User management¶

Management of users within Refinery is performed with the Command Line Interface via the user command:

refinery user - Usage

Description: User management

    --list-users:                   List all users currently defined in the system
    --list-groups:                  List all groups currently defined in the system
    --list-users-in-group *group*:  List all the users that are members of the specified group

    --get-user *user*:              Retrieve details of the specified user

    --add-group *group*:            Add the specified group to the system
    --add-user:                     Add the specified user to the system
      --user *user*
      --group *group*
      [--password *password*]:      Optional fixed temporary password for the new user

    --add-user-to-group:            Add the specified user to the specified group
      --user *user*
      --group *group*
    --remove-user-from-group:       Remove the specified user from the specified group
      --user *user*
      --group *group*

    --delete-user *user*:           Deletes the specified user from the system
    --delete-group *group*:         Deletes the specified group from the system

User types¶

There are 5 different user types available in Refinery:

daasSuperUsers -- have access to the entire system, including backend access
daasAdministrators -- have access to the entire Administration platform and Delta IDE. The servers that Administrators may manage is limited by the client they are listed.
daasMonitoring - exist on all the same servers as Administration but only have access to the Delta Monitoring dashboards and the GW Query Building dashboard.
daasApplication - only exist on application servers. They are limited to running the built in "get*" functions. This is only to be used by applications (not by people). Therefore, should not be used via the Delta IDE.
daasSandbox - exist only on sandbox servers. On this they may run free-form queries but only have access to t+1 data.

daasSuperUsers have the permission to manage all types of users, including daasSuperUsers, on any daasInstance they exist on, but daasAdministrators can only manage non-super users.

Changing the administrator password¶

You can change the password for an Administrator user by logging into Delta Control as Administrator, opening the dropdown menu in the top right and selecting Change Password (See screenshot below).

In the case that the Administrator password is changed, then the rfavelocity processes need to be provided with the updated password. This is because the rfavelocity processes connect to Delta Control when they start up and the default login credentials used are Administrator:password.

To change this, the instance parameter parameterText needs to be updated on each feed handler to contain the value --deltacontrol-login-name=Administrator:<NEW_PASSWORD> This will pass the updated credentials to the rfavelocity process as it starts up and it will connect to Delta Control using these credentials rather than the default.

Please see the example below where the Administrator password has been changed to R3f1n3ry! so the value filled in for parameterText is --deltacontrol-login-name=Administrator:R3f1n3ry!

Note: This must be done for all rfavelocity feed handlers that are in use and they should be restarted after the password change.