001/* 002 * Copyright 2012-2018 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright (C) 2015-2018 Ping Identity Corporation 007 * 008 * This program is free software; you can redistribute it and/or modify 009 * it under the terms of the GNU General Public License (GPLv2 only) 010 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 011 * as published by the Free Software Foundation. 012 * 013 * This program is distributed in the hope that it will be useful, 014 * but WITHOUT ANY WARRANTY; without even the implied warranty of 015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 016 * GNU General Public License for more details. 017 * 018 * You should have received a copy of the GNU General Public License 019 * along with this program; if not, see <http://www.gnu.org/licenses>. 020 */ 021package com.unboundid.ldap.sdk.unboundidds.controls; 022 023 024 025import java.util.ArrayList; 026import java.util.Collections; 027import java.util.Iterator; 028import java.util.List; 029 030import com.unboundid.asn1.ASN1Element; 031import com.unboundid.asn1.ASN1Long; 032import com.unboundid.asn1.ASN1OctetString; 033import com.unboundid.asn1.ASN1Sequence; 034import com.unboundid.asn1.ASN1Set; 035import com.unboundid.ldap.sdk.Attribute; 036import com.unboundid.ldap.sdk.Control; 037import com.unboundid.ldap.sdk.BindResult; 038import com.unboundid.ldap.sdk.DecodeableControl; 039import com.unboundid.ldap.sdk.LDAPException; 040import com.unboundid.ldap.sdk.ResultCode; 041import com.unboundid.util.Debug; 042import com.unboundid.util.NotMutable; 043import com.unboundid.util.StaticUtils; 044import com.unboundid.util.ThreadSafety; 045import com.unboundid.util.ThreadSafetyLevel; 046 047import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 048 049 050 051/** 052 * This class provides a response control that may be included in the response 053 * to a successful bind operation in order to provide information about custom 054 * resource limits for the user, including size limit, time limit, idle time 055 * limit, lookthrough limit, equivalent authorization user DN, and client 056 * connection policy name. 057 * <BR> 058 * <BLOCKQUOTE> 059 * <B>NOTE:</B> This class, and other classes within the 060 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 061 * supported for use against Ping Identity, UnboundID, and 062 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 063 * for proprietary functionality or for external specifications that are not 064 * considered stable or mature enough to be guaranteed to work in an 065 * interoperable way with other types of LDAP servers. 066 * </BLOCKQUOTE> 067 * <BR> 068 * The criticality for this control should be {@code false}. It must have a 069 * value with the following encoding: 070 * <PRE> 071 * USER_RESOURCE_LIMITS_VALUE ::= SEQUENCE { 072 * sizeLimit [0] INTEGER OPTIONAL, 073 * timeLimitSeconds [1] INTEGER OPTIONAL, 074 * idleTimeLimitSeconds [2] INTEGER OPTIONAL, 075 * lookthroughLimit [3] INTEGER OPTIONAL, 076 * equivalentAuthzUserDN [4] LDAPDN OPTIONAL, 077 * clientConnectionPolicyName [5] OCTET STRING OPTIONAL, 078 * groupDNs [6] SET OF OCTET STRING OPTIONAL, 079 * privilegeNames [7] SET OF OCTET STRING OPTIONAL, 080 * otherAttributes [8] PartialAttributeList OPTIONAL, 081 * ... } 082 * </PRE> 083 * 084 * @see GetUserResourceLimitsRequestControl 085 */ 086@NotMutable() 087@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 088public final class GetUserResourceLimitsResponseControl 089 extends Control 090 implements DecodeableControl 091{ 092 /** 093 * The OID (1.3.6.1.4.1.30221.2.5.26) for the get user resource limits 094 * response control. 095 */ 096 public static final String GET_USER_RESOURCE_LIMITS_RESPONSE_OID = 097 "1.3.6.1.4.1.30221.2.5.26"; 098 099 100 101 /** 102 * The BER type for the value element used to specify the size limit. 103 */ 104 private static final byte TYPE_SIZE_LIMIT = (byte) 0x80; 105 106 107 108 /** 109 * The BER type for the value element used to specify the time limit. 