p4 user
Create, edit, or delete Helix Server user specifications and preferences.
Syntax
p4 [g-opts] user [-f] [username]
p4 [g-opts] user -d [-f | -F] username
p4 [g-opts] user -D [-f | -y] username
p4 [g-opts] user -o [username]
p4 [g-opts] user -i [-f]
Description
Use the p4 user
command to edit user specifications and preferences, or to
create new user records.
By default, Helix Server creates a new user whenever a previously unknown user invokes any command that can update the repository or its metadata. We recommend that a Helix Server superuser prevent this with the dm.user.noautocreate configurable. See Recommended settings to configurables for security in Helix Core Server Administrator Guide.
Although users and groups can exist without an entry in the protection table, they cannot run commands until the protections table has an entry that applies to them. Permissions that control access to files, directories, and commands are assigned to a user
or a group
of users with p4 protect permission levels, such as list
, read
, write
, admin
, and super
.
For graph depots A depot of type graph that is used to store Git repos managed by Helix Core Server. See also Git Connector and classic depot., access control is assigned to users or groups with a different command, p4 grant-permission (graph).
When called without a username
, p4
user
can be used to edit the specification of the current user, such as edits to the Reviews:
field.
When
called with a username
, the user specification is
displayed, but cannot be changed. The form appears in the editor defined
by the P4EDITOR
environment
variable.
Helix Server
superusers can create new users or edit existing users' specifications
with the -f
(force) option: p4 user -f
username
. Both the -f
and -F
options can be
used to delete users, but the -F
option has additional
effects on protections and groups. See Options
below.
The user who gives a Helix Server command is not necessarily the user under whose name the command runs. The user for any particular command is determined by the following:
- If the user running the command is a
Helix Server
superuser, and uses the syntax
p4 user -f username
, userusername
is edited. - If the
-u username
option is used on the command line (for instance,p4 -u joe submit
), the command runs as that user named "joe" (a password might be required). - If the above has not been done, but the file pointed to by the
P4CONFIG
environment variable contains a setting forP4USER
, the command runs as that user. - If neither of the above has been done, but the
P4USER
environment variable has been set, the command runs as that user. - If none of the above apply, the username is taken from the OS
level
USER
orUSERNAME
environment variable.
Removing users
Before you delete users based on their last access time, check the access time directly on the edge and replica servers, in addition to checking the access time on the master or commit server.
The -D option can be convenient for the administrator if a user leaves the organization. This option not only deletes the specified user, it also deletes all the client workspaces that belong to the absent user. See Options and Examples.
Types of users
Once you set the user type, you cannot change it.
standard user |
By default,
Helix Server
creates a new user record in its database whenever a command is issued by
a user who does not exist.
Helix Server
superusers can also use the
$ p4 user -f username
Fill in the form fields with the information for the user you want to create. The Permissions for standard usersAlthough users and groups can exist without an entry in the protection table, they cannot run commands until the protections table has an entry that applies to them. See |
|||||||||
operator user |
|
|||||||||
service user |
Note
Although a service user cannot run p4 pull or p4 journalcopy directly on the command line, the service user on a replica automatically runs this command to retrieve metadata and archive content (versioned files) from the master. To create a service user, run the command:
$ p4 user -f service1
The standard user form is displayed. Enter a new line to set the new
user’s User: service1 Email: services@example.com FullName: Service User for remote depots Type: service By default, the output of p4 users omits service
users. To include service users, run Tip
We recommend you include your service users in a group. See the p4 group topic. Permissions for service usersOn your server, use Note
For more information about the environments where you might want a service user, see Deployment architecture and Remote depots and multi-server development in the Helix Core Server Administrator Guide |
For a table that shows the minimum access level required to run each command, see Access levels required by Helix Server commands in Helix Core Server Administrator Guide.
Form Fields
Field Name | Type | Description |
---|---|---|
|
Read-only |
The
Helix Server
username under which Be aware of the Limitations on characters in filenames and entities. |
|
Read-only |
Type of user: Important
The type cannot be changed after the user is created. |
|
Writable |
One of the following:
|
|
Writable |
The user’s email address. By default, this is
|
|
Read-only |
The date and time this specification was last updated. |
|
Read-only |
The date and time this user last ran a Helix Server command. Warning
If you are deleting users based on their last access time, check the access timestamp directly on the edge and replica servers in addition to the access time on the master or commit server. Do not expect the master or commit server to have the timestamps of when users accessed edge and replica servers. |
|
Writable |
The user’s full name. |
|
Writable |
A description of the jobs to appear automatically on all new changelists (see Usage Notes). |
|
Writable |
The user’s password (see Usage Notes ). |
|
Read-only |
The date and time of the user’s last password change. If the user has no password, this field is blank. |
|
Writable List |
A list of files the user would like to review (see Usage Notes). This field can include exclusionary mappings. |
If there is a line under a field, indent that line. For example,
Reviews: //depot/path/to/directory1/... //maria/depot/path/to/directory1/... //depot/path/to/directory2/... //maria/depot/path/to/directory2/...
