management function for an application. Imagine someone asking for help to check some information on their form, and you have dozens of even managers to help people...
Admin view of tables is not so safe, or so useful (how can someone at a desk help if they do not see what the end user sees, or even more - see a balance due when it is calculated from several tables). For this, an "impersonate" is useful - allows a manager to say things like "let's look at your balance" or "let me have your receipt for you when you come to the registration desk." .... On Fri, Apr 24, 2009 at 6:00 AM, Francisco Gama <[email protected]>wrote: > > it's nice to have more power to do the things users want, go for it > but please mind me asking... > why would anyone want to impersonate a different user while logged in? > Isn't that what a good authentication system isn't trying to avoid as > a possibility? > > Thank you > > On Apr 24, 5:27 am, mdipierro <[email protected]> wrote: > > will do that... > > > > On 23 Apr, 18:32, TheDude <[email protected]> wrote: > > > > > Yes we should :) Also, another class/key that checks of the person is > > > impersonating or not. :D > > > > > @auth.is_impersonating() returns boolean > > > > > On Apr 23, 3:07 pm, mdipierro <[email protected]> wrote: > > > > > > If you are using Auth you may want to be able to impersonate a > > > > different user without logout and without resetting all your session > > > > variables. > > > > > > This is how you can do it > > > > > > #optonal: @auth.requires_permission > > > > ('impersonate',auth.table_user,request.args[0] if request.args else > 0) > > > > def impersonate(): > > > > """ usagehttp://..../impersonate/[id] """ > > > > auth.original_user = auth.user > > > > auth.user = auth.table_user._filter_fields(auth.table_user > > > > [request.args[0]],True) > > > > return dict() > > > > > > def un_impersonate(): > > > > if auth.original_user: > > > > auth.user = auth.original_user > > > > auth.original_user = None > > > > return dict() > > > > > > You can already do this. Should we make it easier and make them > > > > methods of the Auth class? > > > > > > Massimo > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
