001    /*
002     * Copyright 2012-2015 UnboundID Corp.
003     * All Rights Reserved.
004     */
005    /*
006     * Copyright (C) 2015 UnboundID Corp.
007     *
008     * This program is free software; you can redistribute it and/or modify
009     * it under the terms of the GNU General Public License (GPLv2 only)
010     * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
011     * as published by the Free Software Foundation.
012     *
013     * This program is distributed in the hope that it will be useful,
014     * but WITHOUT ANY WARRANTY; without even the implied warranty of
015     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
016     * GNU General Public License for more details.
017     *
018     * You should have received a copy of the GNU General Public License
019     * along with this program; if not, see <http://www.gnu.org/licenses>.
020     */
021    package com.unboundid.ldap.sdk.unboundidds.controls;
022    
023    
024    
025    import java.util.ArrayList;
026    import java.util.Collections;
027    import java.util.Iterator;
028    import java.util.List;
029    
030    import com.unboundid.asn1.ASN1Element;
031    import com.unboundid.asn1.ASN1Long;
032    import com.unboundid.asn1.ASN1OctetString;
033    import com.unboundid.asn1.ASN1Sequence;
034    import com.unboundid.asn1.ASN1Set;
035    import com.unboundid.ldap.sdk.Attribute;
036    import com.unboundid.ldap.sdk.Control;
037    import com.unboundid.ldap.sdk.BindResult;
038    import com.unboundid.ldap.sdk.DecodeableControl;
039    import com.unboundid.ldap.sdk.LDAPException;
040    import com.unboundid.ldap.sdk.ResultCode;
041    import com.unboundid.util.Debug;
042    import com.unboundid.util.NotMutable;
043    import com.unboundid.util.StaticUtils;
044    import com.unboundid.util.ThreadSafety;
045    import com.unboundid.util.ThreadSafetyLevel;
046    
047    import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*;
048    
049    
050    
051    /**
052     * <BLOCKQUOTE>
053     *   <B>NOTE:</B>  This class is part of the Commercial Edition of the UnboundID
054     *   LDAP SDK for Java.  It is not available for use in applications that
055     *   include only the Standard Edition of the LDAP SDK, and is not supported for
056     *   use in conjunction with non-UnboundID products.
057     * </BLOCKQUOTE>
058     * This class provides a response control that may be included in the response
059     * to a successful bind operation in order to provide information about custom
060     * resource limits for the user, including size limit, time limit, idle time
061     * limit, lookthrough limit, equivalent authorization user DN, and client
062     * connection policy name.
063     * <BR><BR>
064     * The criticality for this control should be {@code false}.  It must have a
065     * value with the following encoding:
066     * <PRE>
067     *   USER_RESOURCE_LIMITS_VALUE ::= SEQUENCE {
068     *     sizeLimit                      [0] INTEGER OPTIONAL,
069     *     timeLimitSeconds               [1] INTEGER OPTIONAL,
070     *     idleTimeLimitSeconds           [2] INTEGER OPTIONAL,
071     *     lookthroughLimit               [3] INTEGER OPTIONAL,
072     *     equivalentAuthzUserDN          [4] LDAPDN OPTIONAL,
073     *     clientConnectionPolicyName     [5] OCTET STRING OPTIONAL,
074     *     groupDNs                       [6] SET OF OCTET STRING OPTIONAL,
075     *     privilegeNames                 [7] SET OF OCTET STRING OPTIONAL,
076     *     otherAttributes                [8] PartialAttributeList OPTIONAL,
077     *     ... }
078     * </PRE>
079     *
080     * @see GetUserResourceLimitsRequestControl
081     */
082    @NotMutable()
083    @ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
084    public final class GetUserResourceLimitsResponseControl
085           extends Control
086           implements DecodeableControl
087    {
088      /**
089       * The OID (1.3.6.1.4.1.30221.2.5.26) for the get user resource limits
090       * response control.
091       */
092      public static final String GET_USER_RESOURCE_LIMITS_RESPONSE_OID =
093           "1.3.6.1.4.1.30221.2.5.26";
094    
095    
096    
097      /**
098       * The BER type for the value element used to specify the size limit.
099       */
100      private static final byte TYPE_SIZE_LIMIT = (byte) 0x80;
101    
102    
103    
104      /**
105       * The BER type for the value element used to specify the time limit.
106       */
107      private static final byte TYPE_TIME_LIMIT = (byte) 0x81;
108    
109    
110    
111      /**
112       * The BER type for the value element used to specify the idle time limit.
