001 /* 002 * Copyright 2012-2015 UnboundID Corp. 003 * All Rights Reserved. 004 */ 005 /* 006 * Copyright (C) 2015 UnboundID Corp. 007 * 008 * This program is free software; you can redistribute it and/or modify 009 * it under the terms of the GNU General Public License (GPLv2 only) 010 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 011 * as published by the Free Software Foundation. 012 * 013 * This program is distributed in the hope that it will be useful, 014 * but WITHOUT ANY WARRANTY; without even the implied warranty of 015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 016 * GNU General Public License for more details. 017 * 018 * You should have received a copy of the GNU General Public License 019 * along with this program; if not, see <http://www.gnu.org/licenses>. 020 */ 021 package com.unboundid.ldap.sdk.unboundidds.controls; 022 023 024 025 import java.util.ArrayList; 026 import java.util.Collections; 027 import java.util.Iterator; 028 import java.util.List; 029 030 import com.unboundid.asn1.ASN1Element; 031 import com.unboundid.asn1.ASN1Long; 032 import com.unboundid.asn1.ASN1OctetString; 033 import com.unboundid.asn1.ASN1Sequence; 034 import com.unboundid.asn1.ASN1Set; 035 import com.unboundid.ldap.sdk.Attribute; 036 import com.unboundid.ldap.sdk.Control; 037 import com.unboundid.ldap.sdk.BindResult; 038 import com.unboundid.ldap.sdk.DecodeableControl; 039 import com.unboundid.ldap.sdk.LDAPException; 040 import com.unboundid.ldap.sdk.ResultCode; 041 import com.unboundid.util.Debug; 042 import com.unboundid.util.NotMutable; 043 import com.unboundid.util.StaticUtils; 044 import com.unboundid.util.ThreadSafety; 045 import com.unboundid.util.ThreadSafetyLevel; 046 047 import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 048 049 050 051 /** 052 * <BLOCKQUOTE> 053 * <B>NOTE:</B> This class is part of the Commercial Edition of the UnboundID 054 * LDAP SDK for Java. It is not available for use in applications that 055 * include only the Standard Edition of the LDAP SDK, and is not supported for 056 * use in conjunction with non-UnboundID products. 057 * </BLOCKQUOTE> 058 * This class provides a response control that may be included in the response 059 * to a successful bind operation in order to provide information about custom 060 * resource limits for the user, including size limit, time limit, idle time 061 * limit, lookthrough limit, equivalent authorization user DN, and client 062 * connection policy name. 063 * <BR><BR> 064 * The criticality for this control should be {@code false}. It must have a 065 * value with the following encoding: 066 * <PRE> 067 * USER_RESOURCE_LIMITS_VALUE ::= SEQUENCE { 068 * sizeLimit [0] INTEGER OPTIONAL, 069 * timeLimitSeconds [1] INTEGER OPTIONAL, 070 * idleTimeLimitSeconds [2] INTEGER OPTIONAL, 071 * lookthroughLimit [3] INTEGER OPTIONAL, 072 * equivalentAuthzUserDN [4] LDAPDN OPTIONAL, 073 * clientConnectionPolicyName [5] OCTET STRING OPTIONAL, 074 * groupDNs [6] SET OF OCTET STRING OPTIONAL, 075 * privilegeNames [7] SET OF OCTET STRING OPTIONAL, 076 * otherAttributes [8] PartialAttributeList OPTIONAL, 077 * ... } 078 * </PRE> 079 * 080 * @see GetUserResourceLimitsRequestControl 081 */ 082 @NotMutable() 083 @ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 084 public final class GetUserResourceLimitsResponseControl 085 extends Control 086 implements DecodeableControl 087 { 088 /** 089 * The OID (1.3.6.1.4.1.30221.2.5.26) for the get user resource limits 090 * response control. 091 */ 092 public static final String GET_USER_RESOURCE_LIMITS_RESPONSE_OID = 093 "1.3.6.1.4.1.30221.2.5.26"; 094 095 096 097 /** 098 * The BER type for the value element used to specify the size limit. 099 */ 100 private static final byte TYPE_SIZE_LIMIT = (byte) 0x80; 101 102 103 104 /** 105 * The BER type for the value element used to specify the time limit. 