110 */ 111 private static final byte TYPE_TIME_LIMIT = (byte) 0x81; 112 113 114 115 /** 116 * The BER type for the value element used to specify the idle time limit. 117 */ 118 private static final byte TYPE_IDLE_TIME_LIMIT = (byte) 0x82; 119 120 121 122 /** 123 * The BER type for the value element used to specify the lookthrough limit. 124 */ 125 private static final byte TYPE_LOOKTHROUGH_LIMIT = (byte) 0x83; 126 127 128 129 /** 130 * The BER type for the value element used to specify the equivalent 131 * authorization user DN. 132 */ 133 private static final byte TYPE_EQUIVALENT_AUTHZ_USER_DN = (byte) 0x84; 134 135 136 137 /** 138 * The BER type for the value element used to specify the client connection 139 * policy name. 140 */ 141 private static final byte TYPE_CLIENT_CONNECTION_POLICY_NAME = (byte) 0x85; 142 143 144 145 /** 146 * The BER type for the value element used to specify the DNs of groups in 147 * which the user is a member. 148 */ 149 private static final byte TYPE_GROUP_DNS = (byte) 0xA6; 150 151 152 153 /** 154 * The BER type for the value element used to specify the set of user 155 * privilege names. 156 */ 157 private static final byte TYPE_PRIVILEGE_NAMES = (byte) 0xA7; 158 159 160 161 /** 162 * The BER type for the value element used to specify additional attributes 163 * that may be included in the future. 164 */ 165 private static final byte TYPE_OTHER_ATTRIBUTES = (byte) 0xA8; 166 167 168 169 /** 170 * The serial version UID for this serializable class. 171 */ 172 private static final long serialVersionUID = -5261978490319320250L; 173 174 175 176 // The set of other select attributes from the user entry. 177 private final List<Attribute> otherAttributes; 178 179 // The set of group DNs for the user. 180 private final List<String> groupDNs; 181 182 // The set of privilege names for the user. 183 private final List<String> privilegeNames; 184 185 // The custom idle time limit for the user. 186 private final Long idleTimeLimitSeconds; 187 188 // The custom lookthrough limit for the user. 189 private final Long lookthroughLimit; 190 191 // The custom size limit for the user. 192 private final Long sizeLimit; 193 194 // The custom time limit for the user, in seconds. 195 private final Long timeLimitSeconds; 196 197 // The name of the client connection policy selected for the user. 198 private final String clientConnectionPolicyName; 199 200 // The DN of a user with equivalent authorization rights for use in servers 201 // in an entry-balancing environment in which the user's entry does not exist. 202 private final String equivalentAuthzUserDN; 203 204 205 206 /** 207 * Creates a new empty control instance that is intended to be used only for 208 * decoding controls via the {@code DecodeableControl} interface. 209 */ 210 GetUserResourceLimitsResponseControl() 211 { 212 otherAttributes = null; 213 groupDNs = null; 214 privilegeNames = null; 215 idleTimeLimitSeconds = null; 216 lookthroughLimit = null; 217 sizeLimit = null; 218 timeLimitSeconds = null; 219 clientConnectionPolicyName = null; 220 equivalentAuthzUserDN = null; 221 } 222 223 224 225 /** 226 * Creates a new get user resource limits response control with the provided 227 * information. 228 * 229 * @param sizeLimit The custom size limit for the user. 230 * It may be less than or equal to zero 231 * if no size limit should be enforced for 232 * the user. It may be {@code null} if 233 * there is no custom size limit or it is 234 * not to be included in the control. 235 * @param timeLimitSeconds The custom time limit for the user, in 236 * seconds. It may be less than or equal 237 * to zero if no time limit should be 238 * enforced for the user. It may be 239 * {@code null} if there is no custom time 240 * limit or it is not to be included in 241 * the control. 