113       */
114      private static final byte TYPE_IDLE_TIME_LIMIT = (byte) 0x82;
115    
116    
117    
118      /**
119       * The BER type for the value element used to specify the lookthrough limit.
120       */
121      private static final byte TYPE_LOOKTHROUGH_LIMIT = (byte) 0x83;
122    
123    
124    
125      /**
126       * The BER type for the value element used to specify the equivalent
127       * authorization user DN.
128       */
129      private static final byte TYPE_EQUIVALENT_AUTHZ_USER_DN = (byte) 0x84;
130    
131    
132    
133      /**
134       * The BER type for the value element used to specify the client connection
135       * policy name.
136       */
137      private static final byte TYPE_CLIENT_CONNECTION_POLICY_NAME = (byte) 0x85;
138    
139    
140    
141      /**
142       * The BER type for the value element used to specify the DNs of groups in
143       * which the user is a member.
144       */
145      private static final byte TYPE_GROUP_DNS = (byte) 0xA6;
146    
147    
148    
149      /**
150       * The BER type for the value element used to specify the set of user
151       * privilege names.
152       */
153      private static final byte TYPE_PRIVILEGE_NAMES = (byte) 0xA7;
154    
155    
156    
157      /**
158       * The BER type for the value element used to specify additional attributes
159       * that may be included in the future.
160       */
161      private static final byte TYPE_OTHER_ATTRIBUTES = (byte) 0xA8;
162    
163    
164    
165      /**
166       * The serial version UID for this serializable class.
167       */
168      private static final long serialVersionUID = -5261978490319320250L;
169    
170    
171    
172      // The set of other select attributes from the user entry.
173      private final List<Attribute> otherAttributes;
174    
175      // The set of group DNs for the user.
176      private final List<String> groupDNs;
177    
178      // The set of privilege names for the user.
179      private final List<String> privilegeNames;
180    
181      // The custom idle time limit for the user.
182      private final Long idleTimeLimitSeconds;
183    
184      // The custom lookthrough limit for the user.
185      private final Long lookthroughLimit;
186    
187      // The custom size limit for the user.
188      private final Long sizeLimit;
189    
190      // The custom time limit for the user, in seconds.
191      private final Long timeLimitSeconds;
192    
193      // The name of the client connection policy selected for the user.
194      private final String clientConnectionPolicyName;
195    
196      // The DN of a user with equivalent authorization rights for use in servers
197      // in an entry-balancing environment in which the user's entry does not exist.
198      private final String equivalentAuthzUserDN;
199    
200    
201    
202      /**
203       * Creates a new empty control instance that is intended to be used only for
204       * decoding controls via the {@code DecodeableControl} interface.
205       */
206      GetUserResourceLimitsResponseControl()
207      {
208        otherAttributes            = null;
209        groupDNs                   = null;
210        privilegeNames             = null;
211        idleTimeLimitSeconds       = null;
212        lookthroughLimit           = null;
213        sizeLimit                  = null;
214        timeLimitSeconds           = null;
215        clientConnectionPolicyName = null;
216        equivalentAuthzUserDN      = null;
217      }
218    
219    
220    
221      /**
222       * Creates a new get user resource limits response control with the provided
223       * information.
224       *
225       * @param  sizeLimit                   The custom size limit for the user.
226       *                                     It may be less than or equal to zero
227       *                                     if no size limit should be enforced for
228       *                                     the user.  It may be {@code null} if
229       *                                     there is no custom size limit or it is
230       *                                     not to be included in the control.
231       * @param  timeLimitSeconds            The custom time limit for the user, in
232       *                                     seconds.  It may be less than or equal
233       *                                     to zero if no time limit should be
234       *                                     enforced for the user.  It may be
235       *                                     {@code null} if there is no custom time
236       *                                     limit or it is not to be included in
237       *                                     the control.
238       * @param  idleTimeLimitSeconds        The custom idle time limit for the
239       *                                     user, in seconds.  It may be less than
240       *                                     or equal to zero if no idle time limit
241       *                                     should be enforced for the user.  It
242       *                                     may be {@code null} if there is no
243       *                                     custom idle time limit or it is not to
244       *                                     be included in the control.
245       * @param  lookthroughLimit            The custom lookthrough limit for the
246       *                                     user.  It may be less than or equal to
247       *                                     zero if no lookthrough limit should
248       *                                     be enforced for the user.  It may be
249       *                                     {@code null} if there is no custom
250       *                                     lookthrough limit for the user or it is
251       *                                     not to be included in the control.
