[TH] Login As User [Deleted]

Jon W

Jon W

Well-known member
Waindigo submitted a new resource:

Login As User by Waindigo (version 1.0.0) - Give members permission to login the site as other members, without having to know their password.

Description:

Members who have been granted the 'Login as different user' permission can click on a link on a user's member card to log in as that user.

A link in the admin bar will allow them to quickly return to their own account at any time.

To log in as a different user, the user will have to be a member of one of the permitted user groups.

Installation:
  • Upload contents of upload folder to root directory, overwriting any existing...
Click to expand...

Read more about this resource...
 
Geoffrey said:
This can cause problems, but I suppose it can be useful for a few boards.
Click to expand...
The same could be said for giving someone the 'permanent delete' permission and that is a core feature. Provided that you only give the permission to members that you trust (which might just be yourself!) then it can be really useful.
 
If someone is logged in as another user, can he see that users personal conversations also?

Because if he can, that would be a huge privacy problem!
 
Thank you so much! This is an odd vBulletin add-on that we've been waiting to see available for XenForo. I'm sure many folks will be excited about this. It's great for admins and mods to use when a problem arises.
 
HWS said:
If someone is logged in as another user, can he see that users personal conversations also?

Because if he can, that would be a huge privacy problem!
Click to expand...

Well, not really. An admin can simply go to the forum DB and see the P.C if he wants to. It's wise though to limit the usage to trusted members, better admins.
 
HWS said:
If someone is logged in as another user, can he see that users personal conversations also?

Because if he can, that would be a huge privacy problem!
Click to expand...
Yavuz is exactly right. Anyone with access to the database can get at this information. This is definitely a feature you would only give to a handful of members, if that.

Having said that, if anyone wants to have additional restrictions placed on this feature, please contact me to discuss contributing to this.
 
yavuz said:
Well, not really. An admin can simply go to the forum DB and see the P.C if he wants to. It's wise though to limit the usage to trusted members, better admins.
Click to expand...

We'd really like to see the ability for an admin to see private conversations added. This has been helpful when "he said", "she said" issues arise between members. The vBulletin mod "login as user" allowed for the ability to read private messages and logging in invisibly to a user's account. Obviously, this is not something to give to all members and even some moderators, that's why it's requested as an "admin" only feature.

Thanks in advance for the consideration.
 
In fact you should upload this addon a second time as "Read PCs of your Members" as I remember some requests for such a feature. ;-)

However I find that feature VERY problematic since it raises serious privacy issues. It is one thing to allow technicians direct database access but another to be able to allow >>all<< your users to read private conversations of other users just with a simple click in ACP.

If people know it can be that easy to read their private conversations they will never trust any Xenforo software again for real private conversations. And not all XF boards are just 4 fun. Some have serious content where members need a way to trust that all PCs stay private and secret.

In my opinion there has been a border crossed that should better not have been crossed.
 
HWS said:
In fact you should upload this addon a second time as "Read PCs of your Members" as I remember some requests for such a feature. ;-)

However I find that feature VERY problematic since it raises serious privacy issues. It is one thing to allow technicians direct database access but another to be able to allow >>all<< your users to read private conversations of other users just with a simple click in ACP.

If people know it can be that easy to read their private conversations they will never trust any Xenforo software again for real private conversations. And not all XF boards are just 4 fun. Some have serious content where members need a way to trust that all PCs stay private and secret.

In my opinion there has been a border crossed that should better not have been crossed.
Click to expand...

I see what you mean but nothing really stays private. Forums get sold, not all admins respect privacy, the list goes on. Also, admins have also responsibility to prevent spam, user harrasing another user. It's better not to share sensitive information that you like to see remain private.
 
and lol @ ya'll complaining bout reading pms. PMs can be read by the database. So if you have an addon creator or your host or admin that has access to the database then they can read pms too.

I put in my TOS that your pms can be read at anytime. I even made a thread about it and told members I don't read them but can if I wanted to and will if I suspect spam. When I suspect spam I will investigate cause I hate spammers with a vengeance. No mercy. Catch em, ban em. End of story.

