Class RoleAnalysisServiceImpl
java.lang.Object
com.evolveum.midpoint.model.impl.mining.RoleAnalysisServiceImpl
- All Implemented Interfaces:
RoleAnalysisService
Utility methods for working with role analysis objects in the Midpoint system.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
addCandidateRole
(@NotNull String clusterRefOid, @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull Task task, @NotNull OperationResult result) This method is used to add candidate roles to the cluster.void
addOutlierPartition
(@NotNull String outlierOid, @NotNull RoleAnalysisOutlierPartitionType partition, double overallConfidence, double anomalyConfidence, @NotNull OperationResult result) Updates the specified outlier object in the repository.void
anylseAttributesAndReplaceDetectionPattern
(@NotNull String clusterOid, @NotNull List<DetectedPattern> detectedPatterns, @NotNull Task task, @NotNull OperationResult result) Replaces the detected patterns of a RoleAnalysisClusterType object.assignmentRoleMemberSearch
(@Nullable SearchFilterType userSearchFiler, @Nullable SearchFilterType roleSearchFiler, @Nullable SearchFilterType assignmentSearchFiler, @NotNull Set<String> roleMembers, boolean roleAsKey, @NotNull Task task, @NotNull OperationResult result, @NotNull RoleAnalysisClusterType clusterObject) Searches for role members based on the provided filters and role members set.assignmentSearch
(@Nullable ObjectFilter userObjectFiler, @Nullable ObjectFilter roleObjectFilter, @Nullable ObjectFilter assignmentFilter, @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull Task task, @NotNull OperationResult result, @NotNull RoleAnalysisSessionType sessionObject) Searches for assignments based on the provided filters and process mode.assignmentUserAccessSearch
(@Nullable SearchFilterType userSearchFiler, @Nullable SearchFilterType roleSearchFiler, @Nullable SearchFilterType assignmentSearchFiler, @NotNull Set<String> userMembers, boolean userAsKey, @NotNull Task task, @NotNull OperationResult result, @NotNull RoleAnalysisClusterType clusterObject) Searches for user access assignments based on the provided filters and user members set.buildStatisticsAssignmentSearchFilter
(@NotNull Collection<QName> memberRelations) @Nullable PrismObject<RoleType>
cacheRoleTypeObject
(@NotNull Map<String, PrismObject<RoleType>> roleExistCache, @NotNull String roleOid, @NotNull Task task, @NotNull OperationResult result, @Nullable RoleAnalysisCacheOption option) Retrieves a RoleType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.@Nullable PrismObject<UserType>
cacheUserTypeObject
(@NotNull Map<String, PrismObject<UserType>> userExistCache, @NotNull String userOid, @NotNull Task task, @NotNull OperationResult result, @Nullable RoleAnalysisCacheOption option) Retrieves a UserType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.calculateAttributeConfidence
(@NotNull RoleAnalysisProcessModeType processModeType, @NotNull AnalysisClusterStatisticType clusterStatistics) Calculates the confidence of an attribute based on the specified process mode and cluster statistics.double
calculateOutlierConfidenceRequired
(double sensitivity) Calculates the required confidence for outlier detection based on the provided sensitivity.@NotNull RangeType
calculateOutlierThresholdRange
(Double sensitivity, @NotNull RangeType range) This method is used to calculate the threshold range for outlier detection.double
calculatePossibleAssignmentReduction
(RoleAnalysisSessionType session, Task task, OperationResult result) Calculates the possible reduction in role assignments for a given session.<T extends MiningBaseTypeChunk>
doublecalculateZScoreConfidence
(T item, ZScoreData zScoreData) Calculate the confidence of the Z-Scorevoid
clusterObjectMigrationRecompute
(@NotNull String clusterRefOid, @NotNull String roleRefOid, @NotNull Task task, @NotNull OperationResult result) Recompute role analysis cluster (RoleAnalysisClusterType) parameters.int[]
computeResolvedAndCandidateRoles
(@NotNull Task task, @NotNull OperationResult result) Computes the number of resolved patterns and candidate roles in all RoleAnalysisClusterType objects.<T extends ObjectType>
IntegercountObjects
(@NotNull Class<T> type, @Nullable ObjectQuery query, @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull Task task, @NotNull OperationResult parentResult) Retrieves the attribute definition for a specific attribute path.@NotNull Integer
countSessionTypeObjects
(@NotNull Task task, @NotNull OperationResult result) Retrieves the number of RoleAnalysisSessionType objects in the system.int
Counts the number of role assignments owned by users in the system.@NotNull Integer
countUserTypeMembers
(@Nullable ObjectFilter userFilter, @NotNull String objectId, @NotNull Task task, @NotNull OperationResult result) Counts the number of members of a RoleType object.int
countUserTypeMembers
(@Nullable ObjectFilter userFilter, @NotNull Set<String> clusterMembers, @NotNull Task task, @NotNull OperationResult result) void
deleteCluster
(@NotNull RoleAnalysisClusterType cluster, @NotNull Task task, @NotNull OperationResult result, boolean recomputeStatistics) Deletes a single RoleAnalysisClusterType object.void
deleteClusterOutlierOrPartition
(@NotNull RoleAnalysisClusterType cluster, @NotNull Task task, @NotNull OperationResult result) Deletes the outlier or partition of a given cluster and update statistic metrics.void
deleteOutlier
(@NotNull RoleAnalysisOutlierType outlier, @NotNull Task task, @NotNull OperationResult result) Deletes a single RoleAnalysisOutlierType object.void
deleteSession
(@NotNull String sessionOid, @NotNull Task task, @NotNull OperationResult result) Deletes a single RoleAnalysisSessionType object.void
deleteSessionClustersMembers
(@NotNull String sessionOid, @NotNull Task task, @NotNull OperationResult result, boolean recomputeStatistics) Deletes all RoleAnalysisClusterType objects associated with a specific session.void
deleteSessionTask
(@NotNull TaskType taskToDelete, @NotNull OperationResult result) void
deleteSessionTask
(@NotNull String sessionOid, @NotNull Task task, @NotNull OperationResult result) void
deleteSingleCandidateRole
(@NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull RoleAnalysisCandidateRoleType candidateRoleBean, @NotNull OperationResult result, Task task) Deletes a single candidate role from the specified role analysis cluster.void
executeChangesOnCandidateRole
(@NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull RoleAnalysisCandidateRoleType roleAnalysisCandidateRoleType, Set<ObjectReferenceType> members, @NotNull Set<AssignmentType> inducements, @NotNull Task task, @NotNull OperationResult result) Executes changes on the candidate role within the specified role analysis cluster.void
executeClusteringTask
(@NotNull ModelInteractionService modelInteractionService, @NotNull PrismObject<RoleAnalysisSessionType> session, @NotNull TaskType taskObject, @NotNull Task task, @NotNull OperationResult result) This method is used to execute a clustering task.void
executeDetectionTask
(@NotNull ModelInteractionService modelInteractionService, @NotNull PrismObject<RoleAnalysisClusterType> cluster, @Nullable String taskOid, @Nullable PolyStringType taskName, @NotNull Task task, @NotNull OperationResult result, String state) This method is used to execute a detection task.void
executeRoleAnalysisRoleMigrationTask
(@NotNull ModelInteractionService modelInteractionService, @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull ActivityDefinitionType activityDefinition, @NotNull PrismObject<RoleType> roleObject, @Nullable String taskOid, @Nullable PolyStringType taskName, @NotNull Task task, @NotNull OperationResult result) This method is used to execute a migration task.void
executeRoleMigrationProcess
(@NotNull ModelInteractionService modelInteractionService, @NotNull PrismObject<RoleType> roleObject, @NotNull Task task, @NotNull OperationResult result) explainOutlier
(@NotNull RoleAnalysisOutlierType outlier, @NotNull Task task, @NotNull OperationResult result) Explains the outlier.explainOutlierAnomalyAccess
(@NotNull DetectedAnomalyResultType detectedAnomalyResult, @NotNull Task task, @NotNull OperationResult result) Explains the anomaly access for a detected outlier.explainOutlierPartition
(@NotNull RoleAnalysisOutlierPartitionType partition, int partitionCount, @NotNull Task task, @NotNull OperationResult result) Explains the outlier partition.extractRoleMembers
(@Nullable SearchFilterType filter, @NotNull RoleType role, @NotNull Task task, @NotNull OperationResult result) Extracts the members of a given role based on the specified filter.extractUserTypeMembers
(@NotNull Map<String, PrismObject<UserType>> userExistCache, @Nullable SearchFilterType userFilter, @NotNull Set<String> clusterMembers, @NotNull Task task, @NotNull OperationResult result) Extracts a list of user members from set of RoleType object based on provided parameters.@NotNull List<RoleAnalysisOutlierType>
findClusterOutliers
(@NotNull RoleAnalysisClusterType cluster, @Nullable OutlierSpecificCategoryType category, @NotNull Task task, @NotNull OperationResult result) This method is used to find all outliers associated with a specific cluster.findJaccardCloseObject
(@NotNull String userOid, @NotNull com.google.common.collect.ListMultimap<List<String>, String> chunkMap, @NotNull org.apache.commons.lang3.mutable.MutableDouble usedFrequency, @NotNull List<String> outliersMembers, double minThreshold, int minMembers, @NotNull Task task, @NotNull OperationResult result) @NotNull Set<ObjectReferenceType>
generateObjectReferences
(@NotNull Set<String> objects, @NotNull QName complexType, @NotNull Task task, @NotNull OperationResult operationResult) Generates a set of object references based on a provided parameters.getAllRoleSuggestions
(@Nullable Integer limit, @Nullable Boolean sortDescending, @NotNull OperationResult result) Retrieves all role suggestions by searching for detected patterns.@NotNull List<PrismObject<FocusType>>
getAsFocusObjects
(@Nullable List<ObjectReferenceType> references, @NotNull Task task, @NotNull OperationResult result) Retrieves a list of FocusType objects based on a list of ObjectReferenceType references.getClusterOutlierPartitionsMap
(@NotNull String clusterOid, @Nullable Integer limit, @Nullable Boolean sortDescending, @Nullable OutlierCategoryType outlierCategory, @NotNull Task task, @NotNull OperationResult result) Retrieves outlier partitions for specific cluster by searching for detected patterns.getClusterRoleSuggestions
