564   */
565  GET_LAST_LOGIN_IP_ADDRESS("get-last-login-ip-address",
566       INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_IP.get(),
567       PasswordPolicyStateOperation.OP_TYPE_GET_LAST_LOGIN_IP_ADDRESS),
568
569
570
571  /**
572   * The subcommand used to specify the last login IP address for a user.
573   */
574  SET_LAST_LOGIN_IP_ADDRESS("set-last-login-ip-address",
575       INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_IP.get(),
576       PasswordPolicyStateOperation.OP_TYPE_SET_LAST_LOGIN_IP_ADDRESS),
577
578
579
580  /**
581   * The subcommand used to clear the last login IP address for a user.
582   */
583  CLEAR_LAST_LOGIN_IP_ADDRESS("clear-last-login-ip-address",
584       INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_IP.get(),
585       PasswordPolicyStateOperation.OP_TYPE_CLEAR_LAST_LOGIN_IP_ADDRESS),
586
587
588
589  /**
590   * The subcommand used to retrieve the grace login use times for a user.
591   */
592  GET_GRACE_LOGIN_USE_TIMES("get-grace-login-use-times",
593       INFO_MANAGE_ACCT_SC_DESC_GET_GRACE_LOGIN_TIMES.get(),
594       PasswordPolicyStateOperation.OP_TYPE_GET_GRACE_LOGIN_USE_TIMES),
595
596
597
598  /**
599   * The subcommand used to add one or more values to the set of grace login
600   * use times for a user.
601   */
602  ADD_GRACE_LOGIN_USE_TIME("add-grace-login-use-time",
603       INFO_MANAGE_ACCT_SC_DESC_ADD_GRACE_LOGIN_TIME.get(),
604       PasswordPolicyStateOperation.OP_TYPE_ADD_GRACE_LOGIN_USE_TIME),
605
606
607
608  /**
609   * The subcommand used to specify the grace login use times for a user.
610   */
611  SET_GRACE_LOGIN_USE_TIMES("set-grace-login-use-times",
612       INFO_MANAGE_ACCT_SC_DESC_SET_GRACE_LOGIN_TIMES.get(),
613       PasswordPolicyStateOperation.OP_TYPE_SET_GRACE_LOGIN_USE_TIMES),
614
615
616
617  /**
618   * The subcommand used to clear the grace login use times for a user.
619   */
620  CLEAR_GRACE_LOGIN_USE_TIMES("clear-grace-login-use-times",
621       INFO_MANAGE_ACCT_SC_DESC_CLEAR_GRACE_LOGIN_TIMES.get(),
622       PasswordPolicyStateOperation.OP_TYPE_CLEAR_GRACE_LOGIN_USE_TIMES),
623
624
625
626  /**
627   * The subcommand used to retrieve the number of remaining grace logins for a
628   * user.
629   */
630  GET_REMAINING_GRACE_LOGIN_COUNT("get-remaining-grace-login-count",
631       INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_GRACE_LOGIN_COUNT.get(),
632       PasswordPolicyStateOperation.OP_TYPE_GET_REMAINING_GRACE_LOGIN_COUNT),
633
634
635
636  /**
637   * The subcommand used to retrieve the most recent required password change
638   * time with which a user has complied.
639   */
640  GET_PASSWORD_CHANGED_BY_REQUIRED_TIME("get-password-changed-by-required-time",
641       INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_BY_REQ_TIME.get(),
642       PasswordPolicyStateOperation.OP_TYPE_GET_PW_CHANGED_BY_REQUIRED_TIME),
643
644
645
646  /**
647   * The subcommand used to specify the most recent required password change
648   * time with which a user has complied.
649   */
650  SET_PASSWORD_CHANGED_BY_REQUIRED_TIME("set-password-changed-by-required-time",
651       INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_BY_REQ_TIME.get(),
652       PasswordPolicyStateOperation.OP_TYPE_SET_PW_CHANGED_BY_REQUIRED_TIME),
653
654
655
656  /**
657   * The subcommand used to clear the most recent required password change
658   * time with which a user has complied.
