Refactor account type (#6048)

* Refactor account type

* Added license.

* Address reviews

* Address review.

Co-authored-by: João Paraquetti <joao@scclouds.com.br>
Co-authored-by: Joao <JoaoJandre@gitlab.com>

api/src/main/java/com/cloud/user/Account.java

@@ -16,35 +16,65 @@
 // under the License.
 package com.cloud.user;
 
-import java.util.Date;
-
 import org.apache.cloudstack.acl.ControlledEntity;
 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
 
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
 public interface Account extends ControlledEntity, InternalIdentity, Identity {
 
+    /**
+     *  Account states.
+     * */
+    enum State {
+        DISABLED, ENABLED, LOCKED;
+
+        /**
+         * The toString method was overridden to maintain consistency in the DB, as the GenericDaoBase uses toString in the enum value to make the sql statements
+         * and previously the enum was in lowercase.
+         * */
+        @Override
+        public String toString(){
+            return super.toString().toLowerCase();
+        }
+
+        /**
+         * This method was created to maintain backwards compatibility to the DB schema. Unfortunately we can't override the valueOf method.
+         * */
+        public static State getValueOf(String name){
+            return State.valueOf(name.toUpperCase());
+        }
 
-    public enum State {
-        disabled, enabled, locked
     }
 
-    public static final short ACCOUNT_TYPE_NORMAL = 0;
+    /**
-    public static final short ACCOUNT_TYPE_ADMIN = 1;
+     * Account types.
-    public static final short ACCOUNT_TYPE_DOMAIN_ADMIN = 2;
+     * */
-    public static final short ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN = 3;
+    enum Type {
-    public static final short ACCOUNT_TYPE_READ_ONLY_ADMIN = 4;
+        NORMAL, ADMIN, DOMAIN_ADMIN, RESOURCE_DOMAIN_ADMIN, READ_ONLY_ADMIN, PROJECT, UNKNOWN;
-    public static final short ACCOUNT_TYPE_PROJECT = 5;
 
-    public static final String ACCOUNT_STATE_DISABLED = "disabled";
+        private static Map<Integer,Type> ACCOUNT_TYPE_MAP = new HashMap<>();
-    public static final String ACCOUNT_STATE_ENABLED = "enabled";
+
-    public static final String ACCOUNT_STATE_LOCKED = "locked";
+        static {
+            for (Type t: Type.values()) {
+                ACCOUNT_TYPE_MAP.put(t.ordinal(),t);
+            }
+            ACCOUNT_TYPE_MAP.remove(6);
+        }
+
+        public static Type getFromValue(Integer type){
+            return ACCOUNT_TYPE_MAP.get(type);
+        }
+    }
 
     public static final long ACCOUNT_ID_SYSTEM = 1;
 
     public String getAccountName();
 
-    public short getType();
+    public Type getType();
 
     public Long getRoleId();
 

api/src/main/java/com/cloud/user/AccountService.java

@@ -42,8 +42,8 @@ public interface AccountService {
      */
     UserAccount createUserAccount(CreateAccountCmd accountCmd);
 
-    UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, short accountType, Long roleId, Long domainId,
+    UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, Account.Type accountType,
-            String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source);
+                                  Long roleId, Long domainId, String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source);
 
     /**
      * Locks a user by userId. A locked user cannot access the API, but will still have running VMs/IP addresses
@@ -57,7 +57,8 @@ public interface AccountService {
 
     User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID);
 
-    User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID, User.Source source);
+    User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID,
+                    User.Source source);
 
     boolean isAdmin(Long accountId);
 

api/src/main/java/com/cloud/vm/InstanceGroup.java

@@ -18,6 +18,7 @@ package com.cloud.vm;
 
 import java.util.Date;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.acl.ControlledEntity;
 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
@@ -28,6 +29,6 @@ public interface InstanceGroup extends ControlledEntity, Identity, InternalIdent
 
     Date getCreated();
 
-    Short getAccountType();
+    Account.Type getAccountType();
 
 }

api/src/main/java/org/apache/cloudstack/acl/RoleType.java

@@ -20,20 +20,33 @@ import org.apache.commons.lang3.StringUtils;
 
 import com.cloud.user.Account;
 import com.google.common.base.Enums;
+import org.apache.log4j.Logger;
+
+import java.util.HashMap;
+import java.util.Map;
 
 // Enum for default roles in CloudStack
 public enum RoleType {
-    Admin(1L, Account.ACCOUNT_TYPE_ADMIN, 1),
+    Admin(1L, Account.Type.ADMIN, 1),
-    ResourceAdmin(2L, Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN, 2),
+    ResourceAdmin(2L, Account.Type.RESOURCE_DOMAIN_ADMIN, 2),
-    DomainAdmin(3L, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, 4),
+    DomainAdmin(3L, Account.Type.DOMAIN_ADMIN, 4),
-    User(4L, Account.ACCOUNT_TYPE_NORMAL, 8),
+    User(4L, Account.Type.NORMAL, 8),
-    Unknown(-1L, (short) -1, 0);
+    Unknown(-1L,  Account.Type.UNKNOWN, 0);
 
     private long id;
-    private short accountType;
+    private Account.Type accountType;
     private int mask;
 
-    RoleType(final long id, final short accountType, final int mask) {
+    private static Logger logger = Logger.getLogger(RoleType.class.getName());
+    private static Map<Account.Type, RoleType> ACCOUNT_TYPE_MAP = new HashMap<>();
+
+    static {
+        for (RoleType t: RoleType.values()) {
+            ACCOUNT_TYPE_MAP.put(t.getAccountType(),t);
+        }
+    }
+
+    RoleType(final long id, final Account.Type accountType, final int mask) {
         this.id = id;
         this.accountType = accountType;
         this.mask = mask;
@@ -43,7 +56,7 @@ public enum RoleType {
         return id;
     }
 
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 
@@ -68,26 +81,15 @@ public enum RoleType {
         return Unknown;
     }
 
-    public static RoleType getByAccountType(final short accountType) {
+    public static RoleType getByAccountType(final Account.Type accountType) {
-        RoleType roleType = RoleType.Unknown;
+        RoleType t = ACCOUNT_TYPE_MAP.get(accountType);
-        switch (accountType) {
+        if (t == null) {
-            case Account.ACCOUNT_TYPE_ADMIN:
+            return RoleType.Unknown;
-                roleType = RoleType.Admin;
-                break;
-            case Account.ACCOUNT_TYPE_DOMAIN_ADMIN:
-                roleType = RoleType.DomainAdmin;
-                break;
-            case Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN:
-                roleType = RoleType.ResourceAdmin;
-                break;
-            case Account.ACCOUNT_TYPE_NORMAL:
-                roleType = RoleType.User;
-                break;
         }
-        return roleType;
+        return t;
     }
 
-    public static Long getRoleByAccountType(final Long roleId, final Short accountType) {
+    public static Long getRoleByAccountType(final Long roleId, final Account.Type accountType) {
         if (roleId == null && accountType != null) {
             RoleType defaultRoleType = RoleType.getByAccountType(accountType);
             if (defaultRoleType != null && defaultRoleType != RoleType.Unknown) {
@@ -97,10 +99,15 @@ public enum RoleType {
         return roleId;
     }
 
-    public static Short getAccountTypeByRole(final Role role, final Short accountType) {
+    /**
-        if (role != null && role.getId() > 0L) {
+     * This method returns the role account type if the role isn't null, else it returns the default account type.
+     * */
+    public static Account.Type getAccountTypeByRole(final Role role, final Account.Type defautAccountType) {
+        if (role != null) {
+            logger.debug(String.format("Role [%s] is not null; therefore, we use its account type [%s].", role, defautAccountType));
             return role.getRoleType().getAccountType();
         }
-        return accountType;
+        logger.debug(String.format("Role is null; therefore, we use the default account type [%s] value.", defautAccountType));
+        return defautAccountType;
     }
 }

api/src/main/java/org/apache/cloudstack/api/command/admin/account/CreateAccountCmd.java

@@ -56,9 +56,9 @@ public class CreateAccountCmd extends BaseCmd {
     private String accountName;
 
     @Parameter(name = ApiConstants.ACCOUNT_TYPE,
-               type = CommandType.SHORT,
+               type = CommandType.INTEGER,
                description = "Type of the account.  Specify 0 for user, 1 for root admin, and 2 for domain admin")
-    private Short accountType;
+    private Integer accountType;
 
     @Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
     private Long roleId;
@@ -109,12 +109,12 @@ public class CreateAccountCmd extends BaseCmd {
         return accountName;
     }
 
-    public Short getAccountType() {
+    public Account.Type getAccountType() {
-        return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
+        return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType));
     }
 
     public Long getRoleId() {
-        return RoleType.getRoleByAccountType(roleId, accountType);
+        return RoleType.getRoleByAccountType(roleId, getAccountType());
     }
 
     public Long getDomainId() {

api/src/main/java/org/apache/cloudstack/api/command/admin/ca/ListCaCertificateCmd.java

@@ -85,6 +85,6 @@ public class ListCaCertificateCmd extends BaseCmd {
 
     @Override
     public long getEntityOwnerId() {
-        return Account.ACCOUNT_TYPE_NORMAL;
+        return Account.Type.NORMAL.ordinal();
     }
 }

api/src/main/java/org/apache/cloudstack/api/command/admin/user/ListUsersCmd.java

@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.admin.user;
 
 import com.cloud.server.ResourceIcon;
 import com.cloud.server.ResourceTag;
+import com.cloud.user.Account;
 import org.apache.cloudstack.api.response.ResourceIconResponse;
 import org.apache.log4j.Logger;
 
@@ -42,9 +43,9 @@ public class ListUsersCmd extends BaseListAccountResourcesCmd {
     /////////////////////////////////////////////////////
 
     @Parameter(name = ApiConstants.ACCOUNT_TYPE,
-               type = CommandType.LONG,
+               type = CommandType.INTEGER,
                description = "List users by account type. Valid types include admin, domain-admin, read-only-admin, or user.")
-    private Long accountType;
+    private Integer accountType;
 
     @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = UserResponse.class, description = "List user by ID.")
     private Long id;
@@ -63,8 +64,8 @@ public class ListUsersCmd extends BaseListAccountResourcesCmd {
     /////////////////// Accessors ///////////////////////
     /////////////////////////////////////////////////////
 
-    public Long getAccountType() {
+    public Account.Type getAccountType() {
-        return accountType;
+        return Account.Type.getFromValue(accountType);
     }
 
     public Long getId() {

api/src/main/java/org/apache/cloudstack/api/command/user/account/ListAccountsCmd.java

@@ -49,9 +49,9 @@ public class ListAccountsCmd extends BaseListDomainResourcesCmd implements UserC
     /////////////////////////////////////////////////////
 
     @Parameter(name = ApiConstants.ACCOUNT_TYPE,
-               type = CommandType.LONG,
+               type = CommandType.INTEGER,
                description = "list accounts by account type. Valid account types are 1 (admin), 2 (domain-admin), and 0 (user).")
-    private Long accountType;
+    private Integer accountType;
 
     @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AccountResponse.class, description = "list account by account ID")
     private Long id;
@@ -79,8 +79,8 @@ public class ListAccountsCmd extends BaseListDomainResourcesCmd implements UserC
     /////////////////// Accessors ///////////////////////
     /////////////////////////////////////////////////////
 
-    public Long getAccountType() {
+    public Account.Type getAccountType() {
-        return accountType;
+        return Account.Type.getFromValue(accountType);
     }
 
     public Long getId() {

api/src/main/java/org/apache/cloudstack/api/command/user/snapshot/CreateSnapshotCmd.java

@@ -172,13 +172,13 @@ public class CreateSnapshotCmd extends BaseAsyncCreateCmd {
 
         Account account = _accountService.getAccount(volume.getAccountId());
         //Can create templates for enabled projects/accounts only
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             Project project = _projectService.findByProjectAccountId(volume.getAccountId());
             if (project.getState() != Project.State.Active) {
                 throw new PermissionDeniedException("Can't add resources to the project id=" + project.getId() + " in state=" + project.getState() +
                     " as it's no longer active");
             }
-        } else if (account.getState() == Account.State.disabled) {
+        } else if (account.getState() == Account.State.DISABLED) {
             throw new PermissionDeniedException("The owner of template is disabled: " + account);
         }
 

api/src/main/java/org/apache/cloudstack/api/command/user/snapshot/CreateSnapshotFromVMSnapshotCmd.java

@@ -129,7 +129,7 @@ public class CreateSnapshotFromVMSnapshotCmd extends BaseAsyncCreateCmd {
 
         Account account = _accountService.getAccount(vmsnapshot.getAccountId());
         //Can create templates for enabled projects/accounts only
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             Project project = _projectService.findByProjectAccountId(vmsnapshot.getAccountId());
             if (project == null) {
                 throw new InvalidParameterValueException("Unable to find project by account id=" + account.getUuid());
@@ -137,7 +137,7 @@ public class CreateSnapshotFromVMSnapshotCmd extends BaseAsyncCreateCmd {
             if (project.getState() != Project.State.Active) {
                 throw new PermissionDeniedException("Can't add resources to the project id=" + project.getUuid() + " in state=" + project.getState() + " as it's no longer active");
             }
-        } else if (account.getState() == Account.State.disabled) {
+        } else if (account.getState() == Account.State.DISABLED) {
             throw new PermissionDeniedException("The owner of template is disabled: " + account);
         }
 

api/src/main/java/org/apache/cloudstack/api/command/user/snapshot/CreateSnapshotPolicyCmd.java

@@ -125,7 +125,7 @@ public class CreateSnapshotPolicyCmd extends BaseCmd {
 
         Account account = _accountService.getAccount(volume.getAccountId());
         //Can create templates for enabled projects/accounts only
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             Project project = _projectService.findByProjectAccountId(volume.getAccountId());
             if (project.getState() != Project.State.Active) {
                 PermissionDeniedException ex =
@@ -133,7 +133,7 @@ public class CreateSnapshotPolicyCmd extends BaseCmd {
                 ex.addProxyObject(project.getUuid(), "projectId");
                 throw ex;
             }
-        } else if (account.getState() == Account.State.disabled) {
+        } else if (account.getState() == Account.State.DISABLED) {
             throw new PermissionDeniedException("The owner of template is disabled: " + account);
         }
 

api/src/main/java/org/apache/cloudstack/api/command/user/volume/ResizeVolumeCmd.java

@@ -151,13 +151,13 @@ public class ResizeVolumeCmd extends BaseAsyncCmd implements UserCmd {
 