242 * @param idleTimeLimitSeconds The custom idle time limit for the 243 * user, in seconds. It may be less than 244 * or equal to zero if no idle time limit 245 * should be enforced for the user. It 246 * may be {@code null} if there is no 247 * custom idle time limit or it is not to 248 * be included in the control. 249 * @param lookthroughLimit The custom lookthrough limit for the 250 * user. It may be less than or equal to 251 * zero if no lookthrough limit should 252 * be enforced for the user. It may be 253 * {@code null} if there is no custom 254 * lookthrough limit for the user or it is 255 * not to be included in the control. 256 * @param equivalentAuthzUserDN The DN of a user with equivalent 257 * authorization rights for use in servers 258 * in an entry-balancing environment in 259 * which the user's entry does not exist. 260 * It may be an empty string if the 261 * equivalent authorization should be 262 * anonymous, or {@code null} if there is 263 * no custom equivalent authorization user 264 * DN or it is not to be included in the 265 * control. 266 * @param clientConnectionPolicyName The name of the client connection 267 * policy that has been assigned to the 268 * user, or {@code null} if the client 269 * connection policy name is not to be 270 * included in the control. 271 */ 272 public GetUserResourceLimitsResponseControl(final Long sizeLimit, 273 final Long timeLimitSeconds, final Long idleTimeLimitSeconds, 274 final Long lookthroughLimit, final String equivalentAuthzUserDN, 275 final String clientConnectionPolicyName) 276 { 277 this(sizeLimit, timeLimitSeconds, idleTimeLimitSeconds, lookthroughLimit, 278 equivalentAuthzUserDN, clientConnectionPolicyName, null, null, null); 279 } 280 281 282 283 /** 284 * Creates a new get user resource limits response control with the provided 285 * information. 286 * 287 * @param sizeLimit The custom size limit for the user. 288 * It may be less than or equal to zero 289 * if no size limit should be enforced for 290 * the user. It may be {@code null} if 291 * there is no custom size limit or it is 292 * not to be included in the control. 293 * @param timeLimitSeconds The custom time limit for the user, in 294 * seconds. It may be less than or equal 295 * to zero if no time limit should be 296 * enforced for the user. It may be 297 * {@code null} if there is no custom time 298 * limit or it is not to be included in 299 * the control. 300 * @param idleTimeLimitSeconds The custom idle time limit for the 301 * user, in seconds. It may be less than 302 * or equal to zero if no idle time limit 303 * should be enforced for the user. It 304 * may be {@code null} if there is no 305 * custom idle time limit or it is not to 306 * be included in the control. 307 * @param lookthroughLimit The custom lookthrough limit for the 308 * user. It may be less than or equal to 309 * zero if no lookthrough limit should 310 * be enforced for the user. It may be 311 * {@code null} if there is no custom 312 * lookthrough limit for the user or it is 313 * not to be included in the control. 314 * @param equivalentAuthzUserDN The DN of a user with equivalent 315 * authorization rights for use in servers 316 * in an entry-balancing environment in 317 * which the user's entry does not exist. 318 * It may be an empty string if the 319 * equivalent authorization should be 320 * anonymous, or {@code null} if there is 321 * no custom equivalent authorization user 322 * DN or it is not to be included in the 323 * control. 324 * @param clientConnectionPolicyName The name of the client connection 325 * policy that has been assigned to the 326 * user, or {@code null} if the client 327 * connection policy name is not to be 328 * included in the control. 329 * @param groupDNs The DNs of the groups in which the user 330 * is a member. It may be {@code null} if 331 * group membership is not known, or 332 * empty if the user isn't a member of any 333 * groups. 334 * @param privilegeNames The names of the privileges assigned to 335 * the user. It may be {@code null} if 336 * the privilege names are not known, or 337 * empty if the user doesn't have any 338 * privileges. 