659   */
660  CLEAR_PASSWORD_CHANGED_BY_REQUIRED_TIME(
661       "clear-password-changed-by-required-time",
662       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_BY_REQ_TIME.get(),
663       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_CHANGED_BY_REQUIRED_TIME),
664
665
666
667  /**
668   * The subcommand used to determine the length of seconds until the required
669   * password changed time for a user.
670   */
671  GET_SECONDS_UNTIL_REQUIRED_PASSWORD_CHANGE_TIME(
672       "get-seconds-until-required-password-change-time",
673       INFO_MANAGE_ACCT_SC_DESC_GET_SECS_UNTIL_REQ_CHANGE_TIME.get(),
674       PasswordPolicyStateOperation.
675            OP_TYPE_GET_SECONDS_UNTIL_REQUIRED_CHANGE_TIME,
676       "get-seconds-until-required-change-time"),
677
678
679
680  /**
681   * The subcommand used to retrieve the number of passwords in a user's
682   * password history.
683   */
684  GET_PASSWORD_HISTORY_COUNT("get-password-history-count",
685       INFO_MANAGE_ACCT_SC_DESC_GET_PW_HISTORY_COUNT.get(),
686       PasswordPolicyStateOperation.OP_TYPE_GET_PW_HISTORY_COUNT,
687       "get-password-history"),
688
689
690
691  /**
692   * The subcommand used to clear a user's password history.
693   */
694  CLEAR_PASSWORD_HISTORY("clear-password-history",
695       INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_HISTORY.get(),
696       PasswordPolicyStateOperation.OP_TYPE_CLEAR_PW_HISTORY),
697
698
699
700  /**
701   * The subcommand used to determine whether a user has a retired password.
702   */
703  GET_HAS_RETIRED_PASSWORD("get-has-retired-password",
704       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_RETIRED_PW.get(),
705       PasswordPolicyStateOperation.OP_TYPE_HAS_RETIRED_PASSWORD),
706
707
708
709  /**
710   * The subcommand used to retrieve the time that a user's former password
711   * was retired.
712   */
713  GET_PASSWORD_RETIRED_TIME("get-password-retired-time",
714       INFO_MANAGE_ACCT_SC_DESC_GET_PW_RETIRED_TIME.get(),
715       PasswordPolicyStateOperation.OP_TYPE_GET_PASSWORD_RETIRED_TIME),
716
717
718
719  /**
720   * The subcommand used to determine the time that a user's retired password
721   * will expire.
722   */
723  GET_RETIRED_PASSWORD_EXPIRATION_TIME("get-retired-password-expiration-time",
724       INFO_MANAGE_ACCT_SC_DESC_GET_RETIRED_PW_EXP_TIME.get(),
725       PasswordPolicyStateOperation.
726            OP_TYPE_GET_RETIRED_PASSWORD_EXPIRATION_TIME),
727
728
729
730  /**
731   * The subcommand used to purge a user's retired password.
732   */
733  CLEAR_RETIRED_PASSWORD("clear-retired-password",
734       INFO_MANAGE_ACCT_SC_DESC_PURGE_RETIRED_PW.get(),
735       PasswordPolicyStateOperation.OP_TYPE_PURGE_RETIRED_PASSWORD,
736       "purge-retired-password"),
737
738
739
740  /**
741   * The subcommand used to obtain a list of the SASL mechanisms that are
742   * available for a user.  This will take into account the server
743   * configuration, the user credentials, and the user authentication
744   * constraints.
745   */
746  GET_AVAILABLE_SASL_MECHANISMS("get-available-sasl-mechanisms",
747       INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_SASL_MECHS.get(),
748       PasswordPolicyStateOperation.OP_TYPE_GET_AVAILABLE_SASL_MECHANISMS),
749
750
751
752  /**
753   * The subcommand used to obtain a list of the OTP delivery mechanisms that
754   * are available for a user.  If there is a set of preferred delivery
755   * mechanisms for the user, they will be listed first.
