Package com.evolveum.midpoint.model.api.mining

Interface RoleAnalysisService

public interface RoleAnalysisService

  • Method Details

    • getUserTypeObject

      @Nullable @Nullable PrismObject<UserType> getUserTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves a PrismObject of UserType object based on its OID.
      Parameters:
      oid - The OID of the UserType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of UserType object, or null if not found.

    • getFocusTypeObject

      @Nullable @Nullable PrismObject<FocusType> getFocusTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves a PrismObject of FocusType object based on its OID.
      Parameters:
      oid - The OID of the FocusType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of FocusType object, or null if not found.

    • getRoleTypeObject

      @Nullable @Nullable PrismObject<RoleType> getRoleTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves a PrismObject of RoleType object based on its OID.
      Parameters:
      oid - The OID of the RoleType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of RoleType object, or null if not found.

    • getClusterTypeObject

      @Nullable @Nullable PrismObject<RoleAnalysisClusterType> getClusterTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves a PrismObject of RoleAnalysisClusterType object based on its OID.
      Parameters:
      oid - The OID of the RoleAnalysisClusterType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of RoleAnalysisClusterType object, or null if not found.

    • getSessionTypeObject

      @Nullable @Nullable PrismObject<RoleAnalysisSessionType> getSessionTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves a PrismObject of RoleAnalysisSessionType object based on its OID.
      Parameters:
      oid - The OID of the RoleAnalysisSessionType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of RoleAnalysisSessionType object, or null if not found.

    • getObject

      @Nullable <T extends ObjectType> @Nullable PrismObject<T> getObject(@NotNull @NotNull Class<T> objectTypeClass, @NotNull @NotNull String oid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves a PrismObject based on its OID.
      Parameters:
      oid - The OID of the object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of object, or null if not found.

    • countSessionTypeObjects

      @NotNull @NotNull Integer countSessionTypeObjects(@NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves the number of RoleAnalysisSessionType objects in the system.
      Parameters:
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The number of RoleAnalysisSessionType objects in the system.

    • extractUserTypeMembers

      @NotNull @NotNull com.google.common.collect.ListMultimap<String,String> extractUserTypeMembers(@NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @Nullable @Nullable SearchFilterType userFilter, @NotNull @NotNull Set<String> clusterMembers, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Extracts a list of user members from set of RoleType object based on provided parameters.
      Parameters:
      userExistCache - The cache of user objects.
      userFilter - The UserType filter.
      clusterMembers - The set of cluster members.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      A list of user members.

    • countUserTypeMembers

      int countUserTypeMembers(@Nullable @Nullable ObjectFilter userFilter, @NotNull @NotNull Set<String> clusterMembers, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • importCluster

      void importCluster(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull RoleAnalysisDetectionOptionType roleAnalysisSessionDetectionOption, @NotNull @NotNull ObjectReferenceType parentRef, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Imports a RoleAnalysisClusterType object into the system.
      Parameters:
      cluster - The cluster for importing.
      roleAnalysisSessionDetectionOption - The session detection option.
      parentRef - The parent Role analysis session reference.
      task - The task associated with this operation.
      result - The operation result.

    • updateSessionStatistics

      void updateSessionStatistics(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull RoleAnalysisSessionStatisticType sessionStatistic, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Modifies statistics of a RoleAnalysisSessionType object.
      Parameters:
      session - The session reference.
      sessionStatistic - The session statistic to modify.
      task - The task associated with this operation.
      result - The operation result.

    • updateSessionIdentifiedCharacteristics

      void updateSessionIdentifiedCharacteristics(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull RoleAnalysisIdentifiedCharacteristicsType identifiedCharacteristics, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Modifies identified characteristics of a RoleAnalysisSessionType object.
      Parameters:
      session - The session reference.
      identifiedCharacteristics - The identified characteristics to modify.
      task - The task associated with this operation.
      result - The operation result.

    • anylseAttributesAndReplaceDetectionPattern

      void anylseAttributesAndReplaceDetectionPattern(@NotNull @NotNull String clusterOid, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Replaces the detected patterns of a RoleAnalysisClusterType object.
      Parameters:
      clusterOid - The cluster OID.
      detectedPatterns - The detected patterns to replace.
      task - The task associated with this operation.
      result - The operation result.

    • getUpdatedAnalysisClusterStatistic

      @NotNull @NotNull AnalysisClusterStatisticType getUpdatedAnalysisClusterStatistic(double maxReduction, @NotNull @NotNull AnalysisClusterStatisticType clusterStatistics)

    • generateObjectReferences

      @NotNull @NotNull Set<ObjectReferenceType> generateObjectReferences(@NotNull @NotNull Set<String> objects, @NotNull @NotNull QName complexType, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult operationResult)
      Generates a set of object references based on a provided parameters.
      Parameters:
      objects - The objects to create references for.
      complexType - The complex type of the objects.
      task - The task associated with this operation.
      operationResult - The operation result.
      Returns:
      A set of object references.

    • deleteSessionClustersMembers

      void deleteSessionClustersMembers(@NotNull @NotNull String sessionOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, boolean recomputeStatistics)
      Deletes all RoleAnalysisClusterType objects associated with a specific session.
      Parameters:
      sessionOid - The session OID.
      task - The task associated with this operation.
      result - The operation result.
      recomputeStatistics - Recompute statistics flag.