106 */ 107 private static final byte TYPE_TIME_LIMIT = (byte) 0x81; 108 109 110 111 /** 112 * The BER type for the value element used to specify the idle time limit. 113 */ 114 private static final byte TYPE_IDLE_TIME_LIMIT = (byte) 0x82; 115 116 117 118 /** 119 * The BER type for the value element used to specify the lookthrough limit. 120 */ 121 private static final byte TYPE_LOOKTHROUGH_LIMIT = (byte) 0x83; 122 123 124 125 /** 126 * The BER type for the value element used to specify the equivalent 127 * authorization user DN. 128 */ 129 private static final byte TYPE_EQUIVALENT_AUTHZ_USER_DN = (byte) 0x84; 130 131 132 133 /** 134 * The BER type for the value element used to specify the client connection 135 * policy name. 136 */ 137 private static final byte TYPE_CLIENT_CONNECTION_POLICY_NAME = (byte) 0x85; 138 139 140 141 /** 142 * The BER type for the value element used to specify the DNs of groups in 143 * which the user is a member. 144 */ 145 private static final byte TYPE_GROUP_DNS = (byte) 0xA6; 146 147 148 149 /** 150 * The BER type for the value element used to specify the set of user 151 * privilege names. 152 */ 153 private static final byte TYPE_PRIVILEGE_NAMES = (byte) 0xA7; 154 155 156 157 /** 158 * The BER type for the value element used to specify additional attributes 159 * that may be included in the future. 160 */ 161 private static final byte TYPE_OTHER_ATTRIBUTES = (byte) 0xA8; 162 163 164 165 /** 166 * The serial version UID for this serializable class. 167 */ 168 private static final long serialVersionUID = -5261978490319320250L; 169 170 171 172 // The set of other select attributes from the user entry. 173 private final List<Attribute> otherAttributes; 174 175 // The set of group DNs for the user. 176 private final List<String> groupDNs; 177 178 // The set of privilege names for the user. 179 private final List<String> privilegeNames; 180 181 // The custom idle time limit for the user. 182 private final Long idleTimeLimitSeconds; 183 184 // The custom lookthrough limit for the user. 185 private final Long lookthroughLimit; 186 187 // The custom size limit for the user. 188 private final Long sizeLimit; 189 190 // The custom time limit for the user, in seconds. 191 private final Long timeLimitSeconds; 192 193 // The name of the client connection policy selected for the user. 194 private final String clientConnectionPolicyName; 195 196 // The DN of a user with equivalent authorization rights for use in servers 197 // in an entry-balancing environment in which the user's entry does not exist. 198 private final String equivalentAuthzUserDN; 199 200 201 202 /** 203 * Creates a new empty control instance that is intended to be used only for 204 * decoding controls via the {@code DecodeableControl} interface. 205 */ 206 GetUserResourceLimitsResponseControl() 207 { 208 otherAttributes = null; 209 groupDNs = null; 210 privilegeNames = null; 211 idleTimeLimitSeconds = null; 212 lookthroughLimit = null; 213 sizeLimit = null; 214 timeLimitSeconds = null; 215 clientConnectionPolicyName = null; 216 equivalentAuthzUserDN = null; 217 } 218 219 220 221 /** 222 * Creates a new get user resource limits response control with the provided 223 * information. 224 * 225 * @param sizeLimit The custom size limit for the user. 226 * It may be less than or equal to zero 227 * if no size limit should be enforced for 228 * the user. It may be {@code null} if 229 * there is no custom size limit or it is 230 * not to be included in the control. 231 * @param timeLimitSeconds The custom time limit for the user, in 232 * seconds. It may be less than or equal 233 * to zero if no time limit should be 234 * enforced for the user. It may be 235 * {@code null} if there is no custom time 236 * limit or it is not to be included in 237 * the control. 