Package com.unboundid.ldap.sdk.unboundidds.extensions

Class SetSubtreeAccessibilityExtendedRequest

java.lang.Object
com.unboundid.ldap.sdk.LDAPRequest
com.unboundid.ldap.sdk.ExtendedRequest
com.unboundid.ldap.sdk.unboundidds.extensions.SetSubtreeAccessibilityExtendedRequest
All Implemented Interfaces:
ProtocolOp, ReadOnlyLDAPRequest, Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class SetSubtreeAccessibilityExtendedRequest extends ExtendedRequest
This class provides an implementation of an extended request that may be used to set the accessibility of one or more subtrees in the Ping Identity, UnboundID, or Nokia/Alcatel-Lucent 8661 Directory Server. It may be used to indicate that a specified set of entries and all their subordinates should be invisible or read-only, or to restore it to full accessibility.
NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.

The OID for this request is 1.3.6.1.4.1.30221.2.6.19, and the value must have the encoding specified below. Note that the initial specification for this extended request only allowed for the specification of a single subtree, whereas it is now possible to affect the accessibility of multiple subtrees in a single request. In order to preserve compatibility with the original encoding, if there is more than one target subtree, then the first subtree must be specified as the first element in the value sequence and the remaining subtrees must be specified in the additionalSubtreeBaseDNs element. 

   SetSubtreeAccessibilityRequestValue ::= SEQUENCE {
        subtreeBaseDN                LDAPDN,
        subtreeAccessibility         ENUMERATED {
             accessible                 (0),
             read-only-bind-allowed     (1),
             read-only-bind-denied      (2),
             hidden                     (3),
             to-be-deleted              (4),
             ... },
        bypassUserDN                 [0] LDAPDN OPTIONAL,
        additionalSubtreeBaseDNs     [1] SEQUENCE OF LDAPDN OPTIONAL,
        ... }
See Also:

  • Field Details

  • Constructor Details

    • SetSubtreeAccessibilityExtendedRequest

      public SetSubtreeAccessibilityExtendedRequest(@NotNull ExtendedRequest extendedRequest) throws LDAPException
      Creates a new set subtree accessibility extended request from the provided generic extended request.
      Parameters:
      extendedRequest - The generic extended request to use to create this set subtree accessibility extended request.
      Throws:
      LDAPException - If a problem occurs while decoding the request.

  • Method Details

    • createSetAccessibleRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetAccessibleRequest(@NotNull String subtreeBaseDN, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will make the specified subtree accessible.
      Parameters:
      subtreeBaseDN - The base DN for the subtree to make accessible. It must not be null.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • createSetAccessibleRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetAccessibleRequest(@NotNull Collection<String> subtreeBaseDNs, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will make the specified subtrees accessible.
      Parameters:
      subtreeBaseDNs - The base DNs for the subtrees to make accessible. It must not be null or empty. If multiple base DNs are specified, then all must reside below the same backend base DN.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • createSetReadOnlyRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetReadOnlyRequest(@NotNull String subtreeBaseDN, boolean allowBind, @Nullable String bypassUserDN, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will make the specified subtree read-only.
      Parameters:
      subtreeBaseDN - The base DN for the subtree to make read-only. It must not be null.
      allowBind - Indicates whether users within the specified subtree will be allowed to bind.
      bypassUserDN - The DN of a user that will be allowed to perform write (add, delete, modify, and modify DN) operations in the specified subtree. It may be null if no bypass user is needed.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • createSetReadOnlyRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetReadOnlyRequest(@NotNull Collection<String> subtreeBaseDNs, boolean allowBind, @Nullable String bypassUserDN, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will make the specified subtrees read-only.
      Parameters:
      subtreeBaseDNs - The base DNs for the subtrees to make read-only. It must not be null or empty. If multiple base DNs are specified, then all must reside below the same backend base DN.
      allowBind - Indicates whether users within the specified subtrees will be allowed to bind.
      bypassUserDN - The DN of a user that will be allowed to perform write (add, delete, modify, and modify DN) operations in the specified subtrees. It may be null if no bypass user is needed.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • createSetHiddenRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetHiddenRequest(@NotNull String subtreeBaseDN, @Nullable String bypassUserDN, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will make the specified subtree hidden.
      Parameters:
      subtreeBaseDN - The base DN for the subtree to make hidden. It must not be null.
      bypassUserDN - The DN of a user that will be allowed to perform write (add, delete, modify, and modify DN) operations in the specified subtree. It may be null if no bypass user is needed.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • createSetHiddenRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetHiddenRequest(@NotNull Collection<String> subtreeBaseDNs, @Nullable String bypassUserDN, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will make the specified subtrees hidden.
      Parameters:
      subtreeBaseDNs - The base DNs for the subtrees to make hidden. It must not be null or empty. If multiple base DNs are specified, then all must reside below the same backend base DN.
      bypassUserDN - The DN of a user that will be allowed to perform write (add, delete, modify, and modify DN) operations in the specified subtrees. It may be null if no bypass user is needed.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • createSetToBeDeletedRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetToBeDeletedRequest(@NotNull String subtreeBaseDN, @NotNull String bypassUserDN, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will place the specified subtree in a to-be-deleted state. In this state, the subtree will exhibit the same characteristics as a hidden subtree, but with the added restriction that the accessibility state cannot be changed, and the restriction will only be removed when the base entry of the target subtree has been deleted.
      Parameters:
      subtreeBaseDN - The base DN for the subtree to mark as to-be-deleted. It must not be null.
      bypassUserDN - The DN of a user that will be allowed to perform write (add, delete, modify, and modify DN) operations in the specified subtree. It must not be null.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • createSetToBeDeletedRequest