(@NotNull String clusterOid, @Nullable Integer limit, @Nullable Boolean sortDescending, @NotNull OperationResult result) Retrieves role suggestions for a given cluster by searching for detected patterns.@Nullable PrismObject<RoleAnalysisClusterType>
getClusterTypeObject
(@NotNull String oid, @NotNull Task task, @NotNull OperationResult result) Retrieves a PrismObject of RoleAnalysisClusterType object based on its OID.@Nullable PrismObject<FocusType>
getFocusTypeObject
(@NotNull String oid, @NotNull Task task, @NotNull OperationResult result) Retrieves a PrismObject of FocusType object based on its OID.<T extends ObjectType>
@Nullable PrismObject<T>getObject
(@NotNull Class<T> objectTypeClass, @NotNull String oid, @NotNull Task task, @NotNull OperationResult result) Retrieves a PrismObject based on its OID.getOutlierPartitionsMap
(@Nullable Integer limit, @Nullable Boolean sortDescending, @NotNull Task task, @NotNull OperationResult result) Retrieves outlier partitions by searching for detected patterns.@Nullable PrismObject<RoleType>
getRoleTypeObject
(@NotNull String oid, @NotNull Task task, @NotNull OperationResult result) Retrieves a PrismObject of RoleType object based on its OID.getSessionClustersByType
(@NotNull String sessionOid, @NotNull RoleAnalysisClusterCategory clusterType, @NotNull Task task, @NotNull OperationResult result) getSessionOutlierPartitionsMap
(@NotNull String sessionOid, @Nullable Integer limit, @Nullable Boolean sortDescending, @Nullable OutlierCategoryType outlierCategory, @NotNull Task task, @NotNull OperationResult result) Retrieves outlier partitions for specific session by searching for detected patterns.getSessionOutlierPartitionStructure
(@NotNull String sessionOid, @Nullable Integer limit, @Nullable Boolean sortDescending, @NotNull OperationResult result) getSessionOutliers
(@NotNull String sessionOid, @Nullable OutlierClusterCategoryType category, @NotNull Task task, @NotNull OperationResult result) getSessionRoleSuggestion
(@NotNull String sessionOid, @Nullable Integer limit, @Nullable Boolean sortDescending, @NotNull OperationResult result) Retrieves role suggestions for a given session by searching for detected patterns.@Nullable PrismObject<TaskType>
getSessionTask
(@NotNull String sessionOid, @NotNull Task task, @NotNull OperationResult result) @Nullable PrismObject<RoleAnalysisSessionType>
getSessionTypeObject
(@NotNull String oid, @NotNull Task task, @NotNull OperationResult result) Retrieves a PrismObject of RoleAnalysisSessionType object based on its OID.int[]
getTaskProgressIfExist
(@Nullable RoleAnalysisOperationStatusType operationStatus, @NotNull OperationResult result) getTopOutliers
(@Nullable Integer limit, @NotNull Task task, @NotNull OperationResult result) @NotNull AnalysisClusterStatisticType
getUpdatedAnalysisClusterStatistic
(double maxReduction, @NotNull AnalysisClusterStatisticType clusterStatistics) @Nullable PrismObject<UserType>
getUserTypeObject
(@NotNull String oid, @NotNull Task task, @NotNull OperationResult result) Retrieves a PrismObject of UserType object based on its OID.void
importCluster
(@NotNull PrismObject<RoleAnalysisClusterType> clusterPrismObject, @NotNull RoleAnalysisDetectionOptionType roleAnalysisSessionDetectionOption, @NotNull ObjectReferenceType parentRef, @NotNull Task task, @NotNull OperationResult result) Imports a RoleAnalysisClusterType object into the system.void
importOutlier
(@NotNull RoleAnalysisOutlierType outlier, @NotNull Task task, @NotNull OperationResult result) Imports a RoleAnalysisOutlierType object into the system.loadUserForOutlierComparison
(@NotNull RoleAnalysisService roleAnalysisService, @NotNull List<String> outliersMembers, @NotNull ObjectCategorisationCache objectCategorisationCache, @Nullable SearchFilterType userSearchFilter, @Nullable SearchFilterType roleSearchFilter, @Nullable SearchFilterType assignmentSearchFilter, @NotNull OperationResult result, @NotNull Task task, @NotNull RoleAnalysisSessionType sessionObject) membershipSearch
(@Nullable ObjectFilter userObjectFiler, @Nullable ObjectFilter roleObjectFilter, @Nullable ObjectFilter assignmentFilter, boolean loadAndUpdateStatistics, @NotNull RoleAnalysisProcessModeType processMode, @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull Task task, @NotNull OperationResult result, @NotNull RoleAnalysisSessionType sessionObject) Searches for user membership based on the provided filters and process mode.prepareAssignmentChunkMapRolesAsKey
(@Nullable SearchFilterType userSearchFiler, @Nullable SearchFilterType roleSearchFiler, @Nullable SearchFilterType assignmentSearchFiler, @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull Task task, @NotNull OperationResult result, @NotNull RoleAnalysisSessionType sessionObject) Prepares a map of assignment chunks.prepareBasicChunkStructure
(@NotNull RoleAnalysisClusterType cluster, @Nullable SearchFilterType userSearchFilter, @Nullable SearchFilterType roleSearchFilter, @Nullable SearchFilterType assignmentSearchFilter, @NotNull DisplayValueOption option, @NotNull RoleAnalysisProcessModeType processMode, @Nullable List<DetectedPattern> detectedPatterns, @NotNull OperationResult result, @NotNull Task task) @NotNull MiningOperationChunk
prepareCompressedMiningStructure
(@NotNull RoleAnalysisClusterType cluster, @Nullable SearchFilterType userSearchFilter, @Nullable SearchFilterType roleSearchFilter, @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull RoleAnalysisProcessModeType processMode, @NotNull OperationResult result, @NotNull Task task) Method for preparing a compressed mining structure for role analysis.@NotNull MiningOperationChunk
prepareExpandedMiningStructure
(@NotNull RoleAnalysisClusterType cluster, @Nullable SearchFilterType userSearchFilter, @Nullable SearchFilterType roleSearchFilter, @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull RoleAnalysisProcessModeType processMode, @NotNull OperationResult result, @NotNull Task task, @Nullable DisplayValueOption option) Method for preparing an expanded mining structure for role analysis.prepareMembershipChunkMapRolesAsKey
(@Nullable SearchFilterType userSearchFiler, @Nullable SearchFilterType roleSearchFiler, @Nullable SearchFilterType assignmentSearchFiler, @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull Task task, @NotNull OperationResult result, @NotNull RoleAnalysisSessionType sessionObject) Prepares a map of role membership chunks.@NotNull MiningOperationChunk
prepareMiningStructure
(@NotNull RoleAnalysisClusterType cluster, @Nullable SearchFilterType userSearchFilter, @Nullable SearchFilterType roleSearchFilter, @Nullable SearchFilterType assignmentSearchFilter, @NotNull DisplayValueOption option, @NotNull RoleAnalysisProcessModeType processMode, @NotNull List<DetectedPattern> detectedPatterns, @NotNull OperationResult result, @NotNull Task task) Method for preparing a mining structure for role analysis.@Nullable RoleAnalysisClusterType
prepareTemporaryCluster
(@NotNull RoleAnalysisOutlierType outlier, @NotNull RoleAnalysisOutlierPartitionType partition, @NotNull DisplayValueOption displayValueOption, @NotNull Task task) Prepares a temporary cluster for role analysis based on the provided outlier and partition.@NotNull String
recomputeAndResolveClusterCandidateRoleOpStatus
(@NotNull PrismObject<RoleAnalysisClusterType> clusterPrismObject, @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull OperationResult result, Task task) Recomputes and resolves the operation status for the candidate role within the specified cluster.@NotNull String
recomputeAndResolveClusterOpStatus
(@NotNull String clusterOid, @NotNull OperationResult result, @NotNull Task task, boolean onlyStatusUpdate, @Nullable ModelInteractionService modelInteractionService) Recompute and resolve the cluster operation status.@NotNull String
recomputeAndResolveSessionOpStatus
(@NotNull PrismObject<RoleAnalysisSessionType> sessionPrismObject, @NotNull OperationResult result, @NotNull Task task) Recompute and resolve the cluster operation status.void
recomputeClusterDetectionOptions
(@NotNull String clusterOid, @NotNull PatternDetectionOption detectionOption, @NotNull Task task, @NotNull OperationResult result) Recompute the detection options of a RoleAnalysisClusterType object.void
recomputeSessionStatics
(@NotNull String sessionOid, @NotNull RoleAnalysisClusterType roleAnalysisClusterType, @NotNull Task task, @NotNull OperationResult result) Recomputes the statistics of a RoleAnalysisSessionType object.@Nullable List<RoleAnalysisAttributeDef>
resolveAnalysisAttributes
(@NotNull RoleAnalysisSessionType session, @NotNull QName complexType) Resolves the analysis attributes based on the provided session and complex type.resolveClusterOptionType
(@NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull Task task, @NotNull OperationResult result) Resolves the process mode of a RoleAnalysisClusterType object based on role analysis session.void
resolveDetectedPatternsAttributes
(@NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull Map<String, PrismObject<UserType>> userExistCache, @NotNull Map<String, PrismObject<RoleType>> roleExistCache, @NotNull Task task, @NotNull OperationResult result, @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet) Processes attribute analysis for the detected patterns.void
resolveDetectedPatternsAttributesCached
(@NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull Map<String, PrismObject<UserType>> userExistCache, @NotNull Map<String, PrismObject<RoleType>> roleExistCache, @NotNull AttributeAnalysisCache userAnalysisCache, @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet, @NotNull Task task, @NotNull OperationResult result) Processes attribute analysis for the detected patterns.resolveFocusObjectIconColor
(@NotNull FocusType focusObject, @NotNull Task task, @NotNull OperationResult result) Resolves the focus object icon color based on the provided focus object archetype.resolveJaccardCloseObjectResult
(int minMembers, @NotNull org.apache.commons.lang3.mutable.MutableDouble usedFrequency, @Nullable com.google.common.collect.ListMultimap<Double, String> similarityStats) <T extends MiningBaseTypeChunk>
voidresolveNeighbours
(@NotNull List<T> data, double maxFrequency) Resolves neighbors for the given list of data chunks based on their properties and frequency values.void
resolveOutliers
(@NotNull RoleAnalysisOutlierType roleAnalysisOutlierType, @NotNull Task task, @NotNull OperationResult result) Resolves outliers for a given role analysis outlier type.<T extends MiningBaseTypeChunk>