This is also a good way to manage spammers as well.
 
Phillip said:
We'd really like to see the ability for an admin to see private conversations added. This has been helpful when "he said", "she said" issues arise between members. The vBulletin mod "login as user" allowed for the ability to read private messages and logging in invisibly to a user's account. Obviously, this is not something to give to all members and even some moderators, that's why it's requested as an "admin" only feature.

Thanks in advance for the consideration.
Click to expand...
Not quite sure what you are requesting. This add-on can already do everything you are asking for. It is a permission, so you can make it available for admins use only.

HWS said:
In my opinion there has been a border crossed that should better not have been crossed.
Click to expand...
This add-on was created for a school website where teachers may need to log in to a student's accounts to perform actions on their behalf. As an unintended consequence, this ability could potentially be used to stop suspected bullying by making it easier for teachers to read a student's private messages. So many times you hear cases of children committing suicide because they are being bullied. I can't even see that line you are talking about from where I'm standing.
 
I haven't downloaded it yet but does this make it so that when you login, it doesn't change the last login date?
 
8thos said:
I haven't downloaded it yet but does this make it so that when you login, it doesn't change the last login date?
Click to expand...

I would expect it to change the login date.

The addon was originally made for me on one of my sites which services a school.
I need it to send in homework if a student has difficulty with the system, or check what` on earth a rather muddled support request means.

The privacy issue has also come up in this school community. As admin I can already check private conversations in other software the community uses.
I always explain that I never check private conversations "for fun" - I am too busy!
But if I get a report of anything sensitive I can quickly check, and see EXACTLY what was said.

Interestingly this younger generation enthusiastically welcomes this as a protection. They are so afflicted by the national epidemic of bullying what they desperately need is safety, before privacy. Most feel the same about surveillance cameras in their schools.

This community has quickly discovered I use my authority carefully and caringly.
If that were not so I would simply lose that community and the project would` fail.

Granted this addon is wide open to abuse. As is so much else about all software which tends`to be autocratic in its power. It is up to us as admins to use that tremendous power of our software, thoughtfully.

But on a forum for adults where only the admin has the facility, or at most one or two mods, an adult user can vote with their feet if the addon is abused.

Jon/ Waindigo I think you described it from the wrong end as a user resource rather than primarily an admin resource. This has created an unfortunate impression. The addon needs to be defined as an admin resource. Something like this:

This addon permits a permitted user, normally the admin, to login as another user.
The admin can check what the user sees and what exact difficulty they are having.
The admin can upload a file etc which the user has been unable to do.
The admin can also grant permission to another user such as a mod to use this facility as well. Clearly this privilege should only be granted to a, known, trusted, responsible person.
 
8thos said:
I haven't downloaded it yet but does this make it so that when you login, it doesn't change the last login date?
Click to expand...
No. It will change the login date. It will also show you as being online as that user (unless you select not to show online), updates the page you are currently viewing and logs your actions as normal -- just as if you had logged in as that user with their password.
 
Morgain said:
I would expect it to change the login date.

The addon was originally made for me on one of my sites which services a school.
I need it to send in homework if a student has difficulty with the system, or check what` on earth a rather muddled support request means.

The privacy issue has also come up in this school community. As admin I can already check private conversations in other software the community uses.
I always explain that I never check private conversations "for fun" - I am too busy!
But if I get a report of anything sensitive I can quickly check, and see EXACTLY what was said.

Interestingly this younger generation enthusiastically welcomes this as a protection. They are so afflicted by the national epidemic of bullying what they desperately need is safety, before privacy. Most feel the same about surveillance cameras in their schools.

This community has quickly discovered I use my authority carefully and caringly.
If that were not so I would simply lose that community and the project would` fail.

Granted this addon is wide open to abuse. As is so much else about all software which tends`to be autocratic in its power. It is up to us as admins to use that tremendous power of our software, thoughtfully.

But on a forum for adults where only the admin has the facility, or at most one or two mods, an adult user can vote with their feet if the addon is abused.