252       * @param  equivalentAuthzUserDN       The DN of a user with equivalent
253       *                                     authorization rights for use in servers
254       *                                     in an entry-balancing environment in
255       *                                     which the user's entry does not exist.
256       *                                     It may be an empty string if the
257       *                                     equivalent authorization should be
258       *                                     anonymous, or {@code null} if there is
259       *                                     no custom equivalent authorization user
260       *                                     DN or it is not to be included in the
261       *                                     control.
262       * @param  clientConnectionPolicyName  The name of the client connection
263       *                                     policy that has been assigned to the
264       *                                     user, or {@code null} if the client
265       *                                     connection policy name is not to be
266       *                                     included in the control.
267       */
268      public GetUserResourceLimitsResponseControl(final Long sizeLimit,
269                  final Long timeLimitSeconds, final Long idleTimeLimitSeconds,
270                  final Long lookthroughLimit, final String equivalentAuthzUserDN,
271                  final String clientConnectionPolicyName)
272      {
273        this(sizeLimit, timeLimitSeconds, idleTimeLimitSeconds, lookthroughLimit,
274             equivalentAuthzUserDN, clientConnectionPolicyName, null, null, null);
275      }
276    
277    
278    
279      /**
280       * Creates a new get user resource limits response control with the provided
281       * information.
282       *
283       * @param  sizeLimit                   The custom size limit for the user.
284       *                                     It may be less than or equal to zero
285       *                                     if no size limit should be enforced for
286       *                                     the user.  It may be {@code null} if
287       *                                     there is no custom size limit or it is
288       *                                     not to be included in the control.
289       * @param  timeLimitSeconds            The custom time limit for the user, in
290       *                                     seconds.  It may be less than or equal
291       *                                     to zero if no time limit should be
292       *                                     enforced for the user.  It may be
293       *                                     {@code null} if there is no custom time
294       *                                     limit or it is not to be included in
295       *                                     the control.
296       * @param  idleTimeLimitSeconds        The custom idle time limit for the
297       *                                     user, in seconds.  It may be less than
298       *                                     or equal to zero if no idle time limit
299       *                                     should be enforced for the user.  It
300       *                                     may be {@code null} if there is no
301       *                                     custom idle time limit or it is not to
302       *                                     be included in the control.
303       * @param  lookthroughLimit            The custom lookthrough limit for the
304       *                                     user.  It may be less than or equal to
305       *                                     zero if no lookthrough limit should
306       *                                     be enforced for the user.  It may be
307       *                                     {@code null} if there is no custom
308       *                                     lookthrough limit for the user or it is
309       *                                     not to be included in the control.
310       * @param  equivalentAuthzUserDN       The DN of a user with equivalent
311       *                                     authorization rights for use in servers
312       *                                     in an entry-balancing environment in
313       *                                     which the user's entry does not exist.
314       *                                     It may be an empty string if the
315       *                                     equivalent authorization should be
316       *                                     anonymous, or {@code null} if there is
317       *                                     no custom equivalent authorization user
318       *                                     DN or it is not to be included in the
319       *                                     control.
320       * @param  clientConnectionPolicyName  The name of the client connection
321       *                                     policy that has been assigned to the
322       *                                     user, or {@code null} if the client
323       *                                     connection policy name is not to be
324       *                                     included in the control.
325       * @param  groupDNs                    The DNs of the groups in which the user
326       *                                     is a member.  It may be {@code null} if
327       *                                     group membership is not known, or
328       *                                     empty if the user isn't a member of any
329       *                                     groups.
330       * @param  privilegeNames              The names of the privileges assigned to
331       *                                     the user.  It may be {@code null} if
332       *                                     the privilege names are not known, or
333       *                                     empty if the  user doesn't have any
334       *                                     privileges.
335       * @param  otherAttributes             A set of additional attributes from the
336       *                                     user's entry.  It may be {@code null}
337       *                                     or empty if no additional attributes
338       *                                     are needed.