ZScoreDataresolveOutliersZScore
(@NotNull List<T> data, @Nullable RangeType range, @Nullable Double sensitivity, @Nullable Double frequencyThreshold) resolveRoleMembersAttribute
(@NotNull String objectOid, @NotNull Task task, @NotNull OperationResult result, @NotNull List<RoleAnalysisAttributeDef> attributeDefSet) resolveRoleMembersAttributeCached
(@NotNull String objectOid, @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull Task task, @NotNull OperationResult result, @NotNull List<RoleAnalysisAttributeDef> attributeDefSet) resolveRoleValueToMark
(@NotNull PrismObject<RoleType> prismRole, @NotNull List<RoleAnalysisAttributeDef> itemDef) Resolve object attribute value.@Nullable RoleAnalysisAttributeAnalysisResultType
resolveSimilarAspect
(@NotNull RoleAnalysisAttributeAnalysisResultType compared, @NotNull RoleAnalysisAttributeAnalysisResultType comparison) resolveUserAccessDistribution
(@NotNull PrismObject<UserType> prismUser, @NotNull Task task, @NotNull OperationResult result) Resolves the distribution of user access based on the user's role assignments.resolveUserAttributes
(@NotNull PrismObject<UserType> prismUser, @NotNull List<RoleAnalysisAttributeDef> attributesForUserAnalysis) resolveUserValueToMark
(@NotNull PrismObject<UserType> prismUser, @NotNull List<RoleAnalysisAttributeDef> itemDef) resolveUserValueToMark
(@NotNull RoleAnalysisAttributeAnalysisResultType userAttributeAnalysisResult) roleMembersAttributeAnalysis
(@NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull String objectOid, @NotNull Task task, @NotNull OperationResult result) Performs attribute analysis for role members.roleTypeAttributeAnalysis
(@NotNull Set<PrismObject<RoleType>> prismRoles, Double membershipDensity, @NotNull Task task, @NotNull OperationResult result, @NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet) Performs attribute analysis for role objects.searchOutlierObjectByUserOid
(@NotNull String userOid, @NotNull Task task, @NotNull OperationResult result) Searches for an outlier object associated with a specific user.searchOutliersRepo
(@Nullable ObjectQuery query, @NotNull OperationResult result) searchSessionClusters
(@NotNull RoleAnalysisSessionType session, @NotNull Task task, @NotNull OperationResult result) Searches for clusters associated with a specific role analysis session.void
setCandidateRoleOpStatus
(@NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull RoleAnalysisCandidateRoleType candidateRoleContainer, @NotNull String taskOid, @Nullable OperationResultStatusType operationResultStatusType, @Nullable String message, @NotNull OperationResult result, @NotNull Task task, @NotNull RoleAnalysisOperationType operationType, @Nullable FocusType focus) Sets the operation status of a candidate role within the specified role analysis cluster.@Nullable ObjectFilter
transformSearchToObjectFilter
(@Nullable SearchFilterType userSearchFiler, @NotNull Class<?> objectClass) Transforms a SearchFilterType to an ObjectFilter for the specified object class.void
updateChunkWithPatterns
(@NotNull MiningOperationChunk basicChunk, @NotNull RoleAnalysisProcessModeType processMode, @NotNull List<DetectedPattern> detectedPatterns, @NotNull Task task, @NotNull OperationResult result) void
updateSessionIdentifiedCharacteristics
(@NotNull RoleAnalysisSessionType session, @NotNull RoleAnalysisIdentifiedCharacteristicsType identifiedCharacteristics, @NotNull Task task, @NotNull OperationResult result) Modifies identified characteristics of a RoleAnalysisSessionType object.void
updateSessionStatistics
(@NotNull RoleAnalysisSessionType session, @NotNull RoleAnalysisSessionStatisticType sessionStatistic, @NotNull Task task, @NotNull OperationResult result) Modifies statistics of a RoleAnalysisSessionType object.userRolesAttributeAnalysis
(@NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet, @NotNull String objectOid, @NotNull Task task, @NotNull OperationResult result) Performs attribute analysis for user roles.userTypeAttributeAnalysis
(@NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull Task task, @NotNull OperationResult result, @NotNull List<RoleAnalysisAttributeDef> attributeDefSet) Performs attribute analysis for user objects.userTypeAttributeAnalysisCached
(@NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull Task task, @NotNull OperationResult result)
-
Constructor Details
-
RoleAnalysisServiceImpl
public RoleAnalysisServiceImpl()
-
-
Method Details
-
getUserTypeObject
@Nullable public @Nullable PrismObject<UserType> getUserTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves a PrismObject of UserType object based on its OID.- Specified by:
getUserTypeObject
in interfaceRoleAnalysisService
- Parameters:
oid
- The OID of the UserType object to retrieve.task
- The task associated with this operation.result
- The operation result.- Returns:
- The PrismObject of UserType object, or null if not found.
-
getFocusTypeObject
@Nullable public @Nullable PrismObject<FocusType> getFocusTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves a PrismObject of FocusType object based on its OID.- Specified by:
getFocusTypeObject
in interfaceRoleAnalysisService
- Parameters:
oid
- The OID of the FocusType object to retrieve.task
- The task associated with this operation.result
- The operation result.- Returns:
- The PrismObject of FocusType object, or null if not found.
-
getRoleTypeObject
@Nullable public @Nullable PrismObject<RoleType> getRoleTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves a PrismObject of RoleType object based on its OID.- Specified by:
getRoleTypeObject
in interfaceRoleAnalysisService
- Parameters:
oid
- The OID of the RoleType object to retrieve.task
- The task associated with this operation.result
- The operation result.- Returns:
- The PrismObject of RoleType object, or null if not found.
-
getClusterTypeObject
@Nullable public @Nullable PrismObject<RoleAnalysisClusterType> getClusterTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves a PrismObject of RoleAnalysisClusterType object based on its OID.- Specified by:
getClusterTypeObject
in interfaceRoleAnalysisService
- Parameters:
oid
- The OID of the RoleAnalysisClusterType object to retrieve.task
- The task associated with this operation.result
- The operation result.- Returns:
- The PrismObject of RoleAnalysisClusterType object, or null if not found.
-
getSessionTypeObject
@Nullable public @Nullable PrismObject<RoleAnalysisSessionType> getSessionTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves a PrismObject of RoleAnalysisSessionType object based on its OID.- Specified by:
getSessionTypeObject
in interfaceRoleAnalysisService
- Parameters:
oid
- The OID of the RoleAnalysisSessionType object to retrieve.task
- The task associated with this operation.result
- The operation result.- Returns:
- The PrismObject of RoleAnalysisSessionType object, or null if not found.
-
getObject
@Nullable public <T extends ObjectType> @Nullable PrismObject<T> getObject(@NotNull @NotNull Class<T> objectTypeClass, @NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves a PrismObject based on its OID.- Specified by:
getObject
in interfaceRoleAnalysisService
oid
- The OID of the object to retrieve.task
- The task associated with this operation.result
- The operation result.- Returns:
- The PrismObject of object, or null if not found.
-
countSessionTypeObjects
@NotNull public @NotNull Integer countSessionTypeObjects(@NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves the number of RoleAnalysisSessionType objects in the system.- Specified by:
countSessionTypeObjects
in interfaceRoleAnalysisService
- Parameters:
task
- The task associated with this operation.result
- The operation result.- Returns:
- The number of RoleAnalysisSessionType objects in the system.
-
extractUserTypeMembers
@NotNull public @NotNull com.google.common.collect.ListMultimap<String,String> extractUserTypeMembers(@NotNull @NotNull Map<String, PrismObject<UserType>> userExistCache, @Nullable @Nullable SearchFilterType userFilter, @NotNull @NotNull Set<String> clusterMembers, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Extracts a list of user members from set of RoleType object based on provided parameters.- Specified by:
extractUserTypeMembers
in interfaceRoleAnalysisService
- Parameters:
userExistCache
- The cache of user objects.userFilter
- The UserType filter.clusterMembers
- The set of cluster members.task
- The task associated with this operation.result
- The operation result.- Returns:
- A list of user members.
-
extractRoleMembers
@NotNull public @NotNull List<FocusType> extractRoleMembers(@Nullable @Nullable SearchFilterType filter, @NotNull @NotNull RoleType role, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Extracts the members of a given role based on the specified filter.- Parameters:
filter
- An optional filter to apply to the user search.role
- The role for which members are to be extracted.task
- The task in the context of which the operation is executed.result
- The result of the operation.- Returns:
- A list of FocusType objects representing the members of the role.
-
countUserTypeMembers
public int countUserTypeMembers(@Nullable @Nullable ObjectFilter userFilter, @NotNull @NotNull Set<String> clusterMembers, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
countUserTypeMembers
in interfaceRoleAnalysisService
-
importCluster
public void importCluster(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrismObject, @NotNull @NotNull RoleAnalysisDetectionOptionType roleAnalysisSessionDetectionOption, @NotNull @NotNull ObjectReferenceType parentRef, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Imports a RoleAnalysisClusterType object into the system.- Specified by:
importCluster
in interfaceRoleAnalysisService
- Parameters:
clusterPrismObject
- The cluster for importing.roleAnalysisSessionDetectionOption
- The session detection option.parentRef
- The parent Role analysis session reference.task
- The task associated with this operation.result
- The operation result.
-
updateSessionStatistics
public void updateSessionStatistics(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull RoleAnalysisSessionStatisticType sessionStatistic, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Modifies statistics of a RoleAnalysisSessionType object.- Specified by:
updateSessionStatistics
in interfaceRoleAnalysisService
- Parameters:
session
- The session reference.sessionStatistic
- The session statistic to modify.task
- The task associated with this operation.result
- The operation result.