         Account account = _accountService.getAccount(volume.getAccountId());
         //Can resize volumes for enabled projects/accounts only
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
                 Project project = _projectService.findByProjectAccountId(volume.getAccountId());
             if (project.getState() != Project.State.Active) {
                 throw new PermissionDeniedException("Can't add resources to  project id=" + project.getId() + " in state=" + project.getState() +
                     " as it's no longer active");
             }
-        } else if (account.getState() == Account.State.disabled) {
+        } else if (account.getState() == Account.State.DISABLED) {
             throw new PermissionDeniedException("The owner of volume " + id + "  is disabled: " + account);
         }
 

api/src/main/java/org/apache/cloudstack/api/response/AccountResponse.java

@@ -41,7 +41,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
 
     @SerializedName(ApiConstants.ACCOUNT_TYPE)
     @Param(description = "account type (admin, domain-admin, user)")
-    private Short accountType;
+    private Integer accountType;
 
     @SerializedName(ApiConstants.ROLE_ID)
     @Param(description = "the ID of the role")
@@ -280,7 +280,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
         this.name = name;
     }
 
-    public void setAccountType(Short accountType) {
+    public void setAccountType(Integer accountType) {
         this.accountType = accountType;
     }
 

api/src/main/java/org/apache/cloudstack/api/response/ProjectAccountResponse.java

@@ -51,7 +51,7 @@ public class ProjectAccountResponse extends BaseResponse implements ControlledVi
 
     @SerializedName(ApiConstants.ACCOUNT_TYPE)
     @Param(description = "account type (admin, domain-admin, user)")
-    private Short accountType;
+    private Integer accountType;
 
     @SerializedName(ApiConstants.USER_ID)
     @Param(description = "Id of the user")
@@ -96,7 +96,7 @@ public class ProjectAccountResponse extends BaseResponse implements ControlledVi
         this.accountName = accountName;
     }
 
-    public void setAccountType(Short accountType) {
+    public void setAccountType(Integer accountType) {
         this.accountType = accountType;
     }
 

api/src/main/java/org/apache/cloudstack/api/response/UserResponse.java

@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.response;
 
 import java.util.Date;
 
+import com.cloud.user.Account;
 import com.google.gson.annotations.SerializedName;
 
 import org.apache.cloudstack.acl.RoleType;
@@ -64,7 +65,7 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
 
     @SerializedName("accounttype")
     @Param(description = "the account type of the user")
-    private Short accountType;
+    private Integer accountType;
 
     @SerializedName("usersource")
     @Param(description = "the source type of the user in lowercase, such as native, ldap, saml2")
@@ -188,12 +189,12 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
         this.accountName = accountName;
     }
 
-    public Short getAccountType() {
+    public Integer getAccountType() {
         return accountType;
     }
 
-    public void setAccountType(Short accountType) {
+    public void setAccountType(Account.Type accountType) {
-        this.accountType = accountType;
+        this.accountType = accountType.ordinal();
     }
 
     public void setRoleId(String roleId) {

api/src/test/java/com/cloud/user/AccountTypeTest.java

@@ -0,0 +1,55 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// the License.  You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.user;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class AccountTypeTest {
+
+    @Test
+    public void ordinalTestIfInCorrectOrder(){
+        Assert.assertEquals(0, Account.Type.NORMAL.ordinal());
+        Assert.assertEquals(1, Account.Type.ADMIN.ordinal());
+        Assert.assertEquals(2, Account.Type.DOMAIN_ADMIN.ordinal());
+        Assert.assertEquals(3, Account.Type.RESOURCE_DOMAIN_ADMIN.ordinal());
+        Assert.assertEquals(4, Account.Type.READ_ONLY_ADMIN.ordinal());
+        Assert.assertEquals(5, Account.Type.PROJECT.ordinal());
+        Assert.assertEquals(6, Account.Type.UNKNOWN.ordinal());
+    }
+
+    @Test
+    public void getFromValueTestIfAllValuesAreReturned(){
+        for (Account.Type accountType: Account.Type.values()) {
+            if( accountType != Account.Type.UNKNOWN) {
+                Assert.assertEquals(Account.Type.getFromValue(accountType.ordinal()), accountType);
+            }
+        }
+    }
+
+    @Test
+    public void getFromValueTestInvalidValue(){
+        Assert.assertEquals(Account.Type.getFromValue(null),null);
+    }
+
+    @Test
+    public void stateToStringTestAllValues(){
+        Assert.assertEquals(Account.State.ENABLED.toString(), "enabled");
+        Assert.assertEquals(Account.State.DISABLED.toString(), "disabled");
+        Assert.assertEquals(Account.State.LOCKED.toString(), "locked");
+    }
+}

api/src/test/java/org/apache/cloudstack/acl/RoleTypeTest.java

@@ -55,37 +55,37 @@ public class RoleTypeTest {
 
     @Test
     public void testGetByAccountType() {
-        Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_NORMAL), RoleType.User);
+        Assert.assertEquals(RoleType.getByAccountType(Account.Type.NORMAL), RoleType.User);
-        Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_ADMIN), RoleType.Admin);
+        Assert.assertEquals(RoleType.getByAccountType(Account.Type.ADMIN), RoleType.Admin);
-        Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), RoleType.DomainAdmin);
+        Assert.assertEquals(RoleType.getByAccountType(Account.Type.DOMAIN_ADMIN), RoleType.DomainAdmin);
-        Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN), RoleType.ResourceAdmin);
+        Assert.assertEquals(RoleType.getByAccountType(Account.Type.RESOURCE_DOMAIN_ADMIN), RoleType.ResourceAdmin);
-        Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_PROJECT), RoleType.Unknown);
+        Assert.assertEquals(RoleType.getByAccountType(Account.Type.PROJECT), RoleType.Unknown);
     }
 
     @Test
     public void testGetRoleByAccountTypeWhenRoleIdIsProvided() {
-        Assert.assertEquals(RoleType.getRoleByAccountType(123L, Account.ACCOUNT_TYPE_ADMIN), Long.valueOf(123L));
+        Assert.assertEquals(RoleType.getRoleByAccountType(123L, Account.Type.ADMIN), Long.valueOf(123L));
         Assert.assertEquals(RoleType.getRoleByAccountType(1234L, null), Long.valueOf(1234L));
     }
 
     @Test
     public void testGetRoleByAccountTypeForDefaultAccountTypes() {
-        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_ADMIN), (Long) RoleType.Admin.getId());
+        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.ADMIN), (Long) RoleType.Admin.getId());
-        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_NORMAL), (Long) RoleType.User.getId());
+        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.NORMAL), (Long) RoleType.User.getId());
-        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_DOMAIN_ADMIN), (Long) RoleType.DomainAdmin.getId());
+        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.DOMAIN_ADMIN), (Long) RoleType.DomainAdmin.getId());
-        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN), (Long) RoleType.ResourceAdmin.getId());
+        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.RESOURCE_DOMAIN_ADMIN), (Long) RoleType.ResourceAdmin.getId());
-        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_PROJECT), null);
+        Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.PROJECT), null);
     }
 
     @Test
     public void testGetAccountTypeByRoleWhenRoleIsNull() {
-        for (Short accountType: Arrays.asList(
+        for (Account.Type accountType: Arrays.asList(
-                Account.ACCOUNT_TYPE_NORMAL,
+                Account.Type.NORMAL,
-                Account.ACCOUNT_TYPE_ADMIN,
+                Account.Type.ADMIN,
-                Account.ACCOUNT_TYPE_DOMAIN_ADMIN,
+                Account.Type.DOMAIN_ADMIN,
-                Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN,
+                Account.Type.RESOURCE_DOMAIN_ADMIN,
-                Account.ACCOUNT_TYPE_PROJECT,
+                Account.Type.PROJECT,
-                (short) 12345)) {
+                null)) {
             Assert.assertEquals(RoleType.getAccountTypeByRole(null, accountType), accountType);
         }
     }
@@ -95,6 +95,6 @@ public class RoleTypeTest {
         Role role = Mockito.mock(Role.class);
         Mockito.when(role.getRoleType()).thenReturn(RoleType.Admin);
         Mockito.when(role.getId()).thenReturn(100L);
-        Assert.assertEquals(RoleType.getAccountTypeByRole(role, null), (Short) RoleType.Admin.getAccountType());
+        Assert.assertEquals(RoleType.getAccountTypeByRole(role, null), RoleType.Admin.getAccountType());
     }
 }

api/src/test/java/org/apache/cloudstack/api/command/admin/account/CreateAccountCmdTest.java

@@ -49,7 +49,7 @@ public class CreateAccountCmdTest {
     private CreateAccountCmd createAccountCmd = new CreateAccountCmd();
 
     private long roleId = 1L;
-    private short accountType = 1;
+    private Integer accountType = 1;
     private Long domainId = 1L;
 
     @Before

engine/schema/src/main/java/com/cloud/upgrade/dao/Upgrade481to490.java

@@ -25,6 +25,7 @@ import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.acl.RoleType;
 import org.apache.log4j.Logger;
 
@@ -70,8 +71,8 @@ public class Upgrade481to490 implements DbUpgrade {
              final ResultSet selectResultSet = selectStatement.executeQuery()) {
             while (selectResultSet.next()) {
                 final Long accountId = selectResultSet.getLong(1);
-                final Short accountType = selectResultSet.getShort(2);
+                final Integer accountType = selectResultSet.getInt(2);
-                final Long roleId = RoleType.getByAccountType(accountType).getId();
+                final Long roleId = RoleType.getByAccountType(Account.Type.getFromValue(accountType)).getId();
                 if (roleId < 1L || roleId > 4L) {
                     s_logger.warn("Skipping role ID migration due to invalid role_id resolved for account id=" + accountId);
                     continue;

engine/schema/src/main/java/com/cloud/usage/dao/UsageDaoImpl.java

@@ -113,7 +113,7 @@ public class UsageDaoImpl extends GenericDaoBase<UsageVO, Long> implements Usage
             for (AccountVO acct : accounts) {
                 pstmt.setLong(1, acct.getId());
                 pstmt.setString(2, acct.getAccountName());
-                pstmt.setShort(3, acct.getType());
+                pstmt.setInt(3, acct.getType().ordinal());
 
                 //prevent autoboxing NPE by defaulting to User role
                 if(acct.getRoleId() == null){

engine/schema/src/main/java/com/cloud/user/AccountVO.java

@@ -42,7 +42,8 @@ public class AccountVO implements Account {
     private String accountName = null;
 
     @Column(name = "type")
-    private short type = ACCOUNT_TYPE_NORMAL;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Type type;
 
     @Column(name = "role_id")
     private Long roleId;
@@ -84,17 +85,17 @@ public class AccountVO implements Account {
         uuid = UUID.randomUUID().toString();
     }
 
-    public AccountVO(final String accountName, final long domainId, final String networkDomain, final short type, final String uuid) {
+    public AccountVO(final String accountName, final long domainId, final String networkDomain, final Type type, final String uuid) {
         this.accountName = accountName;
         this.domainId = domainId;
         this.networkDomain = networkDomain;
         this.type = type;
-        this.state = State.enabled;
+        this.state = State.ENABLED;
         this.uuid = uuid;
         this.roleId = RoleType.getRoleByAccountType(null, type);
     }
 
-    public AccountVO(final String accountName, final long domainId, final String networkDomain, final short type, final Long roleId, final String uuid) {
+    public AccountVO(final String accountName, final long domainId, final String networkDomain, final Type type, final Long roleId, final String uuid) {
         this(accountName, domainId, networkDomain, type, uuid);
         if (roleId != null) {
             this.roleId = roleId;
@@ -128,11 +129,11 @@ public class AccountVO implements Account {
     }
 
     @Override
-    public short getType() {
+    public Account.Type getType() {
         return type;
     }
 
-    public void setType(short type) {
+    public void setType(Type type) {
         this.type = type;
     }
 

engine/schema/src/main/java/com/cloud/user/UserVO.java

@@ -122,7 +122,7 @@ public class UserVO implements User, Identity, InternalIdentity {
         this.lastname = lastName;
         this.email = email;
         this.timezone = timezone;
-        this.state = State.enabled;
+        this.state = State.ENABLED;
         this.uuid = uuid;
         this.source = source;
     }

engine/schema/src/main/java/com/cloud/user/dao/AccountDaoImpl.java

@@ -119,7 +119,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
     public List<AccountVO> findCleanupsForDisabledAccounts() {
         SearchCriteria<AccountVO> sc = CleanupForDisabledAccountsSearch.create();
         sc.setParameters("cleanup", true);
-        sc.setParameters("state", State.disabled);
+        sc.setParameters("state", State.DISABLED);
 
         return listBy(sc);
     }
@@ -140,14 +140,14 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
                 u.setUsername(rs.getString(2));
                 u.setAccountId(rs.getLong(3));
                 u.setSecretKey(DBEncryptionUtil.decrypt(rs.getString(4)));
-                u.setState(State.valueOf(rs.getString(5)));
+                u.setState(State.getValueOf(rs.getString(5)));
 
                 AccountVO a = new AccountVO(rs.getLong(6));
                 a.setAccountName(rs.getString(7));
-                a.setType(rs.getShort(8));
+                a.setType(Account.Type.getFromValue(rs.getInt(8)));
                 a.setRoleId(rs.getLong(9));
                 a.setDomainId(rs.getLong(10));
-                a.setState(State.valueOf(rs.getString(11)));
+                a.setState(State.getValueOf(rs.getString(11)));
 
                 userAcctPair = new Pair<User, Account>(u, a);
             }
@@ -175,7 +175,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
     public Account findEnabledAccount(String accountName, Long domainId) {
         SearchCriteria<AccountVO> sc = AllFieldsSearch.create("accountName", accountName);
         sc.setParameters("domainId", domainId);
-        sc.setParameters("state", State.enabled);
+        sc.setParameters("state", State.ENABLED);
         return findOneBy(sc);
     }
 
@@ -183,8 +183,8 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
     public Account findEnabledNonProjectAccount(String accountName, Long domainId) {
         SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
         sc.setParameters("domainId", domainId);
-        sc.setParameters("state", State.enabled);
+        sc.setParameters("state", State.ENABLED);
-        sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
+        sc.setParameters("type", Account.Type.PROJECT);
         return findOneBy(sc);
     }
 
@@ -206,7 +206,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
     public Account findActiveNonProjectAccount(String accountName, Long domainId) {
         SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
         sc.setParameters("domainId", domainId);
-        sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
+        sc.setParameters("type", Account.Type.PROJECT);
         return findOneBy(sc);
     }
 