339       */
340      public GetUserResourceLimitsResponseControl(final Long sizeLimit,
341                  final Long timeLimitSeconds, final Long idleTimeLimitSeconds,
342                  final Long lookthroughLimit, final String equivalentAuthzUserDN,
343                  final String clientConnectionPolicyName,
344                  final List<String> groupDNs, final List<String> privilegeNames,
345                  final List<Attribute> otherAttributes)
346      {
347        super(GET_USER_RESOURCE_LIMITS_RESPONSE_OID, false,
348             encodeValue(sizeLimit, timeLimitSeconds, idleTimeLimitSeconds,
349                  lookthroughLimit, equivalentAuthzUserDN,
350                  clientConnectionPolicyName, groupDNs, privilegeNames,
351                  otherAttributes));
352    
353        if ((sizeLimit == null) || (sizeLimit > 0L))
354        {
355          this.sizeLimit = sizeLimit;
356        }
357        else
358        {
359          this.sizeLimit = -1L;
360        }
361    
362        if ((timeLimitSeconds == null) || (timeLimitSeconds > 0L))
363        {
364          this.timeLimitSeconds = timeLimitSeconds;
365        }
366        else
367        {
368          this.timeLimitSeconds = -1L;
369        }
370    
371        if ((idleTimeLimitSeconds == null) || (idleTimeLimitSeconds > 0L))
372        {
373          this.idleTimeLimitSeconds = idleTimeLimitSeconds;
374        }
375        else
376        {
377          this.idleTimeLimitSeconds = -1L;
378        }
379    
380        if ((lookthroughLimit == null) || (lookthroughLimit > 0L))
381        {
382          this.lookthroughLimit = lookthroughLimit;
383        }
384        else
385        {
386          this.lookthroughLimit = -1L;
387        }
388    
389        this.equivalentAuthzUserDN      = equivalentAuthzUserDN;
390        this.clientConnectionPolicyName = clientConnectionPolicyName;
391    
392        if (groupDNs == null)
393        {
394          this.groupDNs = null;
395        }
396        else
397        {
398          this.groupDNs =
399               Collections.unmodifiableList(new ArrayList<String>(groupDNs));
400        }
401    
402        if (privilegeNames == null)
403        {
404          this.privilegeNames = null;
405        }
406        else
407        {
408          this.privilegeNames =
409               Collections.unmodifiableList(new ArrayList<String>(privilegeNames));
410        }
411    
412        if (otherAttributes == null)
413        {
414          this.otherAttributes = Collections.emptyList();
415        }
416        else
417        {
418          this.otherAttributes = Collections.unmodifiableList(
419               new ArrayList<Attribute>(otherAttributes));
420        }
421      }
422    
423    
424    
425      /**
426       * Encodes the provided information into an octet string suitable for use as
427       * the value of a get user resource limits response control.
428       *
429       * @param  sizeLimit                   The custom size limit for the user.
430       *                                     It may be less than or equal to zero
431       *                                     if no size limit should be enforced for
432       *                                     the user.  It may be {@code null} if
433       *                                     there is no custom size limit or it is
434       *                                     not to be included in the control.
435       * @param  timeLimitSeconds            The custom time limit for the user, in
436       *                                     seconds.  It may be less than or equal
437       *                                     to zero if no time limit should be
438       *                                     enforced for the user.  It may be
439       *                                     {@code null} if there is no custom time
440       *                                     limit or it is not to be included in
441       *                                     the control.
442       * @param  idleTimeLimitSeconds        The custom idle time limit for the
443       *                                     user, in seconds.  It may be less than
444       *                                     or equal to zero if no idle time limit
445       *                                     should be enforced for the user.  It
446       *                                     may be {@code null} if there is no
447       *                                     custom idle time limit or it is not to
448       *                                     be included in the control.
449       * @param  lookthroughLimit            The custom lookthrough limit for the
450       *                                     user.  It may be less than or equal to
451       *                                     zero if no lookthrough limit should
452       *                                     be enforced for the user.  It may be
453       *                                     {@code null} if there is no custom
454       *                                     lookthrough limit for the user or it is
455       *                                     not to be included in the control.
456       * @param  equivalentAuthzUserDN       The DN of a user with equivalent
457       *                                     authorization rights for use in servers
458       *                                     in an entry-balancing environment in
459       *                                     which the user's entry does not exist.
460       * @param  clientConnectionPolicyName  The name of the client connection
461       *                                     policy that has been assigned to the
462       *                                     user, or {@code null} if the client
463       *                                     connection policy name is not to be
464       *                                     included in the control.
465       * @param  groupDNs                    The DNs of the groups in which the user
466       *                                     is a member.  It may be {@code null} if
467       *                                     group membership is not known, or
468       *                                     empty if the user isn't a member of any
469       *                                     groups.