756   */
757  GET_AVAILABLE_OTP_DELIVERY_MECHANISMS("get-available-otp-delivery-mechanisms",
758       INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_OTP_MECHS.get(),
759       PasswordPolicyStateOperation.
760            OP_TYPE_GET_AVAILABLE_OTP_DELIVERY_MECHANISMS),
761
762
763
764  /**
765   * The subcommand used to determine whether a user account has at least one
766   * TOTP shared secret.
767   */
768  GET_HAS_TOTP_SHARED_SECRET("get-has-totp-shared-secret",
769       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_TOTP_SHARED_SECRET.get(),
770       PasswordPolicyStateOperation.OP_TYPE_HAS_TOTP_SHARED_SECRET),
771
772
773
774  /**
775   * The subcommand used to add one or more TOTP shared secrets for a user.
776   */
777  ADD_TOTP_SHARED_SECRET("add-totp-shared-secret",
778       INFO_MANAGE_ACCT_SC_DESC_ADD_TOTP_SHARED_SECRET.get(),
779       PasswordPolicyStateOperation.OP_TYPE_ADD_TOTP_SHARED_SECRET),
780
781
782
783  /**
784   * The subcommand used to remove one or more TOTP shared secrets for a user.
785   */
786  REMOVE_TOTP_SHARED_SECRET("remove-totp-shared-secret",
787       INFO_MANAGE_ACCT_SC_DESC_REMOVE_TOTP_SHARED_SECRET.get(),
788       PasswordPolicyStateOperation.OP_TYPE_REMOVE_TOTP_SHARED_SECRET),
789
790
791
792  /**
793   * The subcommand used to replace the TOTP shared secrets for a user.
794   */
795  SET_TOTP_SHARED_SECRETS("set-totp-shared-secrets",
796       INFO_MANAGE_ACCT_SC_DESC_SET_TOTP_SHARED_SECRETS.get(),
797       PasswordPolicyStateOperation.OP_TYPE_SET_TOTP_SHARED_SECRETS),
798
799
800
801  /**
802   * The subcommand used to clear the TOTP shared secrets for a user.
803   */
804  CLEAR_TOTP_SHARED_SECRETS("clear-totp-shared-secrets",
805       INFO_MANAGE_ACCT_SC_DESC_CLEAR_TOTP_SHARED_SECRETS.get(),
806       PasswordPolicyStateOperation.OP_TYPE_CLEAR_TOTP_SHARED_SECRETS),
807
808
809
810  /**
811   * The subcommand used to determine whether a user account has at least one
812   * registered YubiKey OTP device public ID.
813   */
814  GET_HAS_REGISTERED_YUBIKEY_PUBLIC_ID("get-has-registered-yubikey-public-id",
815       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_YUBIKEY_ID.get(),
816       PasswordPolicyStateOperation.OP_TYPE_HAS_REGISTERED_YUBIKEY_PUBLIC_ID),
817
818
819
820  /**
821   * The subcommand used to retrieve the set of registered YubiKey OTP device
822   * public IDs for a user.
823   */
824  GET_REGISTERED_YUBIKEY_PUBLIC_IDS("get-registered-yubikey-public-ids",
825       INFO_MANAGE_ACCT_SC_DESC_GET_YUBIKEY_IDS.get(),
826       PasswordPolicyStateOperation.OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS),
827
828
829
830  /**
831   * The subcommand used to add one or more registered YubiKey OTP device public
832   * IDs for a user.
833   */
834  ADD_REGISTERED_YUBIKEY_PUBLIC_ID("add-registered-yubikey-public-id",
835       INFO_MANAGE_ACCT_SC_DESC_ADD_YUBIKEY_ID.get(),
836       PasswordPolicyStateOperation.OP_TYPE_ADD_REGISTERED_YUBIKEY_PUBLIC_ID),
837
838
839
840  /**
841   * The subcommand used to remove one or more registered YubiKey OTP device
842   * public IDs for a user.