    • deleteCluster

      void deleteCluster(@NotNull @NotNull RoleAnalysisClusterType cluster, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, boolean recomputeStatistics)
      Deletes a single RoleAnalysisClusterType object.
      Parameters:
      cluster - The cluster to delete.
      task - The task associated with this operation.
      result - The operation result.
      recomputeStatistics - Recompute statistics flag.

    • deleteOutlier

      void deleteOutlier(@NotNull @NotNull RoleAnalysisOutlierType cluster, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Deletes a single RoleAnalysisOutlierType object.
      Parameters:
      cluster - The outlier to delete.
      task - The task associated with this operation.
      result - The operation result.

    • recomputeSessionStatics

      void recomputeSessionStatics(@NotNull @NotNull String sessionOid, @NotNull @NotNull RoleAnalysisClusterType roleAnalysisClusterType, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Recomputes the statistics of a RoleAnalysisSessionType object.
      Parameters:
      sessionOid - The session OID.
      roleAnalysisClusterType - The cluster to recompute statistics for.
      task - The task associated with this operation.
      result - The operation result.

    • countUserTypeMembers

      @NotNull @NotNull Integer countUserTypeMembers(@Nullable @Nullable ObjectFilter userFilter, @NotNull @NotNull String objectId, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Counts the number of members of a RoleType object.
      Parameters:
      userFilter - The UserType filter.
      objectId - The OID of the RoleType object.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The number of user members of a RoleType object.

    • deleteSession

      void deleteSession(@NotNull @NotNull String sessionOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Deletes a single RoleAnalysisSessionType object.
      Parameters:
      sessionOid - The role analysis session OID.
      task - The task associated with this operation.
      result - The operation result.

    • resolveClusterOptionType

      RoleAnalysisOptionType resolveClusterOptionType(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Resolves the process mode of a RoleAnalysisClusterType object based on role analysis session.
      Parameters:
      cluster - The cluster to resolve the process mode for.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The resolved process mode.

    • recomputeClusterDetectionOptions

      void recomputeClusterDetectionOptions(@NotNull @NotNull String clusterOid, @NotNull @NotNull PatternDetectionOption detectionOption, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Recompute the detection options of a RoleAnalysisClusterType object.
      Parameters:
      clusterOid - The cluster OID.
      detectionOption - The detection option to recompute.
      task - The task associated with this operation.
      result - The operation result.

    • clusterObjectMigrationRecompute

      void clusterObjectMigrationRecompute(@NotNull @NotNull String clusterRefOid, @NotNull @NotNull String roleRefOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Recompute role analysis cluster (RoleAnalysisClusterType) parameters. This method should be called after migration to business role.
      Parameters:
      clusterRefOid - The cluster OID.
      roleRefOid - The role OID.
      task - The task associated with this operation.
      result - The operation result.

    • prepareCompressedMiningStructure

      @NotNull @NotNull MiningOperationChunk prepareCompressedMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task)
      Method for preparing a compressed mining structure for role analysis.
      Parameters:
      cluster - The cluster for which the mining structure is prepared.
      userSearchFilter - The additional user filter.
      roleSearchFilter - The additional role filter.
      assignmentSearchFilter - The additional assignment filter.
      fullProcess - The full process flag. If true, the entire structure is prepared. If false, only a partial structure (members) is prepared.
      processMode - The process mode.
      result - The operation result.
      task - The task associated with this operation.
      Returns:
      A MiningOperationChunk containing user and role chunks for further processing.

    • prepareBasicChunkStructure

      MiningOperationChunk prepareBasicChunkStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull DisplayValueOption option, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @Nullable @Nullable List<DetectedPattern> detectedPatterns, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task)

    • prepareMiningStructure

      @NotNull @NotNull MiningOperationChunk prepareMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull DisplayValueOption option, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task)
      Method for preparing a mining structure for role analysis.
      Parameters:
      cluster - The cluster for which the mining structure is prepared.
      userSearchFilter - The additional user filter.
      roleSearchFilter - The additional role filter.
      assignmentSearchFilter - The additional assignment filter.
      option - The display value option.
      processMode - The process mode.
      result - The operation result.
      task - The task associated with this operation.
      Returns:
      A MiningOperationChunk containing user and role chunks for further processing.

    • updateChunkWithPatterns

      void updateChunkWithPatterns(MiningOperationChunk chunk, RoleAnalysisProcessModeType processMode, List<DetectedPattern> detectedPatterns, com.evolveum.midpoint.task.api.Task task, OperationResult result)

    • prepareExpandedMiningStructure

      @NotNull @NotNull MiningOperationChunk prepareExpandedMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @Nullable @Nullable DisplayValueOption option)
      Method for preparing an expanded mining structure for role analysis.
      Parameters:
      cluster - The cluster for which the mining structure is prepared.
      userSearchFilter - The additional user filter.
      roleSearchFilter - The additional role filter.
      assignmentSearchFilter - The additional assignment filter.
      fullProcess - The full process flag. If true, the entire structure is prepared. If false, only a partial structure (members) is prepared.
      processMode - The process mode.
      result - The operation result.
      task - The task associated with this operation.
      option - The display value option.
      Returns:
      A MiningOperationChunk containing user and role chunks for further processing.

    • cacheRoleTypeObject

      @Nullable @Nullable PrismObject<RoleType> cacheRoleTypeObject(@NotNull @NotNull Map<String,PrismObject<RoleType>> roleExistCache, @NotNull @NotNull String roleOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable RoleAnalysisCacheOption option)
      Retrieves a RoleType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.
      Parameters:
      roleExistCache - A cache storing previously fetched RoleType PrismObjects.
      roleOid - The OID of the RoleType PrismObject to retrieve.
      task - The task associated with the operation.
      result - The operation result.
      option - The cache option.
      Returns:
      The RoleType PrismObject fetched from the cache or ModelService, or null if not found.