238 * @param idleTimeLimitSeconds The custom idle time limit for the 239 * user, in seconds. It may be less than 240 * or equal to zero if no idle time limit 241 * should be enforced for the user. It 242 * may be {@code null} if there is no 243 * custom idle time limit or it is not to 244 * be included in the control. 245 * @param lookthroughLimit The custom lookthrough limit for the 246 * user. It may be less than or equal to 247 * zero if no lookthrough limit should 248 * be enforced for the user. It may be 249 * {@code null} if there is no custom 250 * lookthrough limit for the user or it is 251 * not to be included in the control. 252 * @param equivalentAuthzUserDN The DN of a user with equivalent 253 * authorization rights for use in servers 254 * in an entry-balancing environment in 255 * which the user's entry does not exist. 256 * It may be an empty string if the 257 * equivalent authorization should be 258 * anonymous, or {@code null} if there is 259 * no custom equivalent authorization user 260 * DN or it is not to be included in the 261 * control. 262 * @param clientConnectionPolicyName The name of the client connection 263 * policy that has been assigned to the 264 * user, or {@code null} if the client 265 * connection policy name is not to be 266 * included in the control. 267 */ 268 public GetUserResourceLimitsResponseControl(final Long sizeLimit, 269 final Long timeLimitSeconds, final Long idleTimeLimitSeconds, 270 final Long lookthroughLimit, final String equivalentAuthzUserDN, 271 final String clientConnectionPolicyName) 272 { 273 this(sizeLimit, timeLimitSeconds, idleTimeLimitSeconds, lookthroughLimit, 274 equivalentAuthzUserDN, clientConnectionPolicyName, null, null, null); 275 } 276 277 278 279 /** 280 * Creates a new get user resource limits response control with the provided 281 * information. 282 * 283 * @param sizeLimit The custom size limit for the user. 284 * It may be less than or equal to zero 285 * if no size limit should be enforced for 286 * the user. It may be {@code null} if 287 * there is no custom size limit or it is 288 * not to be included in the control. 289 * @param timeLimitSeconds The custom time limit for the user, in 290 * seconds. It may be less than or equal 291 * to zero if no time limit should be 292 * enforced for the user. It may be 293 * {@code null} if there is no custom time 294 * limit or it is not to be included in 295 * the control. 296 * @param idleTimeLimitSeconds The custom idle time limit for the 297 * user, in seconds. It may be less than 298 * or equal to zero if no idle time limit 299 * should be enforced for the user. It 300 * may be {@code null} if there is no 301 * custom idle time limit or it is not to 302 * be included in the control. 303 * @param lookthroughLimit The custom lookthrough limit for the 304 * user. It may be less than or equal to 305 * zero if no lookthrough limit should 306 * be enforced for the user. It may be 307 * {@code null} if there is no custom 308 * lookthrough limit for the user or it is 309 * not to be included in the control. 310 * @param equivalentAuthzUserDN The DN of a user with equivalent 311 * authorization rights for use in servers 312 * in an entry-balancing environment in 313 * which the user's entry does not exist. 314 * It may be an empty string if the 315 * equivalent authorization should be 316 * anonymous, or {@code null} if there is 317 * no custom equivalent authorization user 318 * DN or it is not to be included in the 319 * control. 320 * @param clientConnectionPolicyName The name of the client connection 321 * policy that has been assigned to the 322 * user, or {@code null} if the client 323 * connection policy name is not to be 324 * included in the control. 325 * @param groupDNs The DNs of the groups in which the user 326 * is a member. It may be {@code null} if 327 * group membership is not known, or 328 * empty if the user isn't a member of any 329 * groups. 