470       * @param  privilegeNames              The names of the privileges assigned to
471       *                                     the user.  It may be {@code null} if
472       *                                     the privilege names are not known, or
473       *                                     empty if the  user doesn't have any
474       *                                     privileges.
475       * @param  otherAttributes             A set of additional attributes from the
476       *                                     user's entry.  It may be {@code null}
477       *                                     or empty if no additional attributes
478       *                                     are needed.
479       *
480       * @return  The octet string which may be used as the value of a get user
481       *          resource limits response control
482       */
483      private static ASN1OctetString encodeValue(final Long sizeLimit,
484                  final Long timeLimitSeconds, final Long idleTimeLimitSeconds,
485                  final Long lookthroughLimit, final String equivalentAuthzUserDN,
486                  final String clientConnectionPolicyName,
487                  final List<String> groupDNs, final List<String> privilegeNames,
488                  final List<Attribute> otherAttributes)
489      {
490        final ArrayList<ASN1Element> elements = new ArrayList<ASN1Element>(10);
491    
492        if (sizeLimit != null)
493        {
494          if (sizeLimit > 0L)
495          {
496            elements.add(new ASN1Long(TYPE_SIZE_LIMIT, sizeLimit));
497          }
498          else
499          {
500            elements.add(new ASN1Long(TYPE_SIZE_LIMIT, -1L));
501          }
502        }
503    
504        if (timeLimitSeconds != null)
505        {
506          if (timeLimitSeconds > 0L)
507          {
508            elements.add(new ASN1Long(TYPE_TIME_LIMIT, timeLimitSeconds));
509          }
510          else
511          {
512            elements.add(new ASN1Long(TYPE_TIME_LIMIT, -1L));
513          }
514        }
515    
516        if (idleTimeLimitSeconds != null)
517        {
518          if (idleTimeLimitSeconds > 0L)
519          {
520            elements.add(new ASN1Long(TYPE_IDLE_TIME_LIMIT, idleTimeLimitSeconds));
521          }
522          else
523          {
524            elements.add(new ASN1Long(TYPE_IDLE_TIME_LIMIT, -1L));
525          }
526        }
527    
528        if (lookthroughLimit != null)
529        {
530          if (lookthroughLimit > 0L)
531          {
532            elements.add(new ASN1Long(TYPE_LOOKTHROUGH_LIMIT, lookthroughLimit));
533          }
534          else
535          {
536            elements.add(new ASN1Long(TYPE_LOOKTHROUGH_LIMIT, -1L));
537          }
538        }
539    
540        if (equivalentAuthzUserDN != null)
541        {
542          elements.add(new ASN1OctetString(TYPE_EQUIVALENT_AUTHZ_USER_DN,
543               equivalentAuthzUserDN));
544        }
545    
546        if (clientConnectionPolicyName != null)
547        {
548          elements.add(new ASN1OctetString(TYPE_CLIENT_CONNECTION_POLICY_NAME,
549               clientConnectionPolicyName));
550        }
551    
552        if (groupDNs != null)
553        {
554          final ArrayList<ASN1Element> dnElements =
555               new ArrayList<ASN1Element>(groupDNs.size());
556          for (final String s : groupDNs)
557          {
558            dnElements.add(new ASN1OctetString(s));
559          }
560    
561          elements.add(new ASN1Set(TYPE_GROUP_DNS, dnElements));
562        }
563    
564        if (privilegeNames != null)
565        {
566          final ArrayList<ASN1Element> privElements =
567               new ArrayList<ASN1Element>(privilegeNames.size());
568          for (final String s : privilegeNames)
569          {
570            privElements.add(new ASN1OctetString(s));
571          }
572    
573          elements.add(new ASN1Set(TYPE_PRIVILEGE_NAMES, privElements));
574        }
575    
576        if ((otherAttributes != null) && (! otherAttributes.isEmpty()))
577        {
578          final ArrayList<ASN1Element> attrElements =
579               new ArrayList<ASN1Element>(otherAttributes.size());
580          for (final Attribute a : otherAttributes)
581          {
582            attrElements.add(a.encode());
583          }
584    
585          elements.add(new ASN1Sequence(TYPE_OTHER_ATTRIBUTES, attrElements));
586        }
587    
588        return new ASN1OctetString(new ASN1Sequence(elements).encode());
589      }
590    
591    
592    
593      /**
594       * Creates a new get user resource limits response control decoded from the
595       * given generic control contents.
596       *
597       * @param  oid         The OID for the control.
598       * @param  isCritical  Indicates whether this control should be marked
599       *                     critical.
