• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

[Suggestion] Admin Option: Login As User

Disjunto

Well-known member
#3
Can I extend this into a "View as $usergroup" request for style/mod testing? Or is that a bit irrelevant?

either way, most likely something for a mod rather than part of the core
 

James

Well-known member
#4
This will end up being a mod but I have Cybernetec's mod installed on my vB forum as it saves me creating test accounts to test things that affect my users - I can just log into their account to check the styles/permissions/etc.
 

KURTZ

Well-known member
#5
This will end up being a mod but I have Cybernetec's mod installed on my vB forum as it saves me creating test accounts to test things that affect my users - I can just log into their account to check the styles/permissions/etc.
me too :) but now he's Valter ... :D
 
#9
Which administrative purposes? .. I could never think of any to be honest.
Floris, you don't imagine how many times I have to either open a incognito window or a new browser to log in as a test user on a specifig usergroup to check permisions or template changes when I do modifications on my site

Edit: totally understood wrong the first post so my comment is nonsense... At most I would like to have a see forum with xxx user permissions, I was explaining on my post that I'd like a feature to see the forum as if I belonged to a specific usergroup but never to login as a specific user, as this would imply privacy issues, that is why also I always refused to install mods that would allow me to for instance check user PMs or something else, even if my mods from time to time request it.
 

Brogan

XenForo moderator
Staff member
#10
phpBB has a nice feature whereby an Admin can test out a user's permissions and browse the forum as they would.
 

Disjunto

Well-known member
#11
Floris, you don't imagine how many times I have to either open a incognito window or a new browser to log in as a test user on a specifig usergroup to check permisions or template changes when I do modifications on my site
I usually have a few browsers open... good fun :)
 

James

Well-known member
#12
I would implement this on a basis whereby you can log into their account and browse but you can't edit anything in terms of profiles etc.
A lot of you are thinking "if it's admin-only, they can just go into the admincp and edit it anyway", but this method prevents admins from messing around with user's accounts (as a joke or whatever). Users expect their accounts to have some kind of security and allowing admins to log in to their account violates that (especially if they can change things). I also think things like private conversations shouldn't be visible when an admin logs in to their account.
 

vbresults

Well-known member
#13
I would implement this on a basis whereby you can log into their account and browse but you can't edit anything in terms of profiles etc.
A lot of you are thinking "if it's admin-only, they can just go into the admincp and edit it anyway", but this method prevents admins from messing around with user's accounts (as a joke or whatever). Users expect their accounts to have some kind of security and allowing admins to log in to their account violates that (especially if they can change things). I also think things like private conversations shouldn't be visible when an admin logs in to their account.
Database-wise, unless those private conversations are encrypted (which would most likely be easily reversible by the administrator in question), the administrator can simply access the raw records. So, if the administrator wants to see those private conversations, he/she will.
 

James

Well-known member
#14
I know that they can be accessed by the database, but are you really going to look through the DB without a good reason?

I think it's logical that if PCs are so easily accessible just by logging into someone's account then you're more susceptible to reading them and violating the "private" part of the conversation.

Get what I'm saying? :p
 

Nick

Well-known member
#15
Database-wise, unless those private conversations are encrypted (which would most likely be easily reversible by the administrator in question), the administrator can simply access the raw records. So, if the administrator wants to see those private conversations, he/she will.
Exactly my thoughts. If an administrator wanted to read PMs, he/she would find a way to do it, regardless of what kind of limitations the "admin log in as user" tool has.
 

Nick

Well-known member
#16
I know that they can be accessed by the database, but are you really going to look through the DB without a good reason?

I think it's logical that if PCs are so easily accessible just by logging into someone's account then you're more susceptible to reading them and violating the "private" part of the conversation.

Get what I'm saying? :p
Somebody without the morals or willpower to stop themselves from reading PMs, regardless of how easy it is, would probably end up reading them some other way anyways.
 

vbresults

Well-known member
#17
Somebody without the morals or willpower to stop themselves from reading PMs, regardless of how easy it is, would probably end up reading them some other way anyways.
Precisely. In addition, the user's private conversations would not actually be "safe", he/she would simply be deceived into thinking so.

James, I understand what you are saying completely, but I do not believe such a facade is worth implementing.

In regards to the initial suggestion, I would like for it to be implemented. :)
 

Onimua

Well-known member
#18
What I'm thinking is what about handling things like Alerts, Unread threads, etc?

I don't see this in such a demand that it should be a default feature in XF (I don't see how it could be used at all).
 

Nick

Well-known member
#19
(I don't see how it could be used at all).

On one of my forums, most of my members aren't very tech-savvy, and sometimes it seems like using a forum is like rocket science to them. There are countless occasions in which I've been asked to change a setting for users, delete a thread subscription for them, check out why they can't post without getting a weird error, etc.

It's an invaluable tool that has made my life easier. Without it, I'd have to ask users for their passwords (or change it to a dummy password) and then advise them to change it back.

But as I said earlier, as great as this tool is, I believe it's best-suited as an add-on.
 

Onimua

Well-known member
#20
On one of my forums, most of my members aren't very tech-savvy, and sometimes it seems like using a forum is like rocket science to them. There are countless occasions in which I've been asked to change a setting for users, delete a thread subscription for them, check out why they can't post without getting a weird error, etc.

It's an invaluable tool that has made my life easier. Without it, I'd have to ask users for their passwords (or change it to a dummy password) and then advise them to change it back.

But as I said earlier, as great as this tool is, I believe it's best-suited as an add-on.
Ah, thanks for the explanation. :)