330 * @param privilegeNames The names of the privileges assigned to 331 * the user. It may be {@code null} if 332 * the privilege names are not known, or 333 * empty if the user doesn't have any 334 * privileges. 335 * @param otherAttributes A set of additional attributes from the 336 * user's entry. It may be {@code null} 337 * or empty if no additional attributes 338 * are needed. 339 */ 340 public GetUserResourceLimitsResponseControl(final Long sizeLimit, 341 final Long timeLimitSeconds, final Long idleTimeLimitSeconds, 342 final Long lookthroughLimit, final String equivalentAuthzUserDN, 343 final String clientConnectionPolicyName, 344 final List<String> groupDNs, final List<String> privilegeNames, 345 final List<Attribute> otherAttributes) 346 { 347 super(GET_USER_RESOURCE_LIMITS_RESPONSE_OID, false, 348 encodeValue(sizeLimit, timeLimitSeconds, idleTimeLimitSeconds, 349 lookthroughLimit, equivalentAuthzUserDN, 350 clientConnectionPolicyName, groupDNs, privilegeNames, 351 otherAttributes)); 352 353 if ((sizeLimit == null) || (sizeLimit > 0L)) 354 { 355 this.sizeLimit = sizeLimit; 356 } 357 else 358 { 359 this.sizeLimit = -1L; 360 } 361 362 if ((timeLimitSeconds == null) || (timeLimitSeconds > 0L)) 363 { 364 this.timeLimitSeconds = timeLimitSeconds; 365 } 366 else 367 { 368 this.timeLimitSeconds = -1L; 369 } 370 371 if ((idleTimeLimitSeconds == null) || (idleTimeLimitSeconds > 0L)) 372 { 373 this.idleTimeLimitSeconds = idleTimeLimitSeconds; 374 } 375 else 376 { 377 this.idleTimeLimitSeconds = -1L; 378 } 379 380 if ((lookthroughLimit == null) || (lookthroughLimit > 0L)) 381 { 382 this.lookthroughLimit = lookthroughLimit; 383 } 384 else 385 { 386 this.lookthroughLimit = -1L; 387 } 388 389 this.equivalentAuthzUserDN = equivalentAuthzUserDN; 390 this.clientConnectionPolicyName = clientConnectionPolicyName; 391 392 if (groupDNs == null) 393 { 394 this.groupDNs = null; 395 } 396 else 397 { 398 this.groupDNs = 399 Collections.unmodifiableList(new ArrayList<String>(groupDNs)); 400 } 401 402 if (privilegeNames == null) 403 { 404 this.privilegeNames = null; 405 } 406 else 407 { 408 this.privilegeNames = 409 Collections.unmodifiableList(new ArrayList<String>(privilegeNames)); 410 } 411 412 if (otherAttributes == null) 413 { 414 this.otherAttributes = Collections.emptyList(); 415 } 416 else 417 { 418 this.otherAttributes = Collections.unmodifiableList( 419 new ArrayList<Attribute>(otherAttributes)); 420 } 421 } 422 423 424 425 /** 426 * Encodes the provided information into an octet string suitable for use as 427 * the value of a get user resource limits response control. 428 * 429 * @param sizeLimit The custom size limit for the user. 430 * It may be less than or equal to zero 431 * if no size limit should be enforced for 432 * the user. It may be {@code null} if 433 * there is no custom size limit or it is 434 * not to be included in the control. 435 * @param timeLimitSeconds The custom time limit for the user, in 436 * seconds. It may be less than or equal 437 * to zero if no time limit should be 438 * enforced for the user. It may be 439 * {@code null} if there is no custom time 440 * limit or it is not to be included in 441 * the control. 442 * @param idleTimeLimitSeconds The custom idle time limit for the 443 * user, in seconds. It may be less than 444 * or equal to zero if no idle time limit 445 * should be enforced for the user. It 446 * may be {@code null} if there is no 447 * custom idle time limit or it is not to 448 * be included in the control. 449 * @param lookthroughLimit The custom lookthrough limit for the 450 * user. It may be less than or equal to 451 * zero if no lookthrough limit should 452 * be enforced for the user. It may be 453 * {@code null} if there is no custom 454 * lookthrough limit for the user or it is 455 * not to be included in the control. 