Look at masquerade as a replacement to test accounts

[cathysnider]

Documentation: https://www.drupal.org/node/1801588

[cathysnider]

Masquerade in Web Express

Basically, you masquerade as some else by

1. going to admin/people,
2. click 'edit' on person you want to masquerade as
3. click 'view' tab so that you are on URL user/#
4. click 'masquerade as username'

Permissions (admin/people/permissions)

edit-masquerade-as-user :

• this role allows a user to masquerade as another, specifically-assigned user. An administrator must assign a specific user to a specific user. (that is, Site Owner Susan can masquerade as Site Editor Edwin IF 1) Site Owner Role has "edit-masquerade-as-user" permission AND an administrator has specifically allowed Susan to masquerade as Edwin. Only someone with the edit-administer-masquerade permission can assign user to user.

edit-masquerade-as-any-user :

• this role allows a user to masquerade as any user that they have permission to see on the admin/people page. It is apparently an add-on role to edit-masquerade-as-user -- I could not make it work unless edit-masquerade-as-user was also applied.

edit-administer-masquerade :

• grants access to config/people/masquerade; but only if your role allows access to the configuration section
• adds field at bottom of user/#/edit page, allowing you to assign a User A to masquerade as User B. The User A's role must have perms "edit-masquerade-as-user." Users with roles that are labeled as "Masquerade Administrators" (see below) cannot be assigned.

edit-masquerade-as-admin : grants access to user/1.

Suggested Permission Levels for WebExp:

for WebExp Administrators

• edit-masquerade-as-user
• edit-masquerade-as-any-user

for WebExp Developers

• edit-masquerade-as-user
• edit-masquerade-as-any-user
• edit-administer-masquerade

Configuring Masquerade Administrators (admin/config/people/masquerade)

Here, set the roles that are considered 'administrators': This means, the roles that cannot be masqueraded as. I recommend that 'developer' and 'administrator' are set as Masquerade admins.

Switching back

is problematic. The best solution is to use the Masquerade block which allows easy switching and un-switching. I suggest we programmatically place the block in the Site Information area. Only roles with 'edit-masquerade-as-user' or 'edit-masquerade-as-any-user' can see the Masquerade Block.

Who uses the test users?

• Annie does not use the test users.
• Cathy almost never uses the test users; when she needs to review a user role in development, she uses the local users; when she needs to review a user role in production, she uses her own secondary identikey on her production sandbox site (at demos/cathys-sandbox).
• Emily uses the test users to do support and to create learning materials. The module will work fine for support, but not for creating learning materials because when you are masquerading as someone else, their name appears in the blue toolbar. This is not appropriate for creating learning materials; we don't want other people's names in the screenshots and videos.

[AlanBCole]

Sorry if I missed this in our discussion of this issue in our meeting yesterday, but are we using masquerade presently? Or is this something that we are hoping to replace test users with?

[cathysnider]

To review the module in action: https://www-dev.colorado.edu/p1ff5585fe96/

Login as self; then masquerade as users 'siteowner', 'siteeditor', or 'editonly' by typing their names into the Masquerade selection field at bottom of page. Note that t\The site is configured such that you cannot masquerade as someone with an administrator role or a developer role.

(Note: the test users's password is the same as their login.)

[jwfuller]

@AlanBCole We are not using it presently. We are hoping to replace test users with it

[kevincrafts]

This seems to work properly, but I think we should talk about the best way to get the masquerade block on the page, and where it should be on the page.

[jwfuller]

Talked about two implementations

1. Block via locked context
2. Menu based

@jwfuller will take a look at the dev site and the code

[cathysnider]

To note: When a user is masquerading, the Masquerade module automatically adds a 'Switch Back' link to the Navigation menu, to make it easy to switch back. Maybe we can hijack this to add the link to a different menu.

https://www-dev.colorado.edu/p1ff5585fe96/

[jwfuller]

I think the menu item route will work. I think there is also a way to check and see if the user is masquerading (it may already do this for us) https://git.drupalcode.org/project/masquerade/-/blob/7.x-1.x/masquerade.module#L231

[cathysnider]

@kevincrafts I've added a 'switch back' link to the blue toolbar, which only shows when you are masquerading as someone else. Please review. 1) do you like that icon? 2) what about the words 'switch back' -- is that clear or should it say something else?

https://www-dev.colorado.edu/masquerade/

[kevincrafts]

Looks good to me.

[ekellagher]

Documentation: https://docs.google.com/document/d/1fPWPZIQDPPsS1HqxlXMF2JNN02muaKCoFTjYiutpwZk/edit?usp=sharing