-
updateSessionIdentifiedCharacteristics
public void updateSessionIdentifiedCharacteristics(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull RoleAnalysisIdentifiedCharacteristicsType identifiedCharacteristics, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Modifies identified characteristics of a RoleAnalysisSessionType object.- Specified by:
updateSessionIdentifiedCharacteristics
in interfaceRoleAnalysisService
- Parameters:
session
- The session reference.identifiedCharacteristics
- The identified characteristics to modify.task
- The task associated with this operation.result
- The operation result.
-
anylseAttributesAndReplaceDetectionPattern
public void anylseAttributesAndReplaceDetectionPattern(@NotNull @NotNull String clusterOid, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Replaces the detected patterns of a RoleAnalysisClusterType object.- Specified by:
anylseAttributesAndReplaceDetectionPattern
in interfaceRoleAnalysisService
- Parameters:
clusterOid
- The cluster OID.detectedPatterns
- The detected patterns to replace.task
- The task associated with this operation.result
- The operation result.
-
getUpdatedAnalysisClusterStatistic
@NotNull public @NotNull AnalysisClusterStatisticType getUpdatedAnalysisClusterStatistic(double maxReduction, @NotNull @NotNull AnalysisClusterStatisticType clusterStatistics) - Specified by:
getUpdatedAnalysisClusterStatistic
in interfaceRoleAnalysisService
-
generateObjectReferences
@NotNull public @NotNull Set<ObjectReferenceType> generateObjectReferences(@NotNull @NotNull Set<String> objects, @NotNull @NotNull QName complexType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult operationResult) Description copied from interface:RoleAnalysisService
Generates a set of object references based on a provided parameters.- Specified by:
generateObjectReferences
in interfaceRoleAnalysisService
- Parameters:
objects
- The objects to create references for.complexType
- The complex type of the objects.task
- The task associated with this operation.operationResult
- The operation result.- Returns:
- A set of object references.
-
deleteSessionClustersMembers
public void deleteSessionClustersMembers(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, boolean recomputeStatistics) Description copied from interface:RoleAnalysisService
Deletes all RoleAnalysisClusterType objects associated with a specific session.- Specified by:
deleteSessionClustersMembers
in interfaceRoleAnalysisService
- Parameters:
sessionOid
- The session OID.task
- The task associated with this operation.result
- The operation result.recomputeStatistics
- Recompute statistics flag.
-
deleteClusterOutlierOrPartition
public void deleteClusterOutlierOrPartition(@NotNull @NotNull RoleAnalysisClusterType cluster, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Deletes the outlier or partition of a given cluster and update statistic metrics.- Specified by:
deleteClusterOutlierOrPartition
in interfaceRoleAnalysisService
- Parameters:
cluster
- The cluster whose outlier is to be deleted.task
- The task in which the operation is performed.result
- The operation result.
-
deleteCluster
public void deleteCluster(@NotNull @NotNull RoleAnalysisClusterType cluster, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, boolean recomputeStatistics) Description copied from interface:RoleAnalysisService
Deletes a single RoleAnalysisClusterType object.- Specified by:
deleteCluster
in interfaceRoleAnalysisService
- Parameters:
cluster
- The cluster to delete.task
- The task associated with this operation.result
- The operation result.recomputeStatistics
- Recompute statistics flag.
-
recomputeSessionStatics
public void recomputeSessionStatics(@NotNull @NotNull String sessionOid, @NotNull @NotNull RoleAnalysisClusterType roleAnalysisClusterType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Recomputes the statistics of a RoleAnalysisSessionType object.- Specified by:
recomputeSessionStatics
in interfaceRoleAnalysisService
- Parameters:
sessionOid
- The session OID.roleAnalysisClusterType
- The cluster to recompute statistics for.task
- The task associated with this operation.result
- The operation result.
-
cacheRoleTypeObject
@Nullable public @Nullable PrismObject<RoleType> cacheRoleTypeObject(@NotNull @NotNull Map<String, PrismObject<RoleType>> roleExistCache, @NotNull @NotNull String roleOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable RoleAnalysisCacheOption option) Description copied from interface:RoleAnalysisService
Retrieves a RoleType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.- Specified by:
cacheRoleTypeObject
in interfaceRoleAnalysisService
- Parameters:
roleExistCache
- A cache storing previously fetched RoleType PrismObjects.roleOid
- The OID of the RoleType PrismObject to retrieve.task
- The task associated with the operation.result
- The operation result.option
- The cache option.- Returns:
- The RoleType PrismObject fetched from the cache or ModelService, or null if not found.
-
cacheUserTypeObject
@Nullable public @Nullable PrismObject<UserType> cacheUserTypeObject(@NotNull @NotNull Map<String, PrismObject<UserType>> userExistCache, @NotNull @NotNull String userOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable RoleAnalysisCacheOption option) Description copied from interface:RoleAnalysisService
Retrieves a UserType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.- Specified by:
cacheUserTypeObject
in interfaceRoleAnalysisService
- Parameters:
userExistCache
- A cache storing previously fetched UserType PrismObjects.userOid
- The OID of the UserType PrismObject to retrieve.task
- The task associated with the operation.result
- The operation result.option
- The cache option.- Returns:
- The UserType PrismObject fetched from the cache or ModelService, or null if not found.
-
countUserTypeMembers
@NotNull public @NotNull Integer countUserTypeMembers(@Nullable @Nullable ObjectFilter userFilter, @NotNull @NotNull String objectId, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Counts the number of members of a RoleType object.- Specified by:
countUserTypeMembers
in interfaceRoleAnalysisService
- Parameters:
userFilter
- The UserType filter.objectId
- The OID of the RoleType object.task
- The task associated with this operation.result
- The operation result.- Returns:
- The number of user members of a RoleType object.
-
deleteSession
public void deleteSession(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Deletes a single RoleAnalysisSessionType object.- Specified by:
deleteSession
in interfaceRoleAnalysisService
- Parameters:
sessionOid
- The role analysis session OID.task
- The task associated with this operation.result
- The operation result.
-
deleteOutlier
public void deleteOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Deletes a single RoleAnalysisOutlierType object.- Specified by:
deleteOutlier
in interfaceRoleAnalysisService
- Parameters:
outlier
- The outlier to delete.task
- The task associated with this operation.result
- The operation result.
-
resolveClusterOptionType
public RoleAnalysisOptionType resolveClusterOptionType(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Resolves the process mode of a RoleAnalysisClusterType object based on role analysis session.- Specified by:
resolveClusterOptionType
in interfaceRoleAnalysisService
- Parameters:
cluster
- The cluster to resolve the process mode for.task
- The task associated with this operation.result
- The operation result.- Returns:
- The resolved process mode.
-
recomputeClusterDetectionOptions
public void recomputeClusterDetectionOptions(@NotNull @NotNull String clusterOid, @NotNull @NotNull PatternDetectionOption detectionOption, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Recompute the detection options of a RoleAnalysisClusterType object.- Specified by:
recomputeClusterDetectionOptions
in interfaceRoleAnalysisService
- Parameters:
clusterOid
- The cluster OID.detectionOption
- The detection option to recompute.task
- The task associated with this operation.result
- The operation result.
-
prepareCompressedMiningStructure
@NotNull public @NotNull MiningOperationChunk prepareCompressedMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task) Description copied from interface:RoleAnalysisService
Method for preparing a compressed mining structure for role analysis.- Specified by:
prepareCompressedMiningStructure
in interfaceRoleAnalysisService
- Parameters:
cluster
- The cluster for which the mining structure is prepared.userSearchFilter
- The additional user filter.roleSearchFilter
- The additional role filter.assignmentSearchFilter
- The additional assignment filter.fullProcess
- The full process flag. If true, the entire structure is prepared. If false, only a partial structure (members) is prepared.processMode
- The process mode.result
- The operation result.task
- The task associated with this operation.- Returns:
- A MiningOperationChunk containing user and role chunks for further processing.
-
prepareBasicChunkStructure
public MiningOperationChunk prepareBasicChunkStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull DisplayValueOption option, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @Nullable @Nullable List<DetectedPattern> detectedPatterns, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task) - Specified by:
prepareBasicChunkStructure
in interfaceRoleAnalysisService
-
prepareMiningStructure
@NotNull public @NotNull MiningOperationChunk prepareMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull DisplayValueOption option, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task) Description copied from interface:RoleAnalysisService
Method for preparing a mining structure for role analysis.- Specified by:
prepareMiningStructure
in interfaceRoleAnalysisService
- Parameters:
cluster
- The cluster for which the mining structure is prepared.userSearchFilter
- The additional user filter.roleSearchFilter
- The additional role filter.assignmentSearchFilter
- The additional assignment filter.option
- The display value option.processMode
- The process mode.result
- The operation result.task
- The task associated with this operation.- Returns:
- A MiningOperationChunk containing user and role chunks for further processing.
-
updateChunkWithPatterns
public void updateChunkWithPatterns(@NotNull @NotNull MiningOperationChunk basicChunk, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
updateChunkWithPatterns
in interfaceRoleAnalysisService
-
prepareExpandedMiningStructure
@NotNull public @NotNull MiningOperationChunk prepareExpandedMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, @Nullable @Nullable DisplayValueOption option) Description copied from interface:RoleAnalysisService
Method for preparing an expanded mining structure for role analysis.- Specified by:
prepareExpandedMiningStructure
in interfaceRoleAnalysisService
- Parameters:
cluster
- The cluster for which the mining structure is prepared.userSearchFilter
- The additional user filter.roleSearchFilter
- The additional role filter.assignmentSearchFilter
- The additional assignment filter.fullProcess
- The full process flag. If true, the entire structure is prepared. If false, only a partial structure (members) is prepared.processMode
- The process mode.result
- The operation result.task
- The task associated with this operation.option
- The display value option.- Returns:
- A MiningOperationChunk containing user and role chunks for further processing.
-
clusterObjectMigrationRecompute
public void clusterObjectMigrationRecompute(@NotNull @NotNull String clusterRefOid, @NotNull @NotNull String roleRefOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Recompute role analysis cluster (RoleAnalysisClusterType) parameters. This method should be called after migration to business role.- Specified by:
clusterObjectMigrationRecompute
in interfaceRoleAnalysisService
- Parameters:
clusterRefOid
- The cluster OID.roleRefOid
- The role OID.task
- The task associated with this operation.result
- The operation result.