600       * @param  value       The value for the control.  It may be {@code null} if
601       *                     the control to decode does not have a value.
602       *
603       * @throws  LDAPException  If a problem occurs while attempting to decode the
604       *                         generic control as a get user resource limits
605       *                         response control.
606       */
607      public GetUserResourceLimitsResponseControl(final String oid,
608                                                  final boolean isCritical,
609                                                  final ASN1OctetString value)
610             throws LDAPException
611      {
612        super(oid, isCritical, value);
613    
614        if (value == null)
615        {
616          throw new LDAPException(ResultCode.DECODING_ERROR,
617               ERR_GET_USER_RESOURCE_LIMITS_RESPONSE_MISSING_VALUE.get());
618        }
619    
620    
621        List<Attribute> oa   = Collections.emptyList();
622        List<String>    gd   = null;
623        List<String>    pn   = null;
624        Long            sL   = null;
625        Long            tL   = null;
626        Long            iTL  = null;
627        Long            lL   = null;
628        String          eAUD = null;
629        String          cCPN = null;
630    
631        try
632        {
633          final ASN1Element[] elements =
634               ASN1Sequence.decodeAsSequence(value.getValue()).elements();
635          for (final ASN1Element e : elements)
636          {
637            switch (e.getType())
638            {
639              case TYPE_SIZE_LIMIT:
640                sL = ASN1Long.decodeAsLong(e).longValue();
641                break;
642              case TYPE_TIME_LIMIT:
643                tL = ASN1Long.decodeAsLong(e).longValue();
644                break;
645              case TYPE_IDLE_TIME_LIMIT:
646                iTL = ASN1Long.decodeAsLong(e).longValue();
647                break;
648              case TYPE_LOOKTHROUGH_LIMIT:
649                lL = ASN1Long.decodeAsLong(e).longValue();
650                break;
651              case TYPE_EQUIVALENT_AUTHZ_USER_DN:
652                eAUD = ASN1OctetString.decodeAsOctetString(e).stringValue();
653                break;
654              case TYPE_CLIENT_CONNECTION_POLICY_NAME:
655                cCPN = ASN1OctetString.decodeAsOctetString(e).stringValue();
656                break;
657              case TYPE_GROUP_DNS:
658                final ASN1Element[] groupElements =
659                     ASN1Set.decodeAsSet(e).elements();
660                gd = new ArrayList<String>(groupElements.length);
661                for (final ASN1Element pe : groupElements)
662                {
663                  gd.add(ASN1OctetString.decodeAsOctetString(pe).stringValue());
664                }
665                gd = Collections.unmodifiableList(gd);
666                break;
667              case TYPE_PRIVILEGE_NAMES:
668                final ASN1Element[] privElements =
669                     ASN1Set.decodeAsSet(e).elements();
670                pn = new ArrayList<String>(privElements.length);
671                for (final ASN1Element pe : privElements)
672                {
673                  pn.add(ASN1OctetString.decodeAsOctetString(pe).stringValue());
674                }
675                pn = Collections.unmodifiableList(pn);
676                break;
677              case TYPE_OTHER_ATTRIBUTES:
678                final ASN1Element[] attrElemnets =
679                     ASN1Sequence.decodeAsSequence(e).elements();
680                oa = new ArrayList<Attribute>(attrElemnets.length);
681                for (final ASN1Element ae : attrElemnets)
682                {
683                  oa.add(Attribute.decode(ASN1Sequence.decodeAsSequence(ae)));
684                }
685                oa = Collections.unmodifiableList(oa);
686                break;
687              default:
688                // No action will be taken.  It may be the case that a future
689                // version of the control could return additional information.
690                break;
691            }
692          }
693        }
694        catch (final Exception e)
695        {
696          Debug.debugException(e);
697          throw new LDAPException(ResultCode.DECODING_ERROR,
698               ERR_GET_USER_RESOURCE_LIMITS_RESPONSE_CANNOT_DECODE_VALUE.get(
699                    StaticUtils.getExceptionMessage(e)),
700               e);
701        }
702    
703        otherAttributes            = oa;
704        groupDNs                   = gd;
705        privilegeNames             = pn;
706        sizeLimit                  = sL;
707        timeLimitSeconds           = tL;
708        idleTimeLimitSeconds       = iTL;
709        lookthroughLimit           = lL;
710        equivalentAuthzUserDN      = eAUD;
711        clientConnectionPolicyName = cCPN;
712      }
713    
714    
715    
716      /**
717       * {@inheritDoc}
718       */
719      public GetUserResourceLimitsResponseControl decodeControl(final String oid,
720                                                       final boolean isCritical,
721                                                       final ASN1OctetString value)
722             throws LDAPException
723      {
724        return new GetUserResourceLimitsResponseControl(oid, isCritical, value);
725      }
726    
727    
728    
729      /**
730       * Extracts a get user resource limits response control from the provided
731       * result.