456 * @param equivalentAuthzUserDN The DN of a user with equivalent 457 * authorization rights for use in servers 458 * in an entry-balancing environment in 459 * which the user's entry does not exist. 460 * @param clientConnectionPolicyName The name of the client connection 461 * policy that has been assigned to the 462 * user, or {@code null} if the client 463 * connection policy name is not to be 464 * included in the control. 465 * @param groupDNs The DNs of the groups in which the user 466 * is a member. It may be {@code null} if 467 * group membership is not known, or 468 * empty if the user isn't a member of any 469 * groups. 470 * @param privilegeNames The names of the privileges assigned to 471 * the user. It may be {@code null} if 472 * the privilege names are not known, or 473 * empty if the user doesn't have any 474 * privileges. 475 * @param otherAttributes A set of additional attributes from the 476 * user's entry. It may be {@code null} 477 * or empty if no additional attributes 478 * are needed. 479 * 480 * @return The octet string which may be used as the value of a get user 481 * resource limits response control 482 */ 483 private static ASN1OctetString encodeValue(final Long sizeLimit, 484 final Long timeLimitSeconds, final Long idleTimeLimitSeconds, 485 final Long lookthroughLimit, final String equivalentAuthzUserDN, 486 final String clientConnectionPolicyName, 487 final List<String> groupDNs, final List<String> privilegeNames, 488 final List<Attribute> otherAttributes) 489 { 490 final ArrayList<ASN1Element> elements = new ArrayList<ASN1Element>(10); 491 492 if (sizeLimit != null) 493 { 494 if (sizeLimit > 0L) 495 { 496 elements.add(new ASN1Long(TYPE_SIZE_LIMIT, sizeLimit)); 497 } 498 else 499 { 500 elements.add(new ASN1Long(TYPE_SIZE_LIMIT, -1L)); 501 } 502 } 503 504 if (timeLimitSeconds != null) 505 { 506 if (timeLimitSeconds > 0L) 507 { 508 elements.add(new ASN1Long(TYPE_TIME_LIMIT, timeLimitSeconds)); 509 } 510 else 511 { 512 elements.add(new ASN1Long(TYPE_TIME_LIMIT, -1L)); 513 } 514 } 515 516 if (idleTimeLimitSeconds != null) 517 { 518 if (idleTimeLimitSeconds > 0L) 519 { 520 elements.add(new ASN1Long(TYPE_IDLE_TIME_LIMIT, idleTimeLimitSeconds)); 521 } 522 else 523 { 524 elements.add(new ASN1Long(TYPE_IDLE_TIME_LIMIT, -1L)); 525 } 526 } 527 528 if (lookthroughLimit != null) 529 { 530 if (lookthroughLimit > 0L) 531 { 532 elements.add(new ASN1Long(TYPE_LOOKTHROUGH_LIMIT, lookthroughLimit)); 533 } 534 else 535 { 536 elements.add(new ASN1Long(TYPE_LOOKTHROUGH_LIMIT, -1L)); 537 } 538 } 539 540 if (equivalentAuthzUserDN != null) 541 { 542 elements.add(new ASN1OctetString(TYPE_EQUIVALENT_AUTHZ_USER_DN, 543 equivalentAuthzUserDN)); 544 } 545 546 if (clientConnectionPolicyName != null) 547 { 548 elements.add(new ASN1OctetString(TYPE_CLIENT_CONNECTION_POLICY_NAME, 549 clientConnectionPolicyName)); 550 } 551 552 if (groupDNs != null) 553 { 554 final ArrayList<ASN1Element> dnElements = 555 new ArrayList<ASN1Element>(groupDNs.size()); 556 for (final String s : groupDNs) 557 { 558 dnElements.add(new ASN1OctetString(s)); 559 } 560 561 elements.add(new ASN1Set(TYPE_GROUP_DNS, dnElements)); 562 } 563 564 if (privilegeNames != null) 565 { 566 final ArrayList<ASN1Element> privElements = 567 new ArrayList<ASN1Element>(privilegeNames.size()); 568 for (final String s : privilegeNames) 569 { 570 privElements.add(new ASN1OctetString(s)); 571 } 572 573 elements.add(new ASN1Set(TYPE_PRIVILEGE_NAMES, privElements)); 574 } 575 576 if ((otherAttributes != null) && (! otherAttributes.isEmpty())) 577 { 578 final ArrayList<ASN1Element> attrElements = 579 new ArrayList<ASN1Element>(otherAttributes.size()); 580 for (final Attribute a : otherAttributes) 581 { 582 attrElements.add(a.encode()); 583 } 584 585 elements.add(new ASN1Sequence(TYPE_OTHER_ATTRIBUTES, attrElements)); 586 } 587 588 return new ASN1OctetString(new ASN1Sequence(elements).encode()); 589 } 590 591 592 593 /** 594 * Creates a new get user resource limits response control decoded from the 595 * given generic control contents. 