Options
|
Deletes the specified user and can be used by:
If you have set |
-D username
|
Only a Helix Server superuser can use this option, which:
However, this option:
Note
Does NOT delete workspace clients that have files opened by OTHER users. To force the deletion of workspace clients that have files opened by OTHER users, combine the -D option with the -f option in preview mode. To perform the operation, add the -y option. See Examples. |
-y
|
Used with -D to actually perform the delete operation. Without -y, p4 user -D, p4 user -D -f, and p4 user -D -F merely report what the command would do IF -y were included. Note
p4 user -D -y, p4 user -D -f -y, and p4 user -D -F -y cannot be undone. |
|
Superuser force option that allows the superuser to create, modify, or delete the specified user, or to change the last modified date. (preview mode unless the -y option is added) |
|
Superuser option that is used with the |
|
Read the user specification from standard input. The input must
conform to the |
|
Write the user specification to standard output. |
|
See Global options. |
Usage Notes
Can File Arguments Use Revision Specifier? | Can File Arguments Use Revision Range? | Minimal Access Level Required |
---|---|---|
N/A |
N/A |
|
- The
-d
option can be used by non-superusers only to delete the user specification that invoked thep4 user
command. Helix Server superusers can delete any Helix Server user. - User deletion fails if the specified user has any open files. Submit or revert these files before deleting users.
-
By default, user records are created without passwords, and any Helix Server user can impersonate another by setting
P4USER
or by using the globally available-u
option. To prevent another user from impersonating you, set a password with thep4 passwd
command.Passwords can be created, edited, or changed in the
p4 user
form or by using thep4 passwd
command. Setting your password in thep4 user
form is only supported at security levels0
or1
. You canp4 passwd
to set passwords at any server security level, and you must usep4 passwd
to set passwords at higher security levels. For more about how the various security levels work, see the Helix Core Server Administrator Guide.TipIf you edit the Password: field in the
p4 user
form, do not use the comment character#
within the password. Helix Server interprets everything following that character on the same line as a comment, and does not store it as part of the password.If the
dm.user.resetpassword
configurable has been set, all users created with passwords are required to reset their passwords before they can issue commands. - Passwords are displayed as six asterisks in the
p4 user
form regardless of their length. - If you are using ticket-based authentication (see
p4 login
for details), changing your password automatically invalidates all of your outstanding tickets. - The collected values of the
Email:
fields can be listed for each user with thep4 users
command, and can used for any purpose. -
The
p4 reviews
command, which is used by the Helix Server change review daemon, uses the values in theReviews:
field; when activated, it will send email to users whenever files they’ve subscribed to in theReviews:
field have changed. Files listed in this field must be specified in depot syntax.
For example, if userjoe
has aReviews:
field value of//depot/main/... //depot/.../README
the change review daemon sends
joe
email whenever anyREADME
file has been submitted, and whenever any file under//depot/main
has been submitted.Another example for the
Reviews:
field is://depot/*/relnotes.txt
to send notification for changes to the relnotes.txt file on all the branches in the depot.
-
There is a special setting for job review when used with the Helix Server change review daemon. If you include the value:
//depot/jobs
in your
Reviews:
field, you will receive email when jobs are changed. -
If you set the
Jobview:
field to any valid jobview, jobs matching the jobview appear on any changelists created by this user. Jobs that are fixed by the changelist should be left in the changelist when it’s submitted withp4 submit
; other jobs should be deleted from the form before submission.For example, suppose the jobs at your site have a field called
Owned-By:
. If you set theJobview:
field on yourp4 user
form toOwned-By=
, all open jobs owned by you appear on all changelists you create. Seeyourname
&status=openp4 jobs
for a full description of jobview usage and syntax. - user
sammy
- all of
sammy
's workspace clients, except those where a user other thansammy
has files opened - user sammy
- all of
sammy
's workspace clients, except those where a user other thansammy
has files opened - user sammy
- all of
sammy
's workspace clients, including those where a user other thansammy
has files opened - user sammy
- all of
sammy
's workspace clients, including those where a user other thansammy
has files opened - user sammy
- all of
sammy
's workspace clients, including those where a user other thansammy
has files opened -
sammy from the protections table and groups
Examples
|
View the user specification of
Helix Server
user |
|
Edit the user specification for the current Helix Server user. |
|
Delete the user specification for the
Helix Server
user |
|
Previews the deletion of: |
|
Performs the deletion of: Note
Cannot be undone. |
|
Previews the deletion of: |
|
Performs the deletion of: Note
Cannot be undone. |
|
Performs the deletion of: Note
Cannot be undone. |
|
Run This command does not work at higher security levels. |
|
Create a new
Helix Server
user named |
Related Commands
To view a list of all Helix Server users |
|
To change a user’s password |
|
To view a list of users who have subscribed to review particular files |
|
To control how new users are created by changing the
|