@@ -221,7 +221,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
     public Account findNonProjectAccountIncludingRemoved(String accountName, Long domainId) {
         SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
         sc.setParameters("domainId", domainId);
-        sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
+        sc.setParameters("type", Account.Type.PROJECT);
         return findOneIncludingRemovedBy(sc);
     }
 

engine/schema/src/main/java/com/cloud/vm/InstanceGroupVO.java

@@ -21,6 +21,8 @@ import java.util.UUID;
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
 import javax.persistence.GeneratedValue;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
@@ -28,6 +30,7 @@ import javax.persistence.PrimaryKeyJoinColumn;
 import javax.persistence.SecondaryTable;
 import javax.persistence.Table;
 
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
@@ -58,7 +61,8 @@ public class InstanceGroupVO implements InstanceGroup {
     private String uuid;
 
     @Column(name = "type", table = "account", insertable = false, updatable = false)
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     public InstanceGroupVO(String name, long accountId) {
         this.name = name;
@@ -113,7 +117,7 @@ public class InstanceGroupVO implements InstanceGroup {
     }
 
     @Override
-    public Short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

engine/schema/src/main/java/com/cloud/vm/dao/UserVmDaoImpl.java

@@ -641,7 +641,7 @@ public class UserVmDaoImpl extends GenericDaoBase<UserVmVO, Long> implements Use
             nicResponse.setMacAddress(rs.getString("nics.mac_address"));
 
             int account_type = rs.getInt("account.type");
-            if (account_type == Account.ACCOUNT_TYPE_ADMIN) {
+            if (account_type == Account.Type.ADMIN.ordinal()) {
                 nicResponse.setBroadcastUri(rs.getString("nics.broadcast_uri"));
                 nicResponse.setIsolationUri(rs.getString("nics.isolation_uri"));
             }

framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java

@@ -248,11 +248,11 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana
         try (TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.CLOUD_DB)) {
             Account account = _accountDao.findById(accountId);
             if (account != null) {
-                if (account.getState() == State.locked) {
+                if (account.getState() == State.LOCKED) {
                     return true; // already locked, no-op
-                } else if (account.getState() == State.enabled) {
+                } else if (account.getState() == State.ENABLED) {
                     AccountVO acctForUpdate = _accountDao.createForUpdate();
-                    acctForUpdate.setState(State.locked);
+                    acctForUpdate.setState(State.LOCKED);
                     success = _accountDao.update(Long.valueOf(accountId), acctForUpdate);
                 } else {
                     if (s_logger.isInfoEnabled()) {

framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaManagerImpl.java

@@ -27,6 +27,7 @@ import java.util.TimeZone;
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 import org.apache.cloudstack.quota.constant.QuotaTypes;
 import org.apache.cloudstack.quota.dao.QuotaAccountDao;
@@ -467,7 +468,7 @@ public class QuotaManagerImpl extends ManagerBase implements QuotaManager {
 
     @Override
     public boolean isLockable(AccountVO account) {
-        return (account.getType() == AccountVO.ACCOUNT_TYPE_NORMAL || account.getType() == AccountVO.ACCOUNT_TYPE_DOMAIN_ADMIN);
+        return (account.getType() == Account.Type.NORMAL || account.getType() == Account.Type.DOMAIN_ADMIN);
     }
 
 }

framework/quota/src/test/java/org/apache/cloudstack/quota/QuotaAlertManagerImplTest.java

@@ -85,7 +85,7 @@ public class QuotaAlertManagerImplTest extends TestCase {
         AccountVO accountVO = new AccountVO();
         accountVO.setId(2L);
         accountVO.setDomainId(1L);
-        accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
+        accountVO.setType(Account.Type.NORMAL);
         Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(accountVO);
 
         QuotaAccountVO acc = new QuotaAccountVO(2L);
@@ -123,7 +123,7 @@ public class QuotaAlertManagerImplTest extends TestCase {
         AccountVO account = new AccountVO();
         account.setId(2L);
         account.setDomainId(1L);
-        account.setType(Account.ACCOUNT_TYPE_NORMAL);
+        account.setType(Account.Type.NORMAL);
         account.setAccountName("admin");
         account.setUuid("uuid");
 
@@ -182,8 +182,8 @@ public class QuotaAlertManagerImplTest extends TestCase {
         AccountVO accountVO = new AccountVO();
         accountVO.setId(2L);
         accountVO.setDomainId(1L);
-        accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
+        accountVO.setType(Account.Type.NORMAL);
-        accountVO.setState(Account.State.enabled);
+        accountVO.setState(Account.State.ENABLED);
         Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(accountVO);
         Mockito.when(accountDao.createForUpdate()).thenReturn(accountVO);
         Mockito.when(accountDao.update(Mockito.eq(accountVO.getId()), Mockito.eq(accountVO))).thenReturn(true);

framework/quota/src/test/java/org/apache/cloudstack/quota/QuotaManagerImplTest.java

@@ -113,7 +113,7 @@ public class QuotaManagerImplTest extends TestCase {
         AccountVO accountVO = new AccountVO();
         accountVO.setId(2L);
         accountVO.setDomainId(1L);
-        accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
+        accountVO.setType(Account.Type.NORMAL);
         List<AccountVO> accountVOList = new ArrayList<>();
         accountVOList.add(accountVO);
         Mockito.when(accountDao.listAll()).thenReturn(accountVOList);
@@ -140,7 +140,7 @@ public class QuotaManagerImplTest extends TestCase {
         AccountVO accountVO = new AccountVO();
         accountVO.setId(2L);
         accountVO.setDomainId(1L);
-        accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
+        accountVO.setType(Account.Type.NORMAL);
 
         UsageVO usageVO = new UsageVO();
         usageVO.setQuotaCalculated(0);
@@ -189,7 +189,7 @@ public class QuotaManagerImplTest extends TestCase {
         AccountVO accountVO = new AccountVO();
         accountVO.setId(2L);
         accountVO.setDomainId(1L);
-        accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
+        accountVO.setType(Account.Type.NORMAL);
 
         QuotaUsageVO quotaUsageVO = new QuotaUsageVO();
         quotaUsageVO.setAccountId(2L);
@@ -206,37 +206,37 @@ public class QuotaManagerImplTest extends TestCase {
 
     @Test
     public void testAdminLockableAccount() {
-        accountVO.setType(Account.ACCOUNT_TYPE_ADMIN);
+        accountVO.setType(Account.Type.ADMIN);
         assertFalse(quotaManager.isLockable(accountVO));
     }
 
     @Test
     public void testNormalLockableAccount() {
-        accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
+        accountVO.setType(Account.Type.NORMAL);
         assertTrue(quotaManager.isLockable(accountVO));
     }
 
     @Test
     public void tesDomainAdmingLockableAccount() {
-        accountVO.setType(Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
+        accountVO.setType(Account.Type.DOMAIN_ADMIN);
         assertTrue(quotaManager.isLockable(accountVO));
     }
 
     @Test
     public void testReadOnlyAdminLockableAccount() {
-        accountVO.setType(Account.ACCOUNT_TYPE_READ_ONLY_ADMIN);
+        accountVO.setType(Account.Type.READ_ONLY_ADMIN);
         assertFalse(quotaManager.isLockable(accountVO));
     }
 
     @Test
     public void testResourceDomainAdminLockableAccount() {
-        accountVO.setType(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN);
+        accountVO.setType(Account.Type.RESOURCE_DOMAIN_ADMIN);
         assertFalse(quotaManager.isLockable(accountVO));
     }
 
     @Test
     public void testProjectLockableAccount() {
-        accountVO.setType(Account.ACCOUNT_TYPE_PROJECT);
+        accountVO.setType(Account.Type.PROJECT);
         assertFalse(quotaManager.isLockable(accountVO));
     }
 

plugins/acl/dynamic-role-based/src/test/java/org/apache/cloudstack/acl/DynamicRoleBasedAPIAccessCheckerTest.java

@@ -53,7 +53,7 @@ public class DynamicRoleBasedAPIAccessCheckerTest extends TestCase {
     }
 
     private Account getTestAccount() {
-        return new AccountVO("some name", 1L, "network-domain", (short)0, "some-uuid");
+        return new AccountVO("some name", 1L, "network-domain", Account.Type.NORMAL, "some-uuid");
     }
 
     private Role getTestRole() {
@@ -103,7 +103,7 @@ public class DynamicRoleBasedAPIAccessCheckerTest extends TestCase {
 
     @Test
     public void testDefaultRootAdminAccess() {
-        Mockito.when(accountService.getAccount(Mockito.anyLong())).thenReturn(new AccountVO("root admin", 1L, null, (short)1, "some-uuid"));
+        Mockito.when(accountService.getAccount(Mockito.anyLong())).thenReturn(new AccountVO("root admin", 1L, null, Account.Type.ADMIN, "some-uuid"));
         Mockito.when(roleService.findRole(Mockito.anyLong())).thenReturn(new RoleVO(1L, "SomeRole", RoleType.Admin, "default root admin role"));
         assertTrue(apiAccessChecker.checkAccess(getTestUser(), "anyApi"));
     }

plugins/api/rate-limit/src/test/java/org/apache/cloudstack/ratelimit/ApiRateLimitTest.java

@@ -67,7 +67,7 @@ public static void setUp() throws ConfigurationException {
 
         // Standard responses
         AccountVO acct = new AccountVO(s_acctIdSeq);
-        acct.setType(Account.ACCOUNT_TYPE_NORMAL);
+        acct.setType(Account.Type.NORMAL);
         acct.setAccountName("demo");
         s_testAccount = acct;
 

plugins/database/quota/src/main/java/org/apache/cloudstack/api/command/QuotaSummaryCmd.java

@@ -23,7 +23,6 @@ import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListCmd;
 import org.apache.cloudstack.api.Parameter;
-import org.apache.cloudstack.api.BaseCmd.CommandType;
 import org.apache.cloudstack.api.response.DomainResponse;
 import org.apache.cloudstack.api.response.ListResponse;
 import org.apache.cloudstack.api.response.QuotaResponseBuilder;
@@ -60,7 +59,7 @@ public class QuotaSummaryCmd extends BaseListCmd {
     public void execute() {
         Account caller = CallContext.current().getCallingAccount();
         Pair<List<QuotaSummaryResponse>, Integer> responses;
-        if (caller.getType() == Account.ACCOUNT_TYPE_ADMIN) { //admin account
+        if (caller.getType() == Account.Type.ADMIN) {
             if (getAccountName() != null && getDomainId() != null)
                 responses = _responseBuilder.createQuotaSummaryResponse(getAccountName(), getDomainId());
             else

plugins/database/quota/src/main/java/org/apache/cloudstack/api/response/QuotaResponseBuilderImpl.java

@@ -434,12 +434,12 @@ public class QuotaResponseBuilderImpl implements QuotaResponseBuilder {
         _quotaService.saveQuotaAccount(account, currentAccountBalance, despositedOn);
         if (lockAccountEnforcement) {
             if (currentAccountBalance.compareTo(new BigDecimal(0)) >= 0) {
-                if (account.getState() == Account.State.locked) {
+                if (account.getState() == Account.State.LOCKED) {
                     s_logger.info("UnLocking account " + account.getAccountName() + " , due to positive balance " + currentAccountBalance);
                     _accountMgr.enableAccount(account.getAccountName(), domainId, accountId);
                 }
             } else { // currentAccountBalance < 0 then lock the account
-                if (_quotaManager.isLockable(account) && account.getState() == Account.State.enabled && enforce) {
+                if (_quotaManager.isLockable(account) && account.getState() == Account.State.ENABLED && enforce) {
                     s_logger.info("Locking account " + account.getAccountName() + " , due to negative balance " + currentAccountBalance);
                     _accountMgr.lockAccount(account.getAccountName(), domainId, accountId);
                 }

plugins/database/quota/src/test/java/org/apache/cloudstack/api/response/QuotaResponseBuilderImplTest.java

@@ -152,7 +152,7 @@ public class QuotaResponseBuilderImplTest extends TestCase {
         Mockito.when(quotaService.computeAdjustedTime(Mockito.any(Date.class))).thenReturn(new Date());
 
         AccountVO account = new AccountVO();
-        account.setState(Account.State.locked);
+        account.setState(Account.State.LOCKED);
         Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(account);
 
         QuotaCreditsResponse resp = quotaResponseBuilder.addQuotaCredits(accountId, domainId, amount, updatedBy, true);

plugins/dedicated-resources/src/test/java/org/apache/cloudstack/dedicated/manager/DedicatedApiUnitTest.java

@@ -115,7 +115,7 @@ public class DedicatedApiUnitTest {
     @Before
     public void setUp() {
         ComponentContext.initComponentsLifeCycle();
-        AccountVO account = new AccountVO(accountName, domainId, "networkDomain", Account.ACCOUNT_TYPE_NORMAL, "uuid");
+        AccountVO account = new AccountVO(accountName, domainId, "networkDomain", Account.Type.NORMAL, "uuid");
         DomainVO domain = new DomainVO("rootDomain", 5L, 5L, "networkDomain");
 
         UserVO user = new UserVO(1, "testuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);

plugins/deployment-planners/implicit-dedication/src/test/java/org/apache/cloudstack/implicitplanner/ImplicitPlannerTest.java

@@ -164,7 +164,7 @@ public class ImplicitPlannerTest {
     public void setUp() {
         ComponentContext.initComponentsLifeCycle();
 
-        acct.setType(Account.ACCOUNT_TYPE_NORMAL);
+        acct.setType(Account.Type.NORMAL);
         acct.setAccountName("user1");
         acct.setDomainId(domainId);
         acct.setId(accountId);

plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/manager/BaremetalVlanManagerImpl.java

@@ -37,13 +37,13 @@ import com.cloud.user.dao.UserDao;
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.db.QueryBuilder;
 import com.cloud.utils.db.SearchCriteria;
-import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.exception.CloudRuntimeException;
-import com.cloud.vm.VirtualMachineProfile;
+import com.cloud.vm.VirtualMachineProfile;
-import com.google.gson.Gson;
+import com.google.gson.Gson;
-import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.acl.RoleType;
-import org.apache.cloudstack.api.AddBaremetalRctCmd;
+import org.apache.cloudstack.api.AddBaremetalRctCmd;
-import org.apache.cloudstack.api.DeleteBaremetalRctCmd;
+import org.apache.cloudstack.api.DeleteBaremetalRctCmd;
-import org.apache.cloudstack.api.ListBaremetalRctCmd;
+import org.apache.cloudstack.api.ListBaremetalRctCmd;
 import org.apache.cloudstack.utils.baremetal.BaremetalUtils;
 import org.springframework.web.client.RestTemplate;
 