-
executeClusteringTask
public void executeClusteringTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisSessionType> session, @NotNull @NotNull TaskType taskObject, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
This method is used to execute a clustering task. It creates a new cluster and stores it in the session.- Specified by:
executeClusteringTask
in interfaceRoleAnalysisService
- Parameters:
modelInteractionService
- The model interaction service.session
- The session under which the clustering task is executed.taskObject
- The performed task object.task
- The task associated with this operation.result
- The operation result.
-
executeDetectionTask
public void executeDetectionTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @Nullable @Nullable String taskOid, @Nullable @Nullable PolyStringType taskName, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, String state) Description copied from interface:RoleAnalysisService
This method is used to execute a detection task. Detected patterns are stored in the cluster.- Specified by:
executeDetectionTask
in interfaceRoleAnalysisService
- Parameters:
modelInteractionService
- The model interaction service.cluster
- The cluster under which the detection task is executed.taskOid
- The OID of the task.taskName
- The name of the task.task
- The task associated with this operation.result
- The operation result.state
- Cluster operation state
-
executeRoleAnalysisRoleMigrationTask
public void executeRoleAnalysisRoleMigrationTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull ActivityDefinitionType activityDefinition, @NotNull @NotNull PrismObject<RoleType> roleObject, @Nullable @Nullable String taskOid, @Nullable @Nullable PolyStringType taskName, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
This method is used to execute a migration task. It replaces the role assignment with business role assignment.- Specified by:
executeRoleAnalysisRoleMigrationTask
in interfaceRoleAnalysisService
- Parameters:
modelInteractionService
- The model interaction service.cluster
- The cluster under which the migration task is executed.activityDefinition
- The activity definition.roleObject
- The role object for migration.taskOid
- The OID of the task.taskName
- The name of the task.task
- The task associated with this operation.result
- The operation result.
-
executeRoleMigrationProcess
public void executeRoleMigrationProcess(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleType> roleObject, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
executeRoleMigrationProcess
in interfaceRoleAnalysisService
-
recomputeAndResolveClusterOpStatus
@NotNull public @NotNull String recomputeAndResolveClusterOpStatus(@NotNull @NotNull String clusterOid, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, boolean onlyStatusUpdate, @Nullable @Nullable ModelInteractionService modelInteractionService) Description copied from interface:RoleAnalysisService
Recompute and resolve the cluster operation status. This method also update the cluster operation status if detect some changes.- Specified by:
recomputeAndResolveClusterOpStatus
in interfaceRoleAnalysisService
- Parameters:
clusterOid
- The cluster for recompute and resolve.result
- The operation result.task
- The task associated with this operation.onlyStatusUpdate
- If set true pattern detection does not performmodelInteractionService
- Model interactive service provider- Returns:
- The cluster operation status.
-
recomputeAndResolveSessionOpStatus
@NotNull public @NotNull String recomputeAndResolveSessionOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisSessionType> sessionPrismObject, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task) Description copied from interface:RoleAnalysisService
Recompute and resolve the cluster operation status. This method also update the cluster operation status if detect some changes.- Specified by:
recomputeAndResolveSessionOpStatus
in interfaceRoleAnalysisService
- Parameters:
sessionPrismObject
- The cluster for recompute and resolve.result
- The operation result.task
- The task associated with this operation.- Returns:
- The cluster operation status.
-
recomputeAndResolveClusterCandidateRoleOpStatus
@NotNull public @NotNull String recomputeAndResolveClusterCandidateRoleOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrismObject, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull @NotNull OperationResult result, Task task) Description copied from interface:RoleAnalysisService
Recomputes and resolves the operation status for the candidate role within the specified cluster.- Specified by:
recomputeAndResolveClusterCandidateRoleOpStatus
in interfaceRoleAnalysisService
- Parameters:
clusterPrismObject
- PrismObject representing the role analysis cluster.candidateRole
- RoleAnalysisCandidateRoleType representing the candidate role.result
- OperationResult containing the result of the operation.task
- Task used for executing the operation.- Returns:
- A string representing the display status of the candidate role after recompute and resolution.
-
getTaskProgressIfExist
public int[] getTaskProgressIfExist(@Nullable @Nullable RoleAnalysisOperationStatusType operationStatus, @NotNull @NotNull OperationResult result) - Specified by:
getTaskProgressIfExist
in interfaceRoleAnalysisService
-
setCandidateRoleOpStatus
public void setCandidateRoleOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRoleContainer, @NotNull @NotNull String taskOid, @Nullable @Nullable OperationResultStatusType operationResultStatusType, @Nullable @Nullable String message, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, @NotNull @NotNull RoleAnalysisOperationType operationType, @Nullable @Nullable FocusType focus) Description copied from interface:RoleAnalysisService
Sets the operation status of a candidate role within the specified role analysis cluster.- Specified by:
setCandidateRoleOpStatus
in interfaceRoleAnalysisService
- Parameters:
clusterPrism
- PrismObject representing the role analysis cluster.candidateRoleContainer
- RoleAnalysisCandidateRoleType representing the candidate role container.taskOid
- String representing the OID of the task associated with the operation status.operationResultStatusType
- OperationResultStatusType representing the status of the operation.message
- String containing the message associated with the operation status.result
- OperationResult containing the result of the operation.task
- Task used for executing the operation.operationType
- RoleAnalysisOperation representing the type of operation.focus
- FocusType representing the focus type associated with the operation status.
-
addCandidateRole
public void addCandidateRole(@NotNull @NotNull String clusterRefOid, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
This method is used to add candidate roles to the cluster.- Specified by:
addCandidateRole
in interfaceRoleAnalysisService
- Parameters:
clusterRefOid
- The cluster OID.candidateRole
- The candidate role OID.task
- The task associated with this operation.result
- The operation result.
-
deleteSingleCandidateRole
public void deleteSingleCandidateRole(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRoleBean, @NotNull @NotNull OperationResult result, Task task) Description copied from interface:RoleAnalysisService
Deletes a single candidate role from the specified role analysis cluster.- Specified by:
deleteSingleCandidateRole
in interfaceRoleAnalysisService
- Parameters:
clusterPrism
- PrismObject representing the role analysis cluster.candidateRoleBean
- RoleAnalysisCandidateRoleType representing the candidate role to be deleted.result
- OperationResult containing the result of the deletion operation.task
- Task used for executing the deletion operation.
-
executeChangesOnCandidateRole
public void executeChangesOnCandidateRole(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull RoleAnalysisCandidateRoleType roleAnalysisCandidateRoleType, Set<ObjectReferenceType> members, @NotNull @NotNull Set<AssignmentType> inducements, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Executes changes on the candidate role within the specified role analysis cluster.- Specified by:
executeChangesOnCandidateRole
in interfaceRoleAnalysisService
- Parameters:
cluster
- PrismObject representing the role analysis cluster.roleAnalysisCandidateRoleType
- RoleAnalysisCandidateRoleType representing the candidate role container.members
- Set of PrismObject representing the members to be assigned to the candidate role.inducements
- Set of AssignmentType representing the inducements to be added to the candidate role.task
- Task used for executing the operation.result
- OperationResult containing the result of the operation.
-
userTypeAttributeAnalysis
public List<AttributeAnalysisStructure> userTypeAttributeAnalysis(@NotNull @NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet) Description copied from interface:RoleAnalysisService
Performs attribute analysis for user objects.- Specified by:
userTypeAttributeAnalysis
in interfaceRoleAnalysisService
- Parameters:
prismUsers
- Set of PrismObject representing user objects to analyze.membershipDensity
- The density of membership.task
- Task used for processing the attribute analysis.result
- OperationResult containing the result of the operation.attributeDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.- Returns:
- List of AttributeAnalysisStructure containing the results of the attribute analysis.
-
userTypeAttributeAnalysisCached
public List<AttributeAnalysisStructure> userTypeAttributeAnalysisCached(@NotNull @NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
userTypeAttributeAnalysisCached
in interfaceRoleAnalysisService
-
roleTypeAttributeAnalysis
public List<AttributeAnalysisStructure> roleTypeAttributeAnalysis(@NotNull @NotNull Set<PrismObject<RoleType>> prismRoles, Double membershipDensity, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet) Description copied from interface:RoleAnalysisService
Performs attribute analysis for role objects.- Specified by:
roleTypeAttributeAnalysis
in interfaceRoleAnalysisService
- Parameters:
prismRoles
- Set of PrismObject representing role objects to analyze.membershipDensity
- The density of membership.task
- Task used for processing the attribute analysis.result
- OperationResult containing the result of the operation.attributeRoleDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.- Returns:
- List of AttributeAnalysisStructure containing the results of the attribute analysis.
-
roleMembersAttributeAnalysis
public List<AttributeAnalysisStructure> roleMembersAttributeAnalysis(@NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull @NotNull String objectOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Performs attribute analysis for role members.- Specified by:
roleMembersAttributeAnalysis
in interfaceRoleAnalysisService
- Parameters:
attributeDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for analysis.objectOid
- The OID of the object to analyze.task
- Task used for processing the attribute analysis.result
- OperationResult containing the result of the operation.- Returns:
- List of AttributeAnalysisStructure containing the results of the attribute analysis.
-
userRolesAttributeAnalysis
public List<AttributeAnalysisStructure> userRolesAttributeAnalysis(@NotNull @NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet, @NotNull @NotNull String objectOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Performs attribute analysis for user roles.- Specified by:
userRolesAttributeAnalysis
in interfaceRoleAnalysisService
- Parameters:
attributeRoleDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.objectOid
- The OID of the object to analyze.task
- Task used for processing the attribute analysis.result
- OperationResult containing the result of the operation.- Returns:
- List of AttributeAnalysisStructure containing the results of the attribute analysis.
