View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0020772 | mantisbt | administration | public | 2016-03-31 21:52 | 2017-11-28 12:32 |
Reporter | vboctor | Assigned To | vboctor | ||
Priority | normal | Severity | feature | Reproducibility | N/A |
Status | closed | Resolution | fixed | ||
Product Version | 1.3.0-rc.1 | ||||
Target Version | 1.3.0-rc.2 | Fixed in Version | 1.3.0-rc.2 | ||
Summary | 0020772: Allow administrators to impersonate users | ||||
Description | There are multiple scenarios where user impersonation is a useful feature. For examples:
Any user with the access of managing users, should be able to do the above. Hence, instead of specifically checking for "administrator" access level, use the config option 'manage_user_threshold'. | ||||
Tags | mantishub | ||||
I agree this would be a useful feature, particularly in a user support context (cases 1 & 2).
There is a potentially sensitive security aspect to this, and as an admin I may want to delegate user management without letting them impersonate others. It may therefore be more appropriate to have a dedicated setting to control this privilege. |
|
I've added a separate configuration option for the impersonation threshold defaulted to ADMINISTRATOR. So administrator can set it to lower threshold or NOBODY. |
|
MantisBT: master 9ee63231 2016-03-31 17:53 Details Diff |
Allow administrators to impersonate users There are multiple scenarios where user impersonation is a useful feature. For example: 1. When an administrator is troubleshooting an error reported by one of the users. 2. When an administrator wants to verify what issues/projects are and are not visible to specific user. 3. When a user creates an (service) account and wants to create an API key for such account. Any user with the access of managing users, should be able to do the above. Hence, instead of specifically checking for "administrator" access level, use the config option 'manage_user_threshold'. Fixes 0020772 |
Affected Issues 0020772 |
|
mod - core/authentication_api.php | Diff File | ||
mod - lang/strings_english.txt | Diff File | ||
mod - manage_user_edit_page.php | Diff File | ||
add - manage_user_impersonate.php | Diff File | ||
MantisBT: master 650ceb18 2016-04-01 15:22 Details Diff |
Add 'Impersonate User' to user view page - Added the impersonate button to user view page. - Added some impersonation APIs for access checks and used them - Change location of 'Impersonate User' button on manage user page. Fixes 0020772 |
Affected Issues 0020772 |
|
mod - core/authentication_api.php | Diff File | ||
mod - manage_user_edit_page.php | Diff File | ||
mod - view_user_page.php | Diff File | ||
MantisBT: master c711645c 2016-04-01 18:39 Details Diff |
Add 'impersonate_user_threshold' config option Add a configuration option to control the threshold needed to be able to impersonate other users. Fixes 0020772 |
Affected Issues 0020772 |
|
mod - config_defaults_inc.php | Diff File | ||
mod - core/authentication_api.php | Diff File | ||
mod - docbook/Admin_Guide/en-US/Configuration.xml | Diff File | ||
mod - docbook/Admin_Guide/en-US/User_Management.xml | Diff File | ||
add - docbook/Admin_Guide/en-US/config/user.xml | Diff File |