@@ -237,28 +237,28 @@ public class BaremetalVlanManagerImpl extends ManagerBase implements BaremetalVl
     @Override
     public boolean start() {
         QueryBuilder<AccountVO> acntq = QueryBuilder.create(AccountVO.class);
-        acntq.and(acntq.entity().getAccountName(), SearchCriteria.Op.EQ, BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
+        acntq.and(acntq.entity().getAccountName(), SearchCriteria.Op.EQ, BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
         AccountVO acnt = acntq.find();
         if (acnt != null) {
             return true;
         }
 
         acnt = new AccountVO();
-        acnt.setAccountName(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
+        acnt.setAccountName(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
-        acnt.setUuid(UUID.randomUUID().toString());
+        acnt.setUuid(UUID.randomUUID().toString());
-        acnt.setState(Account.State.enabled);
+        acnt.setState(Account.State.ENABLED);
-        acnt.setDomainId(1);
+        acnt.setDomainId(1);
-        acnt.setType(RoleType.User.getAccountType());
+        acnt.setType(RoleType.User.getAccountType());
-        acnt.setRoleId(RoleType.User.getId());
+        acnt.setRoleId(RoleType.User.getId());
-        acnt = acntDao.persist(acnt);
+        acnt = acntDao.persist(acnt);
-
+
-        UserVO user = new UserVO();
+        UserVO user = new UserVO();
-        user.setState(Account.State.enabled);
+        user.setState(Account.State.ENABLED);
         user.setUuid(UUID.randomUUID().toString());
         user.setAccountId(acnt.getAccountId());
-        user.setUsername(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
+        user.setUsername(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
-        user.setFirstname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
+        user.setFirstname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
-        user.setLastname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
+        user.setLastname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
         user.setPassword(UUID.randomUUID().toString());
         user.setSource(User.Source.UNKNOWN);
         user = userDao.persist(user);

plugins/hypervisors/vmware/src/test/java/com/cloud/hypervisor/vmware/VmwareDatacenterApiUnitTest.java

@@ -181,7 +181,7 @@ public class VmwareDatacenterApiUnitTest {
         podId = 1L;
 
         AccountVO acct = new AccountVO(200L);
-        acct.setType(Account.ACCOUNT_TYPE_ADMIN);
+        acct.setType(Account.Type.ADMIN);
         acct.setAccountName("admin");
         acct.setDomainId(domainId);
 

plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImpl.java

@@ -529,7 +529,7 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
             response.setKubernetesVersionName(version.getName());
         }
         Account account = ApiDBUtils.findAccountById(kubernetesCluster.getAccountId());
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
             response.setProjectId(project.getUuid());
             response.setProjectName(project.getName());

plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/version/KubernetesVersionServiceTest.java

@@ -149,7 +149,7 @@ public class KubernetesVersionServiceTest {
         AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
         when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
         when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         CallContext.register(user, account);
         when(cmd.getSemanticVersion()).thenReturn("1.1.1");
@@ -161,7 +161,7 @@ public class KubernetesVersionServiceTest {
         AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
         when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU-1);
         when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
         CallContext.register(user, account);
@@ -173,7 +173,7 @@ public class KubernetesVersionServiceTest {
         AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
         when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
         when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE-10);
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
         CallContext.register(user, account);
@@ -185,7 +185,7 @@ public class KubernetesVersionServiceTest {
         AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
         when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
         when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
         CallContext.register(user, account);
@@ -196,7 +196,7 @@ public class KubernetesVersionServiceTest {
     @Test
     public void addKubernetesSupportedVersionIsoUrlTest() throws ResourceAllocationException, NoSuchFieldException {
         AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         CallContext.register(user, account);
         when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
@@ -204,7 +204,7 @@ public class KubernetesVersionServiceTest {
         when(cmd.getChecksum()).thenReturn(null);
         when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
         when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
-        Account systemAccount =  new AccountVO("system", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        Account systemAccount =  new AccountVO("system", 1L, "", Account.Type.ADMIN, "uuid");
         when(accountManager.getSystemAccount()).thenReturn(systemAccount);
         PowerMockito.mockStatic(ComponentContext.class);
         when(ComponentContext.inject(Mockito.any(RegisterIsoCmd.class))).thenReturn(new RegisterIsoCmd());
@@ -218,7 +218,7 @@ public class KubernetesVersionServiceTest {
     @Test(expected = CloudRuntimeException.class)
     public void deleteKubernetesSupportedVersionExistingClustersTest() {
         DeleteKubernetesSupportedVersionCmd cmd = Mockito.mock(DeleteKubernetesSupportedVersionCmd.class);
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         CallContext.register(user, account);
         when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));
@@ -231,7 +231,7 @@ public class KubernetesVersionServiceTest {
     @Test
     public void deleteKubernetesSupportedVersionTest() {
         DeleteKubernetesSupportedVersionCmd cmd = Mockito.mock(DeleteKubernetesSupportedVersionCmd.class);
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         CallContext.register(user, account);
         when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));
@@ -249,7 +249,7 @@ public class KubernetesVersionServiceTest {
     public void updateKubernetesSupportedVersionTest() {
         UpdateKubernetesSupportedVersionCmd cmd = Mockito.mock(UpdateKubernetesSupportedVersionCmd.class);
         when(cmd.getState()).thenReturn(KubernetesSupportedVersion.State.Disabled.toString());
-        AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
+        AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
         UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
         CallContext.register(user, account);
         when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));

plugins/network-elements/globodns/src/test/java/com/globo/globodns/cloudstack/element/GloboDnsElementTest.java

@@ -111,7 +111,7 @@ public class GloboDnsElementTest {
         ComponentContext.initComponentsLifeCycle();
 
         acct = new AccountVO(200L);
-        acct.setType(Account.ACCOUNT_TYPE_NORMAL);
+        acct.setType(Account.Type.NORMAL);
         acct.setAccountName("user");
         acct.setDomainId(domainId);
 

plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/ContrailManagerImpl.java

@@ -438,7 +438,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
     @Override
     public String getProjectName(long accountId) {
         Account account = _accountDao.findById(accountId);
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             ProjectVO project = _projectDao.findByProjectAccountId(account.getId());
             if (project != null) {
                 return project.getName();
@@ -455,7 +455,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
 
     private ProjectVO getProject(long accountId) {
         Account account = _accountDao.findById(accountId);
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             return _projectDao.findByProjectAccountId(account.getId());
         }
         return null;

plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/ServiceManagerImpl.java

@@ -239,7 +239,7 @@ public class ServiceManagerImpl implements ServiceManager {
         response.setId(vm.getUuid());
         Account owner = _accountService.getAccount(vm.getAccountId());
 
-        if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (owner.getType() == Account.Type.PROJECT) {
             Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(owner.getAccountId());
             response.setProjectId(project.getUuid());
             response.setProjectName(project.getName());

plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java

@@ -150,7 +150,7 @@ public class MockAccountManager extends ManagerBase implements AccountManager {
     }
 
     @Override
-    public UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, short accountType, Long roleId,
+    public UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, Account.Type accountType, Long roleId,
                                          Long domainId, String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source) {
         // TODO Auto-generated method stub
         return null;
@@ -404,7 +404,7 @@ public class MockAccountManager extends ManagerBase implements AccountManager {
     }
 
     @Override
-    public Account createAccount(String accountName, short accountType, Long roleId, Long domainId, String networkDomain, Map<String, String> details, String uuid) {
+    public Account createAccount(String accountName, Account.Type accountType, Long roleId, Long domainId, String networkDomain, Map<String, String> details, String uuid) {
         final AccountVO account = new AccountVO(accountName, domainId, networkDomain, accountType, roleId, uuid);
         Transaction.execute(new TransactionCallbackNoReturn() {
             @Override

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapCreateAccountCmd.java

@@ -56,8 +56,8 @@ public class LdapCreateAccountCmd extends BaseCmd {
     @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "Creates the user under the specified account. If no account is specified, the username will be used as the account name.")
     private String accountName;
 
-    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
+    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
-    private Short accountType;
+    private Integer accountType;
 
     @Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
     private Long roleId;
@@ -105,12 +105,15 @@ public class LdapCreateAccountCmd extends BaseCmd {
         }
     }
 
-    public Short getAccountType() {
+    public Account.Type getAccountType() {
-        return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
+        if (accountType == null) {
+            return RoleType.getAccountTypeByRole(roleService.findRole(roleId), null);
+        }
+        return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType.intValue()));
     }
 
     public Long getRoleId() {
-        return RoleType.getRoleByAccountType(roleId, accountType);
+        return RoleType.getRoleByAccountType(roleId, getAccountType());
     }
 
     private String getAccountName() {

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapImportUsersCmd.java

@@ -68,8 +68,8 @@ public class LdapImportUsersCmd extends BaseListCmd {
     @Parameter(name = ApiConstants.TIMEZONE, type = CommandType.STRING, description = "Specifies a timezone for this command. For more information on the timezone parameter, see Time Zone Format.")
     private String timezone;
 
-    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, description = "Type of the account.  Specify 0 for user, 1 for root admin, and 2 for domain admin")
+    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, description = "Type of the account.  Specify 0 for user, 1 for root admin, and 2 for domain admin")
-    private Short accountType;
+    private Integer accountType;
 
     @Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
     private Long roleId;
@@ -167,12 +167,15 @@ public class LdapImportUsersCmd extends BaseListCmd {
         setResponseObject(response);
     }
 
-    public Short getAccountType() {
+    public Account.Type getAccountType() {
-        return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
+        if (accountType == null) {
+            return RoleType.getAccountTypeByRole(roleService.findRole(roleId), null);
+        }
+        return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType.intValue()));
     }
 
     public Long getRoleId() {
-        return RoleType.getRoleByAccountType(roleId, accountType);
+        return RoleType.getRoleByAccountType(roleId, getAccountType());
     }
 
     private String getAccountName(LdapUser user) {

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmd.java

@@ -61,9 +61,9 @@ public class LinkAccountToLdapCmd extends BaseCmd {
     @Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ")
     private String admin;
 
-    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for "
+    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for "
             + "domain admin")
-    private short accountType;
+    private int accountType;
 
     @Inject
     private LdapManager _ldapManager;
@@ -84,7 +84,7 @@ public class LinkAccountToLdapCmd extends BaseCmd {
                     if (account == null) {
                         try {
                             UserAccount userAccount = _accountService
-                                    .createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(),
+                                    .createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.Type.DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(),
                                             UUID.randomUUID().toString(), User.Source.LDAP);
                             response.setAdminId(String.valueOf(userAccount.getAccountId()));
                             LOGGER.info("created an account with name " + admin + " in the given domain " + domainId);
@@ -136,7 +136,7 @@ public class LinkAccountToLdapCmd extends BaseCmd {
         return admin;
     }
 
-    public short getAccountType() {
+    public Account.Type getAccountType() {
-        return accountType;
+        return Account.Type.getFromValue(accountType);
     }
 }

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java

@@ -64,9 +64,9 @@ public class LinkDomainToLdapCmd extends BaseCmd {
     @Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ")
     private String admin;
 
-    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for " +
+    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for " +
         "domain admin")
-    private short accountType;
+    private int accountType;
 
     @Inject
     private LdapManager _ldapManager;
@@ -87,8 +87,8 @@ public class LinkDomainToLdapCmd extends BaseCmd {
         return admin;
     }
 
-    public short getAccountType() {
+    public Account.Type getAccountType() {
-        return accountType;
+        return Account.Type.getFromValue(accountType);
     }
 
 
@@ -108,7 +108,7 @@ public class LinkDomainToLdapCmd extends BaseCmd {
                     if (account == null) {
                         try {
                             UserAccount userAccount = _accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null,
-                                    admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
+                                    admin, Account.Type.DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
                             response.setAdminId(String.valueOf(userAccount.getAccountId()));
                             s_logger.info("created an account with name " + admin + " in the given domain " + domainId);
                         } catch (Exception e) {

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/response/LinkAccountToLdapResponse.java

@@ -39,7 +39,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
 
     @SerializedName(ApiConstants.ACCOUNT_TYPE)
     @Param(description = "Type of the account to auto import")
-    private short accountType;
+    private int accountType;
 
     @SerializedName(ApiConstants.ACCOUNT_ID)
     @Param(description = "Domain Admin accountId that is created")
@@ -50,7 +50,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
     private String accountName;
 
 
-    public LinkAccountToLdapResponse(String domainId, String type, String ldapDomain, short accountType, String adminId, String accountName) {
+    public LinkAccountToLdapResponse(String domainId, String type, String ldapDomain, int accountType, String adminId, String accountName) {
         this.domainId = domainId;
         this.type = type;
         this.ldapDomain = ldapDomain;
@@ -71,7 +71,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
         return type;
     }
 
-    public short getAccountType() {
+    public Integer getAccountType() {
         return accountType;
     }
 

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java

@@ -44,13 +44,13 @@ public class LinkDomainToLdapResponse extends BaseResponse {
 
     @SerializedName(ApiConstants.ACCOUNT_TYPE)
     @Param(description = "Type of the account to auto import")
-    private short accountType;
+    private int accountType;
 
     @SerializedName(ApiConstants.ACCOUNT_ID)
     @Param(description = "Domain Admin accountId that is created")
     private String adminId;
 
-    public LinkDomainToLdapResponse(String domainId, String type, String ldapDomain, short accountType) {
+    public LinkDomainToLdapResponse(String domainId, String type, String ldapDomain, int accountType) {
         this.domainId = domainId;
         this.name = ldapDomain;
         this.ldapDomain = ldapDomain;
@@ -70,7 +70,7 @@ public class LinkDomainToLdapResponse extends BaseResponse {
         return type;
     }
 
-    public short getAccountType() {
+    public int getAccountType() {
         return accountType;
     }
 

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapAuthenticator.java

@@ -227,7 +227,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
         Pair<Boolean, ActionOnFailedAuthentication> rc = new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
         try {
             LdapUser ldapUser = _ldapManager.getUser(username, ldapTrustMapVO.getType().toString(), ldapTrustMapVO.getName(), domainId);
-            final short accountType = ldapTrustMapVO.getAccountType();
+            final Account.Type accountType = ldapTrustMapVO.getAccountType();
             processLdapUser(password, domainId, user, rc, ldapUser, accountType);
         } catch (NoLdapUserMatchingQueryException e) {
             LOGGER.debug(e.getMessage());
@@ -237,7 +237,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
         return rc;
     }
 
-    private void processLdapUser(String password, Long domainId, UserAccount user, Pair<Boolean, ActionOnFailedAuthentication> rc, LdapUser ldapUser, short accountType) {
+    private void processLdapUser(String password, Long domainId, UserAccount user, Pair<Boolean, ActionOnFailedAuthentication> rc, LdapUser ldapUser, Account.Type accountType) {
         if(!ldapUser.isDisabled()) {
             rc.first(_ldapManager.canAuthenticate(ldapUser.getPrincipal(), password, domainId));
             if(rc.first()) {
@@ -289,12 +289,12 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
     }
 
     private void enableUserInCloudStack(UserAccount user) {
-        if(user != null && (user.getState().equalsIgnoreCase(Account.State.disabled.toString()))) {
+        if(user != null && (user.getState().equalsIgnoreCase(Account.State.DISABLED.toString()))) {
             _accountManager.enableUser(user.getId());
         }
     }
 