Jon/ Waindigo I think you described it from the wrong end as a user resource rather than primarily an admin resource. This has created an unfortunate impression. The addon needs to be defined as an admin resource. Something like this:

This addon permits a permitted user, normally the admin, to login as another user.
The admin can check what the user sees and what exact difficulty they are having.
The admin can upload a file etc which the user has been unable to do.
The admin can also grant permission to another user such as a mod to use this facility as well. Clearly this privilege should only be granted to a, known, trusted, responsible person.
Click to expand...
You know... like you said... it probably would've been better if he put the word Admin somewhere in the addon description like so: http://www.vbulletin.org/forum/showthread.php?t=228077

So I would basically have to go into the database just to change the last login date. :/

Waindigo, didn't you make a addon that lets us change user join date and does it still work? Would you be able to do so to change user last login date?

I think I remember using that change user join date addon and it worked for awhile then stopped working. If not you, it might have been ragtek. Probably gotta ask him.
 
8thos said:
You know... like you said... it probably would've been better if he put the word Admin somewhere in the addon description like so: http://www.vbulletin.org/forum/showthread.php?t=228077
Click to expand...
Already changed the description in response to Morgain's post.

8thos said:
So I would basically have to go into the database just to change the last login date. :/
Click to expand...
If you wanted to cover your tracks entirely then you would also need to remove all the other things I mentioned above as well.

8thos said:
Waindigo, didn't you make a addon that lets us change user join date and does it still work? Would you be able to do so to change user last login date?
Click to expand...
Yes, I did. I think better to build it into this add-on as it would probably be a lot easier just to not update the last login date in the first place. Would have to check though.

8thos said:
I think I remember using that change user join date addon and it worked for awhile then stopped working. If not you, it might have been ragtek. Probably gotta ask him.
Click to expand...
Perhaps conflicting with another add-on? I've just tested it and it works fine on my install.
 
Waindigo said:
Already changed the description in response to Morgain's post.


If you wanted to cover your tracks entirely then you would also need to remove all the other things I mentioned above as well.


Yes, I did. I think better to build it into this add-on as it would probably be a lot easier just to not update the last login date in the first place. Would have to check though.


Perhaps conflicting with another add-on? I've just tested it and it works fine on my install.
Click to expand...
Yeah it was probably an addon conflict. I'm not concerned with 'covering tracks' cause members know I do what I want (lol) but I am concerned with causing false hopes. People will think 'omg so and so logged in yaaay and then they start sending me (the person i logged in under) pms' and if I'm in a bad mood and I get that alert I'mma reply 'gtfo go away' and they get mad at the person but it's really me. :ROFLMAO:

I'm trying not to troll my members. I've worked so hard at not doing so as much as I used to. That's why I asked about it.
 
8thos said:
Yeah it was probably an addon conflict. I'm not concerned with 'covering tracks' cause members know I do what I want (lol) but I am concerned with causing false hopes. People will think 'omg so and so logged in yaaay and then they start sending me pms' and if I'm in a bad mood and I get that alert I'mma reply 'gtfo bytch' and they get at the person but it's really me. :ROFLMAO:

I'm trying not to troll my members. I've worked so hard at not doing so as much as I used to. That's why I asked about it.
Click to expand...
In that case, should be able to modify that other add-on really easily to do what you want to do. Can you check whether the other add-on works or not first though? No point me copying that add-on if it doesn't work!
 
You must log in or register to reply here.

Similar threads

021
[021] Post as user [Deleted]
Replies
6
Views
1K
021
021
C
  • Suggestion Suggestion
Duplicate Login as User from Admin Panel
Replies
6
Views
2K
Ozzy47
Ozzy47
vtcnc
Not a bug Login as User Errors
Replies
2
Views
347
vtcnc
vtcnc
mrmad
Login as User(LAU2) V.1.2.4 German Language (Deutsch, Du-Version)
Replies
0
Views
410
mrmad
mrmad
A
Login as User (LAU2)
9 10 11
Replies
204
Views
21K
philmckrackon
philmckrackon
Back
Top Bottom