843   */
844  REMOVE_REGISTERED_YUBIKEY_PUBLIC_ID("remove-registered-yubikey-public-id",
845       INFO_MANAGE_ACCT_SC_DESC_REMOVE_YUBIKEY_ID.get(),
846       PasswordPolicyStateOperation.
847            OP_TYPE_REMOVE_REGISTERED_YUBIKEY_PUBLIC_ID),
848
849
850
851  /**
852   * The subcommand used to replace the set of registered YubiKey OTP device
853   * public IDs for a user.
854   */
855  SET_REGISTERED_YUBIKEY_PUBLIC_IDS("set-registered-yubikey-public-ids",
856       INFO_MANAGE_ACCT_SC_DESC_SET_YUBIKEY_IDS.get(),
857       PasswordPolicyStateOperation.OP_TYPE_SET_REGISTERED_YUBIKEY_PUBLIC_IDS),
858
859
860
861  /**
862   * The subcommand used to clear the set of registered YubiKey OTP device
863   * public IDs for a user.
864   */
865  CLEAR_REGISTERED_YUBIKEY_PUBLIC_IDS("clear-registered-yubikey-public-ids",
866       INFO_MANAGE_ACCT_SC_DESC_CLEAR_YUBIKEY_IDS.get(),
867       PasswordPolicyStateOperation.
868            OP_TYPE_CLEAR_REGISTERED_YUBIKEY_PUBLIC_IDS),
869
870
871
872  /**
873   * The subcommand used to determine whether a user account has at least one
874   * static password.
875   */
876  GET_HAS_STATIC_PASSWORD("get-has-static-password",
877       INFO_MANAGE_ACCT_SC_DESC_GET_HAS_STATIC_PW.get(),
878       PasswordPolicyStateOperation.OP_TYPE_HAS_STATIC_PASSWORD),
879
880
881
882  /**
883   * The subcommand used to retrieve the time that the server last invoked
884   * password validators for a bind operation.
885   */
886  GET_LAST_BIND_PASSWORD_VALIDATION_TIME(
887       "get-last-bind-password-validation-time",
888       INFO_MANAGE_ACCT_SC_DESC_GET_LAST_BIND_PW_VALIDATION_TIME.get(),
889       PasswordPolicyStateOperation.
890            OP_TYPE_GET_LAST_BIND_PASSWORD_VALIDATION_TIME),
891
892
893
894  /**
895   * The subcommand used to retrieve the length of time in seconds since the
896   * server last invoked password validators for a bind operation.
897   */
898  GET_SECONDS_SINCE_LAST_BIND_PASSWORD_VALIDATION(
899       "get-seconds-since-last-bind-password-validation",
900       INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_SINCE_LAST_BIND_PW_VALIDATION.get(),
901       PasswordPolicyStateOperation.
902            OP_TYPE_GET_SECONDS_SINCE_LAST_BIND_PASSWORD_VALIDATION),
903
904
905
906  /**
907   * The subcommand used to specify the time that the server last invoked
908   * password validators for a bind operation.
909   */
910  SET_LAST_BIND_PASSWORD_VALIDATION_TIME(
911       "set-last-bind-password-validation-time",
912       INFO_MANAGE_ACCT_SC_DESC_SET_LAST_BIND_PW_VALIDATION_TIME.get(),
913       PasswordPolicyStateOperation.
914            OP_TYPE_SET_LAST_BIND_PASSWORD_VALIDATION_TIME),
915
916
917
918  /**
919   * The subcommand used to clear the time that the server last invoked password
920   * validators for a bind operation.
921   */
922  CLEAR_LAST_BIND_PASSWORD_VALIDATION_TIME(
923       "clear-last-bind-password-validation-time",
924       INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_BIND_PW_VALIDATION_TIME.get(),
925       PasswordPolicyStateOperation.
926            OP_TYPE_CLEAR_LAST_BIND_PASSWORD_VALIDATION_TIME),
927
928
929
930  /**
931   * The subcommand used to determine whether a user account is validation
932   * locked.