-    private void createCloudStackUserAccount(LdapUser user, long domainId, short accountType) {
+    private void createCloudStackUserAccount(LdapUser user, long domainId, Account.Type accountType) {
         String username = user.getUsername();
         _accountManager.createUserAccount(username, "", user.getFirstname(), user.getLastname(), user.getEmail(), null, username,
                                           accountType, RoleType.getByAccountType(accountType).getId(), domainId, null, null,

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java

@@ -378,12 +378,12 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
         return linkDomainToLdap(cmd.getDomainId(),cmd.getType(), ldapDomain,cmd.getAccountType());
     }
 
-    private LinkDomainToLdapResponse linkDomainToLdap(Long domainId, String type, String name, short accountType) {
+    private LinkDomainToLdapResponse linkDomainToLdap(Long domainId, String type, String name, Account.Type accountType) {
         Validate.notNull(type, "type cannot be null. It should either be GROUP or OU");
         Validate.notNull(domainId, "domainId cannot be null.");
         Validate.notEmpty(name, "GROUP or OU name cannot be empty");
         //Account type should be 0 or 2. check the constants in com.cloud.user.Account
-        Validate.isTrue(accountType==0 || accountType==2, "accountype should be either 0(normal user) or 2(domain admin)");
+        Validate.isTrue(accountType== Account.Type.NORMAL || accountType== Account.Type.DOMAIN_ADMIN, "accountype should be either 0(normal user) or 2(domain admin)");
         LinkType linkType = LdapManager.LinkType.valueOf(type.toUpperCase());
         LdapTrustMapVO vo = _ldapTrustMapDao.persist(new LdapTrustMapVO(domainId, linkType, name, accountType, 0));
         DomainVO domain = domainDao.findById(vo.getDomainId());
@@ -393,7 +393,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
         } else {
             domainUuid = domain.getUuid();
         }
-        LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType());
+        LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType().ordinal());
         return response;
     }
 
@@ -443,7 +443,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             domainUuid = domain.getUuid();
         }
 
-        LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType(), account.getUuid(), cmd.getAccountName());
+        LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType().ordinal(), account.getUuid(), cmd.getAccountName());
         return response;
     }
 

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapTrustMapVO.java

@@ -18,15 +18,18 @@
  */
 package org.apache.cloudstack.ldap;
 
+import com.cloud.user.Account;
+import org.apache.cloudstack.api.InternalIdentity;
+
 import javax.persistence.Column;
 import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
 import javax.persistence.GeneratedValue;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
-import org.apache.cloudstack.api.InternalIdentity;
-
 @Entity
 @Table(name = "ldap_trust_map")
 public class LdapTrustMapVO implements InternalIdentity {
@@ -49,13 +52,14 @@ public class LdapTrustMapVO implements InternalIdentity {
     private long accountId;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
 
     public LdapTrustMapVO() {
     }
 
-    public LdapTrustMapVO(long domainId, LdapManager.LinkType type, String name, short accountType, long accountId) {
+    public LdapTrustMapVO(long domainId, LdapManager.LinkType type, String name, Account.Type accountType, long accountId) {
         this.domainId = domainId;
         this.type = type;
         this.name = name;
@@ -80,7 +84,7 @@ public class LdapTrustMapVO implements InternalIdentity {
         return domainId;
     }
 
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 
@@ -121,7 +125,7 @@ public class LdapTrustMapVO implements InternalIdentity {
         result = 31 * result + name.hashCode();
         result = 31 * result + (int) (domainId ^ (domainId >>> 32));
         result = 31 * result + (int) (accountId ^ (accountId >>> 32));
-        result = 31 * result + (int) accountType;
+        result = 31 * result + accountType.ordinal();
         return result;
     }
 }

plugins/user-authenticators/ldap/src/test/groovy/org/apache/cloudstack/ldap/LdapAuthenticatorSpec.groovy

@@ -204,7 +204,7 @@ class LdapAuthenticatorSpec extends spock.lang.Specification {
         UserAccount userAccount = Mock(UserAccount)
         userAccountDao.getUserAccount(username, domainId) >> userAccount
         userAccount.getId() >> 1
-        userAccount.getState() >> Account.State.disabled.toString()
+        userAccount.getState() >> Account.State.DISABLED.toString()
         ldapManager.getDomainLinkedToLdap(domainId) >> new LdapTrustMapVO(domainId, type, name, (short)2)
         ldapManager.getUser(username, type.toString(), name) >> new LdapUser(username, "email", "firstname", "lastname", "principal", "domain", false, null)
         ldapManager.canAuthenticate(_, _, _) >> true

plugins/user-authenticators/ldap/src/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy

@@ -143,7 +143,7 @@ class LinkDomainToLdapCmdSpec extends Specification {
         _accountService.getActiveAccountByName(username, domainId) >> null
         UserAccount userAccount = Mock(UserAccount)
         userAccount.getAccountId() >> 24
-        _accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
+        _accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.Type.DOMAIN_ADMIN, domainId,
                 username, null, _, _, User.Source.LDAP) >> userAccount
 
         linkDomainToLdapCmd.admin = username
@@ -209,7 +209,7 @@ class LinkDomainToLdapCmdSpec extends Specification {
         _accountService.getActiveAccountByName(username, domainId) >> null
         UserAccount userAccount = Mock(UserAccount)
         userAccount.getAccountId() >> 24
-        _accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
+        _accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.Type.DOMAIN_ADMIN, domainId,
                 username, null, _, _, User.Source.LDAP) >> { throw new RuntimeException("created failed from mock") }
 
         linkDomainToLdapCmd.admin = username

plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LdapCreateAccountCmdTest.java

@@ -50,7 +50,7 @@ public class LdapCreateAccountCmdTest implements LdapConfigurationChanger {
     public void setUp() throws NoSuchFieldException, IllegalAccessException {
         ldapCreateAccountCmd = spy(new LdapCreateAccountCmd(ldapManager, accountService));
         ldapCreateAccountCmd.roleService = roleService;
-        setHiddenField(ldapCreateAccountCmd,"accountType", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
+        setHiddenField(ldapCreateAccountCmd,"accountType", Account.Type.DOMAIN_ADMIN.ordinal());
     }
 
     @Test(expected = ServerApiException.class)

plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LdapImportUsersCmdTest.java

@@ -60,7 +60,7 @@ public class LdapImportUsersCmdTest implements LdapConfigurationChanger {
     public void setUp() throws NoSuchFieldException, IllegalAccessException {
         ldapImportUsersCmd = spy(new LdapImportUsersCmd(ldapManager, domainService, accountService));
         ldapImportUsersCmd.roleService = roleService;
-        setHiddenField(ldapImportUsersCmd, "accountType", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
+        setHiddenField(ldapImportUsersCmd, "accountType", Account.Type.DOMAIN_ADMIN.ordinal());
     }
 
     @Test

plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmdTest.java

@@ -60,7 +60,7 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
         long domainId = 1;
         String type = "GROUP";
         String ldapDomain = "CN=test,DC=ccp,DC=Citrix,DC=com";
-        short accountType = Account.ACCOUNT_TYPE_DOMAIN_ADMIN;
+        Account.Type accountType = Account.Type.DOMAIN_ADMIN;
         String username = "admin";
         long accountId = 24;
         String accountName = "test";
@@ -69,11 +69,11 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
         setHiddenField(linkAccountToLdapCmd, "admin", username);
         setHiddenField(linkAccountToLdapCmd, "type", type);
         setHiddenField(linkAccountToLdapCmd, "domainId", domainId);
-        setHiddenField(linkAccountToLdapCmd, "accountType", accountType);
+        setHiddenField(linkAccountToLdapCmd, "accountType", accountType.ordinal());
         setHiddenField(linkAccountToLdapCmd, "accountName", accountName);
 
 
-        LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(String.valueOf(domainId), type, ldapDomain, (short)accountType, username, accountName);
+        LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(String.valueOf(domainId), type, ldapDomain, accountType.ordinal(), username, accountName);
         when(ldapManager.linkAccountToLdap(linkAccountToLdapCmd)).thenReturn(response);
         when(ldapManager.getUser(username, type, ldapDomain, 1L))
                 .thenReturn(new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", ldapDomain, "ccp", false, null));
@@ -82,7 +82,7 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
         UserAccountVO userAccount =  new UserAccountVO();
         userAccount.setAccountId(24);
         when(accountService.createUserAccount(eq(username), eq(""), eq("Admin"), eq("Admin"), eq("admin@ccp.citrix.com"), isNull(String.class),
-                eq(username), eq(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
+                eq(username), eq(Account.Type.DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
                 (java.util.Map<String,String>)isNull(), anyString(), anyString(), eq(User.Source.LDAP))).thenReturn(userAccount);
 
         linkAccountToLdapCmd.execute();

plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LinkDomainToLdapCmdTest.java

@@ -64,16 +64,16 @@ public class LinkDomainToLdapCmdTest implements LdapConfigurationChanger
         Long domainId = 1L;
         String type = "GROUP";
         String ldapDomain = "CN=test,DC=ccp,DC=Citrix,DC=com";
-        short accountType = Account.ACCOUNT_TYPE_DOMAIN_ADMIN;
+        Account.Type accountType = Account.Type.DOMAIN_ADMIN;
         String username = "admin";
         long accountId = 24;
         setHiddenField(linkDomainToLdapCmd, "ldapDomain", ldapDomain);
         setHiddenField(linkDomainToLdapCmd, "admin", username);
         setHiddenField(linkDomainToLdapCmd, "type", type);
         setHiddenField(linkDomainToLdapCmd, "domainId", domainId);
-        setHiddenField(linkDomainToLdapCmd, "accountType", accountType);
+        setHiddenField(linkDomainToLdapCmd, "accountType", accountType.ordinal());
 
-        LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, ldapDomain, (short)accountType);
+        LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, ldapDomain, accountType.ordinal());
         when(ldapManager.linkDomainToLdap(linkDomainToLdapCmd)).thenReturn(response);
         when(ldapManager.getUser(username, type, ldapDomain, 1L)).thenReturn(new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", ldapDomain, "ccp", false, null));
 
@@ -81,7 +81,7 @@ public class LinkDomainToLdapCmdTest implements LdapConfigurationChanger
         UserAccountVO userAccount =  new UserAccountVO();
         userAccount.setAccountId(24);
         when(accountService.createUserAccount(eq(username), eq(""), eq("Admin"), eq("Admin"), eq("admin@ccp.citrix.com"), isNull(String.class),
-                eq(username), eq(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
+                eq(username), eq(Account.Type.DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
                 (java.util.Map<String,String>)isNull(), anyString(), anyString(), eq(User.Source.LDAP))).thenReturn(userAccount);
 
 

plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/ldap/LdapAuthenticatorTest.java

@@ -20,6 +20,7 @@ package org.apache.cloudstack.ldap;
 import com.cloud.server.auth.UserAuthenticator;
 import com.cloud.user.AccountManager;
 import com.cloud.user.AccountVO;
+import com.cloud.user.Account;
 import com.cloud.user.User;
 import com.cloud.user.UserAccount;
 import com.cloud.user.UserAccountVO;
@@ -109,9 +110,9 @@ public class LdapAuthenticatorTest {
         LdapAuthenticator auth = spy(ldapAuthenticator);
         when(auth.getMappedGroups(maps)).thenReturn(mappedGroups);
 
-        LdapTrustMapVO trustMap = new LdapTrustMapVO(domainId, LdapManager.LinkType.GROUP, "cn=name", (short)2, 1l);
+        LdapTrustMapVO trustMap = new LdapTrustMapVO(domainId, LdapManager.LinkType.GROUP, "cn=name", Account.Type.DOMAIN_ADMIN, 1l);
 
-        AccountVO account = new AccountVO("accountName" , domainId, "domain.net", (short)2, "final String uuid");
+        AccountVO account = new AccountVO("accountName" , domainId, "domain.net", Account.Type.DOMAIN_ADMIN, "final String uuid");
         when(accountManager.getAccount(anyLong())).thenReturn(account);
         when(ldapManager.getUser(username, domainId)).thenReturn(userSpy);
         when(ldapManager.getLinkedLdapGroup(domainId, "g1")).thenReturn(trustMap);

plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java

@@ -112,7 +112,7 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements APIAuthent
 
     @Override
     public long getEntityOwnerId() {
-        return Account.ACCOUNT_TYPE_NORMAL;
+        return Account.Type.NORMAL.ordinal();
     }
 
     @Override

plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java

@@ -134,13 +134,13 @@ public class ListAndSwitchSAMLAccountCmd extends BaseCmd implements APIAuthentic
             final User user = _userDao.findByUuid(userUuid);
             final Domain domain = _domainDao.findByUuid(domainUuid);
             final UserAccount nextUserAccount = _accountService.getUserAccountById(user.getId());
-            if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
+            if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.ENABLED.toString())) {
                 throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
                         "The requested user account is locked and cannot be switched to, please contact your administrator.",
                         params, responseType));
             }
             if (nextUserAccount == null
-                    || !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())
+                    || !nextUserAccount.getAccountState().equals(Account.State.ENABLED.toString())
                     || !nextUserAccount.getUsername().equals(currentUserAccount.getUsername())
                     || !nextUserAccount.getExternalEntity().equals(currentUserAccount.getExternalEntity())
                     || (nextUserAccount.getDomainId() != domain.getId())

plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/ListIdpsCmd.java

@@ -62,7 +62,7 @@ public class ListIdpsCmd extends BaseCmd implements APIAuthenticator {
 
     @Override
     public long getEntityOwnerId() {
-        return Account.ACCOUNT_TYPE_NORMAL;
+        return Account.Type.NORMAL.ordinal();
     }
 
     @Override

plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/ListSamlAuthorizationCmd.java

@@ -77,7 +77,7 @@ public class ListSamlAuthorizationCmd extends BaseListCmd {
                 _accountService.checkAccess(CallContext.current().getCallingAccount(), SecurityChecker.AccessType.ListEntry, true, account);
                 users.add(user);
             }
-        } else if (CallContext.current().getCallingAccount().getType() == Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (CallContext.current().getCallingAccount().getType() == Account.Type.ADMIN) {
             users = _userDao.listAll();
         }
 

plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java

@@ -122,7 +122,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
 
     @Override
     public long getEntityOwnerId() {
-        return Account.ACCOUNT_TYPE_NORMAL;
+        return Account.Type.NORMAL.ordinal();
     }
 