339 * @param otherAttributes A set of additional attributes from the 340 * user's entry. It may be {@code null} 341 * or empty if no additional attributes 342 * are needed. 343 */ 344 public GetUserResourceLimitsResponseControl(final Long sizeLimit, 345 final Long timeLimitSeconds, final Long idleTimeLimitSeconds, 346 final Long lookthroughLimit, final String equivalentAuthzUserDN, 347 final String clientConnectionPolicyName, 348 final List<String> groupDNs, final List<String> privilegeNames, 349 final List<Attribute> otherAttributes) 350 { 351 super(GET_USER_RESOURCE_LIMITS_RESPONSE_OID, false, 352 encodeValue(sizeLimit, timeLimitSeconds, idleTimeLimitSeconds, 353 lookthroughLimit, equivalentAuthzUserDN, 354 clientConnectionPolicyName, groupDNs, privilegeNames, 355 otherAttributes)); 356 357 if ((sizeLimit == null) || (sizeLimit > 0L)) 358 { 359 this.sizeLimit = sizeLimit; 360 } 361 else 362 { 363 this.sizeLimit = -1L; 364 } 365 366 if ((timeLimitSeconds == null) || (timeLimitSeconds > 0L)) 367 { 368 this.timeLimitSeconds = timeLimitSeconds; 369 } 370 else 371 { 372 this.timeLimitSeconds = -1L; 373 } 374 375 if ((idleTimeLimitSeconds == null) || (idleTimeLimitSeconds > 0L)) 376 { 377 this.idleTimeLimitSeconds = idleTimeLimitSeconds; 378 } 379 else 380 { 381 this.idleTimeLimitSeconds = -1L; 382 } 383 384 if ((lookthroughLimit == null) || (lookthroughLimit > 0L)) 385 { 386 this.lookthroughLimit = lookthroughLimit; 387 } 388 else 389 { 390 this.lookthroughLimit = -1L; 391 } 392 393 this.equivalentAuthzUserDN = equivalentAuthzUserDN; 394 this.clientConnectionPolicyName = clientConnectionPolicyName; 395 396 if (groupDNs == null) 397 { 398 this.groupDNs = null; 399 } 400 else 401 { 402 this.groupDNs = 403 Collections.unmodifiableList(new ArrayList<>(groupDNs)); 404 } 405 406 if (privilegeNames == null) 407 { 408 this.privilegeNames = null; 409 } 410 else 411 { 412 this.privilegeNames = 413 Collections.unmodifiableList(new ArrayList<>(privilegeNames)); 414 } 415 416 if (otherAttributes == null) 417 { 418 this.otherAttributes = Collections.emptyList(); 419 } 420 else 421 { 422 this.otherAttributes = 423 Collections.unmodifiableList(new ArrayList<>(otherAttributes)); 424 } 425 } 426 427 428 429 /** 430 * Encodes the provided information into an octet string suitable for use as 431 * the value of a get user resource limits response control. 432 * 433 * @param sizeLimit The custom size limit for the user. 434 * It may be less than or equal to zero 435 * if no size limit should be enforced for 436 * the user. It may be {@code null} if 437 * there is no custom size limit or it is 438 * not to be included in the control. 439 * @param timeLimitSeconds The custom time limit for the user, in 440 * seconds. It may be less than or equal 441 * to zero if no time limit should be 442 * enforced for the user. It may be 443 * {@code null} if there is no custom time 444 * limit or it is not to be included in 445 * the control. 446 * @param idleTimeLimitSeconds The custom idle time limit for the 447 * user, in seconds. It may be less than 448 * or equal to zero if no idle time limit 449 * should be enforced for the user. It 450 * may be {@code null} if there is no 451 * custom idle time limit or it is not to 452 * be included in the control. 453 * @param lookthroughLimit The custom lookthrough limit for the 454 * user. It may be less than or equal to 455 * zero if no lookthrough limit should 456 * be enforced for the user. It may be 457 * {@code null} if there is no custom 458 * lookthrough limit for the user or it is 459 * not to be included in the control. 460 * @param equivalentAuthzUserDN The DN of a user with equivalent 461 * authorization rights for use in servers 462 * in an entry-balancing environment in 463 * which the user's entry does not exist. 