Users

The users system is intended to help organize experiments, commands, TensorBoards, and notebooks according to the users that create them. Initially, a PEDL installation has two users: admin and pedl.

By default, the pedl user is authenticated automatically by the WebUI and CLI when any action is performed. If individual user accounts are not required, no additional configuration is needed. In this circumstance, all assets created within PEDL (experiments, commands, etc.) will be attributed to pedl.

The admin user can be used to create users, change other users' passwords, and activate/deactivate users.

Note

The admin user initially has a blank password. The user change-password subcommand can be used by the admin to update the admin's password:

pedl -u admin user change-password

To disable the default user, the admin user should invoke the user deactivate subcommand:

pedl -u admin user deactivate pedl

This will invalidate all existing sessions for the pedl user.

Authentication

CLI

In the CLI, the user login subcommand can be used to authenticate a user:

pedl user login <username>

Logging in results in a persistent session, which lasts for 30 days. The session can be terminated using:

pedl user logout

WebUI

The WebUI will automatically redirect users to a login page if there is no valid PEDL session established on that browser. After logging in using valid credentials, the user will be redirected to the URL they initially attempted to access.

A browser PEDL session can be ended by clicking "Sign out" under the user menu in the top right of the WebUI.

Temporary authentication on the CLI

In some cases, it may be useful to execute a single command as a specific user without starting a persistent session for that user (think of the sudo command on a Unix-like system). In PEDL, this can be achieved with the -u flag:

pedl -u <username> ...

This will execute the specified command as the given user without creating a permanent session for that user. Note that even though no persistent session is created, an authentication token is stored for that user so that future attempts to execute commands as that user will not require a password to be provided. This token can be discarded using the user logout subcommand:

pedl -u <username> user logout

Creating users

The admin user can create users with the following command:

pedl -u admin user create <username>

By default, new users have a blank password.

Changing passwords

A user can change their password using the user change-password subcommand:

pedl user change-password

An admin can change another user's password by supplying the target username as an option to the user change-password subcommand:

pedl -u admin user change-password <target-user>

Listing assets

CLI

When using the CLI to list experiments, commands, etc., the default behavior is to show only those assets belonging to the current session's user. It is possible to override this behavior to instead show assets owned by all users by passing the -a flag to the respective commands:

pedl experiment list -a   # List all experiments.
pedl command list -a      # List all commands.
pedl notebook list -a     # List all notebooks.
pedl tensorboard list -a  # List all TensorBoards.

WebUI

Just as in the CLI, the default behavior of the WebUI is to show only those assets that were created by the current session's user. To see assets belonging to all users, uncheck the "Show only mine" checkbox in the filter panel found in the tab for each asset type.

Activating/deactivating users

When a user is created, they are designated as active by default. Only active users can interact with PEDL. The admin user can deactivate a user with the user deactivate subcommand:

pedl -u admin user deactivate <target-user>

All assets created by a deactivated user (prior to their having been deactivated) will remain available through both the WebUI and the CLI.

To reactivate a user, user activate can be used:

pedl -u admin user activate <target-user>