Account Manager

This section documents the account management classes that provide user and account management capabilities.

AccountManager

class matrixone.account.AccountManager(client: Client, executor=None)[source]

Bases: BaseAccountManager

MatrixOne Account Manager for user and account management operations.

This class provides comprehensive account and user management functionality for MatrixOne databases, including account creation, user management, role assignments, and permission grants.

Key Features:

  • Account creation and management

  • User creation and authentication

  • Role-based access control (RBAC)

  • Permission grants and revocations

  • Account and user listing and querying

  • Integration with MatrixOne’s security model

Supported Operations:

  • Create and manage accounts with administrators

  • Create users within accounts

  • Assign roles to users

  • Grant and revoke permissions

  • List accounts, users, and roles

  • Query account and user information

Usage Examples:

# Create a new account
account = client.account.create_account(
    account_name='company_account',
    admin_name='admin_user',
    password='secure_password',
    comment='Company main account'
)

# Create a user within an account
user = client.account.create_user(
    username='john_doe',
    password='user_password',
    account='company_account',
    comment='Employee user'
)

# Grant permissions to a user
client.account.grant_privilege(
    username='john_doe',
    account='company_account',
    privilege='SELECT',
    object_type='TABLE',
    object_name='employees'
)

# List all accounts
accounts = client.account.list_accounts()

Note: Account management operations require appropriate administrative privileges in MatrixOne.

__init__(client: Client, executor=None)[source]

Initialize AccountManager.

Parameters:

  • client – MatrixOne client instance

  • executor – Optional executor (e.g., session) for executing SQL. If None, uses client.execute

create_account(account_name: str, admin_name: str, password: str, comment: str | None = None) Account[source]

Create a new account in MatrixOne

Args:

account_name: Name of the account to create
admin_name: Name of the admin user for the account
password: Password for the admin user
comment: Comment for the account

Returns:

Account: Created account object

Raises:

AccountError: If account creation fails
drop_account(account_name: str, if_exists: bool = False) None[source]

Drop an account

Args:

account_name: Name of the account to drop
if_exists: If True, add IF EXISTS clause to avoid errors when account doesn't exist
alter_account(account_name: str, comment: str | None = None, suspend: bool | None = None, suspend_reason: str | None = None) Account[source]

Alter an account

get_account(account_name: str) Account[source]

Get account by name

list_accounts() List[Account][source]

List all accounts

create_user(user_name: str, password: str, comment: str | None = None) User[source]

Create a new user in MatrixOne

Note: MatrixOne CREATE USER syntax is: CREATE USER user_name IDENTIFIED BY ‘password’ The user is created in the current account context.

Args:

user_name: Name of the user to create
password: Password for the user
comment: Comment for the user (not supported in MatrixOne)

Returns:

User: Created user object

Raises:

AccountError: If user creation fails
drop_user(user_name: str, if_exists: bool = False) None[source]

Drop a user according to MatrixOne DROP USER syntax: DROP USER [IF EXISTS] user [, user] …

Args:

user_name: Name of the user to drop
if_exists: If True, add IF EXISTS clause to avoid errors when user doesn't exist
alter_user(user_name: str, password: str | None = None, comment: str | None = None, lock: bool | None = None, lock_reason: str | None = None) User[source]

Alter a user

Note: MatrixOne ALTER USER supports: - ✅ ALTER USER user IDENTIFIED BY ‘password’ - Password modification - ✅ ALTER USER user LOCK - Lock user - ✅ ALTER USER user UNLOCK - Unlock user - ❌ ALTER USER user COMMENT ‘comment’ - Not supported

get_current_user() User[source]

Get current user information

list_users() List[User][source]

List users in current account

Note: MatrixOne doesn’t provide a direct way to list all users. This method returns the current user’s information.

create_role(role_name: str, comment: str | None = None) Role[source]

Create a new role

drop_role(role_name: str, if_exists: bool = False) None[source]

Drop a role

Args:

role_name: Name of the role to drop
if_exists: If True, add IF EXISTS clause to avoid errors when role doesn't exist
get_role(role_name: str) Role[source]

Get role by name

list_roles() List[Role][source]

List all roles

grant_privilege(privilege: str, object_type: str, object_name: str, to_user: str | None = None, to_role: str | None = None) None[source]

Grant privilege to user or role

Note: In MatrixOne, users are treated as roles for permission purposes.

Args:

privilege: Privilege to grant (e.g., 'CREATE DATABASE', 'SELECT')
object_type: Type of object (e.g., 'ACCOUNT', 'DATABASE', 'TABLE')
object_name: Name of the object (e.g., 'test_db', '*')
to_user: User to grant to (treated as role in MatrixOne)
to_role: Role to grant to
revoke_privilege(privilege: str, object_type: str, object_name: str, from_user: str | None = None, from_role: str | None = None) None[source]

Revoke privilege from user or role

grant_role(role_name: str, to_user: str) None[source]

Grant role to user

revoke_role(role_name: str, from_user: str) None[source]

Revoke role from user

list_grants(user: str | None = None) List[Grant][source]

List grants for current user or specified user

Account

class matrixone.account.Account(name: str, admin_name: str, created_time: datetime | None = None, status: str | None = None, comment: str | None = None, suspended_time: datetime | None = None, suspended_reason: str | None = None)[source]

Bases: object

MatrixOne Account information

name: str
admin_name: str
created_time: datetime | None = None
status: str | None = None
comment: str | None = None
suspended_time: datetime | None = None
suspended_reason: str | None = None
__init__(name: str, admin_name: str, created_time: datetime | None = None, status: str | None = None, comment: str | None = None, suspended_time: datetime | None = None, suspended_reason: str | None = None) None

User

class matrixone.account.User(name: str, host: str, account: str, created_time: datetime | None = None, status: str | None = None, comment: str | None = None, locked_time: datetime | None = None, locked_reason: str | None = None)[source]

Bases: object

MatrixOne User information

name: str
host: str
account: str
created_time: datetime | None = None
status: str | None = None
comment: str | None = None
locked_time: datetime | None = None
locked_reason: str | None = None
__init__(name: str, host: str, account: str, created_time: datetime | None = None, status: str | None = None, comment: str | None = None, locked_time: datetime | None = None, locked_reason: str | None = None) None

Role

class matrixone.account.Role(name: str, id: int, created_time: datetime | None = None, comment: str | None = None)[source]

Bases: object

MatrixOne Role information

name: str
id: int
created_time: datetime | None = None
comment: str | None = None
__init__(name: str, id: int, created_time: datetime | None = None, comment: str | None = None) None

Grant

class matrixone.account.Grant(grant_statement: str, privilege: str | None = None, object_type: str | None = None, object_name: str | None = None, user: str | None = None)[source]

Bases: object

MatrixOne Grant (permission) information

grant_statement: str
privilege: str | None = None
object_type: str | None = None
object_name: str | None = None
user: str | None = None
__init__(grant_statement: str, privilege: str | None = None, object_type: str | None = None, object_name: str | None = None, user: str | None = None) None