464 * @param clientConnectionPolicyName The name of the client connection 465 * policy that has been assigned to the 466 * user, or {@code null} if the client 467 * connection policy name is not to be 468 * included in the control. 469 * @param groupDNs The DNs of the groups in which the user 470 * is a member. It may be {@code null} if 471 * group membership is not known, or 472 * empty if the user isn't a member of any 473 * groups. 474 * @param privilegeNames The names of the privileges assigned to 475 * the user. It may be {@code null} if 476 * the privilege names are not known, or 477 * empty if the user doesn't have any 478 * privileges. 479 * @param otherAttributes A set of additional attributes from the 480 * user's entry. It may be {@code null} 481 * or empty if no additional attributes 482 * are needed. 483 * 484 * @return The octet string which may be used as the value of a get user 485 * resource limits response control 486 */ 487 private static ASN1OctetString encodeValue(final Long sizeLimit, 488 final Long timeLimitSeconds, final Long idleTimeLimitSeconds, 489 final Long lookthroughLimit, final String equivalentAuthzUserDN, 490 final String clientConnectionPolicyName, 491 final List<String> groupDNs, final List<String> privilegeNames, 492 final List<Attribute> otherAttributes) 493 { 494 final ArrayList<ASN1Element> elements = new ArrayList<>(10); 495 496 if (sizeLimit != null) 497 { 498 if (sizeLimit > 0L) 499 { 500 elements.add(new ASN1Long(TYPE_SIZE_LIMIT, sizeLimit)); 501 } 502 else 503 { 504 elements.add(new ASN1Long(TYPE_SIZE_LIMIT, -1L)); 505 } 506 } 507 508 if (timeLimitSeconds != null) 509 { 510 if (timeLimitSeconds > 0L) 511 { 512 elements.add(new ASN1Long(TYPE_TIME_LIMIT, timeLimitSeconds)); 513 } 514 else 515 { 516 elements.add(new ASN1Long(TYPE_TIME_LIMIT, -1L)); 517 } 518 } 519 520 if (idleTimeLimitSeconds != null) 521 { 522 if (idleTimeLimitSeconds > 0L) 523 { 524 elements.add(new ASN1Long(TYPE_IDLE_TIME_LIMIT, idleTimeLimitSeconds)); 525 } 526 else 527 { 528 elements.add(new ASN1Long(TYPE_IDLE_TIME_LIMIT, -1L)); 529 } 530 } 531 532 if (lookthroughLimit != null) 533 { 534 if (lookthroughLimit > 0L) 535 { 536 elements.add(new ASN1Long(TYPE_LOOKTHROUGH_LIMIT, lookthroughLimit)); 537 } 538 else 539 { 540 elements.add(new ASN1Long(TYPE_LOOKTHROUGH_LIMIT, -1L)); 541 } 542 } 543 544 if (equivalentAuthzUserDN != null) 545 { 546 elements.add(new ASN1OctetString(TYPE_EQUIVALENT_AUTHZ_USER_DN, 547 equivalentAuthzUserDN)); 548 } 549 550 if (clientConnectionPolicyName != null) 551 { 552 elements.add(new ASN1OctetString(TYPE_CLIENT_CONNECTION_POLICY_NAME, 553 clientConnectionPolicyName)); 554 } 555 556 if (groupDNs != null) 557 { 558 final ArrayList<ASN1Element> dnElements = 559 new ArrayList<>(groupDNs.size()); 560 for (final String s : groupDNs) 561 { 562 dnElements.add(new ASN1OctetString(s)); 563 } 564 565 elements.add(new ASN1Set(TYPE_GROUP_DNS, dnElements)); 566 } 567 568 if (privilegeNames != null) 569 { 570 final ArrayList<ASN1Element> privElements = 571 new ArrayList<>(privilegeNames.size()); 572 for (final String s : privilegeNames) 573 { 574 privElements.add(new ASN1OctetString(s)); 575 } 576 577 elements.add(new ASN1Set(TYPE_PRIVILEGE_NAMES, privElements)); 578 } 579 580 if ((otherAttributes != null) && (! otherAttributes.isEmpty())) 581 { 582 final ArrayList<ASN1Element> attrElements = 583 new ArrayList<>(otherAttributes.size()); 584 for (final Attribute a : otherAttributes) 585 { 586 attrElements.add(a.encode()); 587 } 588 589 elements.add(new ASN1Sequence(TYPE_OTHER_ATTRIBUTES, attrElements)); 590 } 591 592 return new ASN1OctetString(new ASN1Sequence(elements).encode()); 593 } 594 595 596 597 /** 598 * Creates a new get user resource limits response control decoded from the 599 * given generic control contents. 600 * 601 * @param oid The OID for the control. 602 * @param isCritical Indicates whether this control should be marked 603 * critical. 604 * @param value The value for the control. It may be {@code null} if 605 * the control to decode does not have a value. 