private String generateDDL(
     OracleUserAttributes userAttributes,
     Class<? extends SPIOperation> operation,
     UserRecord userRecord) {
   StringBuilder builder = new StringBuilder();
   BuilderStatus status = new BuilderStatus();
   appendAuth(builder, userAttributes, operation, status, userRecord);
   if (userAttributes.getDefaultTableSpace() != null) {
     appendDefaultTableSpace(builder, userAttributes);
   }
   if (userAttributes.getTempTableSpace() != null) {
     appendTemporaryTableSpace(builder, userAttributes);
   }
   if (userAttributes.getDefaultTSQuota() != null) {
     appendDefaultTSQuota(builder, userAttributes, userRecord);
   }
   if (userAttributes.getTempTSQuota() != null) {
     appendTempTSQuota(builder, userAttributes, userRecord);
   }
   if (Boolean.FALSE.equals(userAttributes.getExpirePassword())) {
     if (status.passwordSet == null) {
       // If password is already not expired, just ignore attribute
       // that would not have any effect
       if (userRecord == null || OracleUserReader.isPasswordExpired(userRecord)) {
         throw new IllegalArgumentException(
             cm.format(MSG_MUST_SPECIFY_PASSWORD_FOR_UNEXPIRE, null));
       }
     }
   }
   if (status.forceExpirePassword || Boolean.TRUE.equals(userAttributes.getExpirePassword())) {
     // We can expire password only for LOCAL authentication
     if (OracleAuthentication.LOCAL.equals(status.currentAuth)) {
       appendExpirePassword(builder, userAttributes);
     } else {
       IllegalArgumentException e =
           new IllegalArgumentException(
               cm.format(MSG_CANNOT_EXPIRE_PASSWORD_FOR_NOT_LOCAL_AUTHENTICATION, null));
       if (ExtraAttributesPolicy.FAIL.equals(
           extraAttributesPolicySetup.getPolicy(PASSWORD_EXPIRE, operation))) {
         throw e;
       } else {
         status.addIgnoredAttribute(PASSWORD_EXPIRE, e);
         LOG.info("Ignoring extra password_expire attribute in operation [{0}]", operation);
       }
     }
   }
   if (userAttributes.getEnable() != null) {
     appendEnabled(builder, userAttributes);
   }
   if (userAttributes.getProfile() != null) {
     appendProfile(builder, userAttributes);
   }
   if (builder.length() == 0 && !status.ignoredAttributes.isEmpty()) {
     // throw the fisrt exception
     throw status.ignoredAttributes.get(0).getSecond();
   }
   return builder.toString();
 }
 static ConnectionType resolveType(String name, ConnectorMessages msg) {
   for (ConnectionType type : values()) {
     if (type.sourceType.equals(name)) {
       return type;
     }
   }
   throw new IllegalArgumentException(msg.format(MSG_INVALID_SOURCE_TYPE, null));
 }
 static String getNotEmptyStringValue(
     Map<String, Attribute> attrs, String name, ConnectorMessages cm) {
   String value = getRequiredStringValue(attrs, name, cm);
   if (StringUtil.isEmpty(value)) {
     throw new IllegalArgumentException(cm.format(MSG_ATTRIBUTE_IS_EMPTY, null, name));
   }
   return value;
 }
 static String getRequiredStringValue(
     Map<String, Attribute> attrs, String name, ConnectorMessages cm) {
   Attribute attr = attrs.get(name);
   if (attr == null) {
     throw new IllegalArgumentException(cm.format(MSG_ATTRIBUTE_IS_MISSING, null, name));
   }
   return AttributeUtil.getStringValue(attr);
 }
 static Boolean getNotNullAttributeBooleanValue(
     Map<String, Attribute> attrs, String name, ConnectorMessages cm) {
   Attribute attr = attrs.get(name);
   if (attr == null) {
     return null;
   }
   Object value = AttributeUtil.getSingleValue(attr);
   if (value instanceof Boolean) {
     return (Boolean) value;
   }
   throw new IllegalArgumentException(
       cm.format(MSG_BOOLEAN_ATTRIBUTE_HAS_INVALID_VALUE, null, name, value));
 }
 @SuppressWarnings("unchecked")
 ExtraAttributesPolicySetupBuilder parseArray(String[] policies) {
   if (policies == null) {
     return this;
   }
   for (String policy : policies) {
     final Map<String, Object> map = MapParser.parseMap(policy, cm);