596 * 597 * @param oid The OID for the control. 598 * @param isCritical Indicates whether this control should be marked 599 * critical. 600 * @param value The value for the control. It may be {@code null} if 601 * the control to decode does not have a value. 602 * 603 * @throws LDAPException If a problem occurs while attempting to decode the 604 * generic control as a get user resource limits 605 * response control. 606 */ 607 public GetUserResourceLimitsResponseControl(final String oid, 608 final boolean isCritical, 609 final ASN1OctetString value) 610 throws LDAPException 611 { 612 super(oid, isCritical, value); 613 614 if (value == null) 615 { 616 throw new LDAPException(ResultCode.DECODING_ERROR, 617 ERR_GET_USER_RESOURCE_LIMITS_RESPONSE_MISSING_VALUE.get()); 618 } 619 620 621 List<Attribute> oa = Collections.emptyList(); 622 List<String> gd = null; 623 List<String> pn = null; 624 Long sL = null; 625 Long tL = null; 626 Long iTL = null; 627 Long lL = null; 628 String eAUD = null; 629 String cCPN = null; 630 631 try 632 { 633 final ASN1Element[] elements = 634 ASN1Sequence.decodeAsSequence(value.getValue()).elements(); 635 for (final ASN1Element e : elements) 636 { 637 switch (e.getType()) 638 { 639 case TYPE_SIZE_LIMIT: 640 sL = ASN1Long.decodeAsLong(e).longValue(); 641 break; 642 case TYPE_TIME_LIMIT: 643 tL = ASN1Long.decodeAsLong(e).longValue(); 644 break; 645 case TYPE_IDLE_TIME_LIMIT: 646 iTL = ASN1Long.decodeAsLong(e).longValue(); 647 break; 648 case TYPE_LOOKTHROUGH_LIMIT: 649 lL = ASN1Long.decodeAsLong(e).longValue(); 650 break; 651 case TYPE_EQUIVALENT_AUTHZ_USER_DN: 652 eAUD = ASN1OctetString.decodeAsOctetString(e).stringValue(); 653 break; 654 case TYPE_CLIENT_CONNECTION_POLICY_NAME: 655 cCPN = ASN1OctetString.decodeAsOctetString(e).stringValue(); 656 break; 657 case TYPE_GROUP_DNS: 658 final ASN1Element[] groupElements = 659 ASN1Set.decodeAsSet(e).elements(); 660 gd = new ArrayList<String>(groupElements.length); 661 for (final ASN1Element pe : groupElements) 662 { 663 gd.add(ASN1OctetString.decodeAsOctetString(pe).stringValue()); 664 } 665 gd = Collections.unmodifiableList(gd); 666 break; 667 case TYPE_PRIVILEGE_NAMES: 668 final ASN1Element[] privElements = 669 ASN1Set.decodeAsSet(e).elements(); 670 pn = new ArrayList<String>(privElements.length); 671 for (final ASN1Element pe : privElements) 672 { 673 pn.add(ASN1OctetString.decodeAsOctetString(pe).stringValue()); 674 } 675 pn = Collections.unmodifiableList(pn); 676 break; 677 case TYPE_OTHER_ATTRIBUTES: 678 final ASN1Element[] attrElemnets = 679 ASN1Sequence.decodeAsSequence(e).elements(); 680 oa = new ArrayList<Attribute>(attrElemnets.length); 681 for (final ASN1Element ae : attrElemnets) 682 { 683 oa.add(Attribute.decode(ASN1Sequence.decodeAsSequence(ae))); 684 } 685 oa = Collections.unmodifiableList(oa); 686 break; 687 default: 688 // No action will be taken. It may be the case that a future 689 // version of the control could return additional information. 690 break; 691 } 692 } 693 } 694 catch (final Exception e) 695 { 696 Debug.debugException(e); 697 throw new LDAPException(ResultCode.DECODING_ERROR, 698 ERR_GET_USER_RESOURCE_LIMITS_RESPONSE_CANNOT_DECODE_VALUE.get( 699 StaticUtils.getExceptionMessage(e)), 700 e); 701 } 702 703 otherAttributes = oa; 704 groupDNs = gd; 705 privilegeNames = pn; 706 sizeLimit = sL; 707 timeLimitSeconds = tL; 708 idleTimeLimitSeconds = iTL; 709 lookthroughLimit = lL; 710 equivalentAuthzUserDN = eAUD; 711 clientConnectionPolicyName = cCPN; 712 } 713 714 715 716 /** 717 * {@inheritDoc} 718 */ 719 public GetUserResourceLimitsResponseControl decodeControl(final String oid, 720 final boolean isCritical, 721 final ASN1OctetString value) 722 throws LDAPException 723 { 724 return new GetUserResourceLimitsResponseControl(oid, isCritical, value); 725 } 726 727 728 729 /** 730 * Extracts a get user resource limits response control from the provided 731 * result. 