    • cacheUserTypeObject

      @Nullable @Nullable PrismObject<UserType> cacheUserTypeObject(@NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @NotNull @NotNull String userOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable RoleAnalysisCacheOption option)
      Retrieves a UserType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.
      Parameters:
      userExistCache - A cache storing previously fetched UserType PrismObjects.
      userOid - The OID of the UserType PrismObject to retrieve.
      task - The task associated with the operation.
      result - The operation result.
      option - The cache option.
      Returns:
      The UserType PrismObject fetched from the cache or ModelService, or null if not found.

    • executeRoleAnalysisRoleMigrationTask

      void executeRoleAnalysisRoleMigrationTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull ActivityDefinitionType activityDefinition, @NotNull @NotNull PrismObject<RoleType> roleObject, @Nullable @Nullable String taskOid, @Nullable @Nullable PolyStringType taskName, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      This method is used to execute a migration task. It replaces the role assignment with business role assignment.
      Parameters:
      modelInteractionService - The model interaction service.
      cluster - The cluster under which the migration task is executed.
      activityDefinition - The activity definition.
      roleObject - The role object for migration.
      taskOid - The OID of the task.
      taskName - The name of the task.
      task - The task associated with this operation.
      result - The operation result.

    • executeRoleMigrationProcess

      void executeRoleMigrationProcess(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleType> roleObject, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • executeDetectionTask

      void executeDetectionTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @Nullable @Nullable String taskOid, @Nullable @Nullable PolyStringType taskName, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, String state)
      This method is used to execute a detection task. Detected patterns are stored in the cluster.
      Parameters:
      modelInteractionService - The model interaction service.
      cluster - The cluster under which the detection task is executed.
      taskOid - The OID of the task.
      taskName - The name of the task.
      task - The task associated with this operation.
      result - The operation result.
      state - Cluster operation state

    • executeClusteringTask

      void executeClusteringTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisSessionType> session, @NotNull @NotNull TaskType taskObject, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      This method is used to execute a clustering task. It creates a new cluster and stores it in the session.
      Parameters:
      modelInteractionService - The model interaction service.
      session - The session under which the clustering task is executed.
      taskObject - The performed task object.
      task - The task associated with this operation.
      result - The operation result.

    • recomputeAndResolveClusterOpStatus

      @NotNull @NotNull String recomputeAndResolveClusterOpStatus(@NotNull @NotNull String clusterOid, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, boolean onlyStatusUpdate, @Nullable @Nullable ModelInteractionService modelInteractionService)
      Recompute and resolve the cluster operation status. This method also update the cluster operation status if detect some changes.
      Parameters:
      clusterOid - The cluster for recompute and resolve.
      result - The operation result.
      task - The task associated with this operation.
      onlyStatusUpdate - If set true pattern detection does not perform
      modelInteractionService - Model interactive service provider
      Returns:
      The cluster operation status.

    • recomputeAndResolveSessionOpStatus

      @NotNull @NotNull String recomputeAndResolveSessionOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisSessionType> clusterPrismObject, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task)
      Recompute and resolve the cluster operation status. This method also update the cluster operation status if detect some changes.
      Parameters:
      clusterPrismObject - The cluster for recompute and resolve.
      result - The operation result.
      task - The task associated with this operation.
      Returns:
      The cluster operation status.

    • addCandidateRole

      void addCandidateRole(@NotNull @NotNull String clusterRefOid, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      This method is used to add candidate roles to the cluster.
      Parameters:
      clusterRefOid - The cluster OID.
      candidateRole - The candidate role OID.
      task - The task associated with this operation.
      result - The operation result.

    • recomputeAndResolveClusterCandidateRoleOpStatus

      @NotNull @NotNull String recomputeAndResolveClusterCandidateRoleOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrismObject, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull @NotNull OperationResult result, com.evolveum.midpoint.task.api.Task task)
      Recomputes and resolves the operation status for the candidate role within the specified cluster.
      Parameters:
      clusterPrismObject - PrismObject representing the role analysis cluster.
      candidateRole - RoleAnalysisCandidateRoleType representing the candidate role.
      result - OperationResult containing the result of the operation.
      task - Task used for executing the operation.
      Returns:
      A string representing the display status of the candidate role after recompute and resolution.

    • getTaskProgressIfExist

      int[] getTaskProgressIfExist(@Nullable @Nullable RoleAnalysisOperationStatus operationStatus, @NotNull @NotNull OperationResult result)

    • deleteSingleCandidateRole

      void deleteSingleCandidateRole(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRoleBean, @NotNull @NotNull OperationResult result, com.evolveum.midpoint.task.api.Task task)
      Deletes a single candidate role from the specified role analysis cluster.
      Parameters:
      clusterPrism - PrismObject representing the role analysis cluster.
      candidateRoleBean - RoleAnalysisCandidateRoleType representing the candidate role to be deleted.
      result - OperationResult containing the result of the deletion operation.
      task - Task used for executing the deletion operation.