     if (map.size() != 1) {
       throw new IllegalArgumentException(cm.format(MSG_EAP_MUST_SPECIFY_ONE_ARRAY_ELEMENT, null));
     }
     String attributeName = map.keySet().iterator().next();
     Map<String, String> elementMap = (Map<String, String>) map.values().iterator().next();
     parseAttributeMap(attributeName, elementMap);
   }
   return this;
 }
 private void parseAttribute(
     OracleUserAttribute attribute, Map<String, String> aElementMap, boolean overwrite) {
   Map<String, String> elementMap = new HashMap<String, String>(aElementMap);
   for (Iterator<Entry<String, String>> i = elementMap.entrySet().iterator(); i.hasNext(); ) {
     Entry<String, String> entry = i.next();
     String opString = entry.getKey();
     String policyString = entry.getValue();
     ExtraAttributesPolicy policy = ExtraAttributesPolicy.valueOf(policyString);
     Class<? extends SPIOperation> operation = resolveOperation(opString);
     definePolicyInternal(attribute, operation, policy, overwrite);
     i.remove();
   }
   if (!elementMap.isEmpty()) {
     throw new IllegalArgumentException(
         cm.format(MSG_EAP_INVALID_ELEMENTS_IN_MAP, null, elementMap));
   }
 }
 @SuppressWarnings("unchecked")
 ExtraAttributesPolicySetupBuilder parseMap(String format) {
   if ("default".equalsIgnoreCase(format)) {
     return this;
   }
   final Map<String, Object> map = MapParser.parseMap(format, cm);
   for (Iterator<Map.Entry<String, Object>> i = map.entrySet().iterator(); i.hasNext(); ) {
     Entry<String, Object> entry = i.next();
     String attributeName = entry.getKey();
     Map<String, String> elementMap = (Map<String, String>) entry.getValue();
     parseAttributeMap(attributeName, elementMap);
     i.remove();
   }
   if (!map.isEmpty()) {
     throw new IllegalArgumentException(cm.format(MSG_EAP_INVALID_ELEMENTS_IN_MAP, null, map));
   }
   return this;
 }
 private void appendTempTSQuota(
     StringBuilder builder, OracleUserAttributes userAttributes, UserRecord userRecord) {
   builder.append(" quota");
   if ("-1".equals(userAttributes.getTempTSQuota())) {
     builder.append(" unlimited");
   } else {
     builder.append(' ').append(userAttributes.getTempTSQuota());
   }
   builder.append(" on");
   String tempTableSpace = userAttributes.getTempTableSpace();
   if (tempTableSpace == null) {
     if (userRecord == null || userRecord.getTemporaryTableSpace() == null) {
       throw new IllegalArgumentException(
           cm.format(MSG_MISSING_TEMPORARY_TABLESPACE_FOR_QUOTA, null));
     }
     tempTableSpace = userRecord.getTemporaryTableSpace();
   }
   builder.append(' ').append(cs.formatToken(TEMP_TABLESPACE, tempTableSpace));
 }
 private void appendDefaultTSQuota(
     StringBuilder builder, OracleUserAttributes userAttributes, UserRecord userRecord) {
   builder.append(" quota");
   if ("-1".equals(userAttributes.getDefaultTSQuota())) {
     builder.append(" unlimited");
   } else {
     builder.append(' ').append(userAttributes.getDefaultTSQuota());
   }
   builder.append(" on");
   String defaultTableSpace = userAttributes.getDefaultTableSpace();
   if (defaultTableSpace == null) {
     if (userRecord == null || userRecord.getDefaultTableSpace() == null) {
       throw new IllegalArgumentException(
           cm.format(MSG_MISSING_DEFAULT_TABLESPACE_FOR_QUOTA, null));
     }
     defaultTableSpace = userRecord.getDefaultTableSpace();
   }
   builder.append(' ').append(cs.formatToken(DEF_TABLESPACE, defaultTableSpace));
 }
 private Class<? extends SPIOperation> resolveOperation(String opString) {
   for (Class<? extends SPIOperation> clazz : FrameworkUtil.allSPIOperations()) {
     if (clazz.getName().equals(opString)) {
       return clazz;
     }
     ;
     String clazzSimpleName = clazz.getSimpleName();
     if (clazzSimpleName.equals(opString)) {
       return clazz;
     }
     if (clazzSimpleName.endsWith("Op")
         && clazzSimpleName
             .substring(0, clazzSimpleName.length() - 2)