-
resolveDetectedPatternsAttributes
public void resolveDetectedPatternsAttributes(@NotNull @NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull @NotNull Map<String, PrismObject<UserType>> userExistCache, @NotNull @NotNull Map<String, PrismObject<RoleType>> roleExistCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet) Description copied from interface:RoleAnalysisService
Processes attribute analysis for the detected patterns. This method analyzes attribute usage patterns for both users and roles in the detected patterns. It retrieves user and role occupancy information from the detected patterns, then performs attribute analysis for both user and role types based on the specified attribute paths.- Specified by:
resolveDetectedPatternsAttributes
in interfaceRoleAnalysisService
- Parameters:
detectedPatterns
- List of detected patterns to process.userExistCache
- Map containing cached PrismObject of UserType for efficient retrieval.roleExistCache
- Map containing cached PrismObject of RoleType for efficient retrieval.task
- Task used for processing the attribute analysis.result
- OperationResult containing the result of the operation. Any errors or status information will be recorded here.attributeRoleDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.attributeUserDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.
-
resolveDetectedPatternsAttributesCached
public void resolveDetectedPatternsAttributesCached(@NotNull @NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull @NotNull Map<String, PrismObject<UserType>> userExistCache, @NotNull @NotNull Map<String, PrismObject<RoleType>> roleExistCache, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Processes attribute analysis for the detected patterns. This method analyzes attribute usage patterns for both users and roles in the detected patterns. It retrieves user and role occupancy information from the detected patterns, then performs attribute analysis for both user and role types based on the specified attribute paths.- Specified by:
resolveDetectedPatternsAttributesCached
in interfaceRoleAnalysisService
- Parameters:
detectedPatterns
- List of detected patterns to process.userExistCache
- Map containing cached PrismObject of UserType for efficient retrieval.roleExistCache
- Map containing cached PrismObject of RoleType for efficient retrieval.attributeRoleDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.attributeUserDefSet
- List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.task
- Task used for processing the attribute analysis.result
- OperationResult containing the result of the operation. Any errors or status information will be recorded here.
-
searchSessionClusters
public List<PrismObject<RoleAnalysisClusterType>> searchSessionClusters(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Searches for clusters associated with a specific role analysis session.- Specified by:
searchSessionClusters
in interfaceRoleAnalysisService
- Parameters:
session
- RoleAnalysisSessionType representing the session for which clusters are being searched.task
- Task used for executing the search operation.result
- OperationResult containing the result of the search operation. Any errors or status information will be recorded here.- Returns:
- List of PrismObject
containing the clusters associated with the session. If the search operation fails or no clusters are found, null is returned.
-
resolveFocusObjectIconColor
public String resolveFocusObjectIconColor(@NotNull @NotNull FocusType focusObject, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Resolves the focus object icon color based on the provided focus object archetype.- Specified by:
resolveFocusObjectIconColor
in interfaceRoleAnalysisService
- Parameters:
focusObject
- FocusType representing the focus object for which the icon color is being resolved.task
- Task used for resolving the icon color.result
- OperationResult containing the result of the operation. Any errors or status information will be recorded here.- Returns:
- String representing the icon color of the focus object.
-
countObjects
public <T extends ObjectType> Integer countObjects(@NotNull @NotNull Class<T> type, @Nullable @Nullable ObjectQuery query, @Nullable @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult parentResult) Description copied from interface:RoleAnalysisService
Retrieves the attribute definition for a specific attribute path.- Specified by:
countObjects
in interfaceRoleAnalysisService
- Parameters:
type
- The type of object for which the attribute definition is being retrieved.query
- The query specifying the conditions for searching the object.options
- Collection of SelectorOptions specifying additional options for the search operation.task
- Task used for executing the search operation.parentResult
- OperationResult containing the result of the search operation.- Returns:
- RoleAnalysisAttributeDef containing the attribute definition for the specified attribute path.
-
countUserOwnedRoleAssignment
Description copied from interface:RoleAnalysisService
Counts the number of role assignments owned by users in the system.- Specified by:
countUserOwnedRoleAssignment
in interfaceRoleAnalysisService
- Parameters:
result
- The operation result.- Returns:
- The count of user-owned role assignments.
-
calculateAttributeConfidence
public String calculateAttributeConfidence(@NotNull @NotNull RoleAnalysisProcessModeType processModeType, @NotNull @NotNull AnalysisClusterStatisticType clusterStatistics) Description copied from interface:RoleAnalysisService
Calculates the confidence of an attribute based on the specified process mode and cluster statistics.- Specified by:
calculateAttributeConfidence
in interfaceRoleAnalysisService
- Parameters:
processModeType
- The process mode type.clusterStatistics
- The cluster statistics.- Returns:
- String representing the calculated attribute confidence.
-
resolveAnalysisAttributes
@Nullable public @Nullable List<RoleAnalysisAttributeDef> resolveAnalysisAttributes(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull QName complexType) Description copied from interface:RoleAnalysisService
Resolves the analysis attributes based on the provided session and complex type.- Specified by:
resolveAnalysisAttributes
in interfaceRoleAnalysisService
- Parameters:
session
- The RoleAnalysisSessionType object that contains the analysis options.complexType
- The QName object that represents the complex type of the attribute.- Returns:
- A list of RoleAnalysisAttributeDef objects that match the provided complex type. Returns null if no matching attributes are found or if the analysis option or process mode is not set in the session.
-
resolveSimilarAspect
@Nullable public @Nullable RoleAnalysisAttributeAnalysisResultType resolveSimilarAspect(@NotNull @NotNull RoleAnalysisAttributeAnalysisResultType compared, @NotNull @NotNull RoleAnalysisAttributeAnalysisResultType comparison) - Specified by:
resolveSimilarAspect
in interfaceRoleAnalysisService
-
resolveUserAttributes
@NotNull public @NotNull RoleAnalysisAttributeAnalysisResultType resolveUserAttributes(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributesForUserAnalysis) - Specified by:
resolveUserAttributes
in interfaceRoleAnalysisService
-
resolveRoleMembersAttribute
public RoleAnalysisAttributeAnalysisResultType resolveRoleMembersAttribute(@NotNull @NotNull String objectOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet) - Specified by:
resolveRoleMembersAttribute
in interfaceRoleAnalysisService
-
resolveRoleMembersAttributeCached
public RoleAnalysisAttributeAnalysisResultType resolveRoleMembersAttributeCached(@NotNull @NotNull String objectOid, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet) - Specified by:
resolveRoleMembersAttributeCached
in interfaceRoleAnalysisService
-
resolveOutliersZScore
public <T extends MiningBaseTypeChunk> ZScoreData resolveOutliersZScore(@NotNull @NotNull List<T> data, @Nullable @Nullable RangeType range, @Nullable @Nullable Double sensitivity, @Nullable @Nullable Double frequencyThreshold) - Specified by:
resolveOutliersZScore
in interfaceRoleAnalysisService
-
resolveNeighbours
public <T extends MiningBaseTypeChunk> void resolveNeighbours(@NotNull @NotNull List<T> data, double maxFrequency) Resolves neighbors for the given list of data chunks based on their properties and frequency values.- Type Parameters:
T
- The type of the data chunks, which must extend MiningBaseTypeChunk.- Parameters:
data
- The list of data chunks to process.maxFrequency
- The maximum frequency value to consider for negative exclusion.
-
calculateZScoreConfidence
public <T extends MiningBaseTypeChunk> double calculateZScoreConfidence(@NotNull T item, ZScoreData zScoreData) Calculate the confidence of the Z-Score- Specified by:
calculateZScoreConfidence
in interfaceRoleAnalysisService
- Type Parameters:
T
- the type of the item- Parameters:
item
- the item to calculate the confidencezScoreData
- the Z-Score data- Returns:
- the confidence of the Z-Score 0 to 1 if 1 is 100% confidence
-
resolveUserValueToMark
@Nullable public @Nullable Set<String> resolveUserValueToMark(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull List<RoleAnalysisAttributeDef> itemDef) - Specified by:
resolveUserValueToMark
in interfaceRoleAnalysisService
-
resolveUserValueToMark
@Nullable public @Nullable Set<String> resolveUserValueToMark(@NotNull @NotNull RoleAnalysisAttributeAnalysisResultType userAttributeAnalysisResult) - Specified by:
resolveUserValueToMark
in interfaceRoleAnalysisService
-
resolveRoleValueToMark
@Nullable public @Nullable Set<String> resolveRoleValueToMark(@NotNull @NotNull PrismObject<RoleType> prismRole, @NotNull @NotNull List<RoleAnalysisAttributeDef> itemDef) Description copied from interface:RoleAnalysisService
Resolve object attribute value.- Specified by:
resolveRoleValueToMark
in interfaceRoleAnalysisService
- Parameters:
prismRole
- The role object.itemDef
- The attribute definition.- Returns:
- Set of attribute values that role has.
-
importOutlier
public void importOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Imports a RoleAnalysisOutlierType object into the system.- Specified by:
importOutlier
in interfaceRoleAnalysisService
- Parameters:
outlier
- The outlier for importing.task
- The task associated with this operation.result
- The operation result.
-
resolveOutliers
public void resolveOutliers(@NotNull @NotNull RoleAnalysisOutlierType roleAnalysisOutlierType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Resolves outliers for a given role analysis outlier type. This method retrieves the target object reference from the provided outlier type and performs the following steps: 1. Searches for existing outliers with the same target object reference. 2. If no outliers are found, imports the provided outlier. 3. If outliers are found, updates the existing outlier with new outlier descriptions and removes outdated descriptions.This method is responsible for handling exceptions that may occur during the process and logs errors accordingly.
- Specified by:
resolveOutliers
in interfaceRoleAnalysisService
- Parameters:
roleAnalysisOutlierType
- The role analysis outlier type containing the outlier information.task
- The task associated with the operation.result
- The operation result.
