9 User Management

9.1 User Roles

Every RStudio Connect user account is configured with a role that controls their default capabilities on the system. Data scientists, analysts and others working in R will most likely want “publisher” accounts. Other users are likely to need only “viewer” accounts.

The DefaultUserRole property within the Authorization configuration section specifies the role for new accounts and defaults to “publisher”.

Administrator

RStudio Connect administrator accounts have permissions which allow them to manage the service. This includes setting the role of an account and configuring email settings.

Publisher

Accounts with a “publisher” role are allowed to deploy content into RStudio Connect. They can also help manage another user’s content when made a “collaborator” of that content.

Viewer

“Viewer” accounts can be added as a viewer to specific content. They can discover that content through the RStudio Connect dashboard and see its settings. Viewers can also email themselves copies of documents they are permitted to see.

Anonymous

An anonymous visitor to RStudio Connect who is not authenticated with the system can view content that has been marked as viewable by “Everyone”.

9.2 Locked Accounts

You can prohibit a user from accessing RStudio Connect by “locking” their account. This control is available to administrative users when editing user profile information in the RStudio Connect dashboard.

Locked users are prohibited from signing into RStudio Connect, deploying content, and otherwise interacting with the service.

A locked account is not deleted and deployed content continues to be available. A non-personal report configured with scheduling and distribution will continue to execute according to its schedule. A locked user no longer receives scheduled content at their email address.

Content owned by a locked user can be deleted by a collaborator or by an administrative user. Each piece of deployed content must be deleted individually; there is no bulk removal.

A locked user can be subsequently unlocked. All their previously allowed abilities are immediately restored.

9.3 User Renaming

Administrators may alter the usernames of existing users on the system regardless of the current authentication system. Users will still be able to access their deployed content and content that has been shared with them. If they have existing vanity URLs with their username incorporated, none of those will be altered. They will, of course, need to use the new username when logging in.

If the user has authenticated inside of the RStudio IDE, they will still be able to deploy using a previous connection; however, the IDE will continue displaying their old username during deployments. To minimize the risk of future ambiguity, we recommend that the user disconnect and reconnect their IDE to RStudio Connect so that the valid username is displayed.

9.4 Command-Line Interface

Connect includes a usermanager command for some basic user management tasks. This utility helps you list users and modify user roles in the event that no one can access a Connect administrative user account.

The user management utility is installed at /opt/rstudio-connect/bin/usermanager. It uses the configuration defined in /etc/rstudio-connect/rstudio-connect.gcfg unless you specify an alternate configuration file with the --config flag.

The usermanager utility must be run as root.

The usermanager utility can only be run when Connect is stopped. See Section 5.1 for information on stopping and restarting Connect.

9.4.1 Commands

The usermanager utility supports two commands:

  • list: Lists users
  • alter: Changes a user’s role

9.4.2 Flags

Configuration for usermanager:

  • --config: The full or relative path to a Connect configuration file (.gcfg). Defaults to /etc/rstudio-connect/rstudio-connect.gcfg.

Flags for the list command:

  • --include-locked: Includes locked user accounts in the list.

Flags for the alter command:

  • --username: Specifies the user name of the user to alter.
  • --role: Specifies the role to set for the user. Allowed roles are viewer, publisher, and administrator.
  • --force: Force demotion of the last remaining administrator.

9.4.3 Examples:

List unlocked users:

sudo ./bin/usermanager list

List all users (locked and unlocked):

sudo ./bin/usermanager list --include-locked

Specify a custom configuration file

sudo ./bin/usermanager --config /etc/connect/mycustomconfig.gcfg list

Promote the user john to an administrator role

sudo ./bin/usermanager alter --username john --role administrator

Demote the last remaining administrator to a non-administrative role

sudo ./bin/usermanager alter --username admin --role publisher --force