Merge remote-tracking branch 'refs/remotes/origin/master'

docs/deployment/ninja/index.adoc

@@ -49,10 +49,10 @@ Connection options:
 === midpoint.home connection
 
 This type of connection initialises repository layer of midPoint and operates on top of the database as a new midPoint node.
-Mostly only one option is needed and that's specification of `midpoint.home` directory using `-m` option.
-This is not sufficient if `config.xml` uses datasource definition.
-Ninja then doesn't know how to connect to DB.
-For this case one have to use options to specify URL (`-U`), username (`-u`) and password (`-p` or `-P`).
+For all commands that communicate with DB layer `midpoint.home` must be specified using `-m <path>` option.
+Ninja will try to read database connection information from `config.xml`.
+This will not work when there's only datasource definition in `config.xml` (no JDBC url/username/password).
+In such chase one have to specify URL (`-U`), username (`-u`) and password (`-p` or `-P`).
 These options can also be used to override JDBC URL, username and password specified in `config.xml`.
 
 With bash, you can provide `MIDPOINT_HOME` for the `ninja.sh` command with this shortcut:
@@ -62,24 +62,26 @@ With bash, you can provide `MIDPOINT_HOME` for the `ninja.sh` command with this
 MIDPOINT_HOME=/var/other-mp-home <midpoint>/bin/ninja.sh [general options] [command] [command options]
 ----
 
-If unbundled JDBC driver is used, it will not be picked up automatically from the midPoint home directory
-and you must point Ninja to it explicitly.
+=== JDBC Driver
+
+Only JDBC driver that is bundled is for PostgreSQL database.
+This means that for other databases, you must provide JDBC driver yourself.
+Most of the time JDBC driver is already present in `<midpoint>/lib` directory.
+However, it will not be picked up automatically and you must point Ninja to it explicitly.
 Example when using `java -jar`:
 
 [source,bash]
 ----
-java -Dloader.path=<jdbc_driver_jar_path> -jar ninja.jar [general options] [command] [command options]
+java -Dloader.path=<jdbc_driver_jar_path> -jar ninja.jar [general/connection options] [command] [command options]
 ----
 
 If the bundled scripts are used, you can specify the path to the driver with `-j` option, for example:
 
 [source,bash]
 ----
-<midpoint>/bin/ninja.sh -j <JDBC_DRIVER_JAR> [general options] [command] [command options]
+<midpoint>/bin/ninja.sh -j <jdbc_driver_jar_path> [general/connection options] [command] [command options]
 ----
 
-// TODO: mention python CLI
-
 == Supported operations
 
 Ninja currently supports these operations:

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageAdminLTE.java

@@ -15,6 +15,7 @@
 import javax.xml.namespace.QName;
 
 import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
+import com.evolveum.midpoint.model.api.mining.RoleAnalysisService;
 import com.evolveum.midpoint.model.api.simulation.SimulationResultManager;
 
 import com.evolveum.midpoint.repo.common.ObjectOperationPolicyHelper;
@@ -552,6 +553,10 @@ public SimulationResultManager getSimulationResultManager() {
         return simulationResultManager;
     }
 
+    public RoleAnalysisService getRoleAnalysisService() {
+        return getMidpointApplication().getRoleAnalysisService();
+    }
+
     public CertGuiHandlerRegistry getCertGuiHandlerRegistry() {
         return certGuiHandlerRegistry;
     }

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/ModelServiceLocator.java

@@ -13,6 +13,7 @@
 import com.evolveum.midpoint.gui.api.factory.wrapper.PrismObjectWrapperFactory;
 import com.evolveum.midpoint.gui.api.factory.wrapper.WrapperContext;
 import com.evolveum.midpoint.gui.api.prism.wrapper.PrismValueWrapper;
+import com.evolveum.midpoint.model.api.mining.RoleAnalysisService;
 import com.evolveum.midpoint.schema.merger.AdminGuiConfigurationMergeManager;
 import com.evolveum.midpoint.model.api.ModelInteractionService;
 import com.evolveum.midpoint.model.api.ModelService;
@@ -109,4 +110,7 @@ default ObjectResolver getModelObjectResolver() {
      * Experimental, functionality will be probably later hidden behind {@link ModelInteractionService}
      */
     SimulationResultManager getSimulationResultManager();
+
+    RoleAnalysisService getRoleAnalysisService();
+
 }