606 * 607 * @throws LDAPException If a problem occurs while attempting to decode the 608 * generic control as a get user resource limits 609 * response control. 610 */ 611 public GetUserResourceLimitsResponseControl(final String oid, 612 final boolean isCritical, 613 final ASN1OctetString value) 614 throws LDAPException 615 { 616 super(oid, isCritical, value); 617 618 if (value == null) 619 { 620 throw new LDAPException(ResultCode.DECODING_ERROR, 621 ERR_GET_USER_RESOURCE_LIMITS_RESPONSE_MISSING_VALUE.get()); 622 } 623 624 625 List<Attribute> oa = Collections.emptyList(); 626 List<String> gd = null; 627 List<String> pn = null; 628 Long sL = null; 629 Long tL = null; 630 Long iTL = null; 631 Long lL = null; 632 String eAUD = null; 633 String cCPN = null; 634 635 try 636 { 637 final ASN1Element[] elements = 638 ASN1Sequence.decodeAsSequence(value.getValue()).elements(); 639 for (final ASN1Element e : elements) 640 { 641 switch (e.getType()) 642 { 643 case TYPE_SIZE_LIMIT: 644 sL = ASN1Long.decodeAsLong(e).longValue(); 645 break; 646 case TYPE_TIME_LIMIT: 647 tL = ASN1Long.decodeAsLong(e).longValue(); 648 break; 649 case TYPE_IDLE_TIME_LIMIT: 650 iTL = ASN1Long.decodeAsLong(e).longValue(); 651 break; 652 case TYPE_LOOKTHROUGH_LIMIT: 653 lL = ASN1Long.decodeAsLong(e).longValue(); 654 break; 655 case TYPE_EQUIVALENT_AUTHZ_USER_DN: 656 eAUD = ASN1OctetString.decodeAsOctetString(e).stringValue(); 657 break; 658 case TYPE_CLIENT_CONNECTION_POLICY_NAME: 659 cCPN = ASN1OctetString.decodeAsOctetString(e).stringValue(); 660 break; 661 case TYPE_GROUP_DNS: 662 final ASN1Element[] groupElements = 663 ASN1Set.decodeAsSet(e).elements(); 664 gd = new ArrayList<>(groupElements.length); 665 for (final ASN1Element pe : groupElements) 666 { 667 gd.add(ASN1OctetString.decodeAsOctetString(pe).stringValue()); 668 } 669 gd = Collections.unmodifiableList(gd); 670 break; 671 case TYPE_PRIVILEGE_NAMES: 672 final ASN1Element[] privElements = 673 ASN1Set.decodeAsSet(e).elements(); 674 pn = new ArrayList<>(privElements.length); 675 for (final ASN1Element pe : privElements) 676 { 677 pn.add(ASN1OctetString.decodeAsOctetString(pe).stringValue()); 678 } 679 pn = Collections.unmodifiableList(pn); 680 break; 681 case TYPE_OTHER_ATTRIBUTES: 682 final ASN1Element[] attrElemnets = 683 ASN1Sequence.decodeAsSequence(e).elements(); 684 oa = new ArrayList<>(attrElemnets.length); 685 for (final ASN1Element ae : attrElemnets) 686 { 687 oa.add(Attribute.decode(ASN1Sequence.decodeAsSequence(ae))); 688 } 689 oa = Collections.unmodifiableList(oa); 690 break; 691 default: 692 // No action will be taken. It may be the case that a future 693 // version of the control could return additional information. 694 break; 695 } 696 } 697 } 698 catch (final Exception e) 699 { 700 Debug.debugException(e); 701 throw new LDAPException(ResultCode.DECODING_ERROR, 702 ERR_GET_USER_RESOURCE_LIMITS_RESPONSE_CANNOT_DECODE_VALUE.get( 703 StaticUtils.getExceptionMessage(e)), 704 e); 705 } 706 707 otherAttributes = oa; 708 groupDNs = gd; 709 privilegeNames = pn; 710 sizeLimit = sL; 711 timeLimitSeconds = tL; 712 idleTimeLimitSeconds = iTL; 713 lookthroughLimit = lL; 714 equivalentAuthzUserDN = eAUD; 715 clientConnectionPolicyName = cCPN; 716 } 717 718 719 720 /** 721 * {@inheritDoc} 722 */ 723 @Override() 724 public GetUserResourceLimitsResponseControl decodeControl(final String oid, 725 final boolean isCritical, 726 final ASN1OctetString value) 727 throws LDAPException 728 { 729 return new GetUserResourceLimitsResponseControl(oid, isCritical, value); 730 } 731 732 733 734 /** 735 * Extracts a get user resource limits response control from the provided 736 * result. 737 * 738 * @param result The bind result from which to retrieve the get user 739 * resource limits response control. 740 * 741 * @return The get user resource limits response control contained in the 742 * provided result, or {@code null} if the result did not contain a 743 * get user resource limits response control. 