732 * 733 * @param result The bind result from which to retrieve the get user 734 * resource limits response control. 735 * 736 * @return The get user resource limits response control contained in the 737 * provided result, or {@code null} if the result did not contain a 738 * get user resource limits response control. 739 * 740 * @throws LDAPException If a problem is encountered while attempting to 741 * decode the get user resource limits response 742 * control contained in the provided result. 743 */ 744 public static GetUserResourceLimitsResponseControl get( 745 final BindResult result) 746 throws LDAPException 747 { 748 final Control c = 749 result.getResponseControl(GET_USER_RESOURCE_LIMITS_RESPONSE_OID); 750 if (c == null) 751 { 752 return null; 753 } 754 755 if (c instanceof GetUserResourceLimitsResponseControl) 756 { 757 return (GetUserResourceLimitsResponseControl) c; 758 } 759 else 760 { 761 return new GetUserResourceLimitsResponseControl(c.getOID(), 762 c.isCritical(), c.getValue()); 763 } 764 } 765 766 767 768 /** 769 * Retrieves the custom size limit for the user, if available. 770 * 771 * @return The custom size limit for the user, -1 if no size limit should be 772 * enforced for the user, or {@code null} if no custom size limit 773 * was included in the control. 774 */ 775 public Long getSizeLimit() 776 { 777 return sizeLimit; 778 } 779 780 781 782 /** 783 * Retrieves the custom time limit for the user in seconds, if available. 784 * 785 * @return The custom time limit for the user in seconds, -1 if no time limit 786 * should be enforced for the user, or {@code null} if no custom time 787 * limit was included in the control. 788 */ 789 public Long getTimeLimitSeconds() 790 { 791 return timeLimitSeconds; 792 } 793 794 795 796 /** 797 * Retrieves the custom idle time limit for the user in seconds, if available. 798 * 799 * @return The custom idle time limit for the user in seconds, -1 if no idle 800 * time limit should be enforced for the user, or {@code null} if no 801 * custom idle time limit was included in the control. 802 */ 803 public Long getIdleTimeLimitSeconds() 804 { 805 return idleTimeLimitSeconds; 806 } 807 808 809 810 /** 811 * Retrieves the custom lookthrough limit for the user, if available. 812 * 813 * @return The custom lookthrough limit for the user, -1 if no lookthrough 814 * limit should be enforced for the user, or {@code null} if no 815 * custom lookthrough limit was included in the control. 816 */ 817 public Long getLookthroughLimit() 818 { 819 return lookthroughLimit; 820 } 821 822 823 824 /** 825 * Retrieves the equivalent authorization user DN, for use in servers in an 826 * entry-balancing environment in which the user's entry does not exist. 827 * 828 * @return The equivalent authorization user DN for the user, an empty string 829 * if the equivalent authorization is anonymous, or {@code null} if 830 * no equivalent authorization user DN was included in the control. 831 */ 832 public String getEquivalentAuthzUserDN() 833 { 834 return equivalentAuthzUserDN; 835 } 836 837 838 839 /** 840 * Retrieves the name of the client connection policy that has been assigned 841 * to the user, if available. 842 * 843 * @return The name of the client connection policy that has been assigned to 844 * the user, or {@code null} if the client connection policy name was 845 * not included in the control. 846 */ 847 public String getClientConnectionPolicyName() 848 { 849 return clientConnectionPolicyName; 850 } 851 852 853 854 /** 855 * Retrieves the DNs of any groups in which the user is a member. 856 * 857 * @return The DNs of any groups in which the user is a member, an empty list 858 * if the user is not a member of any groups, or {@code null} if the 859 * set of group DNs is not known. 