For some time now I use a TI process to count TM1 users, in the following ways:
- Number of Admin users
- Number of Write users
- Number of Read users
- Number of Disabled users
- Number of non-admin users
- Number of read only users
I decided to rewrite the process using tm1py. I succeeded but if someone can have a look at the coding and suggest improvements, that would be awesome. Nice to have's will be to output user friendly names and also output to a text file in the TM1 data directory. Also, breaking out of the nested loops near the end of the code, that would be more efficient.
Questions for Marius Wirtz or others:
- is there an easy way to return the Admin users in a TM1 model ?
- is tm1.cells.get_value the easiest and best way to retrieve 1 (or only a handful) cube values similar to CellGetN/S in TI ?
- as I noted elsewhere, being part of the Admin group overrides the IsDisabled client property. You might want to take that into account.
Code: Select all
from TM1py import TM1Service
from TM1py.Objects import User
ADDRESS = "localhost"
PORT = 8001
USER = "Wim"
PWD = "my_password"
SSL = False
tm1 = TM1Service(address=ADDRESS, port=PORT, user=USER, password=PWD, ssl=SSL)
admin_users = []
non_admin_users = []
write_users = []
read_users = []
read_only_users = []
disabled_users = []
# get read-only users
cubeContent = tm1.cells.execute_mdx_rows_and_values('SELECT {[}ClientProperties].[ReadOnlyUser]} ON COLUMNS, {[}Clients].MEMBERS} ON ROWS FROM [}ClientProperties]')
for user in cubeContent:
if str(cubeContent[user][0]) != 'None':
username = str(user[0]).replace('[}Clients].[}Clients].[','').replace(']','')
read_only_users.append(str(username))
# get admin users, non-admin users, disabled users
# also, write and read users
users = tm1.security.get_all_users()
cubes = tm1.cubes.get_model_cubes()
for user in users:
if str(user._user_type) == 'Admin':
admin_users.append(str(user._name))
else:
non_admin_users.append(str(user._name))
if user._enabled == False:
disabled_users.append(str(user._name))
else:
vClient_Access = ''
if str(user._name) not in read_only_users:
# loop over all application cubes
groups = tm1.security.get_groups(user._name)
for cube in cubes:
for group in groups:
sAccess = tm1.cells.get_value('}CubeSecurity', cube.name + ',' + str(group), ["}Cubes", "}Groups"])
if not sAccess in ['','None','Read']:
vClient_Access = 'W'
if vClient_Access == 'W':
write_users.append(str(user._name))
else:
read_users.append(str(user._name))
# output
print('Number of users: ' + str(len(users)))
print('\tNumber of admin users: ' + str(len(admin_users)))
print('\tNumber of write users: ' + str(len(write_users)))
print('\tNumber of read users: ' + str(len(read_users)))
print('\tNumber of disabled users: ' + str(len(disabled_users)))
print('')
print('\t[Number of non-admin users: ' + str(len(non_admin_users)) + ']')
print('\t[Number of read-only: ' + str(len(read_only_users)) + ']')
print('')
if admin_users:
print("Admin users:\n\t" + "\n\t".join(admin_users) + "\n")
if write_users:
print("Write users:\n\t" + "\n\t".join(write_users) + "\n")
if read_users:
print("Read users:\n\t" + "\n\t".join(read_users) + "\n")
if disabled_users:
print("Disabled users:\n\t" + "\n\t".join(disabled_users) + "\n")
if non_admin_users:
print("Non-admin users:\n\t" + "\n\t".join(non_admin_users) + "\n")
if read_only_users:
print("Read-only users:\n\t" + "\n\t".join(read_only_users) + "\n")