    • setCandidateRoleOpStatus

      void setCandidateRoleOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRoleContainer, @NotNull @NotNull String taskOid, @Nullable @Nullable OperationResultStatusType operationResultStatusType, @Nullable @Nullable String message, @NotNull @NotNull OperationResult result, com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull RoleAnalysisOperation operationType, @Nullable @Nullable FocusType focus)
      Sets the operation status of a candidate role within the specified role analysis cluster.
      Parameters:
      clusterPrism - PrismObject representing the role analysis cluster.
      candidateRoleContainer - RoleAnalysisCandidateRoleType representing the candidate role container.
      taskOid - String representing the OID of the task associated with the operation status.
      operationResultStatusType - OperationResultStatusType representing the status of the operation.
      message - String containing the message associated with the operation status.
      result - OperationResult containing the result of the operation.
      task - Task used for executing the operation.
      operationType - RoleAnalysisOperation representing the type of operation.
      focus - FocusType representing the focus type associated with the operation status.

    • executeChangesOnCandidateRole

      void executeChangesOnCandidateRole(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull RoleAnalysisCandidateRoleType roleAnalysisCandidateRoleType, @NotNull @NotNull Set<PrismObject<UserType>> members, @NotNull @NotNull Set<AssignmentType> inducements, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Executes changes on the candidate role within the specified role analysis cluster.
      Parameters:
      cluster - PrismObject representing the role analysis cluster.
      roleAnalysisCandidateRoleType - RoleAnalysisCandidateRoleType representing the candidate role container.
      members - Set of PrismObject representing the members to be assigned to the candidate role.
      inducements - Set of AssignmentType representing the inducements to be added to the candidate role.
      task - Task used for executing the operation.
      result - OperationResult containing the result of the operation.

    • loadSearchObjectIterative

      <T extends ObjectType> void loadSearchObjectIterative(@NotNull @NotNull ModelService modelService, @NotNull @NotNull Class<T> type, @Nullable @Nullable ObjectQuery query, @Nullable @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull @NotNull List<T> modifyList, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult parentResult)
      Loads objects iteratively from the repository based on the provided query and adds them to the modifyList if they are not already present.
      Type Parameters:
      T - Generic type extending ObjectType representing the type of objects to be loaded.
      Parameters:
      modelService - ModelService used for loading the objects from the repository.
      type - Class representing the type of objects to be loaded.
      query - ObjectQuery specifying the conditions for searching the objects. Can be null.
      options - Collection of SelectorOptions specifying additional options for the search operation. Can be null.
      modifyList - List of loaded objects will be added. Objects already present in this list will be skipped.
      task - Task used for executing the search operation.
      parentResult - OperationResult containing the result of the operation.

    • userTypeAttributeAnalysis

      List<AttributeAnalysisStructure> userTypeAttributeAnalysis(@NotNull @NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet)
      Performs attribute analysis for user objects.
      Parameters:
      prismUsers - Set of PrismObject representing user objects to analyze.
      membershipDensity - The density of membership.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      attributeDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • userTypeAttributeAnalysisCached

      List<AttributeAnalysisStructure> userTypeAttributeAnalysisCached(@NotNull @NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • roleTypeAttributeAnalysis

      List<AttributeAnalysisStructure> roleTypeAttributeAnalysis(@NotNull @NotNull Set<PrismObject<RoleType>> prismRoles, Double membershipDensity, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet)
      Performs attribute analysis for role objects.
      Parameters:
      prismRoles - Set of PrismObject representing role objects to analyze.
      membershipDensity - The density of membership.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • roleMembersAttributeAnalysis

      List<AttributeAnalysisStructure> roleMembersAttributeAnalysis(@NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull @NotNull String objectOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Performs attribute analysis for role members.
      Parameters:
      attributeDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for analysis.
      objectOid - The OID of the object to analyze.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • userRolesAttributeAnalysis

      List<AttributeAnalysisStructure> userRolesAttributeAnalysis(@NotNull @NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet, @NotNull @NotNull String objectOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Performs attribute analysis for user roles.
      Parameters:
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      objectOid - The OID of the object to analyze.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • resolveDetectedPatternsAttributes

      void resolveDetectedPatternsAttributes(@NotNull @NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @NotNull @NotNull Map<String,PrismObject<RoleType>> roleExistCache, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet)
      Processes attribute analysis for the detected patterns. This method analyzes attribute usage patterns for both users and roles in the detected patterns. It retrieves user and role occupancy information from the detected patterns, then performs attribute analysis for both user and role types based on the specified attribute paths.
      Parameters:
      detectedPatterns - List of detected patterns to process.
      userExistCache - Map containing cached PrismObject of UserType for efficient retrieval.
      roleExistCache - Map containing cached PrismObject of RoleType for efficient retrieval.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation. Any errors or status information will be recorded here.
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      attributeUserDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.

    • resolveDetectedPatternsAttributesCached

      void resolveDetectedPatternsAttributesCached(@NotNull @NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @NotNull @NotNull Map<String,PrismObject<RoleType>> roleExistCache, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Processes attribute analysis for the detected patterns. This method analyzes attribute usage patterns for both users and roles in the detected patterns. It retrieves user and role occupancy information from the detected patterns, then performs attribute analysis for both user and role types based on the specified attribute paths.
      Parameters:
      detectedPatterns - List of detected patterns to process.
      userExistCache - Map containing cached PrismObject of UserType for efficient retrieval.
      roleExistCache - Map containing cached PrismObject of RoleType for efficient retrieval.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation. Any errors or status information will be recorded here.
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      attributeUserDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.

    • searchSessionClusters

      List<PrismObject<RoleAnalysisClusterType>> searchSessionClusters(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Searches for clusters associated with a specific role analysis session.
      Parameters:
      session - RoleAnalysisSessionType representing the session for which clusters are being searched.
      task - Task used for executing the search operation.
      result - OperationResult containing the result of the search operation. Any errors or status information will be recorded here.
      Returns:
      List of PrismObject containing the clusters associated with the session. If the search operation fails or no clusters are found, null is returned.

