Package com.evolveum.midpoint.model.impl.mining

Class RoleAnalysisServiceImpl

java.lang.Object
com.evolveum.midpoint.model.impl.mining.RoleAnalysisServiceImpl
All Implemented Interfaces:
RoleAnalysisService
@Component public class RoleAnalysisServiceImpl extends Object implements RoleAnalysisService
Utility methods for working with role analysis objects in the Midpoint system.

  • Constructor Details

    • RoleAnalysisServiceImpl

      public RoleAnalysisServiceImpl()

  • Method Details

    • getUserTypeObject

      @Nullable public @Nullable PrismObject<UserType> getUserTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves a PrismObject of UserType object based on its OID.
      Specified by:
      getUserTypeObject in interface RoleAnalysisService
      Parameters:
      oid - The OID of the UserType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of UserType object, or null if not found.

    • getFocusTypeObject

      @Nullable public @Nullable PrismObject<FocusType> getFocusTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves a PrismObject of FocusType object based on its OID.
      Specified by:
      getFocusTypeObject in interface RoleAnalysisService
      Parameters:
      oid - The OID of the FocusType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of FocusType object, or null if not found.

    • getRoleTypeObject

      @Nullable public @Nullable PrismObject<RoleType> getRoleTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves a PrismObject of RoleType object based on its OID.
      Specified by:
      getRoleTypeObject in interface RoleAnalysisService
      Parameters:
      oid - The OID of the RoleType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of RoleType object, or null if not found.

    • getClusterTypeObject

      @Nullable public @Nullable PrismObject<RoleAnalysisClusterType> getClusterTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves a PrismObject of RoleAnalysisClusterType object based on its OID.
      Specified by:
      getClusterTypeObject in interface RoleAnalysisService
      Parameters:
      oid - The OID of the RoleAnalysisClusterType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of RoleAnalysisClusterType object, or null if not found.

    • getSessionTypeObject

      @Nullable public @Nullable PrismObject<RoleAnalysisSessionType> getSessionTypeObject(@NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves a PrismObject of RoleAnalysisSessionType object based on its OID.
      Specified by:
      getSessionTypeObject in interface RoleAnalysisService
      Parameters:
      oid - The OID of the RoleAnalysisSessionType object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of RoleAnalysisSessionType object, or null if not found.

    • getObject

      @Nullable public <T extends ObjectType> @Nullable PrismObject<T> getObject(@NotNull @NotNull Class<T> objectTypeClass, @NotNull @NotNull String oid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves a PrismObject based on its OID.
      Specified by:
      getObject in interface RoleAnalysisService
      oid - The OID of the object to retrieve.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The PrismObject of object, or null if not found.

    • countSessionTypeObjects

      @NotNull public @NotNull Integer countSessionTypeObjects(@NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves the number of RoleAnalysisSessionType objects in the system.
      Specified by:
      countSessionTypeObjects in interface RoleAnalysisService
      Parameters:
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The number of RoleAnalysisSessionType objects in the system.

    • extractUserTypeMembers

      @NotNull public @NotNull com.google.common.collect.ListMultimap<String,String> extractUserTypeMembers(@NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @Nullable @Nullable SearchFilterType userFilter, @NotNull @NotNull Set<String> clusterMembers, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Extracts a list of user members from set of RoleType object based on provided parameters.
      Specified by:
      extractUserTypeMembers in interface RoleAnalysisService
      Parameters:
      userExistCache - The cache of user objects.
      userFilter - The UserType filter.
      clusterMembers - The set of cluster members.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      A list of user members.

    • extractRoleMembers

      @NotNull public @NotNull List<FocusType> extractRoleMembers(@Nullable @Nullable SearchFilterType filter, @NotNull @NotNull RoleType role, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Extracts the members of a given role based on the specified filter.
      Parameters:
      filter - An optional filter to apply to the user search.
      role - The role for which members are to be extracted.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      Returns:
      A list of FocusType objects representing the members of the role.

    • countUserTypeMembers

      public int countUserTypeMembers(@Nullable @Nullable ObjectFilter userFilter, @NotNull @NotNull Set<String> clusterMembers, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      countUserTypeMembers in interface RoleAnalysisService

    • importCluster

      public void importCluster(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrismObject, @NotNull @NotNull RoleAnalysisDetectionOptionType roleAnalysisSessionDetectionOption, @NotNull @NotNull ObjectReferenceType parentRef, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Imports a RoleAnalysisClusterType object into the system.
      Specified by:
      importCluster in interface RoleAnalysisService
      Parameters:
      clusterPrismObject - The cluster for importing.
      roleAnalysisSessionDetectionOption - The session detection option.
      parentRef - The parent Role analysis session reference.
      task - The task associated with this operation.
      result - The operation result.

    • updateSessionStatistics

      public void updateSessionStatistics(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull RoleAnalysisSessionStatisticType sessionStatistic, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Modifies statistics of a RoleAnalysisSessionType object.
      Specified by:
      updateSessionStatistics in interface RoleAnalysisService
      Parameters:
      session - The session reference.
      sessionStatistic - The session statistic to modify.
      task - The task associated with this operation.
      result - The operation result.

    • updateSessionIdentifiedCharacteristics

      public void updateSessionIdentifiedCharacteristics(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull RoleAnalysisIdentifiedCharacteristicsType identifiedCharacteristics, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Modifies identified characteristics of a RoleAnalysisSessionType object.
      Specified by:
      updateSessionIdentifiedCharacteristics in interface RoleAnalysisService
      Parameters:
      session - The session reference.
      identifiedCharacteristics - The identified characteristics to modify.
      task - The task associated with this operation.
      result - The operation result.

    • anylseAttributesAndReplaceDetectionPattern

      public void anylseAttributesAndReplaceDetectionPattern(@NotNull @NotNull String clusterOid, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Replaces the detected patterns of a RoleAnalysisClusterType object.
      Specified by:
      anylseAttributesAndReplaceDetectionPattern in interface RoleAnalysisService
      Parameters:
      clusterOid - The cluster OID.
      detectedPatterns - The detected patterns to replace.
      task - The task associated with this operation.
      result - The operation result.

    • getUpdatedAnalysisClusterStatistic

      @NotNull public @NotNull AnalysisClusterStatisticType getUpdatedAnalysisClusterStatistic(double maxReduction, @NotNull @NotNull AnalysisClusterStatisticType clusterStatistics)
      Specified by:
      getUpdatedAnalysisClusterStatistic in interface RoleAnalysisService

    • generateObjectReferences

      @NotNull public @NotNull Set<ObjectReferenceType> generateObjectReferences(@NotNull @NotNull Set<String> objects, @NotNull @NotNull QName complexType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult operationResult)
      Description copied from interface: RoleAnalysisService
      Generates a set of object references based on a provided parameters.
      Specified by:
      generateObjectReferences in interface RoleAnalysisService
      Parameters:
      objects - The objects to create references for.
      complexType - The complex type of the objects.
      task - The task associated with this operation.
      operationResult - The operation result.
      Returns:
      A set of object references.