732       *
733       * @param  result  The bind result from which to retrieve the get user
734       *                 resource limits response control.
735       *
736       * @return  The get user resource limits response control contained in the
737       *          provided result, or {@code null} if the result did not contain a
738       *          get user resource limits response control.
739       *
740       * @throws  LDAPException  If a problem is encountered while attempting to
741       *                         decode the get user resource limits response
742       *                         control contained in the provided result.
743       */
744      public static GetUserResourceLimitsResponseControl get(
745                         final BindResult result)
746             throws LDAPException
747      {
748        final Control c =
749             result.getResponseControl(GET_USER_RESOURCE_LIMITS_RESPONSE_OID);
750        if (c == null)
751        {
752          return null;
753        }
754    
755        if (c instanceof GetUserResourceLimitsResponseControl)
756        {
757          return (GetUserResourceLimitsResponseControl) c;
758        }
759        else
760        {
761          return new GetUserResourceLimitsResponseControl(c.getOID(),
762               c.isCritical(), c.getValue());
763        }
764      }
765    
766    
767    
768      /**
769       * Retrieves the custom size limit for the user, if available.
770       *
771       * @return  The custom size limit for the user, -1 if no size limit should be
772       *          enforced for the user, or {@code null} if no custom size limit
773       *          was included in the control.
774       */
775      public Long getSizeLimit()
776      {
777        return sizeLimit;
778      }
779    
780    
781    
782      /**
783       * Retrieves the custom time limit for the user in seconds, if available.
784       *
785       * @return  The custom time limit for the user in seconds, -1 if no time limit
786       *          should be enforced for the user, or {@code null} if no custom time
787       *          limit was included in the control.
788       */
789      public Long getTimeLimitSeconds()
790      {
791        return timeLimitSeconds;
792      }
793    
794    
795    
796      /**
797       * Retrieves the custom idle time limit for the user in seconds, if available.
798       *
799       * @return  The custom idle time limit for the user in seconds, -1 if no idle
800       *          time limit should be enforced for the user, or {@code null} if no
801       *          custom idle time limit was included in the control.
802       */
803      public Long getIdleTimeLimitSeconds()
804      {
805        return idleTimeLimitSeconds;
806      }
807    
808    
809    
810      /**
811       * Retrieves the custom lookthrough limit for the user, if available.
812       *
813       * @return  The custom lookthrough limit for the user, -1 if no lookthrough
814       *          limit should be enforced for the user, or {@code null} if no
815       *          custom lookthrough limit was included in the control.
816       */
817      public Long getLookthroughLimit()
818      {
819        return lookthroughLimit;
820      }
821    
822    
823    
824      /**
825       * Retrieves the equivalent authorization user DN, for use in servers in an
826       * entry-balancing environment in which the user's entry does not exist.
827       *
828       * @return  The equivalent authorization user DN for the user, an empty string
829       *          if the equivalent authorization is anonymous, or {@code null} if
830       *          no equivalent authorization user DN was included in the control.
831       */
832      public String getEquivalentAuthzUserDN()
833      {
834        return equivalentAuthzUserDN;
835      }
836    
837    
838    
839      /**
840       * Retrieves the name of the client connection policy that has been assigned
841       * to the user, if available.
842       *
843       * @return  The name of the client connection policy that has been assigned to
844       *          the user, or {@code null} if the client connection policy name was
845       *          not included in the control.
846       */
847      public String getClientConnectionPolicyName()
848      {
849        return clientConnectionPolicyName;
850      }
851    
852    
853    
854      /**
855       * Retrieves the DNs of any groups in which the user is a member.
856       *
857       * @return  The DNs of any groups in which the user is a member, an empty list
858       *          if the user is not a member of any groups, or {@code null} if the
859       *           set of group DNs is not known.
860       */
861      public List<String> getGroupDNs()
862      {
863        return groupDNs;
864      }
865    
866    
867    
868      /**
869       * Retrieves the names of any privileges assigned to the user.
870       *
871       * @return  The names of any privileges assigned to the user, an empty list if
872       *          the user is known to have no privileges, or {@code null} if the
873       *          set of user privileges is not known.