      @NotNull public static SetSubtreeAccessibilityExtendedRequest createSetToBeDeletedRequest(@NotNull Collection<String> subtreeBaseDNs, @NotNull String bypassUserDN, @Nullable Control... controls)
      Creates a new set subtree accessibility extended request that will place the specified subtrees in a to-be-deleted state. In this state, the subtrees will exhibit the same characteristics as hidden subtrees, but with the added restriction that the accessibility state cannot be changed, and the restriction will only be removed when the base entry of the target subtree has been deleted.
      Parameters:
      subtreeBaseDNs - The base DNs for the subtrees to make hidden. It must not be null or empty. If multiple base DNs are specified, then all must reside below the same backend base DN.
      bypassUserDN - The DN of a user that will be allowed to perform write (add, delete, modify, and modify DN) operations in the specified subtrees. It must not be null.
      controls - The set of controls to include in the request. It may be null or empty if no controls are needed.
      Returns:
      The set subtree accessibility extended request that was created.

    • getSubtreeBaseDN

      @NotNull public String getSubtreeBaseDN()
      Retrieves the base DN for the target subtree. Note that if multiple base DNs are defined, this will only retrieve the first. The getSubtreeBaseDNs() method should be used to get the complete set of target subtree base DNs.
      Returns:
      The base DN for the target subtree.

    • getSubtreeBaseDNs

      @NotNull public List<String> getSubtreeBaseDNs()
      Retrieves the base DNs for all target subtrees.
      Returns:
      The base DNs for all target subtrees.

    • getAccessibilityState

      @NotNull public SubtreeAccessibilityState getAccessibilityState()
      Retrieves the accessibility state to apply to the target subtrees.
      Returns:
      The accessibility state to apply to the target subtrees.

    • getBypassUserDN

      @Nullable public String getBypassUserDN()
      Retrieves the DN of the user that will be allowed to bypass the restrictions imposed on the target subtrees for all other users.
      Returns:
      The DN of the user that will be allowed to bypass the restrictions imposed on the target subtrees for all other users, or null if there are no restrictions to be imposed on the target subtrees or if no bypass user is defined for those subtrees.

    • duplicate

      @NotNull public SetSubtreeAccessibilityExtendedRequest duplicate()
      Creates a new instance of this LDAP request that may be modified without impacting this request.. Subclasses should override this method to return a duplicate of the appropriate type.
      Specified by:
      duplicate in interface ReadOnlyLDAPRequest
      Overrides:
      duplicate in class ExtendedRequest
      Returns:
      A new instance of this LDAP request that may be modified without impacting this request.

    • duplicate

      @NotNull public SetSubtreeAccessibilityExtendedRequest duplicate(@Nullable Control[] controls)
      Creates a new instance of this LDAP request that may be modified without impacting this request. The provided controls will be used for the new request instead of duplicating the controls from this request.. Subclasses should override this method to return a duplicate of the appropriate type.
      Specified by:
      duplicate in interface ReadOnlyLDAPRequest
      Overrides:
      duplicate in class ExtendedRequest
      Parameters:
      controls - The set of controls to include in the duplicate request.
      Returns:
      A new instance of this LDAP request that may be modified without impacting this request.

    • getExtendedRequestName

      @NotNull public String getExtendedRequestName()
      Retrieves the user-friendly name for the extended request, if available. If no user-friendly name has been defined, then the OID will be returned.
      Overrides:
      getExtendedRequestName in class ExtendedRequest
      Returns:
      The user-friendly name for this extended request, or the OID if no user-friendly name is available.

    • toString

      public void toString(@NotNull StringBuilder buffer)
      Appends a string representation of this request to the provided buffer.
      Specified by:
      toString in interface ProtocolOp
      Specified by:
      toString in interface ReadOnlyLDAPRequest
      Overrides:
      toString in class ExtendedRequest
      Parameters:
      buffer - The buffer to which to append a string representation of this request.