Here are some tasks that a SHRINE system administrator may need to do from time to time.

Handling Lockout

In SHRINE, when a user runs too many queries that return the same result from a site's Adapter, that user will be locked out from that site. This will usually show itself in the form of an AdapterLockoutException coming back from a site when executing a query.

Temporary Unlock

To unlock a user that has locked themselves out by accident, an administrator with database access must run the following query on the shrine_query_history database:

insert into PRIVILEGED_USER (USERNAME, THRESHOLD, DOMAIN, OVERRIDE_DATE) VALUES (“[affected-user]", [threshold], “[i2b2-domain]", CURRENT_TIMESTAMP());

• Replace [affected-user] with the username of the user that needs to be unlocked.
• Replace [threshold] with the value of adapterLockoutAttemptsThreshold in the adapter{} block in shrine.conf.
• Replace [i2b2-domain] with the domain that the affected user belongs to. This information should be included in the AdapterLockoutException message caused by this user running a query.

"Permanent" Unlock

There are legitimate use cases for this, such as system administrators performing testing or diagnostics, which will result in the same query being executed several times, inevitably hitting the lockout threshold defined in shrine.conf. If you would like to work around this, you may run a query similar to the above, replacing [threshold] with a significantly higher value.

insert into PRIVILEGED_USER (USERNAME, THRESHOLD, DOMAIN, OVERRIDE_DATE) VALUES (“[admin]", 999999, “[i2b2-domain]", CURRENT_TIMESTAMP());

• Replace [admin] with the username of the user that you wish to grant this privilege to.
• Replace [i2b2-domain] with the domain that the admin belongs to. For example: i2b2demo