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/role/PageRole.java

@@ -20,6 +20,7 @@
 import com.evolveum.midpoint.gui.impl.util.DetailsPageUtil;
 import com.evolveum.midpoint.model.api.ActivitySubmissionOptions;
 import com.evolveum.midpoint.model.api.ModelService;
+import com.evolveum.midpoint.model.api.mining.RoleAnalysisService;
 import com.evolveum.midpoint.prism.delta.ObjectDelta;
 import com.evolveum.midpoint.schema.ObjectDeltaOperation;
 import com.evolveum.midpoint.schema.constants.SchemaConstants;
@@ -208,14 +209,16 @@ private void businessRoleMigrationPerform(
         }
 
         Task task = createSimpleTask(OP_PERFORM_MIGRATION);
-        ModelService modelService = getModelService();
 
         String roleOid = ObjectDeltaOperation.findAddDeltaOidRequired(executedDeltas, RoleType.class);
 
         BusinessRoleApplicationDto patternDeltas = getObjectDetailsModels().getPatternDeltas();
-        clusterMigrationRecompute(PageRole.this, patternDeltas.getCluster().getOid(), roleOid, task, result);
+        RoleAnalysisService roleAnalysisService = getRoleAnalysisService();
+        roleAnalysisService.clusterObjectMigrationRecompute(
+                getRepositoryService(), patternDeltas.getCluster().getOid(), roleOid, task, result);
 
-        PrismObject<RoleType> roleObject = getRoleTypeObject(modelService, roleOid, task, result);
+        PrismObject<RoleType> roleObject = roleAnalysisService
+                .getRoleTypeObject( roleOid, task, result);
         if (roleObject != null) {
             executeMigrationTask(result, task, patternDeltas.getBusinessRoleDtos(), roleObject);
         }

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/role/component/wizard/BusinessRoleWizardPanel.java

@@ -6,9 +6,11 @@
  */
 package com.evolveum.midpoint.gui.impl.page.admin.role.component.wizard;
 
+
 import java.util.ArrayList;
 import java.util.List;
 
+
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.wicket.ajax.AjaxRequestTarget;
 

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/role/mining/page/page/PageRoleAnalysis.java

@@ -9,14 +9,15 @@
 
 import static com.evolveum.midpoint.common.mining.utils.RoleAnalysisUtils.getSessionOptionType;
 import static com.evolveum.midpoint.gui.impl.page.admin.role.mining.page.page.PageRoleAnalysisSession.PARAM_IS_WIZARD;
-import static com.evolveum.midpoint.gui.impl.page.admin.role.mining.utils.RoleAnalysisObjectUtils.deleteSingleRoleAnalysisSession;
 import static com.evolveum.midpoint.gui.impl.page.admin.role.mining.utils.table.RoleAnalysisTableTools.densityBasedColor;
 
 import java.io.Serial;
 import java.text.DecimalFormat;
 import java.util.ArrayList;
 import java.util.List;
 
+import com.evolveum.midpoint.model.api.mining.RoleAnalysisService;
+
 import org.apache.wicket.AttributeModifier;
 import org.apache.wicket.Component;
 import org.apache.wicket.ajax.AjaxRequestTarget;
@@ -45,12 +46,14 @@
 import com.evolveum.midpoint.gui.impl.prism.panel.PrismPropertyHeaderPanel;
 import com.evolveum.midpoint.gui.impl.util.DetailsPageUtil;
 import com.evolveum.midpoint.model.api.AssignmentObjectRelation;
+import com.evolveum.midpoint.model.api.ModelService;
 import com.evolveum.midpoint.model.api.authentication.CompiledObjectCollectionView;
 import com.evolveum.midpoint.prism.Containerable;
 import com.evolveum.midpoint.prism.PrismContainerDefinition;
 import com.evolveum.midpoint.prism.path.ItemPath;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.security.api.AuthorizationConstants;
+import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.web.component.data.column.ColumnMenuAction;
 import com.evolveum.midpoint.web.component.form.MidpointForm;
 import com.evolveum.midpoint.web.component.menu.cog.ButtonInlineMenuItem;
@@ -107,29 +110,39 @@ public InlineMenuItemAction initAction() {
                     @Override
                     public void onClick(AjaxRequestTarget target) {
 