    • deleteSessionClustersMembers

      public void deleteSessionClustersMembers(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, boolean recomputeStatistics)
      Description copied from interface: RoleAnalysisService
      Deletes all RoleAnalysisClusterType objects associated with a specific session.
      Specified by:
      deleteSessionClustersMembers in interface RoleAnalysisService
      Parameters:
      sessionOid - The session OID.
      task - The task associated with this operation.
      result - The operation result.
      recomputeStatistics - Recompute statistics flag.

    • deleteClusterOutlierOrPartition

      public void deleteClusterOutlierOrPartition(@NotNull @NotNull RoleAnalysisClusterType cluster, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Deletes the outlier or partition of a given cluster and update statistic metrics.
      Specified by:
      deleteClusterOutlierOrPartition in interface RoleAnalysisService
      Parameters:
      cluster - The cluster whose outlier is to be deleted.
      task - The task in which the operation is performed.
      result - The operation result.

    • deleteCluster

      public void deleteCluster(@NotNull @NotNull RoleAnalysisClusterType cluster, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, boolean recomputeStatistics)
      Description copied from interface: RoleAnalysisService
      Deletes a single RoleAnalysisClusterType object.
      Specified by:
      deleteCluster in interface RoleAnalysisService
      Parameters:
      cluster - The cluster to delete.
      task - The task associated with this operation.
      result - The operation result.
      recomputeStatistics - Recompute statistics flag.

    • recomputeSessionStatics

      public void recomputeSessionStatics(@NotNull @NotNull String sessionOid, @NotNull @NotNull RoleAnalysisClusterType roleAnalysisClusterType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Recomputes the statistics of a RoleAnalysisSessionType object.
      Specified by:
      recomputeSessionStatics in interface RoleAnalysisService
      Parameters:
      sessionOid - The session OID.
      roleAnalysisClusterType - The cluster to recompute statistics for.
      task - The task associated with this operation.
      result - The operation result.

    • cacheRoleTypeObject

      @Nullable public @Nullable PrismObject<RoleType> cacheRoleTypeObject(@NotNull @NotNull Map<String,PrismObject<RoleType>> roleExistCache, @NotNull @NotNull String roleOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable RoleAnalysisCacheOption option)
      Description copied from interface: RoleAnalysisService
      Retrieves a RoleType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.
      Specified by:
      cacheRoleTypeObject in interface RoleAnalysisService
      Parameters:
      roleExistCache - A cache storing previously fetched RoleType PrismObjects.
      roleOid - The OID of the RoleType PrismObject to retrieve.
      task - The task associated with the operation.
      result - The operation result.
      option - The cache option.
      Returns:
      The RoleType PrismObject fetched from the cache or ModelService, or null if not found.

    • cacheUserTypeObject

      @Nullable public @Nullable PrismObject<UserType> cacheUserTypeObject(@NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @NotNull @NotNull String userOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable RoleAnalysisCacheOption option)
      Description copied from interface: RoleAnalysisService
      Retrieves a UserType PrismObject from a cache or, if not present, fetches it from the ModelService and stores it in the cache.
      Specified by:
      cacheUserTypeObject in interface RoleAnalysisService
      Parameters:
      userExistCache - A cache storing previously fetched UserType PrismObjects.
      userOid - The OID of the UserType PrismObject to retrieve.
      task - The task associated with the operation.
      result - The operation result.
      option - The cache option.
      Returns:
      The UserType PrismObject fetched from the cache or ModelService, or null if not found.

    • countUserTypeMembers

      @NotNull public @NotNull Integer countUserTypeMembers(@Nullable @Nullable ObjectFilter userFilter, @NotNull @NotNull String objectId, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Counts the number of members of a RoleType object.
      Specified by:
      countUserTypeMembers in interface RoleAnalysisService
      Parameters:
      userFilter - The UserType filter.
      objectId - The OID of the RoleType object.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The number of user members of a RoleType object.

    • deleteSession

      public void deleteSession(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Deletes a single RoleAnalysisSessionType object.
      Specified by:
      deleteSession in interface RoleAnalysisService
      Parameters:
      sessionOid - The role analysis session OID.
      task - The task associated with this operation.
      result - The operation result.

    • deleteOutlier

      public void deleteOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Deletes a single RoleAnalysisOutlierType object.
      Specified by:
      deleteOutlier in interface RoleAnalysisService
      Parameters:
      outlier - The outlier to delete.
      task - The task associated with this operation.
      result - The operation result.

    • resolveClusterOptionType

      public RoleAnalysisOptionType resolveClusterOptionType(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Resolves the process mode of a RoleAnalysisClusterType object based on role analysis session.
      Specified by:
      resolveClusterOptionType in interface RoleAnalysisService
      Parameters:
      cluster - The cluster to resolve the process mode for.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      The resolved process mode.

    • recomputeClusterDetectionOptions

      public void recomputeClusterDetectionOptions(@NotNull @NotNull String clusterOid, @NotNull @NotNull PatternDetectionOption detectionOption, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Recompute the detection options of a RoleAnalysisClusterType object.
      Specified by:
      recomputeClusterDetectionOptions in interface RoleAnalysisService
      Parameters:
      clusterOid - The cluster OID.
      detectionOption - The detection option to recompute.
      task - The task associated with this operation.
      result - The operation result.

    • prepareCompressedMiningStructure

      @NotNull public @NotNull MiningOperationChunk prepareCompressedMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task)
      Description copied from interface: RoleAnalysisService
      Method for preparing a compressed mining structure for role analysis.
      Specified by:
      prepareCompressedMiningStructure in interface RoleAnalysisService
      Parameters:
      cluster - The cluster for which the mining structure is prepared.
      userSearchFilter - The additional user filter.
      roleSearchFilter - The additional role filter.
      assignmentSearchFilter - The additional assignment filter.
      fullProcess - The full process flag. If true, the entire structure is prepared. If false, only a partial structure (members) is prepared.
      processMode - The process mode.
      result - The operation result.
      task - The task associated with this operation.
      Returns:
      A MiningOperationChunk containing user and role chunks for further processing.

    • prepareBasicChunkStructure

      public MiningOperationChunk prepareBasicChunkStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull DisplayValueOption option, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @Nullable @Nullable List<DetectedPattern> detectedPatterns, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task)
      Specified by:
      prepareBasicChunkStructure in interface RoleAnalysisService

    • prepareMiningStructure

      @NotNull public @NotNull MiningOperationChunk prepareMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull DisplayValueOption option, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task)
      Description copied from interface: RoleAnalysisService
      Method for preparing a mining structure for role analysis.
      Specified by:
      prepareMiningStructure in interface RoleAnalysisService
      Parameters:
      cluster - The cluster for which the mining structure is prepared.
      userSearchFilter - The additional user filter.
      roleSearchFilter - The additional role filter.
      assignmentSearchFilter - The additional assignment filter.
      option - The display value option.
      processMode - The process mode.
      result - The operation result.
      task - The task associated with this operation.
      Returns:
      A MiningOperationChunk containing user and role chunks for further processing.