860 */ 861 public List<String> getGroupDNs() 862 { 863 return groupDNs; 864 } 865 866 867 868 /** 869 * Retrieves the names of any privileges assigned to the user. 870 * 871 * @return The names of any privileges assigned to the user, an empty list if 872 * the user is known to have no privileges, or {@code null} if the 873 * set of user privileges is not known. 874 */ 875 public List<String> getPrivilegeNames() 876 { 877 return privilegeNames; 878 } 879 880 881 882 /** 883 * Retrieves a list containing additional attributes from the user's entry. 884 * 885 * @return A list containing additional attributes from the user's entry, or 886 * an empty list if no additional attributes were provided. 887 */ 888 public List<Attribute> getOtherAttributes() 889 { 890 return otherAttributes; 891 } 892 893 894 895 /** 896 * {@inheritDoc} 897 */ 898 @Override() 899 public String getControlName() 900 { 901 return INFO_CONTROL_NAME_GET_USER_RESOURCE_LIMITS_RESPONSE.get(); 902 } 903 904 905 906 /** 907 * {@inheritDoc} 908 */ 909 @Override() 910 public void toString(final StringBuilder buffer) 911 { 912 buffer.append("GetUserResourceLimitsResponseControl("); 913 914 boolean added = false; 915 if (sizeLimit != null) 916 { 917 buffer.append("sizeLimit="); 918 buffer.append(sizeLimit); 919 added = true; 920 } 921 922 if (timeLimitSeconds != null) 923 { 924 if (added) 925 { 926 buffer.append(", "); 927 } 928 929 buffer.append("timeLimitSeconds="); 930 buffer.append(timeLimitSeconds); 931 added = true; 932 } 933 934 if (idleTimeLimitSeconds != null) 935 { 936 if (added) 937 { 938 buffer.append(", "); 939 } 940 941 buffer.append("idleTimeLimitSeconds="); 942 buffer.append(idleTimeLimitSeconds); 943 added = true; 944 } 945 946 if (lookthroughLimit != null) 947 { 948 if (added) 949 { 950 buffer.append(", "); 951 } 952 953 buffer.append("lookthroughLimit="); 954 buffer.append(lookthroughLimit); 955 added = true; 956 } 957 958 if (equivalentAuthzUserDN != null) 959 { 960 if (added) 961 { 962 buffer.append(", "); 963 } 964 965 buffer.append("equivalentAuthzUserDN=\""); 966 buffer.append(equivalentAuthzUserDN); 967 buffer.append('"'); 968 added = true; 969 } 970 971 if (clientConnectionPolicyName != null) 972 { 973 if (added) 974 { 975 buffer.append(", "); 976 } 977 978 buffer.append("clientConnectionPolicyName=\""); 979 buffer.append(clientConnectionPolicyName); 980 buffer.append('"'); 981 added = true; 982 } 983 984 if (groupDNs != null) 985 { 986 if (added) 987 { 988 buffer.append(", "); 989 } 990 991 buffer.append("groupDNs={"); 992 993 final Iterator<String> dnIterator = groupDNs.iterator(); 994 while (dnIterator.hasNext()) 995 { 996 buffer.append('"'); 997 buffer.append(dnIterator.next()); 998 buffer.append('"'); 999 1000 if (dnIterator.hasNext()) 1001 { 1002 buffer.append(", "); 1003 } 1004 } 1005 1006 buffer.append('}'); 1007 added = true; 1008 } 1009 1010 if (privilegeNames != null) 1011 { 1012 if (added) 1013 { 1014 buffer.append(", "); 1015 } 1016 1017 buffer.append("privilegeNames={"); 1018 1019 final Iterator<String> privilegeIterator = privilegeNames.iterator(); 1020 while (privilegeIterator.hasNext()) 1021 { 1022 buffer.append('"'); 1023 buffer.append(privilegeIterator.next()); 1024 buffer.append('"'); 1025 1026 if (privilegeIterator.hasNext()) 1027 { 1028 buffer.append(", "); 1029 } 1030 } 1031 1032 buffer.append('}'); 1033 added = true; 1034 } 1035 1036 if (! otherAttributes.isEmpty()) 1037 { 1038 if (added) 1039 { 1040 buffer.append(", "); 1041 } 1042 1043 buffer.append("otherAttributes={"); 1044 1045 final Iterator<Attribute> attrIterator = otherAttributes.iterator(); 1046 while (attrIterator.hasNext()) 1047 { 1048 attrIterator.next().toString(buffer); 1049 1050 if (attrIterator.hasNext()) 1051 { 1052 buffer.append(", "); 1053 } 1054 } 1055 1056 buffer.append('}'); 1057 } 1058 1059 buffer.append("')"); 1060 } 1061 }