+                        PageBase page = (PageBase) getPage();
+                        Task task = page.createSimpleTask("deleteSingleRoleAnalysisCluster");
+                        RoleAnalysisService roleAnalysisService = page.getRoleAnalysisService();
+
                         List<SelectableBean<RoleAnalysisSessionType>> selectedObjects = getTable().getSelectedObjects();
                         OperationResult result = new OperationResult(OP_DELETE_SESSION);
                         if (selectedObjects.size() == 1 && getRowModel() == null) {
                             try {
                                 SelectableBean<RoleAnalysisSessionType> selectableSession = selectedObjects.get(0);
-                                deleteSingleRoleAnalysisSession((PageBase) getPage(), selectableSession.getValue().getOid(), result
-                                );
+                                roleAnalysisService
+                                        .deleteSession(selectableSession.getValue().getOid(),
+                                                task, result
+                                        );
                             } catch (Exception e) {
                                 throw new RuntimeException(e);
                             }
                         } else if (getRowModel() != null) {
                             try {
                                 IModel<SelectableBean<RoleAnalysisSessionType>> rowModel = getRowModel();
-                                deleteSingleRoleAnalysisSession((PageBase) getPage(), rowModel.getObject().getValue().getOid(), result
-                                );
+                                String oid = rowModel.getObject().getValue().getOid();
+                                roleAnalysisService
+                                        .deleteSession(oid, task, result
+                                        );
                             } catch (Exception e) {
                                 throw new RuntimeException(e);
                             }
                         } else {
                             for (SelectableBean<RoleAnalysisSessionType> selectedObject : selectedObjects) {
                                 try {
                                     String parentOid = selectedObject.getValue().asPrismObject().getOid();
-                                    deleteSingleRoleAnalysisSession((PageBase) getPage(), parentOid, result);
+                                    roleAnalysisService
+                                            .deleteSession(parentOid,
+                                                    task, result);
 
                                 } catch (Exception e) {
                                     throw new RuntimeException(e);

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/role/mining/page/page/PageRoleAnalysisCluster.java

@@ -6,9 +6,10 @@
  */
 package com.evolveum.midpoint.gui.impl.page.admin.role.mining.page.page;
 
-import static com.evolveum.midpoint.gui.impl.page.admin.role.mining.utils.RoleAnalysisObjectUtils.recomputeRoleAnalysisClusterDetectionOptions;
 import static com.evolveum.midpoint.model.common.expression.functions.BasicExpressionFunctions.LOGGER;
 
+import java.io.Serial;
+
 import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.behavior.AttributeAppender;
 import org.apache.wicket.markup.html.form.Form;
@@ -32,10 +33,9 @@
 import com.evolveum.midpoint.gui.impl.page.admin.assignmentholder.PageAssignmentHolderDetails;
 import com.evolveum.midpoint.gui.impl.page.admin.component.AssignmentHolderOperationalButtonsPanel;
 import com.evolveum.midpoint.gui.impl.page.admin.role.mining.page.panel.cluster.ClusterSummaryPanel;
-import com.evolveum.midpoint.gui.impl.page.admin.role.mining.utils.RoleAnalysisObjectUtils;
 import com.evolveum.midpoint.gui.impl.util.DetailsPageUtil;
 import com.evolveum.midpoint.model.api.ActivitySubmissionOptions;
-import com.evolveum.midpoint.model.api.ModelService;
+import com.evolveum.midpoint.model.api.mining.RoleAnalysisService;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.security.api.AuthorizationConstants;
 import com.evolveum.midpoint.task.api.Task;
@@ -44,8 +44,6 @@
 import com.evolveum.midpoint.web.util.OnePageParameterEncoder;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
 
-import java.io.Serial;
-
 //TODO correct authorizations
 @PageDescriptor(
         urls = {
@@ -119,11 +117,13 @@ public void detectionPerform(AjaxRequestTarget target) {
 
         RoleAnalysisClusterType cluster = getObjectDetailsModels().getObjectWrapper().getObject().asObjectable();
 
-        Task task = ((PageBase) getPage()).createSimpleTask(OP_PATTERN_DETECTION);
-        ModelService modelService = ((PageBase) getPage()).getModelService();
+        PageBase pageBase = (PageBase) getPage();
+        Task task = pageBase.createSimpleTask(OP_PATTERN_DETECTION);
         DetectionOption detectionOption = new DetectionOption(cluster);
+        RoleAnalysisService roleAnalysisService = pageBase.getRoleAnalysisService();
 
-        recomputeRoleAnalysisClusterDetectionOptions(modelService, clusterOid, detectionOption, task, result);
+        roleAnalysisService.recomputeClusterDetectionOptions(clusterOid, detectionOption,
+                task, result);
 
         executeDetectionTask(result, task, clusterOid);
 
@@ -180,11 +180,12 @@ public void afterDeletePerformed(AjaxRequestTarget target) {
         PageBase pageBase = (PageBase) getPage();
         Task task = pageBase.createSimpleTask(OP_RECOMPUTE_SESSION_STAT);
         OperationResult result = task.getResult();
+        RoleAnalysisService roleAnalysisService = pageBase.getRoleAnalysisService();
 