    • updateChunkWithPatterns

      public void updateChunkWithPatterns(@NotNull @NotNull MiningOperationChunk basicChunk, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull List<DetectedPattern> detectedPatterns, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      updateChunkWithPatterns in interface RoleAnalysisService

    • prepareExpandedMiningStructure

      @NotNull public @NotNull MiningOperationChunk prepareExpandedMiningStructure(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, boolean fullProcess, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, @Nullable @Nullable DisplayValueOption option)
      Description copied from interface: RoleAnalysisService
      Method for preparing an expanded mining structure for role analysis.
      Specified by:
      prepareExpandedMiningStructure in interface RoleAnalysisService
      Parameters:
      cluster - The cluster for which the mining structure is prepared.
      userSearchFilter - The additional user filter.
      roleSearchFilter - The additional role filter.
      assignmentSearchFilter - The additional assignment filter.
      fullProcess - The full process flag. If true, the entire structure is prepared. If false, only a partial structure (members) is prepared.
      processMode - The process mode.
      result - The operation result.
      task - The task associated with this operation.
      option - The display value option.
      Returns:
      A MiningOperationChunk containing user and role chunks for further processing.

    • clusterObjectMigrationRecompute

      public void clusterObjectMigrationRecompute(@NotNull @NotNull String clusterRefOid, @NotNull @NotNull String roleRefOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Recompute role analysis cluster (RoleAnalysisClusterType) parameters. This method should be called after migration to business role.
      Specified by:
      clusterObjectMigrationRecompute in interface RoleAnalysisService
      Parameters:
      clusterRefOid - The cluster OID.
      roleRefOid - The role OID.
      task - The task associated with this operation.
      result - The operation result.

    • executeClusteringTask

      public void executeClusteringTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisSessionType> session, @NotNull @NotNull TaskType taskObject, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      This method is used to execute a clustering task. It creates a new cluster and stores it in the session.
      Specified by:
      executeClusteringTask in interface RoleAnalysisService
      Parameters:
      modelInteractionService - The model interaction service.
      session - The session under which the clustering task is executed.
      taskObject - The performed task object.
      task - The task associated with this operation.
      result - The operation result.

    • executeDetectionTask

      public void executeDetectionTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @Nullable @Nullable String taskOid, @Nullable @Nullable PolyStringType taskName, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, String state)
      Description copied from interface: RoleAnalysisService
      This method is used to execute a detection task. Detected patterns are stored in the cluster.
      Specified by:
      executeDetectionTask in interface RoleAnalysisService
      Parameters:
      modelInteractionService - The model interaction service.
      cluster - The cluster under which the detection task is executed.
      taskOid - The OID of the task.
      taskName - The name of the task.
      task - The task associated with this operation.
      result - The operation result.
      state - Cluster operation state

    • executeRoleAnalysisRoleMigrationTask

      public void executeRoleAnalysisRoleMigrationTask(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull ActivityDefinitionType activityDefinition, @NotNull @NotNull PrismObject<RoleType> roleObject, @Nullable @Nullable String taskOid, @Nullable @Nullable PolyStringType taskName, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      This method is used to execute a migration task. It replaces the role assignment with business role assignment.
      Specified by:
      executeRoleAnalysisRoleMigrationTask in interface RoleAnalysisService
      Parameters:
      modelInteractionService - The model interaction service.
      cluster - The cluster under which the migration task is executed.
      activityDefinition - The activity definition.
      roleObject - The role object for migration.
      taskOid - The OID of the task.
      taskName - The name of the task.
      task - The task associated with this operation.
      result - The operation result.

    • executeRoleMigrationProcess

      public void executeRoleMigrationProcess(@NotNull @NotNull ModelInteractionService modelInteractionService, @NotNull @NotNull PrismObject<RoleType> roleObject, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      executeRoleMigrationProcess in interface RoleAnalysisService

    • recomputeAndResolveClusterOpStatus

      @NotNull public @NotNull String recomputeAndResolveClusterOpStatus(@NotNull @NotNull String clusterOid, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, boolean onlyStatusUpdate, @Nullable @Nullable ModelInteractionService modelInteractionService)
      Description copied from interface: RoleAnalysisService
      Recompute and resolve the cluster operation status. This method also update the cluster operation status if detect some changes.
      Specified by:
      recomputeAndResolveClusterOpStatus in interface RoleAnalysisService
      Parameters:
      clusterOid - The cluster for recompute and resolve.
      result - The operation result.
      task - The task associated with this operation.
      onlyStatusUpdate - If set true pattern detection does not perform
      modelInteractionService - Model interactive service provider
      Returns:
      The cluster operation status.

    • recomputeAndResolveSessionOpStatus

      @NotNull public @NotNull String recomputeAndResolveSessionOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisSessionType> sessionPrismObject, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task)
      Description copied from interface: RoleAnalysisService
      Recompute and resolve the cluster operation status. This method also update the cluster operation status if detect some changes.
      Specified by:
      recomputeAndResolveSessionOpStatus in interface RoleAnalysisService
      Parameters:
      sessionPrismObject - The cluster for recompute and resolve.
      result - The operation result.
      task - The task associated with this operation.
      Returns:
      The cluster operation status.

    • recomputeAndResolveClusterCandidateRoleOpStatus

      @NotNull public @NotNull String recomputeAndResolveClusterCandidateRoleOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrismObject, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull @NotNull OperationResult result, Task task)
      Description copied from interface: RoleAnalysisService
      Recomputes and resolves the operation status for the candidate role within the specified cluster.
      Specified by:
      recomputeAndResolveClusterCandidateRoleOpStatus in interface RoleAnalysisService
      Parameters:
      clusterPrismObject - PrismObject representing the role analysis cluster.
      candidateRole - RoleAnalysisCandidateRoleType representing the candidate role.
      result - OperationResult containing the result of the operation.
      task - Task used for executing the operation.
      Returns:
      A string representing the display status of the candidate role after recompute and resolution.

    • getTaskProgressIfExist

      public int[] getTaskProgressIfExist(@Nullable @Nullable RoleAnalysisOperationStatusType operationStatus, @NotNull @NotNull OperationResult result)
      Specified by:
      getTaskProgressIfExist in interface RoleAnalysisService

    • setCandidateRoleOpStatus

      public void setCandidateRoleOpStatus(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRoleContainer, @NotNull @NotNull String taskOid, @Nullable @Nullable OperationResultStatusType operationResultStatusType, @Nullable @Nullable String message, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, @NotNull @NotNull RoleAnalysisOperationType operationType, @Nullable @Nullable FocusType focus)
      Description copied from interface: RoleAnalysisService
      Sets the operation status of a candidate role within the specified role analysis cluster.
      Specified by:
      setCandidateRoleOpStatus in interface RoleAnalysisService
      Parameters:
      clusterPrism - PrismObject representing the role analysis cluster.
      candidateRoleContainer - RoleAnalysisCandidateRoleType representing the candidate role container.
      taskOid - String representing the OID of the task associated with the operation status.
      operationResultStatusType - OperationResultStatusType representing the status of the operation.
      message - String containing the message associated with the operation status.
      result - OperationResult containing the result of the operation.
      task - Task used for executing the operation.
      operationType - RoleAnalysisOperation representing the type of operation.
      focus - FocusType representing the focus type associated with the operation status.

    • addCandidateRole

      public void addCandidateRole(@NotNull @NotNull String clusterRefOid, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRole, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      This method is used to add candidate roles to the cluster.
      Specified by:
      addCandidateRole in interface RoleAnalysisService
      Parameters:
      clusterRefOid - The cluster OID.
      candidateRole - The candidate role OID.
      task - The task associated with this operation.
      result - The operation result.