     @Override
@@ -303,7 +303,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
                     // Log into the first enabled user account
                     // Users can switch to other allowed accounts later
                     for (UserAccountVO possibleUserAccount : possibleUserAccounts) {
-                        if (possibleUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
+                        if (possibleUserAccount.getAccountState().equals(Account.State.ENABLED.toString())) {
                             userAccount = possibleUserAccount;
                             break;
                         }

plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java

@@ -73,7 +73,7 @@ public class SAML2LogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuthen
 
     @Override
     public long getEntityOwnerId() {
-        return Account.ACCOUNT_TYPE_NORMAL;
+        return Account.Type.NORMAL.ordinal();
     }
 
     @Override

plugins/user-authenticators/saml2/src/test/java/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmdTest.java

@@ -159,7 +159,7 @@ public class ListAndSwitchSAMLAccountCmdTest extends TestCase {
         // valid sessionkey, invalid useraccount type (non-saml) value test
         UserAccountVO mockedUserAccount = new UserAccountVO();
         mockedUserAccount.setId(2L);
-        mockedUserAccount.setAccountState(Account.State.enabled.toString());
+        mockedUserAccount.setAccountState(Account.State.ENABLED.toString());
         mockedUserAccount.setUsername("someUsername");
         mockedUserAccount.setExternalEntity("some IDP ID");
         mockedUserAccount.setDomainId(0L);

server/src/main/java/com/cloud/acl/DomainChecker.java

@@ -104,7 +104,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
 
     @Override
     public boolean checkAccess(Account caller, Domain domain) throws PermissionDeniedException {
-        if (caller.getState() != Account.State.enabled) {
+        if (caller.getState() != Account.State.ENABLED) {
             throw new PermissionDeniedException("Account " + caller.getAccountName() + " is disabled.");
         }
 
@@ -147,7 +147,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
                     return true;
                 }
                 //special handling for the project case
-                if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT && _projectMgr.canAccessProjectAccount(caller, owner.getId())) {
+                if (owner.getType() == Account.Type.PROJECT && _projectMgr.canAccessProjectAccount(caller, owner.getId())) {
                     return true;
                 }
 
@@ -163,7 +163,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
                 if (accessType != null && accessType == AccessType.OperateEntry) {
                     if (!_accountService.isRootAdmin(caller.getId()) && owner.getId() != caller.getId()) {
                         // For projects check if the caller account can access the project account
-                        if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT || !(_projectMgr.canAccessProjectAccount(caller, owner.getId()))) {
+                        if (owner.getType() != Account.Type.PROJECT || !(_projectMgr.canAccessProjectAccount(caller, owner.getId()))) {
                             throw new PermissionDeniedException("Domain Admin and regular users can modify only their own Public templates");
                         }
                     }
@@ -179,7 +179,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             if (_accountService.isNormalUser(caller.getId())) {
                 Account account = _accountDao.findById(entity.getAccountId());
                 String errorMessage = String.format("%s does not have permission to operate with resource", caller);
-                if (account != null && account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+                if (account != null && account.getType() == Account.Type.PROJECT) {
                     //only project owner can delete/modify the project
                     if (accessType != null && accessType == AccessType.ModifyProject) {
                         if (!_projectMgr.canModifyProjectAccount(caller, account.getId())) {
@@ -272,9 +272,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             //if account is normal user or domain admin
             //check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
             else if (_accountService.isNormalUser(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
+                    || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
                     || _accountService.isDomainAdmin(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+                    || account.getType() == Account.Type.PROJECT) {
                 final List<Long> doDomainIds = diskOfferingDetailsDao.findDomainIds(dof.getId());
                 if (doDomainIds.isEmpty()) {
                     hasAccess = true;
@@ -310,9 +310,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             //if account is normal user or domain admin
             //check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for service offering)
             else if (_accountService.isNormalUser(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
+                    || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
                     || _accountService.isDomainAdmin(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+                    || account.getType() == Account.Type.PROJECT) {
                 final List<Long> soDomainIds = serviceOfferingDetailsDao.findDomainIds(so.getId());
                 if (soDomainIds.isEmpty()) {
                     hasAccess = true;
@@ -348,9 +348,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             //if account is normal user or domain admin
             //check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
             else if (_accountService.isNormalUser(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
+                    || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
                     || _accountService.isDomainAdmin(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+                    || account.getType() == Account.Type.PROJECT) {
                 final List<Long> noDomainIds = networkOfferingDetailsDao.findDomainIds(nof.getId());
                 if (noDomainIds.isEmpty()) {
                     hasAccess = true;
@@ -386,9 +386,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             //if account is normal user or domain admin
             //check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
             else if (_accountService.isNormalUser(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
+                    || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
                     || _accountService.isDomainAdmin(account.getId())
-                    || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+                    || account.getType() == Account.Type.PROJECT) {
                 final List<Long> voDomainIds = vpcOfferingDetailsDao.findDomainIds(vof.getId());
                 if (voDomainIds.isEmpty()) {
                     hasAccess = true;
@@ -421,7 +421,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             }
             //if account is normal user
             //check if account's domain is a child of zone's domain
-            else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+            else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.Type.PROJECT) {
                 // if zone is dedicated to an account check that the accountId
                 // matches.
                 DedicatedResourceVO dedicatedZone = _dedicatedDao.findByZoneId(zone.getId());
@@ -496,19 +496,19 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             throws PermissionDeniedException {
 
         if (action != null && ("SystemCapability".equals(action))) {
-            if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {
+            if (caller != null && caller.getType() == Account.Type.ADMIN) {
                 return true;
             } else {
                 return false;
             }
         } else if (action != null && ("DomainCapability".equals(action))) {
-            if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+            if (caller != null && caller.getType() == Account.Type.DOMAIN_ADMIN) {
                 return true;
             } else {
                 return false;
             }
         } else if (action != null && ("DomainResourceCapability".equals(action))) {
-            if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
+            if (caller != null && caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
                 return true;
             } else {
                 return false;

server/src/main/java/com/cloud/api/ApiResponseHelper.java

@@ -1948,7 +1948,7 @@ public class ApiResponseHelper implements ResponseGenerator {
                 continue;
             }
 
-            if (account.getType() != Account.ACCOUNT_TYPE_PROJECT) {
+            if (account.getType() != Account.Type.PROJECT) {
                 regularAccounts.add(accountName);
             } else {
                 // convert account to projectIds
@@ -2017,7 +2017,7 @@ public class ApiResponseHelper implements ResponseGenerator {
 
             Account account = securiytGroupAccounts.get(securityGroup.getAccountId());
 
-            if (securityGroup.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
+            if (securityGroup.getAccountType() == Account.Type.PROJECT) {
                 response.setProjectId(securityGroup.getProjectUuid());
                 response.setProjectName(securityGroup.getProjectName());
             } else {
@@ -2626,7 +2626,7 @@ public class ApiResponseHelper implements ResponseGenerator {
     private void populateOwner(ControlledEntityResponse response, ControlledEntity object) {
         Account account = ApiDBUtils.findAccountById(object.getAccountId());
 
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             // find the project
             Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
             response.setProjectId(project.getUuid());
@@ -2642,7 +2642,7 @@ public class ApiResponseHelper implements ResponseGenerator {
 
     public static void populateOwner(ControlledViewEntityResponse response, ControlledViewEntity object) {
 
-        if (object.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (object.getAccountType() == Account.Type.PROJECT) {
             response.setProjectId(object.getProjectUuid());
             response.setProjectName(object.getProjectName());
         } else {
@@ -2657,7 +2657,7 @@ public class ApiResponseHelper implements ResponseGenerator {
         Account account = ApiDBUtils.findAccountById(accountId);
         if (account == null) {
             s_logger.debug("Unable to find account with id: " + accountId);
-        } else if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        } else if (account.getType() == Account.Type.PROJECT) {
             // find the project
             Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
             if (project != null) {
@@ -3519,7 +3519,7 @@ public class ApiResponseHelper implements ResponseGenerator {
     public UsageRecordResponse createUsageResponse(Usage usageRecord, Map<String, Set<ResourceTagResponse>> resourceTagResponseMap, boolean oldFormat) {
         UsageRecordResponse usageRecResponse = new UsageRecordResponse();
         Account account = ApiDBUtils.findAccountById(usageRecord.getAccountId());
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             //find the project
             Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(account.getId());
             if (project != null) {

server/src/main/java/com/cloud/api/ApiServer.java

@@ -949,7 +949,7 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
             user = userAcctPair.first();
             final Account account = userAcctPair.second();
 
-            if (user.getState() != Account.State.enabled || !account.getState().equals(Account.State.enabled)) {
+            if (user.getState() != Account.State.ENABLED || !account.getState().equals(Account.State.ENABLED)) {
                 s_logger.info("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() +
                         "; accountState: " + account.getState());
                 return false;
@@ -1123,7 +1123,7 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
                 session.setAttribute("domain_UUID", domain.getUuid());
             }
 
-            session.setAttribute("type", Short.valueOf(account.getType()).toString());
+            session.setAttribute("type", account.getType().ordinal());
             session.setAttribute("registrationtoken", userAcct.getRegistrationToken());
             session.setAttribute("registered", Boolean.toString(userAcct.isRegistered()));
 
@@ -1159,8 +1159,8 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
             account = accountMgr.getAccount(user.getAccountId());
         }
 
-        if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.enabled) || (account == null) ||
+        if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.ENABLED) || (account == null) ||
-                !account.getState().equals(Account.State.enabled)) {
+                !account.getState().equals(Account.State.ENABLED)) {
             s_logger.warn("Deleted/Disabled/Locked user with id=" + userId + " attempting to access public API");
             return false;
         }

server/src/main/java/com/cloud/api/auth/DefaultLoginAPIAuthenticatorCmd.java

@@ -98,7 +98,7 @@ public class DefaultLoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthe
 
     @Override
     public long getEntityOwnerId() {
-        return Account.ACCOUNT_TYPE_NORMAL;
+        return Account.Type.NORMAL.ordinal();
     }
 
     @Override

server/src/main/java/com/cloud/api/auth/DefaultLogoutAPIAuthenticatorCmd.java

@@ -52,7 +52,7 @@ public class DefaultLogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuth
 
     @Override
     public long getEntityOwnerId() {
-        return Account.ACCOUNT_TYPE_NORMAL;
+        return Account.Type.NORMAL.ordinal();
     }
 
     @Override

server/src/main/java/com/cloud/api/query/QueryManagerImpl.java

@@ -524,7 +524,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         boolean listAll = true;
         Long id = null;
 
-        if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+        if (caller.getType() == Account.Type.NORMAL) {
             long currentId = CallContext.current().getCallingUser().getId();
             if (id != null && currentId != id.longValue()) {
                 throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
@@ -553,7 +553,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         boolean listAll = cmd.listAll();
         Long id = cmd.getId();
-        if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+        if (caller.getType() == Account.Type.NORMAL) {
             long currentId = CallContext.current().getCallingUser().getId();
             if (id != null && currentId != id.longValue()) {
                 throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
@@ -2223,7 +2223,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             }
             _accountMgr.checkAccess(caller, domain);
         } else {
-            if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+            if (caller.getType() != Account.Type.ADMIN) {
                 domainId = caller.getDomainId();
             }
             if (listAll) {
@@ -2372,14 +2372,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         SearchCriteria<AccountJoinVO> sc = sb.create();
 
         // don't return account of type project to the end user
-        sc.setParameters("typeNEQ", Account.ACCOUNT_TYPE_PROJECT);
+        sc.setParameters("typeNEQ", Account.Type.PROJECT);
 
         // don't return system account...
         sc.setParameters("idNEQ", Account.ACCOUNT_ID_SYSTEM);
 
         // do not return account of type domain admin to the end user
         if (!callerIsAdmin) {
-            sc.setParameters("type2NEQ", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
+            sc.setParameters("type2NEQ", Account.Type.DOMAIN_ADMIN);
         }
 
         if (keyword != null) {
@@ -2474,7 +2474,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         SearchCriteria<AsyncJobJoinVO> sc = sb.create();
         if (listProjectResourcesCriteria != null) {
-            sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
+            sc.setParameters("type", Account.Type.PROJECT);
         }
 
         if (!permittedAccounts.isEmpty()) {
@@ -2927,9 +2927,9 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         // For non-root users, only return all offerings for the user's domain,
         // and everything above till root
-        if ((_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId())) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
+        if ((_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId())) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
             if (isRecursive) { // domain + all sub-domains
-                if (account.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+                if (account.getType() == Account.Type.NORMAL) {
                     throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list disk offerings with isrecursive=true");
                 }
             }
@@ -2985,7 +2985,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         // Filter offerings that are not associated with caller's domain
         // Fetch the offering ids from the details table since theres no smart way to filter them in the join ... yet!
         Account caller = CallContext.current().getCallingAccount();
-        if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        if (caller.getType() != Account.Type.ADMIN) {
             Domain callerDomain = _domainDao.findById(caller.getDomainId());
             List<Long> domainIds = findRelatedDomainIds(callerDomain, isRecursive);
 
@@ -3151,13 +3151,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         }
 
         // boolean includePublicOfferings = false;
-        if ((_accountMgr.isNormalUser(caller.getId()) || _accountMgr.isDomainAdmin(caller.getId())) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
+        if ((_accountMgr.isNormalUser(caller.getId()) || _accountMgr.isDomainAdmin(caller.getId())) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
             // For non-root users.
             if (isSystem) {
                 throw new InvalidParameterValueException("Only root admins can access system's offering");
             }
             if (isRecursive) { // domain + all sub-domains
-                if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+                if (caller.getType() == Account.Type.NORMAL) {
                     throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list service offerings with isrecursive=true");
                 }
             }
@@ -3242,7 +3242,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         // Filter offerings that are not associated with caller's domain
         // Fetch the offering ids from the details table since theres no smart way to filter them in the join ... yet!
-        if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        if (caller.getType() != Account.Type.ADMIN) {
             Domain callerDomain = _domainDao.findById(caller.getDomainId());
             List<Long> domainIds = findRelatedDomainIds(callerDomain, isRecursive);
 
@@ -3303,7 +3303,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         ListResponse<ZoneResponse> response = new ListResponse<ZoneResponse>();
 
         ResponseView respView = ResponseView.Restricted;
-        if (cmd instanceof ListZonesCmdByAdmin || CallContext.current().getCallingAccount().getType() == Account.ACCOUNT_TYPE_ADMIN) {
+        if (cmd instanceof ListZonesCmdByAdmin || CallContext.current().getCallingAccount().getType() == Account.Type.ADMIN) {
             respView = ResponseView.Full;
         }
 