         RoleAnalysisClusterType cluster = getModelWrapperObject().getObjectOld().asObjectable();
         ObjectReferenceType roleAnalysisSessionRef = cluster.getRoleAnalysisSessionRef();
-        RoleAnalysisObjectUtils.recomputeSessionStatic(pageBase.getModelService(), roleAnalysisSessionRef.getOid(), cluster, task, result);
-
+        roleAnalysisService.recomputeSessionStatics(
+                roleAnalysisSessionRef.getOid(), cluster, task, result);
     }
 
     public PageRoleAnalysisCluster() {

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/role/mining/page/page/PageRoleAnalysisSession.java

@@ -6,13 +6,13 @@
  */
 package com.evolveum.midpoint.gui.impl.page.admin.role.mining.page.page;
 
-import static com.evolveum.midpoint.gui.impl.page.admin.role.mining.utils.RoleAnalysisObjectUtils.searchAndDeleteCluster;
-
 import java.io.Serial;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.util.List;
 
+import com.evolveum.midpoint.model.api.mining.RoleAnalysisService;
+
 import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.behavior.AttributeAppender;
 import org.apache.wicket.markup.html.form.Form;
@@ -89,12 +89,15 @@ public PageRoleAnalysisSession() {
     @Override
     public void afterDeletePerformed(AjaxRequestTarget target) {
         PageBase pageBase = (PageBase) getPage();
+        Task task = pageBase.createSimpleTask("deleteCleanup");
         OperationResult result = new OperationResult(OP_DELETE_CLEANUP);
+        RoleAnalysisService roleAnalysisService = pageBase.getRoleAnalysisService();
 
         RoleAnalysisSessionType session = getModelWrapperObject().getObjectOld().asObjectable();
         String sessionOid = session.getOid();
 
-        searchAndDeleteCluster(pageBase, sessionOid, result);
+        roleAnalysisService
+                .deleteSessionClustersMembers(sessionOid, task, result);
     }
 
     @Override

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/role/mining/page/panel/cluster/MigratedRolesPanel.java

@@ -8,14 +8,13 @@
 package com.evolveum.midpoint.gui.impl.page.admin.role.mining.page.panel.cluster;
 
 import static com.evolveum.midpoint.common.mining.utils.RoleAnalysisUtils.resolveDateAndTime;
-import static com.evolveum.midpoint.gui.impl.page.admin.role.mining.utils.RoleAnalysisObjectUtils.countRoleMembers;
-import static com.evolveum.midpoint.gui.impl.page.admin.role.mining.utils.RoleAnalysisObjectUtils.getRoleTypeObject;
 
 import java.io.Serial;
 import java.util.ArrayList;
 import java.util.List;
 
 import com.evolveum.midpoint.gui.impl.util.DetailsPageUtil;
+import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.web.component.AjaxIconButton;
 
 import org.apache.wicket.ajax.AjaxRequestTarget;
@@ -76,14 +75,16 @@ public MigratedRolesPanel(String id, ObjectDetailsModels<RoleAnalysisClusterType
 
     @Override
     protected void initLayout() {
-
         RoleAnalysisClusterType cluster = getObjectDetailsModels().getObjectType();
         List<ObjectReferenceType> reductionObject = cluster.getResolvedPattern();
+        Task task = getPageBase().createSimpleTask("resolve role object");
+
         List<RoleType> roles = new ArrayList<>();
         for (ObjectReferenceType objectReferenceType : reductionObject) {
             String oid = objectReferenceType.getOid();
             if (oid != null) {
-                PrismObject<RoleType> roleTypeObject = getRoleTypeObject(getPageBase(), oid, result);
+                PrismObject<RoleType> roleTypeObject = getPageBase().getRoleAnalysisService()
+                        .getRoleTypeObject(oid, task, result);
                 if (roleTypeObject != null) {
                     roles.add(roleTypeObject.asObjectable());
                 }
@@ -223,11 +224,11 @@ public boolean isSortable() {
             @Override
             public void populateItem(Item<ICellPopulator<RoleType>> item, String componentId,
                     IModel<RoleType> rowModel) {
-                Integer membersCount = countRoleMembers(getPageBase(), null, rowModel.getObject().getOid(), result);
+                Task task = getPageBase().createSimpleTask("countRoleMembers");
 
-                if (membersCount == null) {
-                    membersCount = 0;
-                }
+                Integer membersCount = getPageBase().getRoleAnalysisService()
+                        .countUserTypeMembers(null, rowModel.getObject().getOid(),
+                                task, result);
 
                 item.add(new Label(componentId, membersCount));
             }