-
deleteSessionTask
public void deleteSessionTask(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
deleteSessionTask
in interfaceRoleAnalysisService
-
getSessionTask
@Nullable public @Nullable PrismObject<TaskType> getSessionTask(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
getSessionTask
in interfaceRoleAnalysisService
-
deleteSessionTask
public void deleteSessionTask(@NotNull @NotNull TaskType taskToDelete, @NotNull @NotNull OperationResult result) - Specified by:
deleteSessionTask
in interfaceRoleAnalysisService
-
getSessionOutliers
public List<RoleAnalysisOutlierType> getSessionOutliers(@NotNull @NotNull String sessionOid, @Nullable @Nullable OutlierClusterCategoryType category, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
getSessionOutliers
in interfaceRoleAnalysisService
-
getTopOutliers
public List<RoleAnalysisOutlierType> getTopOutliers(@Nullable @Nullable Integer limit, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
getTopOutliers
in interfaceRoleAnalysisService
-
findJaccardCloseObject
@Nullable public @Nullable com.google.common.collect.ListMultimap<Double,String> findJaccardCloseObject(@NotNull @NotNull String userOid, @NotNull @NotNull com.google.common.collect.ListMultimap<List<String>, String> chunkMap, @NotNull @NotNull org.apache.commons.lang3.mutable.MutableDouble usedFrequency, @NotNull @NotNull List<String> outliersMembers, double minThreshold, int minMembers, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
findJaccardCloseObject
in interfaceRoleAnalysisService
-
resolveJaccardCloseObjectResult
-
loadUserForOutlierComparison
public com.google.common.collect.ListMultimap<List<String>,String> loadUserForOutlierComparison(@NotNull @NotNull RoleAnalysisService roleAnalysisService, @NotNull @NotNull List<String> outliersMembers, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, @NotNull @NotNull RoleAnalysisSessionType sessionObject) - Specified by:
loadUserForOutlierComparison
in interfaceRoleAnalysisService
-
calculateOutlierThresholdRange
@NotNull public @NotNull RangeType calculateOutlierThresholdRange(Double sensitivity, @NotNull @NotNull RangeType range) Description copied from interface:RoleAnalysisService
This method is used to calculate the threshold range for outlier detection. The range is adjusted based on the provided sensitivity.- Specified by:
calculateOutlierThresholdRange
in interfaceRoleAnalysisService
- Parameters:
sensitivity
- The sensitivity for outlier detection. It should be a value between 0.0 and 100. If the provided value is outside this range, it will be set to 0.0. The sensitivity is used to adjust the threshold for outlier detection.range
- The initial range for outlier detection. It should be a RangeType object with min and max values. If the min or max values are null, they will be set to 2.0. Note: The range is expected to have both values positive.- Returns:
- The adjusted range for outlier detection. It's a RangeType object with the min and max values adjusted based on the sensitivity.
-
calculateOutlierConfidenceRequired
public double calculateOutlierConfidenceRequired(double sensitivity) Description copied from interface:RoleAnalysisService
Calculates the required confidence for outlier detection based on the provided sensitivity. The sensitivity should be a value between 0.0 and 100. If the provided value is outside this range, the function will return 0.0. The function uses the formula 1 - (sensitivity * 0.01) to calculate the required confidence.- Specified by:
calculateOutlierConfidenceRequired
in interfaceRoleAnalysisService
- Parameters:
sensitivity
- The sensitivity for outlier detection. It should be a value between 0.0 and 100.- Returns:
- The required confidence for outlier detection. It's a value between 0.0 and 1.0.
-
findClusterOutliers
@NotNull public @NotNull List<RoleAnalysisOutlierType> findClusterOutliers(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable OutlierSpecificCategoryType category, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
This method is used to find all outliers associated with a specific cluster.- Specified by:
findClusterOutliers
in interfaceRoleAnalysisService
- Parameters:
cluster
- The cluster for which to find associated outliers. It should be a RoleAnalysisClusterType object.category
- The specific category of outliers to search for. It should be an OutlierSpecificCategoryType object.task
- The task in context. It should be a Task object.result
- The operation result. It should be an OperationResult object.- Returns:
- A list of RoleAnalysisOutlierType objects that are associated with the provided cluster.
-
searchOutlierObjectByUserOid
public PrismObject<RoleAnalysisOutlierType> searchOutlierObjectByUserOid(@NotNull @NotNull String userOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Searches for an outlier object associated with a specific user.- Specified by:
searchOutlierObjectByUserOid
in interfaceRoleAnalysisService
- Parameters:
userOid
- The OID of the user for whom the outlier object is to be searched.task
- The task in which the operation is performed.result
- The operation result.- Returns:
- The outlier object associated with the user if found, null otherwise.
-
addOutlierPartition
public void addOutlierPartition(@NotNull @NotNull String outlierOid, @NotNull @NotNull RoleAnalysisOutlierPartitionType partition, double overallConfidence, double anomalyConfidence, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Updates the specified outlier object in the repository. The method retrieves the existing outlier object based on the provided OID and updates the partition and metrics data.- Specified by:
addOutlierPartition
in interfaceRoleAnalysisService
- Parameters:
outlierOid
- The OID of the outlier object to be updated.partition
- The partition data to be added to the outlier object.overallConfidence
- The overall confidence value to be set in the outlier object.anomalyConfidence
- The anomaly confidence value to be set in the outlier object.result
- The operation result.
-
resolveUserAccessDistribution
public UserAccessDistribution resolveUserAccessDistribution(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Resolves the distribution of user access based on the user's role assignments. This method categorizes the user's role assignments into direct assignments, indirect assignments, and duplicates. Direct assignments are roles assigned directly to the user. Indirect assignments are roles assigned to the user through a group or another role. Duplicates are roles that are assigned to the user both directly and indirectly.- Specified by:
resolveUserAccessDistribution
in interfaceRoleAnalysisService
- Parameters:
prismUser
- The user object for which the access distribution is to be resolved.task
- The task in which the operation is performed.result
- The operation result.- Returns:
- A UserAccessDistribution object that contains the distribution of user access.
-
getAsFocusObjects
@NotNull public @NotNull List<PrismObject<FocusType>> getAsFocusObjects(@Nullable @Nullable List<ObjectReferenceType> references, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves a list of FocusType objects based on a list of ObjectReferenceType references.- Specified by:
getAsFocusObjects
in interfaceRoleAnalysisService
- Parameters:
references
- A list of ObjectReferenceType references. These references should point to the objects to be retrieved.task
- The task in which the operation is performed.result
- The operation result.- Returns:
- A list of PrismObject of type FocusType. Each PrismObject represents a FocusType object retrieved based on the provided references. If the references list is null, an empty list is returned.
-
computeResolvedAndCandidateRoles
public int[] computeResolvedAndCandidateRoles(@NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Computes the number of resolved patterns and candidate roles in all RoleAnalysisClusterType objects.- Specified by:
computeResolvedAndCandidateRoles
in interfaceRoleAnalysisService
- Parameters:
task
- The task in which the operation is performed.result
- The operation result.- Returns:
- An array of two integers where the first integer is the count of resolved patterns and the second integer is the count of candidate roles.
-
calculatePossibleAssignmentReduction
public double calculatePossibleAssignmentReduction(RoleAnalysisSessionType session, Task task, OperationResult result) Calculates the possible reduction in role assignments for a given session. This method calculates the total reduction in role assignments by summing up the detected reduction metrics for each cluster in the session. It then calculates the total system percentage reduction by dividing the total reduction by the total number of role assignments to users.- Specified by:
calculatePossibleAssignmentReduction
in interfaceRoleAnalysisService
- Parameters:
session
- The RoleAnalysisSessionType object for which the possible assignment reduction is to be calculated.task
- The task in which the operation is performed.result
- The operation result.- Returns:
- The total system percentage reduction in role assignments. If there are no clusters in the session or no role assignments to users, it returns 0.
-
getSessionClustersByType
public List<RoleAnalysisClusterType> getSessionClustersByType(@NotNull @NotNull String sessionOid, @NotNull @NotNull RoleAnalysisClusterCategory clusterType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) - Specified by:
getSessionClustersByType
in interfaceRoleAnalysisService
-
searchOutliersRepo
public SearchResultList<PrismObject<RoleAnalysisOutlierType>> searchOutliersRepo(@Nullable @Nullable ObjectQuery query, @NotNull @NotNull OperationResult result) - Specified by:
searchOutliersRepo
in interfaceRoleAnalysisService
-
membershipSearch
public com.google.common.collect.ListMultimap<String,String> membershipSearch(@Nullable @Nullable ObjectFilter userObjectFiler, @Nullable @Nullable ObjectFilter roleObjectFilter, @Nullable @Nullable ObjectFilter assignmentFilter, boolean loadAndUpdateStatistics, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject) Description copied from interface:RoleAnalysisService
Searches for user membership based on the provided filters and process mode.- Specified by:
membershipSearch
in interfaceRoleAnalysisService
- Parameters:
userObjectFiler
- An optional filter to apply to the user objects.roleObjectFilter
- An optional filter to apply to the role objects.assignmentFilter
- An optional filter to apply to the assignment objects.loadAndUpdateStatistics
- A boolean flag to determine whether to load and update statistics.processMode
- The process mode to determine whether to search in user mode or role mode.attributeAnalysisCache
- The cache for attribute analysis.objectCategorisationCache
- The cache for object categorisation.task
- The task in the context of which the operation is executed.result
- The result of the operation.sessionObject
- Session object.- Returns:
- A ListMultimap where the keys are either user OIDs or role OIDs, and the values are the corresponding role OIDs or user OIDs, depending on the process mode.
-
assignmentSearch
public com.google.common.collect.ListMultimap<String,String> assignmentSearch(@Nullable @Nullable ObjectFilter userObjectFiler, @Nullable @Nullable ObjectFilter roleObjectFilter, @Nullable @Nullable ObjectFilter assignmentFilter, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject) Description copied from interface:RoleAnalysisService
Searches for assignments based on the provided filters and process mode.- Specified by:
assignmentSearch
in interfaceRoleAnalysisService
- Parameters:
userObjectFiler
- An optional filter to apply to the user objects.roleObjectFilter
- An optional filter to apply to the role objects.assignmentFilter
- An optional filter to apply to the assignment objects.processMode
- The process mode to determine whether to search in user mode or role mode.loadAndUpdateStatistics
- A boolean flag to determine whether to load and update statistics.attributeAnalysisCache
- The cache for attribute analysis.objectCategorisationCache
- The cache for object categorisation.task
- The task in the context of which the operation is executed.result
- The result of the operation.sessionObject
- poc- Returns:
- A ListMultimap where the keys are either user OIDs or role OIDs, and the values are the corresponding role OIDs or user OIDs, depending on the process mode.