933   */
934  GET_ACCOUNT_IS_VALIDATION_LOCKED("get-account-is-validation-locked",
935       INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_VALIDATION_LOCKED.get(),
936       PasswordPolicyStateOperation.OP_TYPE_GET_ACCOUNT_IS_VALIDATION_LOCKED),
937
938
939
940  /**
941   * The subcommand used to specify whether a user account is validation locked.
942   */
943  SET_ACCOUNT_IS_VALIDATION_LOCKED("set-account-is-validation-locked",
944       INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_VALIDATION_LOCKED.get(),
945       PasswordPolicyStateOperation.OP_TYPE_SET_ACCOUNT_IS_VALIDATION_LOCKED),
946
947
948
949  /**
950   * The subcommand used to retrieve the recent login history for a user.
951   */
952  GET_RECENT_LOGIN_HISTORY("get-recent-login-history",
953       INFO_MANAGE_ACCT_SC_DESC_GET_RECENT_LOGIN_HISTORY.get(),
954       PasswordPolicyStateOperation.OP_TYPE_GET_RECENT_LOGIN_HISTORY),
955
956
957
958  /**
959   * The subcommand used to clear the recent login history for a user.
960   */
961  CLEAR_RECENT_LOGIN_HISTORY("clear-recent-login-history",
962       INFO_MANAGE_ACCT_SC_DESC_CLEAR_RECENT_LOGIN_HISTORY.get(),
963       PasswordPolicyStateOperation.OP_TYPE_CLEAR_RECENT_LOGIN_HISTORY);
964
965
966
967  /**
968   * The map of subcommand types indexed by password policy state operation
969   * type.
970   */
971  @Nullable private static HashMap<Integer,ManageAccountSubCommandType>
972       typesByOpType = null;
973
974
975
976  /**
977   * The map of subcommand types indexed by name.
978   */
979  @Nullable private static HashMap<String,ManageAccountSubCommandType>
980       typesByName = null;
981
982
983
984  // The password policy state operation type value that corresponds to this
985  // subcommand type.
986  private final int operationType;
987
988  // A list containing the primary name and all alternate names for this
989  // subcommand.
990  @NotNull private final List<String> allNames;
991
992  // A list of alternate names for this subcommand.
993  @NotNull private final List<String> alternateNames;
994
995  // The description for this subcommand.
996  @NotNull private final String description;
997
998  // The primary name for this subcommand.
999  @NotNull private final String primaryName;
1000
1001
1002
1003  /**
1004   * Creates a new manage-account subcommand type value with the provided
1005   * information.
1006   *
1007   * @param  primaryName     The primary name for this subcommand.  It must not
1008   *                         be {@code null}.
1009   * @param  description     The description for this subcommand.  It must not
1010   *                         be {@code null}.
1011   * @param  operationType   The password policy state operation type value that
1012   *                         corresponds to this subcommand type.
1013   * @param  alternateNames  The set of alternate names that may be used to
1014   *                         invoke this subcommand.  It may be empty but not
1015   *                         {@code null}.
1016   */
1017  ManageAccountSubCommandType(@NotNull final String primaryName,
1018                              @NotNull final String description,
1019                              final int operationType,
1020                              @NotNull final String... alternateNames)
1021  {
1022    this.primaryName    = primaryName;
1023    this.description    = description;
1024    this.operationType  = operationType;
1025
1026    this.alternateNames =
1027         Collections.unmodifiableList(Arrays.asList(alternateNames));
1028
1029    final ArrayList<String> allNamesList =
1030         new ArrayList<>(alternateNames.length + 1);
1031    allNamesList.add(primaryName);
1032    allNamesList.addAll(this.alternateNames);
1033
1034    allNames = Collections.unmodifiableList(allNamesList);
1035  }
1036
1037
1038
1039  /**
1040   * Retrieves the primary name for the subcommand.