    • deleteSingleCandidateRole

      public void deleteSingleCandidateRole(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> clusterPrism, @NotNull @NotNull RoleAnalysisCandidateRoleType candidateRoleBean, @NotNull @NotNull OperationResult result, Task task)
      Description copied from interface: RoleAnalysisService
      Deletes a single candidate role from the specified role analysis cluster.
      Specified by:
      deleteSingleCandidateRole in interface RoleAnalysisService
      Parameters:
      clusterPrism - PrismObject representing the role analysis cluster.
      candidateRoleBean - RoleAnalysisCandidateRoleType representing the candidate role to be deleted.
      result - OperationResult containing the result of the deletion operation.
      task - Task used for executing the deletion operation.

    • executeChangesOnCandidateRole

      public void executeChangesOnCandidateRole(@NotNull @NotNull PrismObject<RoleAnalysisClusterType> cluster, @NotNull @NotNull RoleAnalysisCandidateRoleType roleAnalysisCandidateRoleType, Set<ObjectReferenceType> members, @NotNull @NotNull Set<AssignmentType> inducements, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Executes changes on the candidate role within the specified role analysis cluster.
      Specified by:
      executeChangesOnCandidateRole in interface RoleAnalysisService
      Parameters:
      cluster - PrismObject representing the role analysis cluster.
      roleAnalysisCandidateRoleType - RoleAnalysisCandidateRoleType representing the candidate role container.
      members - Set of PrismObject representing the members to be assigned to the candidate role.
      inducements - Set of AssignmentType representing the inducements to be added to the candidate role.
      task - Task used for executing the operation.
      result - OperationResult containing the result of the operation.

    • userTypeAttributeAnalysis

      public List<AttributeAnalysisStructure> userTypeAttributeAnalysis(@NotNull @NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet)
      Description copied from interface: RoleAnalysisService
      Performs attribute analysis for user objects.
      Specified by:
      userTypeAttributeAnalysis in interface RoleAnalysisService
      Parameters:
      prismUsers - Set of PrismObject representing user objects to analyze.
      membershipDensity - The density of membership.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      attributeDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • userTypeAttributeAnalysisCached

      public List<AttributeAnalysisStructure> userTypeAttributeAnalysisCached(@NotNull @NotNull Set<PrismObject<UserType>> prismUsers, Double membershipDensity, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      userTypeAttributeAnalysisCached in interface RoleAnalysisService

    • roleTypeAttributeAnalysis

      public List<AttributeAnalysisStructure> roleTypeAttributeAnalysis(@NotNull @NotNull Set<PrismObject<RoleType>> prismRoles, Double membershipDensity, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet)
      Description copied from interface: RoleAnalysisService
      Performs attribute analysis for role objects.
      Specified by:
      roleTypeAttributeAnalysis in interface RoleAnalysisService
      Parameters:
      prismRoles - Set of PrismObject representing role objects to analyze.
      membershipDensity - The density of membership.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • roleMembersAttributeAnalysis

      public List<AttributeAnalysisStructure> roleMembersAttributeAnalysis(@NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet, @NotNull @NotNull String objectOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Performs attribute analysis for role members.
      Specified by:
      roleMembersAttributeAnalysis in interface RoleAnalysisService
      Parameters:
      attributeDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for analysis.
      objectOid - The OID of the object to analyze.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • userRolesAttributeAnalysis

      public List<AttributeAnalysisStructure> userRolesAttributeAnalysis(@NotNull @NotNull List<RoleAnalysisAttributeDef> attributeRoleDefSet, @NotNull @NotNull String objectOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Performs attribute analysis for user roles.
      Specified by:
      userRolesAttributeAnalysis in interface RoleAnalysisService
      Parameters:
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      objectOid - The OID of the object to analyze.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation.
      Returns:
      List of AttributeAnalysisStructure containing the results of the attribute analysis.

    • resolveDetectedPatternsAttributes

      public void resolveDetectedPatternsAttributes(@NotNull @NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @NotNull @NotNull Map<String,PrismObject<RoleType>> roleExistCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet)
      Description copied from interface: RoleAnalysisService
      Processes attribute analysis for the detected patterns. This method analyzes attribute usage patterns for both users and roles in the detected patterns. It retrieves user and role occupancy information from the detected patterns, then performs attribute analysis for both user and role types based on the specified attribute paths.
      Specified by:
      resolveDetectedPatternsAttributes in interface RoleAnalysisService
      Parameters:
      detectedPatterns - List of detected patterns to process.
      userExistCache - Map containing cached PrismObject of UserType for efficient retrieval.
      roleExistCache - Map containing cached PrismObject of RoleType for efficient retrieval.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation. Any errors or status information will be recorded here.
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      attributeUserDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.

    • resolveDetectedPatternsAttributesCached

      public void resolveDetectedPatternsAttributesCached(@NotNull @NotNull List<RoleAnalysisDetectionPatternType> detectedPatterns, @NotNull @NotNull Map<String,PrismObject<UserType>> userExistCache, @NotNull @NotNull Map<String,PrismObject<RoleType>> roleExistCache, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeRoleDefSet, @Nullable @Nullable List<RoleAnalysisAttributeDef> attributeUserDefSet, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Processes attribute analysis for the detected patterns. This method analyzes attribute usage patterns for both users and roles in the detected patterns. It retrieves user and role occupancy information from the detected patterns, then performs attribute analysis for both user and role types based on the specified attribute paths.
      Specified by:
      resolveDetectedPatternsAttributesCached in interface RoleAnalysisService
      Parameters:
      detectedPatterns - List of detected patterns to process.
      userExistCache - Map containing cached PrismObject of UserType for efficient retrieval.
      roleExistCache - Map containing cached PrismObject of RoleType for efficient retrieval.
      attributeRoleDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for role analysis.
      attributeUserDefSet - List of RoleAnalysisAttributeDef containing the attribute definitions for user analysis.
      task - Task used for processing the attribute analysis.
      result - OperationResult containing the result of the operation. Any errors or status information will be recorded here.

    • searchSessionClusters

      public List<PrismObject<RoleAnalysisClusterType>> searchSessionClusters(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Searches for clusters associated with a specific role analysis session.
      Specified by:
      searchSessionClusters in interface RoleAnalysisService
      Parameters:
      session - RoleAnalysisSessionType representing the session for which clusters are being searched.
      task - Task used for executing the search operation.
      result - OperationResult containing the result of the search operation. Any errors or status information will be recorded here.
      Returns:
      List of PrismObject containing the clusters associated with the session. If the search operation fails or no clusters are found, null is returned.

    • resolveFocusObjectIconColor

      public String resolveFocusObjectIconColor(@NotNull @NotNull FocusType focusObject, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Resolves the focus object icon color based on the provided focus object archetype.
      Specified by:
      resolveFocusObjectIconColor in interface RoleAnalysisService
      Parameters:
      focusObject - FocusType representing the focus object for which the icon color is being resolved.
      task - Task used for resolving the icon color.
      result - OperationResult containing the result of the operation. Any errors or status information will be recorded here.
      Returns:
      String representing the icon color of the focus object.