-
prepareAssignmentChunkMapRolesAsKey
public com.google.common.collect.ListMultimap<List<String>,String> prepareAssignmentChunkMapRolesAsKey(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject) Description copied from interface:RoleAnalysisService
Prepares a map of assignment chunks. If key objects has the same values, they are compressed.- Specified by:
prepareAssignmentChunkMapRolesAsKey
in interfaceRoleAnalysisService
- Parameters:
userSearchFiler
- An optional filter to apply to the user search.roleSearchFiler
- An optional filter to apply to the role search.assignmentSearchFiler
- An optional filter to apply to the assignment search.processMode
- The process mode to determine whether to search in user mode or role mode.loadAndUpdateStatistics
- A boolean flag to determine whether to load and update statistics.attributeAnalysisCache
- The cache for attribute analysis.objectCategorisationCache
- The cache for object categorisation.task
- The task in the context of which the operation is executed.result
- The result of the operation.sessionObject
- poc- Returns:
- A ListMultimap where the keys are lists of role OIDs and the values are user OIDs.
-
prepareMembershipChunkMapRolesAsKey
public com.google.common.collect.ListMultimap<List<String>,String> prepareMembershipChunkMapRolesAsKey(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject) Description copied from interface:RoleAnalysisService
Prepares a map of role membership chunks. If key objects have the same values, they are compressed.- Specified by:
prepareMembershipChunkMapRolesAsKey
in interfaceRoleAnalysisService
- Parameters:
userSearchFiler
- An optional filter to apply to the user search.roleSearchFiler
- An optional filter to apply to the role search.assignmentSearchFiler
- An optional filter to apply to the assignment search.processMode
- The process mode to determine whether to search in user mode or role mode.loadAndUpdateStatistics
- A boolean flag to determine whether to load and update statistics.attributeAnalysisCache
- The cache for attribute analysis.objectCategorisationCache
- The cache for object categorisation.task
- The task in the context of which the operation is executed.result
- The result of the operation.sessionObject
- poc- Returns:
- A ListMultimap where the keys are lists of role OIDs and the values are user OIDs.
-
transformSearchToObjectFilter
@Nullable public @Nullable ObjectFilter transformSearchToObjectFilter(@Nullable @Nullable SearchFilterType userSearchFiler, @NotNull @NotNull Class<?> objectClass) Description copied from interface:RoleAnalysisService
Transforms a SearchFilterType to an ObjectFilter for the specified object class.- Specified by:
transformSearchToObjectFilter
in interfaceRoleAnalysisService
- Parameters:
userSearchFiler
- An optional filter to apply to the user search.objectClass
- The class of the object to which the filter will be applied.- Returns:
- The constructed ObjectFilter based on the provided SearchFilterType, or null if the filter is not provided or cannot be created.
-
assignmentRoleMemberSearch
@NotNull public @NotNull com.google.common.collect.ListMultimap<String,String> assignmentRoleMemberSearch(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull Set<String> roleMembers, boolean roleAsKey, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisClusterType clusterObject) Description copied from interface:RoleAnalysisService
Searches for role members based on the provided filters and role members set.- Specified by:
assignmentRoleMemberSearch
in interfaceRoleAnalysisService
- Parameters:
userSearchFiler
- Optional filter for user search.roleSearchFiler
- Optional filter for role search.assignmentSearchFiler
- Optional filter for assignment search.roleMembers
- Set of role member identifiers.roleAsKey
- Boolean flag to determine if roles should be used as keys in the result map.task
- The task in which the operation is performed.result
- The operation result.clusterObject
- poc- Returns:
- A ListMultimap containing the role members mapped by either role or user identifiers.
-
assignmentUserAccessSearch
@NotNull public @NotNull com.google.common.collect.ListMultimap<String,String> assignmentUserAccessSearch(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull Set<String> userMembers, boolean userAsKey, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisClusterType clusterObject) Description copied from interface:RoleAnalysisService
Searches for user access assignments based on the provided filters and user members set.- Specified by:
assignmentUserAccessSearch
in interfaceRoleAnalysisService
- Parameters:
userSearchFiler
- An optional filter to apply to the user search.roleSearchFiler
- An optional filter to apply to the role search.assignmentSearchFiler
- An optional filter to apply to the assignment search.userMembers
- A set of user member OIDs to be included in the search.userAsKey
- A boolean indicating whether users should be used as keys in the resulting map.task
- The task in the context of which the operation is executed.result
- The result of the operation.- Returns:
- A ListMultimap where the keys are either user OIDs or role OIDs, depending on the value of userAsKey.
-
getSessionRoleSuggestion
public List<DetectedPattern> getSessionRoleSuggestion(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves role suggestions for a given session by searching for detected patterns.- Specified by:
getSessionRoleSuggestion
in interfaceRoleAnalysisService
- Parameters:
sessionOid
- The OID of the session for which role suggestions are to be retrieved.limit
- An optional limit on the number of detected patterns to retrieve.sortDescending
- An optional flag to sort the detected patterns by reduction count in descending order.result
- The operation result.- Returns:
- A list of detected patterns for the given session.
-
getClusterRoleSuggestions
public List<DetectedPattern> getClusterRoleSuggestions(@NotNull @NotNull String clusterOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves role suggestions for a given cluster by searching for detected patterns.- Specified by:
getClusterRoleSuggestions
in interfaceRoleAnalysisService
- Parameters:
clusterOid
- The OID of the cluster for which role suggestions are to be retrieved.limit
- An optional limit on the number of detected patterns to retrieve.sortDescending
- An optional flag to sort the detected patterns by reduction count in descending order.result
- The operation result.- Returns:
- A list of detected patterns for the given cluster.
-
getAllRoleSuggestions
public List<DetectedPattern> getAllRoleSuggestions(@Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves all role suggestions by searching for detected patterns.- Specified by:
getAllRoleSuggestions
in interfaceRoleAnalysisService
- Parameters:
limit
- An optional limit on the number of detected patterns to retrieve.sortDescending
- An optional flag to sort the detected patterns by reduction count in descending order.result
- The operation result.- Returns:
- A list of detected patterns.
-
getSessionOutlierPartitionStructure
public List<DetectedPattern> getSessionOutlierPartitionStructure(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result) -
getOutlierPartitionsMap
public Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getOutlierPartitionsMap(@Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves outlier partitions by searching for detected patterns.- Specified by:
getOutlierPartitionsMap
in interfaceRoleAnalysisService
- Parameters:
limit
- An optional limit on the number of partitions to retrieve.sortDescending
- An optional flag to sort the partitions by overall confidence in descending order.task
- The task in which the operation is executed.result
- The operation result.- Returns:
- A map of outlier partitions and their corresponding outliers.
-
getSessionOutlierPartitionsMap
public Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getSessionOutlierPartitionsMap(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @Nullable @Nullable OutlierCategoryType outlierCategory, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves outlier partitions for specific session by searching for detected patterns.- Specified by:
getSessionOutlierPartitionsMap
in interfaceRoleAnalysisService
limit
- An optional limit on the number of partitions to retrieve.sortDescending
- An optional flag to sort the partitions by overall confidence in descending order.outlierCategory
- The specific category of outliers to search for.task
- The task in which the operation is executed.result
- The operation result.- Returns:
- A map of outlier partitions and their corresponding outliers.
-
getClusterOutlierPartitionsMap
public Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getClusterOutlierPartitionsMap(@NotNull @NotNull String clusterOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @Nullable @Nullable OutlierCategoryType outlierCategory, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Retrieves outlier partitions for specific cluster by searching for detected patterns.- Specified by:
getClusterOutlierPartitionsMap
in interfaceRoleAnalysisService
limit
- An optional limit on the number of partitions to retrieve.sortDescending
- An optional flag to sort the partitions by overall confidence in descending order.outlierCategory
- The specific category of outliers to search for.task
- The task in which the operation is executed.result
- The operation result.- Returns:
- A map of outlier partitions and their corresponding outliers.
-
buildStatisticsAssignmentSearchFilter
public S_FilterExit buildStatisticsAssignmentSearchFilter(@NotNull @NotNull Collection<QName> memberRelations) - Specified by:
buildStatisticsAssignmentSearchFilter
in interfaceRoleAnalysisService
-
prepareTemporaryCluster
@Nullable public @Nullable RoleAnalysisClusterType prepareTemporaryCluster(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull RoleAnalysisOutlierPartitionType partition, @NotNull @NotNull DisplayValueOption displayValueOption, @NotNull @NotNull Task task) Prepares a temporary cluster for role analysis based on the provided outlier and partition.- Specified by:
prepareTemporaryCluster
in interfaceRoleAnalysisService
- Parameters:
outlier
- The outlier object containing the detected outlier information.partition
- The partition object containing the partition analysis data.displayValueOption
- The display value options for the role analysis.task
- The task in which the operation is performed.- Returns:
- A RoleAnalysisClusterType object representing the prepared temporary cluster, or null if the similar object analysis is not available.
-
explainOutlierAnomalyAccess
public List<OutlierExplanationResolver.ExplanationResult> explainOutlierAnomalyAccess(@NotNull @NotNull DetectedAnomalyResultType detectedAnomalyResult, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Explains the anomaly access for a detected outlier. This method analyzes the detected anomaly statistics result and provides an explanation for the outlier anomaly access.- Specified by:
explainOutlierAnomalyAccess
in interfaceRoleAnalysisService
- Parameters:
detectedAnomalyResult
- The result of the detected anomaly to be explained.task
- The task associated with this operation.result
- The operation result.- Returns:
- A list of explanation results for the outlier anomaly access.
-
explainOutlierPartition
public OutlierExplanationResolver.OutlierExplanationResult explainOutlierPartition(@NotNull @NotNull RoleAnalysisOutlierPartitionType partition, int partitionCount, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Explains the outlier partition. This method analyzes the provided outlier partition statistics and returns an explanation result.- Specified by:
explainOutlierPartition
in interfaceRoleAnalysisService
- Parameters:
partition
- The outlier partition to be explained.partitionCount
- The count of partitions.task
- The task associated with this operation.result
- The operation result.- Returns:
- An explanation result for the outlier partition.
-
explainOutlier
public OutlierExplanationResolver.OutlierExplanationResult explainOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result) Description copied from interface:RoleAnalysisService
Explains the outlier. This method analyzes the provided outlier partition and returns an explanation result of top-rated(scored) partition explanation.- Specified by:
explainOutlier
in interfaceRoleAnalysisService
- Parameters:
outlier
- The outlier to be explained.task
- The task associated with this operation.result
- The operation result.- Returns:
- An explanation result for the outlier.
-