Skip to content
VioGraph Docs

User Management

Tutorial

User Management

Create, manage, and deactivate user accounts with role-based access

25 min Intermediate
UsersRolesAdminAccess Control

What You'll Learn

  • Create Users - Provision new accounts with role assignment
  • List & Filter - Retrieve users and filter by active status
  • Update Metadata - Change email, display name, and reactivate accounts
  • Role Assignment - Promote and demote between analyst, admin, and ops
  • Deactivate Users - Disable departed team members without deletion
1

Setup

Connect to the platform and provision personas

# Cell 1 — Parameters
USERNAME = "_FILL_ME_IN_"  # Set your email before running
# Cell 2 — Connect
from graph_olap import GraphOLAPClient
client = GraphOLAPClient(username=USERNAME)


# Cell 3 — Provision
from notebook_setup import provision
personas, conn = provision(USERNAME)
analyst = personas["analyst"]
admin = personas["admin"]
ops = personas["ops"]


# Carol (admin) manages users in this tutorial
carol = admin
print("Carol (admin) ready for user management")
2

The Role Hierarchy

Three levels of access: analyst, admin, and ops

# The three roles, from least to most privileged
roles = ["analyst", "admin", "ops"]
print("Role hierarchy (least \u2192 most privileged):")
for i, role in enumerate(roles):
    print(f"  {'  ' * i}{role}")
print("\nAnalysts: query and analyze graphs")
print("Admins:   manage users + analyst capabilities")
print("Ops:      platform configuration + admin capabilities")
3

Creating Users

Provision new accounts with default or explicit roles

from graph_olap.exceptions import ConflictError


# Carol creates Alice (analyst)
try:
    alice = carol.users.create(
        username="tutorial-alice",
        email="[email protected]",
        display_name="Alice Johnson",
        role="analyst",
    )
    print("Created Alice:")
except ConflictError:
    alice = carol.users.get("tutorial-alice")
    print("Alice already exists:")


print(f"  username: {alice['username']}")
print(f"  role:     {alice['role']}")
print(f"  active:   {alice['is_active']}")
# Carol creates Bob (analyst)
try:
    bob = carol.users.create(
        username="tutorial-bob",
        email="[email protected]",
        display_name="Bob Smith",
        role="analyst",
    )
    print("Created Bob:")
except ConflictError:
    bob = carol.users.get("tutorial-bob")
    print("Bob already exists:")


print(f"  username: {bob['username']}")
print(f"  role:     {bob['role']}")
4

Listing and Filtering Users

Retrieve users with optional active-status filtering

# List all users
users = carol.users.list(limit=10)
print(f"Total users: {len(users)}\n")
for u in users:
    status = "active" if u["is_active"] else "inactive"
    print(f"  {u['username']:<35} {u['role']:<10} {status}")
# Filter by active status
active = carol.users.list(is_active=True)
print(f"Active users: {len(active)}")
5

Updating User Metadata

Change display name, email, or reactivate accounts

updated = carol.users.update(
    "tutorial-alice",
    display_name="Alice J. Johnson",
    email="[email protected]",
)
print(f"Updated Alice:")
print(f"  display_name: {updated['display_name']}")
print(f"  email:        {updated['email']}")
6

Role Assignment

Promote or demote users between analyst, admin, and ops

# Promote Alice to admin
try:
    promoted = carol.users.assign_role("tutorial-alice", role="admin")
    print(f"Alice promoted: role={promoted['role']}")
except Exception as e:
    print(f"assign_role: {e}")


# Demote back to analyst
try:
    demoted = carol.users.assign_role("tutorial-alice", role="analyst")
    print(f"Alice demoted:  role={demoted['role']}")
except Exception as e:
    print(f"assign_role: {e}")
7

Deactivating Users

When a team member departs, deactivate rather than delete

try:
    deactivated = carol.users.deactivate("tutorial-bob")
    print(f"Deactivated Bob: is_active={deactivated['is_active']}")
except Exception as e:
    print(f"deactivate: {e}")


# Verify Bob appears as inactive
bob_check = carol.users.get("tutorial-bob")
print(f"Bob status:      is_active={bob_check['is_active']}")
# Reactivate by updating is_active
reactivated = carol.users.update("tutorial-bob", is_active=True)
print(f"Reactivated Bob: is_active={reactivated['is_active']}")
8

Bootstrap (First-Time Setup)

One-time provisioning of the first ops user on an empty database

# bootstrap() is a one-time operation for initial platform setup.
# It only works when no users exist in the database.
#
# ops.users.bootstrap(
#     username="platform-admin",
#     email="[email protected]",
#     display_name="Platform Admin",
# )
# Returns: dict with role="ops"
print("bootstrap() creates the first ops user during initial setup")
print("It only succeeds when the user database is empty")
# Clean up tutorial users
for username in ["tutorial-alice", "tutorial-bob"]:
    try:
        carol.users.deactivate(username)
    except Exception:
        pass
print("Tutorial users cleaned up")

Key Takeaways

  • Access user management via client.users with an admin or ops client
  • create() provisions new accounts with a default analyst role
  • list() and get() retrieve user data; filter with is_active
  • assign_role() promotes or demotes between analyst, admin, and ops
  • deactivate() disables accounts without deleting them -- preferred over deletion
  • bootstrap() is a one-time operation for initial platform provisioning