744 * 745 * @throws LDAPException If a problem is encountered while attempting to 746 * decode the get user resource limits response 747 * control contained in the provided result. 748 */ 749 public static GetUserResourceLimitsResponseControl get( 750 final BindResult result) 751 throws LDAPException 752 { 753 final Control c = 754 result.getResponseControl(GET_USER_RESOURCE_LIMITS_RESPONSE_OID); 755 if (c == null) 756 { 757 return null; 758 } 759 760 if (c instanceof GetUserResourceLimitsResponseControl) 761 { 762 return (GetUserResourceLimitsResponseControl) c; 763 } 764 else 765 { 766 return new GetUserResourceLimitsResponseControl(c.getOID(), 767 c.isCritical(), c.getValue()); 768 } 769 } 770 771 772 773 /** 774 * Retrieves the custom size limit for the user, if available. 775 * 776 * @return The custom size limit for the user, -1 if no size limit should be 777 * enforced for the user, or {@code null} if no custom size limit 778 * was included in the control. 779 */ 780 public Long getSizeLimit() 781 { 782 return sizeLimit; 783 } 784 785 786 787 /** 788 * Retrieves the custom time limit for the user in seconds, if available. 789 * 790 * @return The custom time limit for the user in seconds, -1 if no time limit 791 * should be enforced for the user, or {@code null} if no custom time 792 * limit was included in the control. 793 */ 794 public Long getTimeLimitSeconds() 795 { 796 return timeLimitSeconds; 797 } 798 799 800 801 /** 802 * Retrieves the custom idle time limit for the user in seconds, if available. 803 * 804 * @return The custom idle time limit for the user in seconds, -1 if no idle 805 * time limit should be enforced for the user, or {@code null} if no 806 * custom idle time limit was included in the control. 807 */ 808 public Long getIdleTimeLimitSeconds() 809 { 810 return idleTimeLimitSeconds; 811 } 812 813 814 815 /** 816 * Retrieves the custom lookthrough limit for the user, if available. 817 * 818 * @return The custom lookthrough limit for the user, -1 if no lookthrough 819 * limit should be enforced for the user, or {@code null} if no 820 * custom lookthrough limit was included in the control. 821 */ 822 public Long getLookthroughLimit() 823 { 824 return lookthroughLimit; 825 } 826 827 828 829 /** 830 * Retrieves the equivalent authorization user DN, for use in servers in an 831 * entry-balancing environment in which the user's entry does not exist. 832 * 833 * @return The equivalent authorization user DN for the user, an empty string 834 * if the equivalent authorization is anonymous, or {@code null} if 835 * no equivalent authorization user DN was included in the control. 836 */ 837 public String getEquivalentAuthzUserDN() 838 { 839 return equivalentAuthzUserDN; 840 } 841 842 843 844 /** 845 * Retrieves the name of the client connection policy that has been assigned 846 * to the user, if available. 847 * 848 * @return The name of the client connection policy that has been assigned to 849 * the user, or {@code null} if the client connection policy name was 850 * not included in the control. 851 */ 852 public String getClientConnectionPolicyName() 853 { 854 return clientConnectionPolicyName; 855 } 856 857 858 859 /** 860 * Retrieves the DNs of any groups in which the user is a member. 861 * 862 * @return The DNs of any groups in which the user is a member, an empty list 863 * if the user is not a member of any groups, or {@code null} if the 864 * set of group DNs is not known. 865 */ 866 public List<String> getGroupDNs() 867 { 868 return groupDNs; 869 } 870 871 872 873 /** 874 * Retrieves the names of any privileges assigned to the user. 875 * 876 * @return The names of any privileges assigned to the user, an empty list if 877 * the user is known to have no privileges, or {@code null} if the 878 * set of user privileges is not known. 879 */ 880 public List<String> getPrivilegeNames() 881 { 882 return privilegeNames; 883 } 884 885 886 887 /** 888 * Retrieves a list containing additional attributes from the user's entry. 