it's nice to have more power to do the things users want, go for it but please mind me asking... why would anyone want to impersonate a different user while logged in? Isn't that what a good authentication system isn't trying to avoid as a possibility?
Thank you On Apr 24, 5:27 am, mdipierro <[email protected]> wrote: > will do that... > > On 23 Apr, 18:32, TheDude <[email protected]> wrote: > > > Yes we should :) Also, another class/key that checks of the person is > > impersonating or not. :D > > > @auth.is_impersonating() returns boolean > > > On Apr 23, 3:07 pm, mdipierro <[email protected]> wrote: > > > > If you are using Auth you may want to be able to impersonate a > > > different user without logout and without resetting all your session > > > variables. > > > > This is how you can do it > > > > #optonal: @auth.requires_permission > > > ('impersonate',auth.table_user,request.args[0] if request.args else 0) > > > def impersonate(): > > > """ usagehttp://..../impersonate/[id] """ > > > auth.original_user = auth.user > > > auth.user = auth.table_user._filter_fields(auth.table_user > > > [request.args[0]],True) > > > return dict() > > > > def un_impersonate(): > > > if auth.original_user: > > > auth.user = auth.original_user > > > auth.original_user = None > > > return dict() > > > > You can already do this. Should we make it easier and make them > > > methods of the Auth class? > > > > Massimo --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
