Understand SPE user accounts
SPE has a simple built-in system of user accounts and user roles. This allows for flexible usage of SPE in your projects – you can use it e.g. for different individual applications (each application uses its own SPE user), or simply for different user roles within single application (standard users, administrators).
Each user account has the following attributes defined:
- login name and password (obviously 😉)
- whether the account is active or not – accounts may be turned off and on
- user role – any combination of
- user – allowed to use all SPE functionality, except for the
/admin/...
endpoints - admin – allowed to use all SPE functionality, including the
/admin/...
endpoints - prioritize – allowed to prioritize SPE tasks, see Task prioritization section in the REST API documentation
- user – allowed to use all SPE functionality, except for the
- maximum pending requests – legacy REST Server 2.x attribute, ignored in SPE 3.x
It’s important to realize that each SPE user account has its own home directory, where SPE stores the account’s data, see Understanding SPE home directory article. It means that by default the accounts’ data is isolated from each other.
Therefore, if different user accounts should have access to each other’s data, you might want to use some filesystem trickery like a symlink to some shared directory, like in the following example:
├── user_1/ │ ├── data/ │ └── storage/ │ └── audio -> /shared_recordings/ ├── user_2/ │ ├── data/ │ └── storage/ │ └── audio -> /shared_recordings/ └── administrator/ ├── data/ └── storage/ └── audio -> /shared_recordings/
In the above example, we created a directory audio
in each SPE account’s storage, and symlinked it to a completely different directory shared_recordings
. If any of the SPE accounts uploads a file to the audio
directory, the file will be accessible by the other SPE accounts.
NOTE:
When using such trickery, all “the other” accounts still need to register the file to be able to actually use it in SPE… otherwise, the file would be visible only by the account which originally uploaded the file. This is because SPE keeps some file metadata (name, timestamps, …) in its database and files not having its database record (associating them with the SPE account) are not visible by SPE and by the account.
Similar trickery can be done with the data
directory, allowing to share LID language models and language packs, or SID speaker models, etc. between accounts.
User accounts management
SPE user accounts can be managed using REST API (see Administration section of the API documentation), or using command line administration utilities phxadmin
or phxadmin2
(see Understading SPE executable files article).