@@ -3418,7 +3418,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                     sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
                 }
 
-            } else if (_accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
+            } else if (_accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
                 // it was decided to return all zones for the domain admin, and
                 // everything above till root, as well as zones till the domain
                 // leaf
@@ -3558,7 +3558,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         boolean listAll = false;
         if (templateFilter != null && templateFilter == TemplateFilter.all) {
-            if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+            if (caller.getType() == Account.Type.NORMAL) {
                 throw new InvalidParameterValueException("Filter " + TemplateFilter.all + " can be specified by admin only");
             }
             listAll = true;
@@ -3627,14 +3627,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                 ex.addProxyObject(template.getUuid(), "templateId");
                 throw ex;
             }
-            if (!template.isPublicTemplate() && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+            if (!template.isPublicTemplate() && caller.getType() == Account.Type.DOMAIN_ADMIN) {
                 Account template_acc = _accountMgr.getAccount(template.getAccountId());
                 DomainVO domain = _domainDao.findById(template_acc.getDomainId());
                 _accountMgr.checkAccess(caller, domain);
             }
 
             // if template is not public, perform permission check here
-            else if (!template.isPublicTemplate() && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+            else if (!template.isPublicTemplate() && caller.getType() != Account.Type.ADMIN) {
                 _accountMgr.checkAccess(caller, null, false, template);
             }
 
@@ -3654,14 +3654,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
             // add criteria for project or not
             if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) {
-                sc.addAnd("accountType", SearchCriteria.Op.NEQ, Account.ACCOUNT_TYPE_PROJECT);
+                sc.addAnd("accountType", SearchCriteria.Op.NEQ, Account.Type.PROJECT);
             } else if (listProjectResourcesCriteria == ListProjectResourcesCriteria.ListProjectResourcesOnly) {
-                sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.ACCOUNT_TYPE_PROJECT);
+                sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.Type.PROJECT);
             }
 
             // add criteria for domain path in case of domain admin
             if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable)
-                    && (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
+                    && (caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
                 sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domain.getPath() + "%");
             }
 
@@ -3725,7 +3725,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                     scc.addOr("accountId", SearchCriteria.Op.IN, permittedAccountIds.toArray());
                 }
                 sc.addAnd("publicTemplate", SearchCriteria.Op.SC, scc);
-            } else if (templateFilter == TemplateFilter.all && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+            } else if (templateFilter == TemplateFilter.all && caller.getType() != Account.Type.ADMIN) {
                 SearchCriteria<TemplateJoinVO> scc = _templateJoinDao.createSearchCriteria();
                 scc.addOr("publicTemplate", SearchCriteria.Op.EQ, true);
 
@@ -3900,7 +3900,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         boolean listAll = false;
         if (isoFilter != null && isoFilter == TemplateFilter.all) {
-            if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+            if (caller.getType() == Account.Type.NORMAL) {
                 throw new InvalidParameterValueException("Filter " + TemplateFilter.all + " can be specified by admin only");
             }
             listAll = true;
@@ -3941,7 +3941,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             default:
                 throw new CloudRuntimeException("Resource type not supported.");
         }
-        if (CallContext.current().getCallingAccount().getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        if (CallContext.current().getCallingAccount().getType() != Account.Type.ADMIN) {
             final List<String> userDenyListedSettings = Stream.of(QueryService.UserVMDeniedDetails.value().split(","))
                     .map(item -> (item).trim())
                     .collect(Collectors.toList());
@@ -4111,7 +4111,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             ListProjectResourcesCriteria listProjectResourcesCriteria) {
 
         if (listProjectResourcesCriteria != null) {
-            sc.setParameters("accountType", Account.ACCOUNT_TYPE_PROJECT);
+            sc.setParameters("accountType", Account.Type.PROJECT);
         }
 
         if (!permittedAccounts.isEmpty()) {

server/src/main/java/com/cloud/api/query/dao/AccountJoinDaoImpl.java

@@ -63,7 +63,7 @@ public class AccountJoinDaoImpl extends GenericDaoBase<AccountJoinVO, Long> impl
         AccountResponse accountResponse = new AccountResponse();
         accountResponse.setId(account.getUuid());
         accountResponse.setName(account.getAccountName());
-        accountResponse.setAccountType(account.getType());
+        accountResponse.setAccountType(account.getType().ordinal());
         accountResponse.setDomainId(account.getDomainUuid());
         accountResponse.setDomainName(account.getDomainName());
         StringBuilder domainPath = new StringBuilder("ROOT");

server/src/main/java/com/cloud/api/query/dao/DomainRouterJoinDaoImpl.java

@@ -105,7 +105,7 @@ public class DomainRouterJoinDaoImpl extends GenericDaoBase<DomainRouterJoinVO,
         routerResponse.setHasAnnotation(annotationDao.hasAnnotations(router.getUuid(), AnnotationService.EntityType.VR.name(),
                 _accountMgr.isRootAdmin(CallContext.current().getCallingAccount().getId())));
 
-        if (caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
+        if (caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
                 || _accountMgr.isRootAdmin(caller.getId())) {
             if (router.getHostId() != null) {
                 routerResponse.setHostId(router.getHostUuid());

server/src/main/java/com/cloud/api/query/dao/ProjectAccountJoinDaoImpl.java

@@ -57,7 +57,7 @@ public class ProjectAccountJoinDaoImpl extends GenericDaoBase<ProjectAccountJoin
         projectAccountResponse.setAccountName(proj.getAccountName());
         projectAccountResponse.setUserId(proj.getUserUuid());
         projectAccountResponse.setUsername(proj.getUsername());
-        projectAccountResponse.setAccountType(proj.getAccountType());
+        projectAccountResponse.setAccountType(proj.getAccountType().ordinal());
         projectAccountResponse.setRole(proj.getAccountRole().toString());
         projectAccountResponse.setDomainId(proj.getDomainUuid());
         projectAccountResponse.setDomainName(proj.getDomainName());

server/src/main/java/com/cloud/api/query/dao/TemplateJoinDaoImpl.java

@@ -220,7 +220,7 @@ public class TemplateJoinDaoImpl extends GenericDaoBaseWithTagInformation<Templa
         // If the user is an 'Admin' or 'the owner of template' or template belongs to a project, add the template download status
         if (view == ResponseView.Full ||
                 template.getAccountId() == CallContext.current().getCallingAccount().getId() ||
-                template.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
+                template.getAccountType() == Account.Type.PROJECT) {
             String templateStatus = getTemplateStatus(template);
             if (templateStatus != null) {
                 templateResponse.setStatus(templateStatus);

server/src/main/java/com/cloud/api/query/dao/UserVmJoinDaoImpl.java

@@ -133,7 +133,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
             userVmResponse.setDisplayName(userVm.getName());
         }
 
-        if (userVm.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (userVm.getAccountType() == Account.Type.PROJECT) {
             userVmResponse.setProjectId(userVm.getProjectUuid());
             userVmResponse.setProjectName(userVm.getProjectName());
         } else {
@@ -255,7 +255,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
                 resp.setName(userVm.getSecurityGroupName());
                 resp.setDescription(userVm.getSecurityGroupDescription());
                 resp.setObjectName("securitygroup");
-                if (userVm.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
+                if (userVm.getAccountType() == Account.Type.PROJECT) {
                     resp.setProjectId(userVm.getProjectUuid());
                     resp.setProjectName(userVm.getProjectName());
                 } else {
@@ -364,14 +364,14 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
             }
 
             // Remove deny listed settings if user is not admin
-            if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+            if (caller.getType() != Account.Type.ADMIN) {
                 String[] userVmSettingsToHide = QueryService.UserVMDeniedDetails.value().split(",");
                 for (String key : userVmSettingsToHide) {
                     resourceDetails.remove(key.trim());
                 }
             }
             userVmResponse.setDetails(resourceDetails);
-            if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+            if (caller.getType() != Account.Type.ADMIN) {
                 userVmResponse.setReadOnlyDetails(QueryService.UserVMReadOnlyDetails.value());
             }
         }
@@ -416,7 +416,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
             resp.setName(uvo.getSecurityGroupName());
             resp.setDescription(uvo.getSecurityGroupDescription());
             resp.setObjectName("securitygroup");
-            if (uvo.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
+            if (uvo.getAccountType() == Account.Type.PROJECT) {
                 resp.setProjectId(uvo.getProjectUuid());
                 resp.setProjectName(uvo.getProjectName());
             } else {

server/src/main/java/com/cloud/api/query/vo/AccountJoinVO.java

@@ -25,6 +25,7 @@ import javax.persistence.Enumerated;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
 
@@ -46,7 +47,8 @@ public class AccountJoinVO extends BaseViewVO implements InternalIdentity, Ident
     private String accountName = null;
 
     @Column(name = "type")
-    private short type;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type type;
 
     @Column(name = "role_id")
     private Long roleId;
@@ -204,7 +206,7 @@ public class AccountJoinVO extends BaseViewVO implements InternalIdentity, Ident
         return accountName;
     }
 
-    public short getType() {
+    public Account.Type getType() {
         return type;
     }
 

server/src/main/java/com/cloud/api/query/vo/AffinityGroupJoinVO.java

@@ -23,6 +23,7 @@ import javax.persistence.Enumerated;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.acl.ControlledEntity;
 import org.apache.cloudstack.affinity.AffinityGroup;
 
@@ -58,7 +59,8 @@ public class AffinityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -138,7 +140,7 @@ public class AffinityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/AsyncJobJoinVO.java

@@ -25,6 +25,7 @@ import javax.persistence.Enumerated;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.api.ApiCommandJobType;
 import org.apache.cloudstack.framework.jobs.AsyncJob;
 
@@ -50,7 +51,8 @@ public class AsyncJobJoinVO extends BaseViewVO implements ControlledViewEntity {
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -130,7 +132,7 @@ public class AsyncJobJoinVO extends BaseViewVO implements ControlledViewEntity {
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/ControlledViewEntity.java

@@ -16,6 +16,7 @@
 // under the License.
 package com.cloud.api.query.vo;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.acl.ControlledEntity;
 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
@@ -29,7 +30,7 @@ public interface ControlledViewEntity extends ControlledEntity, InternalIdentity
 
     public String getDomainPath();
 
-    public short getAccountType();
+    public Account.Type getAccountType();
 
     public String getAccountUuid();
 

server/src/main/java/com/cloud/api/query/vo/DomainRouterJoinVO.java

@@ -31,6 +31,7 @@ import com.cloud.network.Network.GuestType;
 import com.cloud.network.Networks.TrafficType;
 import com.cloud.network.router.VirtualRouter;
 import com.cloud.network.router.VirtualRouter.RedundantState;
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 import com.cloud.vm.VirtualMachine;
 import com.cloud.vm.VirtualMachine.State;
@@ -56,7 +57,8 @@ public class DomainRouterJoinVO extends BaseViewVO implements ControlledViewEnti
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -282,7 +284,7 @@ public class DomainRouterJoinVO extends BaseViewVO implements ControlledViewEnti
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/EventJoinVO.java

@@ -27,6 +27,7 @@ import javax.persistence.Table;
 
 import com.cloud.event.Event;
 import com.cloud.event.Event.State;
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
@@ -81,7 +82,8 @@ public class EventJoinVO extends BaseViewVO implements ControlledViewEntity {
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -139,7 +141,7 @@ public class EventJoinVO extends BaseViewVO implements ControlledViewEntity {
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/InstanceGroupJoinVO.java

@@ -20,9 +20,12 @@ import java.util.Date;
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 import com.cloud.vm.InstanceGroup;
 
@@ -56,7 +59,8 @@ public class InstanceGroupJoinVO extends BaseViewVO implements ControlledViewEnt
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -108,7 +112,7 @@ public class InstanceGroupJoinVO extends BaseViewVO implements ControlledViewEnt
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/ProjectAccountJoinVO.java

@@ -23,6 +23,7 @@ import javax.persistence.Enumerated;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.api.InternalIdentity;
 
 import com.cloud.projects.ProjectAccount.Role;
@@ -45,7 +46,8 @@ public class ProjectAccountJoinVO extends BaseViewVO implements InternalIdentity
     private String accountName;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "account_role")
     @Enumerated(value = EnumType.STRING)
@@ -123,7 +125,7 @@ public class ProjectAccountJoinVO extends BaseViewVO implements InternalIdentity
         return accountName;
     }
 
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/ProjectInvitationJoinVO.java

@@ -27,6 +27,7 @@ import javax.persistence.Table;
 
 import com.cloud.projects.ProjectInvitation;
 import com.cloud.projects.ProjectInvitation.State;
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
@@ -60,7 +61,8 @@ public class ProjectInvitationJoinVO extends BaseViewVO implements ControlledVie
     private String accountName;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -156,7 +158,7 @@ public class ProjectInvitationJoinVO extends BaseViewVO implements ControlledVie
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/ResourceTagJoinVO.java

@@ -25,6 +25,7 @@ import javax.persistence.Table;
 
 import com.cloud.server.ResourceTag;
 import com.cloud.server.ResourceTag.ResourceObjectType;
+import com.cloud.user.Account;
 
 @Entity
 @Table(name = "resource_tag_view")
@@ -66,7 +67,8 @@ public class ResourceTagJoinVO extends BaseViewVO implements ControlledViewEntit
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -118,7 +120,7 @@ public class ResourceTagJoinVO extends BaseViewVO implements ControlledViewEntit
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/SecurityGroupJoinVO.java

@@ -26,6 +26,7 @@ import javax.persistence.Table;
 import com.cloud.network.security.SecurityGroup;
 import com.cloud.network.security.SecurityRule.SecurityRuleType;
 import com.cloud.server.ResourceTag.ResourceObjectType;
+import com.cloud.user.Account;
 
 @Entity
 @Table(name = "security_group_view")
@@ -54,7 +55,8 @@ public class SecurityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -174,7 +176,7 @@ public class SecurityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/TemplateJoinVO.java

@@ -26,6 +26,7 @@ import javax.persistence.Table;
 import javax.persistence.Temporal;
 import javax.persistence.TemporalType;
 
+import com.cloud.user.Account;
 import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
 
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
@@ -144,7 +145,8 @@ public class TemplateJoinVO extends BaseViewWithTagInformationVO implements Cont
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -270,7 +272,7 @@ public class TemplateJoinVO extends BaseViewWithTagInformationVO implements Cont
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/UserAccountJoinVO.java

@@ -16,6 +16,7 @@
 // under the License.
 package com.cloud.api.query.vo;
 