    • resolveFocusObjectIconColor

      String resolveFocusObjectIconColor(@NotNull @NotNull FocusType focusObject, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Resolves the focus object icon color based on the provided focus object archetype.
      Parameters:
      focusObject - FocusType representing the focus object for which the icon color is being resolved.
      task - Task used for resolving the icon color.
      result - OperationResult containing the result of the operation. Any errors or status information will be recorded here.
      Returns:
      String representing the icon color of the focus object.

    • countObjects

      <T extends ObjectType> Integer countObjects(@NotNull @NotNull Class<T> type, @Nullable @Nullable ObjectQuery query, @Nullable @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult parentResult)
      Retrieves the attribute definition for a specific attribute path.
      Parameters:
      type - The type of object for which the attribute definition is being retrieved.
      query - The query specifying the conditions for searching the object.
      options - Collection of SelectorOptions specifying additional options for the search operation.
      task - Task used for executing the search operation.
      parentResult - OperationResult containing the result of the search operation.
      Returns:
      RoleAnalysisAttributeDef containing the attribute definition for the specified attribute path.

    • countUserOwnedRoleAssignment

      int countUserOwnedRoleAssignment(OperationResult result)
      Counts the number of role assignments owned by users in the system.
      Parameters:
      result - The operation result.
      Returns:
      The count of user-owned role assignments.

    • calculateAttributeConfidence

      String calculateAttributeConfidence(@NotNull @NotNull RoleAnalysisProcessModeType processModeType, @NotNull @NotNull AnalysisClusterStatisticType clusterStatistics)
      Calculates the confidence of an attribute based on the specified process mode and cluster statistics.
      Parameters:
      processModeType - The process mode type.
      clusterStatistics - The cluster statistics.
      Returns:
      String representing the calculated attribute confidence.

    • resolveAnalysisAttributes

      @Nullable @Nullable List<RoleAnalysisAttributeDef> resolveAnalysisAttributes(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull QName complexType)
      Resolves the analysis attributes based on the provided session and complex type.
      Parameters:
      session - The RoleAnalysisSessionType object that contains the analysis options.
      complexType - The QName object that represents the complex type of the attribute.
      Returns:
      A list of RoleAnalysisAttributeDef objects that match the provided complex type. Returns null if no matching attributes are found or if the analysis option or process mode is not set in the session.

    • importOutlier

      void importOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Imports a RoleAnalysisOutlierType object into the system.
      Parameters:
      outlier - The outlier for importing.
      task - The task associated with this operation.
      result - The operation result.

    • resolveUserAttributes

      RoleAnalysisAttributeAnalysisResult resolveUserAttributes(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributesForUserAnalysis)

    • resolveSimilarAspect

      @Nullable @Nullable RoleAnalysisAttributeAnalysisResult resolveSimilarAspect(@NotNull @NotNull RoleAnalysisAttributeAnalysisResult compared, @NotNull @NotNull RoleAnalysisAttributeAnalysisResult comparison)

    • resolveRoleMembersAttribute

      RoleAnalysisAttributeAnalysisResult resolveRoleMembersAttribute(@NotNull @NotNull String objectOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet)

    • resolveRoleMembersAttributeCached

      RoleAnalysisAttributeAnalysisResult resolveRoleMembersAttributeCached(@NotNull @NotNull String objectOid, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet)

    • resolveOutliersZScore

      <T extends MiningBaseTypeChunk> ZScoreData resolveOutliersZScore(@NotNull @NotNull List<T> data, @Nullable @Nullable RangeType range, @Nullable @Nullable Double sensitivity, @Nullable @Nullable Double frequencyThreshold)

    • calculateZScoreConfidence

      <T extends MiningBaseTypeChunk> double calculateZScoreConfidence(@NotNull T item, ZScoreData zScoreData)

    • resolveUserValueToMark

      @Nullable @Nullable Set<String> resolveUserValueToMark(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull List<RoleAnalysisAttributeDef> itemDef)

    • resolveUserValueToMark

      @Nullable @Nullable Set<String> resolveUserValueToMark(RoleAnalysisAttributeAnalysisResult userAttributeAnalysisResult)

    • resolveRoleValueToMark

      @Nullable @Nullable Set<String> resolveRoleValueToMark(@NotNull @NotNull PrismObject<RoleType> prismRole, @NotNull @NotNull List<RoleAnalysisAttributeDef> itemDef)
      Resolve object attribute value.
      Parameters:
      prismRole - The role object.
      itemDef - The attribute definition.
      Returns:
      Set of attribute values that role has.

    • resolveOutliers

      void resolveOutliers(@NotNull @NotNull RoleAnalysisOutlierType roleAnalysisOutlierType, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Resolves outliers for a given role analysis outlier type. This method retrieves the target object reference from the provided outlier type and performs the following steps: 1. Searches for existing outliers with the same target object reference. 2. If no outliers are found, imports the provided outlier. 3. If outliers are found, updates the existing outlier with new outlier descriptions and removes outdated descriptions.

      This method is responsible for handling exceptions that may occur during the process and logs errors accordingly.

      Parameters:
      roleAnalysisOutlierType - The role analysis outlier type containing the outlier information.
      task - The task associated with the operation.
      result - The operation result.