874       */
875      public List<String> getPrivilegeNames()
876      {
877        return privilegeNames;
878      }
879    
880    
881    
882      /**
883       * Retrieves a list containing additional attributes from the user's entry.
884       *
885       * @return  A list containing additional attributes from the user's entry, or
886       *          an empty list if no additional attributes were provided.
887       */
888      public List<Attribute> getOtherAttributes()
889      {
890        return otherAttributes;
891      }
892    
893    
894    
895      /**
896       * {@inheritDoc}
897       */
898      @Override()
899      public String getControlName()
900      {
901        return INFO_CONTROL_NAME_GET_USER_RESOURCE_LIMITS_RESPONSE.get();
902      }
903    
904    
905    
906      /**
907       * {@inheritDoc}
908       */
909      @Override()
910      public void toString(final StringBuilder buffer)
911      {
912        buffer.append("GetUserResourceLimitsResponseControl(");
913    
914        boolean added = false;
915        if (sizeLimit != null)
916        {
917          buffer.append("sizeLimit=");
918          buffer.append(sizeLimit);
919          added = true;
920        }
921    
922        if (timeLimitSeconds != null)
923        {
924          if (added)
925          {
926            buffer.append(", ");
927          }
928    
929          buffer.append("timeLimitSeconds=");
930          buffer.append(timeLimitSeconds);
931          added = true;
932        }
933    
934        if (idleTimeLimitSeconds != null)
935        {
936          if (added)
937          {
938            buffer.append(", ");
939          }
940    
941          buffer.append("idleTimeLimitSeconds=");
942          buffer.append(idleTimeLimitSeconds);
943          added = true;
944        }
945    
946        if (lookthroughLimit != null)
947        {
948          if (added)
949          {
950            buffer.append(", ");
951          }
952    
953          buffer.append("lookthroughLimit=");
954          buffer.append(lookthroughLimit);
955          added = true;
956        }
957    
958        if (equivalentAuthzUserDN != null)
959        {
960          if (added)
961          {
962            buffer.append(", ");
963          }
964    
965          buffer.append("equivalentAuthzUserDN=\"");
966          buffer.append(equivalentAuthzUserDN);
967          buffer.append('"');
968          added = true;
969        }
970    
971        if (clientConnectionPolicyName != null)
972        {
973          if (added)
974          {
975            buffer.append(", ");
976          }
977    
978          buffer.append("clientConnectionPolicyName=\"");
979          buffer.append(clientConnectionPolicyName);
980          buffer.append('"');
981          added = true;
982        }
983    
984        if (groupDNs != null)
985        {
986          if (added)
987          {
988            buffer.append(", ");
989          }
990    
991          buffer.append("groupDNs={");
992    
993          final Iterator<String> dnIterator = groupDNs.iterator();
994          while (dnIterator.hasNext())
995          {
996            buffer.append('"');
997            buffer.append(dnIterator.next());
998            buffer.append('"');
999    
1000            if (dnIterator.hasNext())
1001            {
1002              buffer.append(", ");
1003            }
1004          }
1005    
1006          buffer.append('}');
1007          added = true;
1008        }
1009    
1010        if (privilegeNames != null)
1011        {
1012          if (added)
1013          {
1014            buffer.append(", ");
1015          }
1016    
1017          buffer.append("privilegeNames={");
1018    
1019          final Iterator<String> privilegeIterator = privilegeNames.iterator();
1020          while (privilegeIterator.hasNext())
1021          {
1022            buffer.append('"');
1023            buffer.append(privilegeIterator.next());
1024            buffer.append('"');
1025    
1026            if (privilegeIterator.hasNext())
1027            {
1028              buffer.append(", ");
1029            }
1030          }
1031    
1032          buffer.append('}');
1033          added = true;
1034        }
1035    
1036        if (! otherAttributes.isEmpty())
1037        {
1038          if (added)
1039          {
1040            buffer.append(", ");
1041          }
1042    
1043          buffer.append("otherAttributes={");
1044    
1045          final Iterator<Attribute> attrIterator = otherAttributes.iterator();
1046          while (attrIterator.hasNext())
1047          {
1048            attrIterator.next().toString(buffer);
1049    
1050            if (attrIterator.hasNext())
1051            {
1052              buffer.append(", ");
1053            }
1054          }
1055    
1056          buffer.append('}');
1057        }
1058    
1059        buffer.append("')");
1060      }
1061    }