+import com.cloud.user.Account;
 import com.cloud.user.User;
 import com.cloud.user.UserAccount;
 import com.cloud.utils.db.Encrypt;
@@ -95,7 +96,8 @@ public class UserAccountJoinVO extends BaseViewVO implements InternalIdentity, I
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "account_role_id")
     private Long accountRoleId;
@@ -153,7 +155,7 @@ public class UserAccountJoinVO extends BaseViewVO implements InternalIdentity, I
         return accountName;
     }
 
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/UserVmJoinVO.java

@@ -34,6 +34,7 @@ import com.cloud.network.Network.GuestType;
 import com.cloud.network.Networks.TrafficType;
 import com.cloud.storage.Storage.StoragePoolType;
 import com.cloud.storage.Volume;
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 import com.cloud.vm.VirtualMachine;
 import com.cloud.vm.VirtualMachine.State;
@@ -66,7 +67,8 @@ public class UserVmJoinVO extends BaseViewWithTagInformationVO implements Contro
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -445,7 +447,7 @@ public class UserVmJoinVO extends BaseViewWithTagInformationVO implements Contro
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/api/query/vo/VolumeJoinVO.java

@@ -30,6 +30,7 @@ import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.storage.Storage;
 import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
 import com.cloud.storage.Volume;
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 import com.cloud.vm.VirtualMachine;
 
@@ -87,7 +88,8 @@ public class VolumeJoinVO extends BaseViewWithTagInformationVO implements Contro
     private String accountName = null;
 
     @Column(name = "account_type")
-    private short accountType;
+    @Enumerated(value = EnumType.ORDINAL)
+    private Account.Type accountType;
 
     @Column(name = "domain_id")
     private long domainId;
@@ -342,7 +344,7 @@ public class VolumeJoinVO extends BaseViewWithTagInformationVO implements Contro
     }
 
     @Override
-    public short getAccountType() {
+    public Account.Type getAccountType() {
         return accountType;
     }
 

server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java

@@ -2912,7 +2912,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
             throw new InvalidParameterValueException("Unable to find active user by id " + userId);
         }
         final Account account = _accountDao.findById(user.getAccountId());
-        if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+        if (account.getType() == Account.Type.DOMAIN_ADMIN) {
             if (filteredDomainIds.isEmpty()) {
                 throw new InvalidParameterValueException(String.format("Unable to create public service offering by admin: %s because it is domain-admin", user.getUuid()));
             }
@@ -2924,7 +2924,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                     throw new InvalidParameterValueException(String.format("Unable to create service offering by another domain-admin: %s for domain: %s", user.getUuid(), _entityMgr.findById(Domain.class, domainId).getUuid()));
                 }
             }
-        } else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (account.getType() != Account.Type.ADMIN) {
             throw new InvalidParameterValueException(String.format("Unable to create service offering by user: %s because it is not root-admin or domain-admin", user.getUuid()));
         }
 
@@ -3208,7 +3208,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
         }
         Collections.sort(filteredZoneIds);
 
-        if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+        if (account.getType() == Account.Type.DOMAIN_ADMIN) {
             if (!filteredZoneIds.equals(existingZoneIds)) { // Domain-admins cannot update zone(s) for offerings
                 throw new InvalidParameterValueException(String.format("Unable to update zone(s) for service offering: %s by admin: %s as it is domain-admin", offeringHandle.getUuid(), user.getUuid()));
             }
@@ -3235,7 +3235,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                 }
             }
             filteredDomainIds.addAll(nonChildDomains); // Final list must include domains which were not child domain for domain-admin but specified for this offering prior to update
-        } else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (account.getType() != Account.Type.ADMIN) {
             throw new InvalidParameterValueException(String.format("Unable to update service offering: %s by id user: %s because it is not root-admin or domain-admin", offeringHandle.getUuid(), user.getUuid()));
         }
 
@@ -3375,7 +3375,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
             throw new InvalidParameterValueException("Unable to find active user by id " + userId);
         }
         final Account account = _accountDao.findById(user.getAccountId());
-        if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+        if (account.getType() == Account.Type.DOMAIN_ADMIN) {
             if (filteredDomainIds.isEmpty()) {
                 throw new InvalidParameterValueException(String.format("Unable to create public disk offering by admin: %s because it is domain-admin", user.getUuid()));
             }
@@ -3387,7 +3387,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                     throw new InvalidParameterValueException(String.format("Unable to create disk offering by another domain-admin: %s for domain: %s", user.getUuid(), _entityMgr.findById(Domain.class, domainId).getUuid()));
                 }
             }
-        } else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (account.getType() != Account.Type.ADMIN) {
             throw new InvalidParameterValueException(String.format("Unable to create disk offering by user: %s because it is not root-admin or domain-admin", user.getUuid()));
         }
 
@@ -3663,7 +3663,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
         }
         Collections.sort(filteredZoneIds);
 
-        if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+        if (account.getType() == Account.Type.DOMAIN_ADMIN) {
             if (!filteredZoneIds.equals(existingZoneIds)) { // Domain-admins cannot update zone(s) for offerings
                 throw new InvalidParameterValueException(String.format("Unable to update zone(s) for disk offering: %s by admin: %s as it is domain-admin", diskOfferingHandle.getUuid(), user.getUuid()));
             }
@@ -3690,7 +3690,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                 }
             }
             filteredDomainIds.addAll(nonChildDomains); // Final list must include domains which were not child domain for domain-admin but specified for this offering prior to update
-        } else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (account.getType() != Account.Type.ADMIN) {
             throw new InvalidParameterValueException(String.format("Unable to update disk offering: %s by id user: %s because it is not root-admin or domain-admin", diskOfferingHandle.getUuid(), user.getUuid()));
         }
 
@@ -3867,7 +3867,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
             throw new InvalidParameterValueException("Unable to find active user by id " + userId);
         }
         final Account account = _accountDao.findById(user.getAccountId());
-        if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+        if (account.getType() == Account.Type.DOMAIN_ADMIN) {
             List<Long> existingDomainIds = diskOfferingDetailsDao.findDomainIds(diskOfferingId);
             if (existingDomainIds.isEmpty()) {
                 throw new InvalidParameterValueException(String.format("Unable to delete public disk offering: %s by admin: %s because it is domain-admin", offering.getUuid(), user.getUuid()));
@@ -3877,7 +3877,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                     throw new InvalidParameterValueException(String.format("Unable to delete disk offering: %s as it has linked domain(s) which are not child domain for domain-admin: %s", offering.getUuid(), user.getUuid()));
                 }
             }
-        } else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (account.getType() != Account.Type.ADMIN) {
             throw new InvalidParameterValueException(String.format("Unable to delete disk offering: %s by user: %s because it is not root-admin or domain-admin", offering.getUuid(), user.getUuid()));
         }
 
@@ -3941,7 +3941,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
             throw new InvalidParameterValueException("Unable to find active user by id " + userId);
         }
         final Account account = _accountDao.findById(user.getAccountId());
-        if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+        if (account.getType() == Account.Type.DOMAIN_ADMIN) {
             List<Long> existingDomainIds = _serviceOfferingDetailsDao.findDomainIds(offeringId);
             if (existingDomainIds.isEmpty()) {
                 throw new InvalidParameterValueException(String.format("Unable to delete public service offering: %s by admin: %s because it is domain-admin", offering.getUuid(), user.getUuid()));
@@ -3951,7 +3951,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                     throw new InvalidParameterValueException(String.format("Unable to delete service offering: %s as it has linked domain(s) which are not child domain for domain-admin: %s", offering.getUuid(), user.getUuid()));
                 }
             }
-        } else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (account.getType() != Account.Type.ADMIN) {
             throw new InvalidParameterValueException(String.format("Unable to delete service offering: %s by user: %s because it is not root-admin or domain-admin", offering.getUuid(), user.getUuid()));
         }
 
@@ -6466,7 +6466,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
 
         final List<NetworkOfferingJoinVO> offerings = networkOfferingJoinDao.search(sc, searchFilter);
         // Remove offerings that are not associated with caller's domain or domainId passed
-        if ((caller.getType() != Account.ACCOUNT_TYPE_ADMIN || domainId != null) && CollectionUtils.isNotEmpty(offerings)) {
+        if ((caller.getType() != Account.Type.ADMIN || domainId != null) && CollectionUtils.isNotEmpty(offerings)) {
             ListIterator<NetworkOfferingJoinVO> it = offerings.listIterator();
             while (it.hasNext()) {
                 NetworkOfferingJoinVO offering = it.next();
@@ -6475,7 +6475,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
                     String[] domainIdsArray = offering.getDomainId().split(",");
                     for (String domainIdString : domainIdsArray) {
                         Long dId = Long.valueOf(domainIdString.trim());
-                        if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN &&
+                        if (caller.getType() != Account.Type.ADMIN &&
                                 !_domainDao.isChildDomain(dId, caller.getDomainId())) {
                             toRemove = true;
                             break;

server/src/main/java/com/cloud/network/NetworkModelImpl.java

@@ -1664,7 +1664,7 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel, Confi
             if (networkOwner == null)
                 throw new PermissionDeniedException("Unable to use network with id= " + ((NetworkVO)network).getUuid() +
                     ", network does not have an owner");
-            if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT && networkOwner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+            if (owner.getType() != Account.Type.PROJECT && networkOwner.getType() == Account.Type.PROJECT) {
                 User user = CallContext.current().getCallingUser();
                 Project project = projectDao.findByProjectAccountId(network.getAccountId());
                 if (project == null) {

server/src/main/java/com/cloud/network/NetworkServiceImpl.java

@@ -1864,9 +1864,9 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
         }
 
         if (skipProjectNetworks) {
-            sc.setJoinParameters("accountSearch", "typeNEQ", Account.ACCOUNT_TYPE_PROJECT);
+            sc.setJoinParameters("accountSearch", "typeNEQ", Account.Type.PROJECT);
         } else {
-            sc.setJoinParameters("accountSearch", "typeEQ", Account.ACCOUNT_TYPE_PROJECT);
+            sc.setJoinParameters("accountSearch", "typeEQ", Account.Type.PROJECT);
         }
 
         if (restartRequired != null) {
@@ -4659,7 +4659,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
         Long networkId = cmd.getNetworkId();
         UserVmVO userVm = _userVmDao.findById(vmId);
 
-        if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.ACCOUNT_TYPE_NORMAL)) {
+        if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.Type.NORMAL)) {
             throwInvalidIdException("Virtual machine id does not exist", Long.valueOf(vmId).toString(), "vmId");
         }
 
@@ -4675,7 +4675,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
         String keyword = cmd.getKeyword();
         UserVmVO userVm = _userVmDao.findById(vmId);
 
-        if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.ACCOUNT_TYPE_NORMAL)) {
+        if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.Type.NORMAL)) {
             throwInvalidIdException("Virtual machine id does not exist", Long.valueOf(vmId).toString(), "vmId");
         }
 
@@ -4704,7 +4704,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
         // verify permissions
         if (ipVO.getAllocatedToAccountId() != null) {
             _accountMgr.checkAccess(caller, null, true, ipVO);
-        } else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        } else if (caller.getType() != Account.Type.ADMIN) {
             throw new PermissionDeniedException("Only Root admin can update non-allocated ip addresses");
         }
 

server/src/main/java/com/cloud/network/firewall/FirewallManagerImpl.java

@@ -802,7 +802,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
             throw new InvalidParameterValueException("Unable to find " + ruleId + " having purpose " + Purpose.Firewall);
         }
 
-        if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+        if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.Type.ADMIN) {
             throw new InvalidParameterValueException("Only root admin can update the system wide firewall rule");
         }
 

server/src/main/java/com/cloud/network/vpc/VpcManagerImpl.java

@@ -708,7 +708,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
 
         // Remove offerings that are not associated with caller's domain
         // TODO: Better approach
-        if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN && CollectionUtils.isNotEmpty(offerings)) {
+        if (caller.getType() != Account.Type.ADMIN && CollectionUtils.isNotEmpty(offerings)) {
             ListIterator<VpcOfferingJoinVO> it = offerings.listIterator();
             while (it.hasNext()) {
                 VpcOfferingJoinVO offering = it.next();

server/src/main/java/com/cloud/projects/ProjectManagerImpl.java

@@ -267,7 +267,7 @@ public class ProjectManagerImpl extends ManagerBase implements ProjectManager, C
                 StringBuilder acctNm = new StringBuilder("PrjAcct-");
                 acctNm.append(name).append("-").append(ownerFinal.getDomainId());
 
-                Account projectAccount = _accountMgr.createAccount(acctNm.toString(), Account.ACCOUNT_TYPE_PROJECT, null, domainId, null, null, UUID.randomUUID().toString());
+                Account projectAccount = _accountMgr.createAccount(acctNm.toString(), Account.Type.PROJECT, null, domainId, null, null, UUID.randomUUID().toString());
 
                 Project project = _projectDao.persist(new ProjectVO(name, displayText, ownerFinal.getDomainId(), projectAccount.getId()));
 

server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java

@@ -308,7 +308,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         } else {
             // If the account has an no limit set, then return global default account limits
             Long value = null;
-            if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+            if (account.getType() == Account.Type.PROJECT) {
                 value = projectResourceLimitMap.get(type);
             } else {
                 value = accountResourceLimitMap.get(type);
@@ -349,7 +349,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         } else {
             // If the account has an no limit set, then return global default account limits
             Long value = null;
-            if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+            if (account.getType() == Account.Type.PROJECT) {
                 value = projectResourceLimitMap.get(type);
             } else {
                 value = accountResourceLimitMap.get(type);
@@ -516,7 +516,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             return;
         }
 
-        if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+        if (account.getType() == Account.Type.PROJECT) {
             project = _projectDao.findByProjectAccountId(account.getId());
         }
 
@@ -713,12 +713,12 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                 throw new InvalidParameterValueException("Only " + Resource.RESOURCE_UNLIMITED + " limit is supported for Root Admin accounts");
             }
 
-            if ((caller.getAccountId() == accountId.longValue()) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
+            if ((caller.getAccountId() == accountId.longValue()) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
                 // If the admin is trying to update their own account, disallow.
                 throw new PermissionDeniedException("Unable to update resource limit for their own account " + accountId + ", permission denied");
             }
 
-            if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+            if (account.getType() == Account.Type.PROJECT) {
                 _accountMgr.checkAccess(caller, AccessType.ModifyProject, true, account);
             } else {
                 _accountMgr.checkAccess(caller, null, true, account);
@@ -736,7 +736,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                 throw new PermissionDeniedException("Cannot update resource limit for ROOT domain " + domainId + ", permission denied");
             }
 
-            if ((caller.getDomainId() == domainId.longValue()) && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
+            if ((caller.getDomainId() == domainId.longValue()) && caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
                 // if the admin is trying to update their own domain, disallow...
                 throw new PermissionDeniedException("Unable to update resource limit for domain " + domainId + ", permission denied");
             }