1041   *
1042   * @return  The primary name for the subcommand.
1043   */
1044  @NotNull()
1045  public String getPrimaryName()
1046  {
1047    return primaryName;
1048  }
1049
1050
1051
1052  /**
1053   * Retrieves the alternate names for this subcommand, if any.
1054   *
1055   * @return  The alternate names for this subcommand, or an empty list if
1056   *          there are no alternate names.
1057   */
1058  @NotNull()
1059  public List<String> getAlternateNames()
1060  {
1061    return alternateNames;
1062  }
1063
1064
1065
1066  /**
1067   * Retrieves a list containing all names (primary and alternate) for this
1068   * subcommand.
1069   *
1070   * @return  A list containing all names for ths subcommand.
1071   */
1072  @NotNull()
1073  public List<String> getAllNames()
1074  {
1075    return allNames;
1076  }
1077
1078
1079
1080  /**
1081   * Retrieves the description for the subcommand.
1082   *
1083   * @return  The description for the subcommand.
1084   */
1085  @NotNull()
1086  public String getDescription()
1087  {
1088    return description;
1089  }
1090
1091
1092
1093  /**
1094   * Retrieves the password policy state operation type value that corresponds
1095   * to this subcommand type.
1096   *
1097   * @return  The password policy state operation type value that corresponds
1098   *          to this subcommand type.
1099   */
1100  public int getPasswordPolicyStateOperationType()
1101  {
1102    return operationType;
1103  }
1104
1105
1106
1107  /**
1108   * Retrieves the subcommand type with the specified name.
1109   *
1110   * @param  name  The name of the subcommand type to retrieve.  It must not be
1111   *               {@code null}.
1112   *
1113   * @return  The subcommand type with the specified name, or {@code null} if
1114   *          there is no subcommand type for the given name.
1115   */
1116  @Nullable()
1117  public static ManageAccountSubCommandType forName(@NotNull final String name)
1118  {
1119    ensureMapsPopulated();
1120
1121    return typesByName.get(StaticUtils.toLowerCase(name));
1122  }
1123
1124
1125
1126  /**
1127   * Retrieves the subcommand type with the specified password policy state
1128   * operation type.
1129   *
1130   * @param  opType  The password policy state operation type for the subcommand
1131   *                 type to retrieve.
1132   *
1133   * @return  The subcommand type with the specified password policy state
1134   *          operation type, or {@code null} if there is no subcommand type for
1135   *          the given operation type.
1136   */
1137  @Nullable()
1138  public static ManageAccountSubCommandType forOperationType(final int opType)
1139  {
1140    ensureMapsPopulated();
1141
1142    return typesByOpType.get(opType);
1143  }
1144
1145
1146
1147  /**
1148   * Ensures that the maps allowing subcommand types to be retrieved by name and
1149   * by password policy state operation types are populated.  They can't be
1150   * automatically populated by the constructor because enum constructors can't
1151   * interact with static
1152   */
1153  private static synchronized void ensureMapsPopulated()
1154  {
1155    if (typesByName == null)
1156    {
1157      final ManageAccountSubCommandType[] values =
1158           ManageAccountSubCommandType.values();
1159      typesByName =
1160           new HashMap<>(StaticUtils.computeMapCapacity(2*values.length));
1161      typesByOpType =
1162           new HashMap<>(StaticUtils.computeMapCapacity(values.length));
1163
1164      for (final ManageAccountSubCommandType t :  values)
1165      {
1166        typesByName.put(StaticUtils.toLowerCase(t.primaryName), t);
1167        for (final String altName : t.alternateNames)
1168        {
1169          typesByName.put(StaticUtils.toLowerCase(altName), t);
1170        }
1171
1172        if (t.operationType>= 0)
1173        {
1174          typesByOpType.put(t.operationType, t);
1175        }
1176      }
1177    }
1178  }
1179}