    • updateSessionMarkRef

      void updateSessionMarkRef(@NotNull @NotNull PrismObject<RoleAnalysisSessionType> session, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task)

    • deleteSessionTask

      void deleteSessionTask(@NotNull @NotNull String sessionOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • deleteSessionTask

      void deleteSessionTask(@NotNull @NotNull TaskType taskToDelete, @NotNull @NotNull OperationResult result)

    • getSessionTask

      @Nullable @Nullable PrismObject<TaskType> getSessionTask(@NotNull @NotNull String sessionOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • getSessionOutliers

      List<RoleAnalysisOutlierType> getSessionOutliers(@NotNull @NotNull String sessionOid, @Nullable @Nullable OutlierClusterCategoryType category, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • getTopOutliers

      List<RoleAnalysisOutlierType> getTopOutliers(@Nullable @Nullable Integer limit, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • findJaccardCloseObject

      com.google.common.collect.ListMultimap<Double,String> findJaccardCloseObject(@NotNull @NotNull String userOid, @NotNull @NotNull com.google.common.collect.ListMultimap<List<String>,String> chunkMap, @NotNull @NotNull org.apache.commons.lang3.mutable.MutableDouble usedFrequency, @NotNull @NotNull List<String> outliersMembers, double minThreshold, int minMembers, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • loadUserForOutlierComparison

      com.google.common.collect.ListMultimap<List<String>,String> loadUserForOutlierComparison(@NotNull @NotNull RoleAnalysisService roleAnalysisService, List<String> outliersMembers, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull OperationResult result, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull RoleAnalysisSessionType sessionObject)

    • calculateOutlierThresholdRange

      RangeType calculateOutlierThresholdRange(Double sensitivity, @NotNull @NotNull RangeType range)
      This method is used to calculate the threshold range for outlier detection. The range is adjusted based on the provided sensitivity.
      Parameters:
      sensitivity - The sensitivity for outlier detection. It should be a value between 0.0 and 100. If the provided value is outside this range, it will be set to 0.0. The sensitivity is used to adjust the threshold for outlier detection.
      range - The initial range for outlier detection. It should be a RangeType object with min and max values. If the min or max values are null, they will be set to 2.0. Note: The range is expected to have both values positive.
      Returns:
      The adjusted range for outlier detection. It's a RangeType object with the min and max values adjusted based on the sensitivity.

    • calculateOutlierConfidenceRequired

      double calculateOutlierConfidenceRequired(double sensitivity)
      Calculates the required confidence for outlier detection based on the provided sensitivity. The sensitivity should be a value between 0.0 and 100. If the provided value is outside this range, the function will return 0.0. The function uses the formula 1 - (sensitivity * 0.01) to calculate the required confidence.
      Parameters:
      sensitivity - The sensitivity for outlier detection. It should be a value between 0.0 and 100.
      Returns:
      The required confidence for outlier detection. It's a value between 0.0 and 1.0.

    • findClusterOutliers

      List<RoleAnalysisOutlierType> findClusterOutliers(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable OutlierSpecificCategoryType category, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      This method is used to find all outliers associated with a specific cluster.
      Parameters:
      cluster - The cluster for which to find associated outliers. It should be a RoleAnalysisClusterType object.
      category - The specific category of outliers to search for. It should be an OutlierSpecificCategoryType object.
      task - The task in context. It should be a Task object.
      result - The operation result. It should be an OperationResult object.
      Returns:
      A list of RoleAnalysisOutlierType objects that are associated with the provided cluster.

    • searchOutlierObjectByUserOid

      PrismObject<RoleAnalysisOutlierType> searchOutlierObjectByUserOid(@NotNull @NotNull String userOid, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Searches for an outlier object associated with a specific user.
      Parameters:
      userOid - The OID of the user for whom the outlier object is to be searched.
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      The outlier object associated with the user if found, null otherwise.
      Throws:
      RuntimeException - if there is an issue with the search operation.

    • addOutlierPartition

      void addOutlierPartition(@NotNull @NotNull String outlierOid, @NotNull @NotNull RoleAnalysisOutlierPartitionType partition, double overallConfidence, double anomalyConfidence, @NotNull @NotNull OperationResult result)
      Updates the specified outlier object in the repository. The method retrieves the existing outlier object based on the provided OID and updates the partition and metrics data.
      Parameters:
      outlierOid - The OID of the outlier object to be updated.
      partition - The partition data to be added to the outlier object.
      overallConfidence - The overall confidence value to be set in the outlier object.
      anomalyConfidence - The anomaly confidence value to be set in the outlier object.
      result - The operation result.

    • deleteClusterOutlierOrPartition

      void deleteClusterOutlierOrPartition(@NotNull @NotNull RoleAnalysisClusterType cluster, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Deletes the outlier or partition of a given cluster and update statistic metrics.
      Parameters:
      cluster - The cluster whose outlier is to be deleted.
      task - The task in which the operation is performed.
      result - The operation result.

    • resolveUserAccessDistribution

      UserAccessDistribution resolveUserAccessDistribution(@NotNull @NotNull PrismObject<UserType> user, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Resolves the distribution of user access based on the user's role assignments. This method categorizes the user's role assignments into direct assignments, indirect assignments, and duplicates. Direct assignments are roles assigned directly to the user. Indirect assignments are roles assigned to the user through a group or another role. Duplicates are roles that are assigned to the user both directly and indirectly.
      Parameters:
      user - The user object for which the access distribution is to be resolved.
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      A UserAccessDistribution object that contains the distribution of user access.

