clarkwinkelmann changed the title to FoF Impersonate, login as other users .

0.4.1

  • Adds an Impersonated event when a user impersonates another user
  • Integrates with fof/moderator-notes as of 0.1.3

Updating

composer require fof/impersonate
php flarum cache:clear
21 days later

0.5.0

  • New modal
  • Integrates with fof/moderator-notes
  • Changed endpoint from /impersonate/{user id} to /impersonate (provide user ID and reason in POST body)
  • Admin option to enable required reason
  • Impersonated event passes the 'reason' for processing by fof/moderator-notes (or any other extension that wants to listen for this)

Full integrations with fof/moderator-notes as of 0.1.6

  • [Forum]fof/moderator-notes disabled:
    image

  • [Forum]fof/moderator-notes enabled, but reason not enforced:
    image

  • [Forum[fof/moderator-notes enabled, reason enforced (pls ignore the 'debug'!):
    image

  • [Admin]fof/moderator-notes not installed
    image

  • [Admin]fof/moderator-notes enabled, default setting
    image

Updating

composer require fof/impersonate
php flarum cache:clear
6 days later

Can someone enlight me on why do we have this extension? I mean why would I want to impersonate an user?

    Kylo I'm sure there are many use cases. For me the most important is help desk / troubleshooting. You don't want to need to ask a user password to inspect what they can see when they have a problem. It's a feature many websites have for customer support. Depending on the context, you might want to add a PIN feature to prevent abuse, this feature is not available at this time.

    It's also very useful in staging environments for switching test users.

    The number of downloads clearly shows there is interest.

    As for spying on users, an admin can always do it anyway. With this extension they could extend that power to users who don't control the server hardware.

    Of course if you don't like the concept, you can simply not install it.

      • [deleted]

      • Post #38

      Kylo Can someone enlight me on why do we have this extension? I mean why would I want to impersonate an user?

      Literally every online platform in fact has this - it's really the only way to simulate the user experience in terms of troubleshooting etc. In most cases, impersonation is installed as a role, but can only be activated by the customer, and for set periods of time.

        I have a couple of questions regarding the extension.
        1- Do users get notified by any chance when impersonating them? Can they check logs of who got into their accounts somehow?
        2- Am I able to be on someone's account at the same time he is on his account? So both of us using the account at the same time

        • IanM replied to this.

          Mark73 1- Do users get notified by any chance when impersonating them? Can they check logs of who got into their accounts somehow?

          No, there is no indication to the user. A record is logged that the action was performed if fof/moderator-notes is also installed however.

          Mark73 2- Am I able to to be on someone's account at the same time he is on his account? So both of us using the account at the same time

          Yes, this is possible

                IanM
                Would moderators be able to check if I (admin) logged into someone's account through moderator notes? Or is this optional?

                • IanM replied to this.

                    Mark73 this would also be logged in the moderator notes

                        IanM I get it, I'm just asking if this is mandatory when having the moderator notes extension? I don't want mods to be able to check my impersonation logs through the moderator notes. I hope this explained it well

                        • IanM replied to this.

                            Mark73 Understood. I guess adding an option to allow admin users to silently impersonate is a possibility.

                              15 days later

                              I'm getting this error when trying to install the extension locally:

                              Content-Length mismatch, received 31475 bytes out of the expected 1478527
                              http://repo.packagist.org could not be fully loaded, package information was loaded from the local cache and may be out of date

                                Mark73 I doubt it's specific to this extension. Maybe your proxy or firewall is messing up with Composer. Or Packagist experiences difficulties of their own.

                                    clarkwinkelmann Makes sense, I tried to install some other extensions and it did not work! I will try to figure it out

                                      6 months later
                                      12 days later

                                      The impersonate function doesn't seem to be working for me, not sure if it's isolated to my setup. I do have a SSO extension, but I even disabled it for testing with no luck. After initiating the login of a user the page refreshes but I'm still logged in as myself. Can anyone else who has this on Beta 15 let me know if it is working for them?

                                        ctml I have just used Impersonate on beta 15 without any issue.

                                        Can you maybe try disabling some extensions to see whether any is causing the problem?