    • countObjects

      public <T extends ObjectType> Integer countObjects(@NotNull @NotNull Class<T> type, @Nullable @Nullable ObjectQuery query, @Nullable @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult parentResult)
      Description copied from interface: RoleAnalysisService
      Retrieves the attribute definition for a specific attribute path.
      Specified by:
      countObjects in interface RoleAnalysisService
      Parameters:
      type - The type of object for which the attribute definition is being retrieved.
      query - The query specifying the conditions for searching the object.
      options - Collection of SelectorOptions specifying additional options for the search operation.
      task - Task used for executing the search operation.
      parentResult - OperationResult containing the result of the search operation.
      Returns:
      RoleAnalysisAttributeDef containing the attribute definition for the specified attribute path.

    • countUserOwnedRoleAssignment

      public int countUserOwnedRoleAssignment(OperationResult result)
      Description copied from interface: RoleAnalysisService
      Counts the number of role assignments owned by users in the system.
      Specified by:
      countUserOwnedRoleAssignment in interface RoleAnalysisService
      Parameters:
      result - The operation result.
      Returns:
      The count of user-owned role assignments.

    • calculateAttributeConfidence

      public String calculateAttributeConfidence(@NotNull @NotNull RoleAnalysisProcessModeType processModeType, @NotNull @NotNull AnalysisClusterStatisticType clusterStatistics)
      Description copied from interface: RoleAnalysisService
      Calculates the confidence of an attribute based on the specified process mode and cluster statistics.
      Specified by:
      calculateAttributeConfidence in interface RoleAnalysisService
      Parameters:
      processModeType - The process mode type.
      clusterStatistics - The cluster statistics.
      Returns:
      String representing the calculated attribute confidence.

    • resolveAnalysisAttributes

      @Nullable public @Nullable List<RoleAnalysisAttributeDef> resolveAnalysisAttributes(@NotNull @NotNull RoleAnalysisSessionType session, @NotNull @NotNull QName complexType)
      Description copied from interface: RoleAnalysisService
      Resolves the analysis attributes based on the provided session and complex type.
      Specified by:
      resolveAnalysisAttributes in interface RoleAnalysisService
      Parameters:
      session - The RoleAnalysisSessionType object that contains the analysis options.
      complexType - The QName object that represents the complex type of the attribute.
      Returns:
      A list of RoleAnalysisAttributeDef objects that match the provided complex type. Returns null if no matching attributes are found or if the analysis option or process mode is not set in the session.

    • resolveSimilarAspect

      @Nullable public @Nullable RoleAnalysisAttributeAnalysisResultType resolveSimilarAspect(@NotNull @NotNull RoleAnalysisAttributeAnalysisResultType compared, @NotNull @NotNull RoleAnalysisAttributeAnalysisResultType comparison)
      Specified by:
      resolveSimilarAspect in interface RoleAnalysisService

    • resolveUserAttributes

      @NotNull public @NotNull RoleAnalysisAttributeAnalysisResultType resolveUserAttributes(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributesForUserAnalysis)
      Specified by:
      resolveUserAttributes in interface RoleAnalysisService

    • resolveRoleMembersAttribute

      public RoleAnalysisAttributeAnalysisResultType resolveRoleMembersAttribute(@NotNull @NotNull String objectOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet)
      Specified by:
      resolveRoleMembersAttribute in interface RoleAnalysisService

    • resolveRoleMembersAttributeCached

      public RoleAnalysisAttributeAnalysisResultType resolveRoleMembersAttributeCached(@NotNull @NotNull String objectOid, @NotNull @NotNull AttributeAnalysisCache userAnalysisCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull List<RoleAnalysisAttributeDef> attributeDefSet)
      Specified by:
      resolveRoleMembersAttributeCached in interface RoleAnalysisService

    • resolveOutliersZScore

      public <T extends MiningBaseTypeChunk> ZScoreData resolveOutliersZScore(@NotNull @NotNull List<T> data, @Nullable @Nullable RangeType range, @Nullable @Nullable Double sensitivity, @Nullable @Nullable Double frequencyThreshold)
      Specified by:
      resolveOutliersZScore in interface RoleAnalysisService

    • resolveNeighbours

      public <T extends MiningBaseTypeChunk> void resolveNeighbours(@NotNull @NotNull List<T> data, double maxFrequency)
      Resolves neighbors for the given list of data chunks based on their properties and frequency values.
      Type Parameters:
      T - The type of the data chunks, which must extend MiningBaseTypeChunk.
      Parameters:
      data - The list of data chunks to process.
      maxFrequency - The maximum frequency value to consider for negative exclusion.

    • calculateZScoreConfidence

      public <T extends MiningBaseTypeChunk> double calculateZScoreConfidence(@NotNull T item, ZScoreData zScoreData)
      Calculate the confidence of the Z-Score
      Specified by:
      calculateZScoreConfidence in interface RoleAnalysisService
      Type Parameters:
      T - the type of the item
      Parameters:
      item - the item to calculate the confidence
      zScoreData - the Z-Score data
      Returns:
      the confidence of the Z-Score 0 to 1 if 1 is 100% confidence

    • resolveUserValueToMark

      @Nullable public @Nullable Set<String> resolveUserValueToMark(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull List<RoleAnalysisAttributeDef> itemDef)
      Specified by:
      resolveUserValueToMark in interface RoleAnalysisService

    • resolveUserValueToMark

      @Nullable public @Nullable Set<String> resolveUserValueToMark(@NotNull @NotNull RoleAnalysisAttributeAnalysisResultType userAttributeAnalysisResult)
      Specified by:
      resolveUserValueToMark in interface RoleAnalysisService

    • resolveRoleValueToMark

      @Nullable public @Nullable Set<String> resolveRoleValueToMark(@NotNull @NotNull PrismObject<RoleType> prismRole, @NotNull @NotNull List<RoleAnalysisAttributeDef> itemDef)
      Description copied from interface: RoleAnalysisService
      Resolve object attribute value.
      Specified by:
      resolveRoleValueToMark in interface RoleAnalysisService
      Parameters:
      prismRole - The role object.
      itemDef - The attribute definition.
      Returns:
      Set of attribute values that role has.

    • importOutlier

      public void importOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Imports a RoleAnalysisOutlierType object into the system.
      Specified by:
      importOutlier in interface RoleAnalysisService
      Parameters:
      outlier - The outlier for importing.
      task - The task associated with this operation.
      result - The operation result.

    • resolveOutliers

      public void resolveOutliers(@NotNull @NotNull RoleAnalysisOutlierType roleAnalysisOutlierType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Resolves outliers for a given role analysis outlier type. This method retrieves the target object reference from the provided outlier type and performs the following steps: 1. Searches for existing outliers with the same target object reference. 2. If no outliers are found, imports the provided outlier. 3. If outliers are found, updates the existing outlier with new outlier descriptions and removes outdated descriptions.

      This method is responsible for handling exceptions that may occur during the process and logs errors accordingly.

      Specified by:
      resolveOutliers in interface RoleAnalysisService
      Parameters:
      roleAnalysisOutlierType - The role analysis outlier type containing the outlier information.
      task - The task associated with the operation.
      result - The operation result.