    • getAsFocusObjects

      @NotNull @NotNull List<PrismObject<FocusType>> getAsFocusObjects(@Nullable @Nullable List<ObjectReferenceType> references, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves a list of FocusType objects based on a list of ObjectReferenceType references.
      Parameters:
      references - A list of ObjectReferenceType references. These references should point to the objects to be retrieved.
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      A list of PrismObject of type FocusType. Each PrismObject represents a FocusType object retrieved based on the provided references. If the references list is null, an empty list is returned.

    • computeResolvedAndCandidateRoles

      int[] computeResolvedAndCandidateRoles(@NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Computes the number of resolved patterns and candidate roles in all RoleAnalysisClusterType objects.
      Parameters:
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      An array of two integers where the first integer is the count of resolved patterns and the second integer is the count of candidate roles.

    • calculatePossibleAssignmentReduction

      double calculatePossibleAssignmentReduction(RoleAnalysisSessionType session, com.evolveum.midpoint.task.api.Task task, OperationResult result)

    • getSessionClustersByType

      List<RoleAnalysisClusterType> getSessionClustersByType(@NotNull @NotNull String sessionOid, @NotNull @NotNull RoleAnalysisClusterCategory clusterType, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)

    • searchOutliersRepo

      @Nullable @Nullable SearchResultList<PrismObject<RoleAnalysisOutlierType>> searchOutliersRepo(@Nullable @Nullable ObjectQuery query, @NotNull @NotNull OperationResult result)

    • assignmentSearch

      com.google.common.collect.ListMultimap<String,String> assignmentSearch(@Nullable @Nullable ObjectFilter userObjectFiler, @Nullable @Nullable ObjectFilter roleObjectFilter, @Nullable @Nullable ObjectFilter assignmentFilter, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Searches for assignments based on the provided filters and process mode.
      Parameters:
      userObjectFiler - An optional filter to apply to the user objects.
      roleObjectFilter - An optional filter to apply to the role objects.
      assignmentFilter - An optional filter to apply to the assignment objects.
      processMode - The process mode to determine whether to search in user mode or role mode.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - poc
      Returns:
      A ListMultimap where the keys are either user OIDs or role OIDs, and the values are the corresponding role OIDs or user OIDs, depending on the process mode.

    • prepareAssignmentChunkMapRolesAsKey

      com.google.common.collect.ListMultimap<List<String>,String> prepareAssignmentChunkMapRolesAsKey(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Prepares a map of assignment chunks. If key objects has the same values, they are compressed.
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      roleSearchFiler - An optional filter to apply to the role search.
      assignmentSearchFiler - An optional filter to apply to the assignment search.
      processMode - The process mode to determine whether to search in user mode or role mode.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - poc
      Returns:
      A ListMultimap where the keys are lists of role OIDs and the values are user OIDs.

    • membershipSearch

      com.google.common.collect.ListMultimap<String,String> membershipSearch(@Nullable @Nullable ObjectFilter userObjectFiler, @Nullable @Nullable ObjectFilter roleObjectFilter, @Nullable @Nullable ObjectFilter assignmentFilter, boolean loadAndUpdateStatistics, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Searches for user membership based on the provided filters and process mode.
      Parameters:
      userObjectFiler - An optional filter to apply to the user objects.
      roleObjectFilter - An optional filter to apply to the role objects.
      assignmentFilter - An optional filter to apply to the assignment objects.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      processMode - The process mode to determine whether to search in user mode or role mode.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - Session object.
      Returns:
      A ListMultimap where the keys are either user OIDs or role OIDs, and the values are the corresponding role OIDs or user OIDs, depending on the process mode.

    • prepareMembershipChunkMapRolesAsKey

      com.google.common.collect.ListMultimap<List<String>,String> prepareMembershipChunkMapRolesAsKey(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Prepares a map of role membership chunks. If key objects have the same values, they are compressed.
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      roleSearchFiler - An optional filter to apply to the role search.
      assignmentSearchFiler - An optional filter to apply to the assignment search.
      processMode - The process mode to determine whether to search in user mode or role mode.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - poc
      Returns:
      A ListMultimap where the keys are lists of role OIDs and the values are user OIDs.

    • transformSearchToObjectFilter

      @Nullable @Nullable ObjectFilter transformSearchToObjectFilter(@Nullable @Nullable SearchFilterType userSearchFiler, @NotNull @NotNull Class<?> objectClass)
      Transforms a SearchFilterType to an ObjectFilter for the specified object class.
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      objectClass - The class of the object to which the filter will be applied.
      Returns:
      The constructed ObjectFilter based on the provided SearchFilterType, or null if the filter is not provided or cannot be created.

    • assignmentRoleMemberSearch

      @NotNull @NotNull com.google.common.collect.ListMultimap<String,String> assignmentRoleMemberSearch(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull Set<String> roleMembers, boolean roleAsKey, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisClusterType clusterObject)
      Searches for role members based on the provided filters and role members set.
      Parameters:
      userSearchFiler - Optional filter for user search.
      roleSearchFiler - Optional filter for role search.
      assignmentSearchFiler - Optional filter for assignment search.
      roleMembers - Set of role member identifiers.
      roleAsKey - Boolean flag to determine if roles should be used as keys in the result map.
      task - The task in which the operation is performed.
      result - The operation result.
      clusterObject - poc
      Returns:
      A ListMultimap containing the role members mapped by either role or user identifiers.