             .equalsIgnoreCase(opString)) {
       return clazz;
     }
   }
   throw new IllegalArgumentException(
       cm.format(MSG_EAP_CANNOT_RESOLVE_SPI_OPERATION, null, opString));
 }
 private void appendAuth(
     final StringBuilder builder,
     OracleUserAttributes userAttributes,
     Class<? extends SPIOperation> operation,
     BuilderStatus status,
     UserRecord userRecord) {
   status.currentAuth = userAttributes.getAuth();
   if (status.currentAuth == null) {
     if (CreateOp.class.equals(operation)) {
       status.currentAuth = OracleAuthentication.LOCAL;
     } else {
       status.currentAuth = OracleUserReader.resolveAuthentication(userRecord);
     }
   }
   boolean appendIdentified =
       CreateOp.class.equals(operation)
           || userAttributes.getAuth() != null
           || userAttributes.getPassword() != null
           || userAttributes.getGlobalName() != null;
   if (!appendIdentified) {
     return;
   }
   if (userAttributes.getPassword() != null
       && !OracleAuthentication.LOCAL.equals(status.currentAuth)) {
     // Apply the extra attribute policy
     IllegalArgumentException e =
         new IllegalArgumentException(
             cm.format(MSG_CANNOT_SET_PASSWORD_FOR_NOT_LOCAL_AUTHENTICATION, null));
     if (ExtraAttributesPolicy.FAIL.equals(
         extraAttributesPolicySetup.getPolicy(PASSWORD, operation))) {
       throw e;
     } else {
       LOG.info("Ignoring extra password attribute in operation [{0}]", operation);
       status.addIgnoredAttribute(PASSWORD, e);
       // If only password was set, return
       if (userAttributes.getAuth() == null
           && userAttributes.getGlobalName() == null
           && UpdateOp.class.equals(operation)) {
         appendIdentified = false;
       }
     }
   }
   if (userAttributes.getGlobalName() != null
       && !OracleAuthentication.GLOBAL.equals(status.currentAuth)) {
     throw new IllegalArgumentException(
         cm.format(MSG_CANNOT_SET_GLOBALNAME_FOR_NOT_GLOBAL_AUTHENTICATION, null));
   }
   if (!appendIdentified) {
     return;
   }
   builder.append(" identified");
   if (OracleAuthentication.LOCAL.equals(status.currentAuth)) {
     builder.append(" by ");
     status.passwordSet = userAttributes.getPassword();
     if (status.passwordSet == null) {
       // Can we set password same as username ? , adapter did so
       if (CreateOp.class.equals(operation)) {
         // Set password to userName, it is already normalized
         status.passwordSet = new GuardedString(userAttributes.getUserName().toCharArray());
       } else {
         // no password for update and local authentication
         // some application can send update of authentication to
         // local and will not send password at the update
         // In this case we will rather set password to user name and
         // set (password_expired=true)
         // Other option would be to throw exception, but some
         // application could not have
         // possibility to send password
         status.passwordSet = new GuardedString(userAttributes.getUserName().toCharArray());
         status.forceExpirePassword = true;
       }
     }
     status.passwordSet.access(
         new GuardedString.Accessor() {
           public void access(char[] clearChars) {
             builder.append(cs.formatToken(PASSWORD, clearChars));
             Arrays.fill(clearChars, (char) 0);
           }
         });
   } else if (OracleAuthentication.EXTERNAL.equals(status.currentAuth)) {
     builder.append(" externally");
   } else if (OracleAuthentication.GLOBAL.equals(status.currentAuth)) {
     if (StringUtil.isBlank(userAttributes.getGlobalName())) {
       throw new IllegalArgumentException(
           cm.format(MSG_MISSING_GLOBALNAME_FOR_GLOBAL_AUTHENTICATION, null));
     }
     builder.append(" globally as ");
     builder.append(
         cs.formatToken(OracleUserAttribute.GLOBAL_NAME, userAttributes.getGlobalName()));
   }
 }