    • deleteSessionTask

      public void deleteSessionTask(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      deleteSessionTask in interface RoleAnalysisService

    • getSessionTask

      @Nullable public @Nullable PrismObject<TaskType> getSessionTask(@NotNull @NotNull String sessionOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      getSessionTask in interface RoleAnalysisService

    • deleteSessionTask

      public void deleteSessionTask(@NotNull @NotNull TaskType taskToDelete, @NotNull @NotNull OperationResult result)
      Specified by:
      deleteSessionTask in interface RoleAnalysisService

    • getSessionOutliers

      public List<RoleAnalysisOutlierType> getSessionOutliers(@NotNull @NotNull String sessionOid, @Nullable @Nullable OutlierClusterCategoryType category, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      getSessionOutliers in interface RoleAnalysisService

    • getTopOutliers

      public List<RoleAnalysisOutlierType> getTopOutliers(@Nullable @Nullable Integer limit, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      getTopOutliers in interface RoleAnalysisService

    • findJaccardCloseObject

      @Nullable public @Nullable com.google.common.collect.ListMultimap<Double,String> findJaccardCloseObject(@NotNull @NotNull String userOid, @NotNull @NotNull com.google.common.collect.ListMultimap<List<String>,String> chunkMap, @NotNull @NotNull org.apache.commons.lang3.mutable.MutableDouble usedFrequency, @NotNull @NotNull List<String> outliersMembers, double minThreshold, int minMembers, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      findJaccardCloseObject in interface RoleAnalysisService

    • resolveJaccardCloseObjectResult

      @NotNull public static @NotNull List<String> resolveJaccardCloseObjectResult(int minMembers, @NotNull @NotNull org.apache.commons.lang3.mutable.MutableDouble usedFrequency, @Nullable @Nullable com.google.common.collect.ListMultimap<Double,String> similarityStats)

    • loadUserForOutlierComparison

      public com.google.common.collect.ListMultimap<List<String>,String> loadUserForOutlierComparison(@NotNull @NotNull RoleAnalysisService roleAnalysisService, @NotNull @NotNull List<String> outliersMembers, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @Nullable @Nullable SearchFilterType userSearchFilter, @Nullable @Nullable SearchFilterType roleSearchFilter, @Nullable @Nullable SearchFilterType assignmentSearchFilter, @NotNull @NotNull OperationResult result, @NotNull @NotNull Task task, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Specified by:
      loadUserForOutlierComparison in interface RoleAnalysisService

    • calculateOutlierThresholdRange

      @NotNull public @NotNull RangeType calculateOutlierThresholdRange(Double sensitivity, @NotNull @NotNull RangeType range)
      Description copied from interface: RoleAnalysisService
      This method is used to calculate the threshold range for outlier detection. The range is adjusted based on the provided sensitivity.
      Specified by:
      calculateOutlierThresholdRange in interface RoleAnalysisService
      Parameters:
      sensitivity - The sensitivity for outlier detection. It should be a value between 0.0 and 100. If the provided value is outside this range, it will be set to 0.0. The sensitivity is used to adjust the threshold for outlier detection.
      range - The initial range for outlier detection. It should be a RangeType object with min and max values. If the min or max values are null, they will be set to 2.0. Note: The range is expected to have both values positive.
      Returns:
      The adjusted range for outlier detection. It's a RangeType object with the min and max values adjusted based on the sensitivity.

    • calculateOutlierConfidenceRequired

      public double calculateOutlierConfidenceRequired(double sensitivity)
      Description copied from interface: RoleAnalysisService
      Calculates the required confidence for outlier detection based on the provided sensitivity. The sensitivity should be a value between 0.0 and 100. If the provided value is outside this range, the function will return 0.0. The function uses the formula 1 - (sensitivity * 0.01) to calculate the required confidence.
      Specified by:
      calculateOutlierConfidenceRequired in interface RoleAnalysisService
      Parameters:
      sensitivity - The sensitivity for outlier detection. It should be a value between 0.0 and 100.
      Returns:
      The required confidence for outlier detection. It's a value between 0.0 and 1.0.

    • findClusterOutliers

      @NotNull public @NotNull List<RoleAnalysisOutlierType> findClusterOutliers(@NotNull @NotNull RoleAnalysisClusterType cluster, @Nullable @Nullable OutlierSpecificCategoryType category, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      This method is used to find all outliers associated with a specific cluster.
      Specified by:
      findClusterOutliers in interface RoleAnalysisService
      Parameters:
      cluster - The cluster for which to find associated outliers. It should be a RoleAnalysisClusterType object.
      category - The specific category of outliers to search for. It should be an OutlierSpecificCategoryType object.
      task - The task in context. It should be a Task object.
      result - The operation result. It should be an OperationResult object.
      Returns:
      A list of RoleAnalysisOutlierType objects that are associated with the provided cluster.

    • searchOutlierObjectByUserOid

      public PrismObject<RoleAnalysisOutlierType> searchOutlierObjectByUserOid(@NotNull @NotNull String userOid, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Searches for an outlier object associated with a specific user.
      Specified by:
      searchOutlierObjectByUserOid in interface RoleAnalysisService
      Parameters:
      userOid - The OID of the user for whom the outlier object is to be searched.
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      The outlier object associated with the user if found, null otherwise.

    • addOutlierPartition

      public void addOutlierPartition(@NotNull @NotNull String outlierOid, @NotNull @NotNull RoleAnalysisOutlierPartitionType partition, double overallConfidence, double anomalyConfidence, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Updates the specified outlier object in the repository. The method retrieves the existing outlier object based on the provided OID and updates the partition and metrics data.
      Specified by:
      addOutlierPartition in interface RoleAnalysisService
      Parameters:
      outlierOid - The OID of the outlier object to be updated.
      partition - The partition data to be added to the outlier object.
      overallConfidence - The overall confidence value to be set in the outlier object.
      anomalyConfidence - The anomaly confidence value to be set in the outlier object.
      result - The operation result.

    • resolveUserAccessDistribution

      public UserAccessDistribution resolveUserAccessDistribution(@NotNull @NotNull PrismObject<UserType> prismUser, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Resolves the distribution of user access based on the user's role assignments. This method categorizes the user's role assignments into direct assignments, indirect assignments, and duplicates. Direct assignments are roles assigned directly to the user. Indirect assignments are roles assigned to the user through a group or another role. Duplicates are roles that are assigned to the user both directly and indirectly.
      Specified by:
      resolveUserAccessDistribution in interface RoleAnalysisService
      Parameters:
      prismUser - The user object for which the access distribution is to be resolved.
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      A UserAccessDistribution object that contains the distribution of user access.

    • getAsFocusObjects

      @NotNull public @NotNull List<PrismObject<FocusType>> getAsFocusObjects(@Nullable @Nullable List<ObjectReferenceType> references, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves a list of FocusType objects based on a list of ObjectReferenceType references.
      Specified by:
      getAsFocusObjects in interface RoleAnalysisService
      Parameters:
      references - A list of ObjectReferenceType references. These references should point to the objects to be retrieved.
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      A list of PrismObject of type FocusType. Each PrismObject represents a FocusType object retrieved based on the provided references. If the references list is null, an empty list is returned.

    • computeResolvedAndCandidateRoles

      public int[] computeResolvedAndCandidateRoles(@NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Computes the number of resolved patterns and candidate roles in all RoleAnalysisClusterType objects.
      Specified by:
      computeResolvedAndCandidateRoles in interface RoleAnalysisService
      Parameters:
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      An array of two integers where the first integer is the count of resolved patterns and the second integer is the count of candidate roles.

