User management and login permission


#1

Dear Redash Team.
We use self-hosted version 4.0.1 of Redash in our company and now 25 people in 5 team with 3 analysts and really Redash help us on implementing data-driven teams.

We have a big issue in user management and login permission.

First, we made different data sources and group it by teams, then create queries and dashboards with the specific data sources, so each team and its members have restricted access.

The issue is where I want to prevent a user to log in again.
If that user has created any queries or dashboards, we couldn’t remove this user from the Redash database using below code:
SSH into server
cd /opt/redash/current
sudo -u redash bin/run ./manage.py users delete useremail@domain.com

If we replace the userID filed in Redash database with another userID, we will miss historical data about “who did this before?”

If we change the user’s email and then send reset password email, the new email will access but the old one has access until logged out.

now we just find 1 solution and it is changing the domain in order to lose the previous session and log in. then the user I want to prevent to log in when trying to log in, couldn’t do that because I changed the email.

I think there could be a better and quicker way to manage who can and who couldn’t use Redash(self-hosted). I think it is worth to spend time and resource for development because it is about the data governance.

I wonder if you can show me other solution which I can use now and if there is no other way, let me know your idea about it and any possible development plan.

Regards


#2

In v5 we added the option to disable a user, to support this scenario.

But regardless some of the issues you mentioned (like the user stays logged in after change to the account), are issues we want to address.

A simpler approach is to change the COOKIE_SECRET value, which will effectively log everyone out.