Discussion in 'XenForo Suggestions' started by Princeton, Aug 6, 2010.
For administrative purposes, can we get a "Login as User" feature?
Which administrative purposes? .. I could never think of any to be honest.
Can I extend this into a "View as $usergroup" request for style/mod testing? Or is that a bit irrelevant?
either way, most likely something for a mod rather than part of the core
This will end up being a mod but I have Cybernetec's mod installed on my vB forum as it saves me creating test accounts to test things that affect my users - I can just log into their account to check the styles/permissions/etc.
me too but now he's Valter ...
I don't agree having this option as default in the package as this could cause privacy problems for members and they might feel uncomfortable browsing the website.
This should be implemented for sure!
I have needed/used this feature quite frequently on one of my forums, but I honestly don't think it's something that needs to be included in the default package. It's best suited as a modification, IMO.
Floris, you don't imagine how many times I have to either open a incognito window or a new browser to log in as a test user on a specifig usergroup to check permisions or template changes when I do modifications on my site
Edit: totally understood wrong the first post so my comment is nonsense... At most I would like to have a see forum with xxx user permissions, I was explaining on my post that I'd like a feature to see the forum as if I belonged to a specific usergroup but never to login as a specific user, as this would imply privacy issues, that is why also I always refused to install mods that would allow me to for instance check user PMs or something else, even if my mods from time to time request it.
phpBB has a nice feature whereby an Admin can test out a user's permissions and browse the forum as they would.
I usually have a few browsers open... good fun
I would implement this on a basis whereby you can log into their account and browse but you can't edit anything in terms of profiles etc.
A lot of you are thinking "if it's admin-only, they can just go into the admincp and edit it anyway", but this method prevents admins from messing around with user's accounts (as a joke or whatever). Users expect their accounts to have some kind of security and allowing admins to log in to their account violates that (especially if they can change things). I also think things like private conversations shouldn't be visible when an admin logs in to their account.
Database-wise, unless those private conversations are encrypted (which would most likely be easily reversible by the administrator in question), the administrator can simply access the raw records. So, if the administrator wants to see those private conversations, he/she will.
I know that they can be accessed by the database, but are you really going to look through the DB without a good reason?
I think it's logical that if PCs are so easily accessible just by logging into someone's account then you're more susceptible to reading them and violating the "private" part of the conversation.
Get what I'm saying?
Exactly my thoughts. If an administrator wanted to read PMs, he/she would find a way to do it, regardless of what kind of limitations the "admin log in as user" tool has.
Somebody without the morals or willpower to stop themselves from reading PMs, regardless of how easy it is, would probably end up reading them some other way anyways.
Precisely. In addition, the user's private conversations would not actually be "safe", he/she would simply be deceived into thinking so.
James, I understand what you are saying completely, but I do not believe such a facade is worth implementing.
In regards to the initial suggestion, I would like for it to be implemented.
What I'm thinking is what about handling things like Alerts, Unread threads, etc?
I don't see this in such a demand that it should be a default feature in XF (I don't see how it could be used at all).
On one of my forums, most of my members aren't very tech-savvy, and sometimes it seems like using a forum is like rocket science to them. There are countless occasions in which I've been asked to change a setting for users, delete a thread subscription for them, check out why they can't post without getting a weird error, etc.
It's an invaluable tool that has made my life easier. Without it, I'd have to ask users for their passwords (or change it to a dummy password) and then advise them to change it back.
But as I said earlier, as great as this tool is, I believe it's best-suited as an add-on.
Ah, thanks for the explanation.
Separate names with a comma.