    • calculatePossibleAssignmentReduction

      public double calculatePossibleAssignmentReduction(RoleAnalysisSessionType session, Task task, OperationResult result)
      Calculates the possible reduction in role assignments for a given session. This method calculates the total reduction in role assignments by summing up the detected reduction metrics for each cluster in the session. It then calculates the total system percentage reduction by dividing the total reduction by the total number of role assignments to users.
      Specified by:
      calculatePossibleAssignmentReduction in interface RoleAnalysisService
      Parameters:
      session - The RoleAnalysisSessionType object for which the possible assignment reduction is to be calculated.
      task - The task in which the operation is performed.
      result - The operation result.
      Returns:
      The total system percentage reduction in role assignments. If there are no clusters in the session or no role assignments to users, it returns 0.

    • getSessionClustersByType

      public List<RoleAnalysisClusterType> getSessionClustersByType(@NotNull @NotNull String sessionOid, @NotNull @NotNull RoleAnalysisClusterCategory clusterType, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Specified by:
      getSessionClustersByType in interface RoleAnalysisService

    • searchOutliersRepo

      public SearchResultList<PrismObject<RoleAnalysisOutlierType>> searchOutliersRepo(@Nullable @Nullable ObjectQuery query, @NotNull @NotNull OperationResult result)
      Specified by:
      searchOutliersRepo in interface RoleAnalysisService

    • membershipSearch

      public com.google.common.collect.ListMultimap<String,String> membershipSearch(@Nullable @Nullable ObjectFilter userObjectFiler, @Nullable @Nullable ObjectFilter roleObjectFilter, @Nullable @Nullable ObjectFilter assignmentFilter, boolean loadAndUpdateStatistics, @NotNull @NotNull RoleAnalysisProcessModeType processMode, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Description copied from interface: RoleAnalysisService
      Searches for user membership based on the provided filters and process mode.
      Specified by:
      membershipSearch in interface RoleAnalysisService
      Parameters:
      userObjectFiler - An optional filter to apply to the user objects.
      roleObjectFilter - An optional filter to apply to the role objects.
      assignmentFilter - An optional filter to apply to the assignment objects.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      processMode - The process mode to determine whether to search in user mode or role mode.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - Session object.
      Returns:
      A ListMultimap where the keys are either user OIDs or role OIDs, and the values are the corresponding role OIDs or user OIDs, depending on the process mode.

    • assignmentSearch

      public com.google.common.collect.ListMultimap<String,String> assignmentSearch(@Nullable @Nullable ObjectFilter userObjectFiler, @Nullable @Nullable ObjectFilter roleObjectFilter, @Nullable @Nullable ObjectFilter assignmentFilter, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Description copied from interface: RoleAnalysisService
      Searches for assignments based on the provided filters and process mode.
      Specified by:
      assignmentSearch in interface RoleAnalysisService
      Parameters:
      userObjectFiler - An optional filter to apply to the user objects.
      roleObjectFilter - An optional filter to apply to the role objects.
      assignmentFilter - An optional filter to apply to the assignment objects.
      processMode - The process mode to determine whether to search in user mode or role mode.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - poc
      Returns:
      A ListMultimap where the keys are either user OIDs or role OIDs, and the values are the corresponding role OIDs or user OIDs, depending on the process mode.

    • prepareAssignmentChunkMapRolesAsKey

      public com.google.common.collect.ListMultimap<List<String>,String> prepareAssignmentChunkMapRolesAsKey(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Description copied from interface: RoleAnalysisService
      Prepares a map of assignment chunks. If key objects has the same values, they are compressed.
      Specified by:
      prepareAssignmentChunkMapRolesAsKey in interface RoleAnalysisService
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      roleSearchFiler - An optional filter to apply to the role search.
      assignmentSearchFiler - An optional filter to apply to the assignment search.
      processMode - The process mode to determine whether to search in user mode or role mode.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - poc
      Returns:
      A ListMultimap where the keys are lists of role OIDs and the values are user OIDs.

    • prepareMembershipChunkMapRolesAsKey

      public com.google.common.collect.ListMultimap<List<String>,String> prepareMembershipChunkMapRolesAsKey(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull RoleAnalysisProcessModeType processMode, boolean loadAndUpdateStatistics, @Nullable @Nullable AttributeAnalysisCache attributeAnalysisCache, @NotNull @NotNull ObjectCategorisationCache objectCategorisationCache, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisSessionType sessionObject)
      Description copied from interface: RoleAnalysisService
      Prepares a map of role membership chunks. If key objects have the same values, they are compressed.
      Specified by:
      prepareMembershipChunkMapRolesAsKey in interface RoleAnalysisService
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      roleSearchFiler - An optional filter to apply to the role search.
      assignmentSearchFiler - An optional filter to apply to the assignment search.
      processMode - The process mode to determine whether to search in user mode or role mode.
      loadAndUpdateStatistics - A boolean flag to determine whether to load and update statistics.
      attributeAnalysisCache - The cache for attribute analysis.
      objectCategorisationCache - The cache for object categorisation.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      sessionObject - poc
      Returns:
      A ListMultimap where the keys are lists of role OIDs and the values are user OIDs.

    • transformSearchToObjectFilter

      @Nullable public @Nullable ObjectFilter transformSearchToObjectFilter(@Nullable @Nullable SearchFilterType userSearchFiler, @NotNull @NotNull Class<?> objectClass)
      Description copied from interface: RoleAnalysisService
      Transforms a SearchFilterType to an ObjectFilter for the specified object class.
      Specified by:
      transformSearchToObjectFilter in interface RoleAnalysisService
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      objectClass - The class of the object to which the filter will be applied.
      Returns:
      The constructed ObjectFilter based on the provided SearchFilterType, or null if the filter is not provided or cannot be created.

    • assignmentRoleMemberSearch

      @NotNull public @NotNull com.google.common.collect.ListMultimap<String,String> assignmentRoleMemberSearch(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull Set<String> roleMembers, boolean roleAsKey, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisClusterType clusterObject)
      Description copied from interface: RoleAnalysisService
      Searches for role members based on the provided filters and role members set.
      Specified by:
      assignmentRoleMemberSearch in interface RoleAnalysisService
      Parameters:
      userSearchFiler - Optional filter for user search.
      roleSearchFiler - Optional filter for role search.
      assignmentSearchFiler - Optional filter for assignment search.
      roleMembers - Set of role member identifiers.
      roleAsKey - Boolean flag to determine if roles should be used as keys in the result map.
      task - The task in which the operation is performed.
      result - The operation result.
      clusterObject - poc
      Returns:
      A ListMultimap containing the role members mapped by either role or user identifiers.