    • assignmentUserAccessSearch

      @NotNull @NotNull com.google.common.collect.ListMultimap<String,String> assignmentUserAccessSearch(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull Set<String> userMembers, boolean userAsKey, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisClusterType clusterObject)
      Searches for user access assignments based on the provided filters and user members set.
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      roleSearchFiler - An optional filter to apply to the role search.
      assignmentSearchFiler - An optional filter to apply to the assignment search.
      userMembers - A set of user member OIDs to be included in the search.
      userAsKey - A boolean indicating whether users should be used as keys in the resulting map.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      Returns:
      A ListMultimap where the keys are either user OIDs or role OIDs, depending on the value of userAsKey.

    • getSessionRoleSuggestion

      List<DetectedPattern> getSessionRoleSuggestion(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result)
      Retrieves role suggestions for a given session by searching for detected patterns.
      Parameters:
      sessionOid - The OID of the session for which role suggestions are to be retrieved.
      limit - An optional limit on the number of detected patterns to retrieve.
      sortDescending - An optional flag to sort the detected patterns by reduction count in descending order.
      result - The operation result.
      Returns:
      A list of detected patterns for the given session.

    • getClusterRoleSuggestions

      List<DetectedPattern> getClusterRoleSuggestions(@NotNull @NotNull String clusterOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result)
      Retrieves role suggestions for a given cluster by searching for detected patterns.
      Parameters:
      clusterOid - The OID of the cluster for which role suggestions are to be retrieved.
      limit - An optional limit on the number of detected patterns to retrieve.
      sortDescending - An optional flag to sort the detected patterns by reduction count in descending order.
      result - The operation result.
      Returns:
      A list of detected patterns for the given cluster.

    • getAllRoleSuggestions

      List<DetectedPattern> getAllRoleSuggestions(@Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result)
      Retrieves all role suggestions by searching for detected patterns.
      Parameters:
      limit - An optional limit on the number of detected patterns to retrieve.
      sortDescending - An optional flag to sort the detected patterns by reduction count in descending order.
      result - The operation result.
      Returns:
      A list of detected patterns.

    • getOutlierPartitionsMap

      Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getOutlierPartitionsMap(@Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves outlier partitions by searching for detected patterns.
      Parameters:
      limit - An optional limit on the number of partitions to retrieve.
      sortDescending - An optional flag to sort the partitions by overall confidence in descending order.
      task - The task in which the operation is executed.
      result - The operation result.
      Returns:
      A map of outlier partitions and their corresponding outliers.

    • getSessionOutlierPartitionsMap

      Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getSessionOutlierPartitionsMap(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @Nullable @Nullable OutlierCategoryType outlierCategory, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves outlier partitions for specific session by searching for detected patterns.
      Parameters:
      limit - An optional limit on the number of partitions to retrieve.
      sortDescending - An optional flag to sort the partitions by overall confidence in descending order.
      outlierCategory - The specific category of outliers to search for.
      task - The task in which the operation is executed.
      result - The operation result.
      Returns:
      A map of outlier partitions and their corresponding outliers.

    • getClusterOutlierPartitionsMap

      Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getClusterOutlierPartitionsMap(@NotNull @NotNull String clusterOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @Nullable @Nullable OutlierCategoryType outlierCategory, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Retrieves outlier partitions for specific cluster by searching for detected patterns.
      Parameters:
      limit - An optional limit on the number of partitions to retrieve.
      sortDescending - An optional flag to sort the partitions by overall confidence in descending order.
      outlierCategory - The specific category of outliers to search for.
      task - The task in which the operation is executed.
      result - The operation result.
      Returns:
      A map of outlier partitions and their corresponding outliers.

    • buildStatisticsAssignmentSearchFilter

      S_FilterExit buildStatisticsAssignmentSearchFilter(@NotNull @NotNull Collection<QName> memberRelations)

    • prepareTemporaryCluster

      @Nullable @Nullable RoleAnalysisClusterType prepareTemporaryCluster(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull RoleAnalysisOutlierPartitionType partition, @NotNull @NotNull DisplayValueOption displayValueOption, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task)
      Prepares a temporary cluster for role analysis based on the provided outlier and partition.
      Parameters:
      outlier - The outlier object containing the detected outlier information.
      partition - The partition object containing the partition analysis data.
      displayValueOption - The display value options for the role analysis.
      task - The task in which the operation is performed.
      Returns:
      A RoleAnalysisClusterType object representing the prepared temporary cluster, or null if the similar object analysis is not available.

    • explainOutlierAnomalyAccess

      List<OutlierExplanationResolver.ExplanationResult> explainOutlierAnomalyAccess(@NotNull @NotNull DetectedAnomalyResult detectedAnomalyResult, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Explains the anomaly access for a detected outlier. This method analyzes the detected anomaly statistics result and provides an explanation for the outlier anomaly access.
      Parameters:
      detectedAnomalyResult - The result of the detected anomaly to be explained.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      A list of explanation results for the outlier anomaly access.

    • explainOutlierPartition

      OutlierExplanationResolver.OutlierExplanationResult explainOutlierPartition(@NotNull @NotNull RoleAnalysisOutlierPartitionType partition, int partitionCount, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Explains the outlier partition. This method analyzes the provided outlier partition statistics and returns an explanation result.
      Parameters:
      partition - The outlier partition to be explained.
      partitionCount - The count of partitions.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      An explanation result for the outlier partition.

    • explainOutlier

      OutlierExplanationResolver.OutlierExplanationResult explainOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result)
      Explains the outlier. This method analyzes the provided outlier partition and returns an explanation result of top-rated(scored) partition explanation.
      Parameters:
      outlier - The outlier to be explained.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      An explanation result for the outlier.