889 * 890 * @return A list containing additional attributes from the user's entry, or 891 * an empty list if no additional attributes were provided. 892 */ 893 public List<Attribute> getOtherAttributes() 894 { 895 return otherAttributes; 896 } 897 898 899 900 /** 901 * Retrieves the "other" attribute with the specified name. 902 * 903 * @param name The name of the "other" attribute to retrieve. It must not 904 * be {@code null}. 905 * 906 * @return The "other" attribute with the specified name, or {@code null} if 907 * there is no such "other" attribute. 908 */ 909 public Attribute getOtherAttribute(final String name) 910 { 911 for (final Attribute a : otherAttributes) 912 { 913 if (a.getName().equalsIgnoreCase(name)) 914 { 915 return a; 916 } 917 } 918 919 return null; 920 } 921 922 923 924 /** 925 * {@inheritDoc} 926 */ 927 @Override() 928 public String getControlName() 929 { 930 return INFO_CONTROL_NAME_GET_USER_RESOURCE_LIMITS_RESPONSE.get(); 931 } 932 933 934 935 /** 936 * {@inheritDoc} 937 */ 938 @Override() 939 public void toString(final StringBuilder buffer) 940 { 941 buffer.append("GetUserResourceLimitsResponseControl("); 942 943 boolean added = false; 944 if (sizeLimit != null) 945 { 946 buffer.append("sizeLimit="); 947 buffer.append(sizeLimit); 948 added = true; 949 } 950 951 if (timeLimitSeconds != null) 952 { 953 if (added) 954 { 955 buffer.append(", "); 956 } 957 958 buffer.append("timeLimitSeconds="); 959 buffer.append(timeLimitSeconds); 960 added = true; 961 } 962 963 if (idleTimeLimitSeconds != null) 964 { 965 if (added) 966 { 967 buffer.append(", "); 968 } 969 970 buffer.append("idleTimeLimitSeconds="); 971 buffer.append(idleTimeLimitSeconds); 972 added = true; 973 } 974 975 if (lookthroughLimit != null) 976 { 977 if (added) 978 { 979 buffer.append(", "); 980 } 981 982 buffer.append("lookthroughLimit="); 983 buffer.append(lookthroughLimit); 984 added = true; 985 } 986 987 if (equivalentAuthzUserDN != null) 988 { 989 if (added) 990 { 991 buffer.append(", "); 992 } 993 994 buffer.append("equivalentAuthzUserDN=\""); 995 buffer.append(equivalentAuthzUserDN); 996 buffer.append('"'); 997 added = true; 998 } 999 1000 if (clientConnectionPolicyName != null) 1001 { 1002 if (added) 1003 { 1004 buffer.append(", "); 1005 } 1006 1007 buffer.append("clientConnectionPolicyName=\""); 1008 buffer.append(clientConnectionPolicyName); 1009 buffer.append('"'); 1010 added = true; 1011 } 1012 1013 if (groupDNs != null) 1014 { 1015 if (added) 1016 { 1017 buffer.append(", "); 1018 } 1019 1020 buffer.append("groupDNs={"); 1021 1022 final Iterator<String> dnIterator = groupDNs.iterator(); 1023 while (dnIterator.hasNext()) 1024 { 1025 buffer.append('"'); 1026 buffer.append(dnIterator.next()); 1027 buffer.append('"'); 1028 1029 if (dnIterator.hasNext()) 1030 { 1031 buffer.append(", "); 1032 } 1033 } 1034 1035 buffer.append('}'); 1036 added = true; 1037 } 1038 1039 if (privilegeNames != null) 1040 { 1041 if (added) 1042 { 1043 buffer.append(", "); 1044 } 1045 1046 buffer.append("privilegeNames={"); 1047 1048 final Iterator<String> privilegeIterator = privilegeNames.iterator(); 1049 while (privilegeIterator.hasNext()) 1050 { 1051 buffer.append('"'); 1052 buffer.append(privilegeIterator.next()); 1053 buffer.append('"'); 1054 1055 if (privilegeIterator.hasNext()) 1056 { 1057 buffer.append(", "); 1058 } 1059 } 1060 1061 buffer.append('}'); 1062 added = true; 1063 } 1064 1065 if (! otherAttributes.isEmpty()) 1066 { 1067 if (added) 1068 { 1069 buffer.append(", "); 1070 } 1071 1072 buffer.append("otherAttributes={"); 1073 1074 final Iterator<Attribute> attrIterator = otherAttributes.iterator(); 1075 while (attrIterator.hasNext()) 1076 { 1077 attrIterator.next().toString(buffer); 1078 1079 if (attrIterator.hasNext()) 1080 { 1081 buffer.append(", "); 1082 } 1083 } 1084 1085 buffer.append('}'); 1086 } 1087 1088 buffer.append("')"); 1089 } 1090}