    • assignmentUserAccessSearch

      @NotNull public @NotNull com.google.common.collect.ListMultimap<String,String> assignmentUserAccessSearch(@Nullable @Nullable SearchFilterType userSearchFiler, @Nullable @Nullable SearchFilterType roleSearchFiler, @Nullable @Nullable SearchFilterType assignmentSearchFiler, @NotNull @NotNull Set<String> userMembers, boolean userAsKey, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result, @NotNull @NotNull RoleAnalysisClusterType clusterObject)
      Description copied from interface: RoleAnalysisService
      Searches for user access assignments based on the provided filters and user members set.
      Specified by:
      assignmentUserAccessSearch in interface RoleAnalysisService
      Parameters:
      userSearchFiler - An optional filter to apply to the user search.
      roleSearchFiler - An optional filter to apply to the role search.
      assignmentSearchFiler - An optional filter to apply to the assignment search.
      userMembers - A set of user member OIDs to be included in the search.
      userAsKey - A boolean indicating whether users should be used as keys in the resulting map.
      task - The task in the context of which the operation is executed.
      result - The result of the operation.
      Returns:
      A ListMultimap where the keys are either user OIDs or role OIDs, depending on the value of userAsKey.

    • getSessionRoleSuggestion

      public List<DetectedPattern> getSessionRoleSuggestion(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves role suggestions for a given session by searching for detected patterns.
      Specified by:
      getSessionRoleSuggestion in interface RoleAnalysisService
      Parameters:
      sessionOid - The OID of the session for which role suggestions are to be retrieved.
      limit - An optional limit on the number of detected patterns to retrieve.
      sortDescending - An optional flag to sort the detected patterns by reduction count in descending order.
      result - The operation result.
      Returns:
      A list of detected patterns for the given session.

    • getClusterRoleSuggestions

      public List<DetectedPattern> getClusterRoleSuggestions(@NotNull @NotNull String clusterOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves role suggestions for a given cluster by searching for detected patterns.
      Specified by:
      getClusterRoleSuggestions in interface RoleAnalysisService
      Parameters:
      clusterOid - The OID of the cluster for which role suggestions are to be retrieved.
      limit - An optional limit on the number of detected patterns to retrieve.
      sortDescending - An optional flag to sort the detected patterns by reduction count in descending order.
      result - The operation result.
      Returns:
      A list of detected patterns for the given cluster.

    • getAllRoleSuggestions

      public List<DetectedPattern> getAllRoleSuggestions(@Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves all role suggestions by searching for detected patterns.
      Specified by:
      getAllRoleSuggestions in interface RoleAnalysisService
      Parameters:
      limit - An optional limit on the number of detected patterns to retrieve.
      sortDescending - An optional flag to sort the detected patterns by reduction count in descending order.
      result - The operation result.
      Returns:
      A list of detected patterns.

    • getSessionOutlierPartitionStructure

      public List<DetectedPattern> getSessionOutlierPartitionStructure(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull OperationResult result)

    • getOutlierPartitionsMap

      public Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getOutlierPartitionsMap(@Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves outlier partitions by searching for detected patterns.
      Specified by:
      getOutlierPartitionsMap in interface RoleAnalysisService
      Parameters:
      limit - An optional limit on the number of partitions to retrieve.
      sortDescending - An optional flag to sort the partitions by overall confidence in descending order.
      task - The task in which the operation is executed.
      result - The operation result.
      Returns:
      A map of outlier partitions and their corresponding outliers.

    • getSessionOutlierPartitionsMap

      public Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getSessionOutlierPartitionsMap(@NotNull @NotNull String sessionOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @Nullable @Nullable OutlierCategoryType outlierCategory, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves outlier partitions for specific session by searching for detected patterns.
      Specified by:
      getSessionOutlierPartitionsMap in interface RoleAnalysisService
      limit - An optional limit on the number of partitions to retrieve.
      sortDescending - An optional flag to sort the partitions by overall confidence in descending order.
      outlierCategory - The specific category of outliers to search for.
      task - The task in which the operation is executed.
      result - The operation result.
      Returns:
      A map of outlier partitions and their corresponding outliers.

    • getClusterOutlierPartitionsMap

      public Map<RoleAnalysisOutlierPartitionType,RoleAnalysisOutlierType> getClusterOutlierPartitionsMap(@NotNull @NotNull String clusterOid, @Nullable @Nullable Integer limit, @Nullable @Nullable Boolean sortDescending, @Nullable @Nullable OutlierCategoryType outlierCategory, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Retrieves outlier partitions for specific cluster by searching for detected patterns.
      Specified by:
      getClusterOutlierPartitionsMap in interface RoleAnalysisService
      limit - An optional limit on the number of partitions to retrieve.
      sortDescending - An optional flag to sort the partitions by overall confidence in descending order.
      outlierCategory - The specific category of outliers to search for.
      task - The task in which the operation is executed.
      result - The operation result.
      Returns:
      A map of outlier partitions and their corresponding outliers.

    • buildStatisticsAssignmentSearchFilter

      public S_FilterExit buildStatisticsAssignmentSearchFilter(@NotNull @NotNull Collection<QName> memberRelations)
      Specified by:
      buildStatisticsAssignmentSearchFilter in interface RoleAnalysisService

    • prepareTemporaryCluster

      @Nullable public @Nullable RoleAnalysisClusterType prepareTemporaryCluster(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull RoleAnalysisOutlierPartitionType partition, @NotNull @NotNull DisplayValueOption displayValueOption, @NotNull @NotNull Task task)
      Prepares a temporary cluster for role analysis based on the provided outlier and partition.
      Specified by:
      prepareTemporaryCluster in interface RoleAnalysisService
      Parameters:
      outlier - The outlier object containing the detected outlier information.
      partition - The partition object containing the partition analysis data.
      displayValueOption - The display value options for the role analysis.
      task - The task in which the operation is performed.
      Returns:
      A RoleAnalysisClusterType object representing the prepared temporary cluster, or null if the similar object analysis is not available.

    • explainOutlierAnomalyAccess

      public List<OutlierExplanationResolver.ExplanationResult> explainOutlierAnomalyAccess(@NotNull @NotNull DetectedAnomalyResultType detectedAnomalyResult, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Explains the anomaly access for a detected outlier. This method analyzes the detected anomaly statistics result and provides an explanation for the outlier anomaly access.
      Specified by:
      explainOutlierAnomalyAccess in interface RoleAnalysisService
      Parameters:
      detectedAnomalyResult - The result of the detected anomaly to be explained.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      A list of explanation results for the outlier anomaly access.

    • explainOutlierPartition

      public OutlierExplanationResolver.OutlierExplanationResult explainOutlierPartition(@NotNull @NotNull RoleAnalysisOutlierPartitionType partition, int partitionCount, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Explains the outlier partition. This method analyzes the provided outlier partition statistics and returns an explanation result.
      Specified by:
      explainOutlierPartition in interface RoleAnalysisService
      Parameters:
      partition - The outlier partition to be explained.
      partitionCount - The count of partitions.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      An explanation result for the outlier partition.

    • explainOutlier

      public OutlierExplanationResolver.OutlierExplanationResult explainOutlier(@NotNull @NotNull RoleAnalysisOutlierType outlier, @NotNull @NotNull Task task, @NotNull @NotNull OperationResult result)
      Description copied from interface: RoleAnalysisService
      Explains the outlier. This method analyzes the provided outlier partition and returns an explanation result of top-rated(scored) partition explanation.
      Specified by:
      explainOutlier in interface RoleAnalysisService
      Parameters:
      outlier - The outlier to be explained.
      task - The task associated with this operation.
      result - The operation result.
      Returns:
      An explanation result for the outlier.