Closed BradPhillips closed 8 years ago
I second this feature. This would be a wonderful addition as an Admin I also have use of these functions.
+1 this feature On Dec 27, 2013 2:57 PM, "Joel DeVenney" notifications@github.com wrote:
I second this feature. This would be a wonderful addition as an Admin I also have use of these functions.
— Reply to this email directly or view it on GitHubhttps://github.com/owncloud/core/issues/6581#issuecomment-31277471 .
@MTRichards @craigpg @karlitschek @LukasReschke
But this could also be a security issue. Maybe every user should have an option on the personal page "allow admin to login as me". Or another system needs to be designed to allow the admin to login with a time-based token (but more complex to implement)
Many other systems that are much more security oriented have this feature. WHMCS, WHM/cPanel, HostBill, SolusVM, etc., etc.
Allowing the "user" to select whether or not an admin can login as them is, IMHO, not a good idea. From an admin standpoint I don't want my users telling me I can't check their account.
Thing is we already have this security measure for when the encryption app is used. If the admin wants to be able to recover files for users, the admin needs to enable the recovery keys. But then every user must also opt-in the recovery key system to explictily allow the admin to recover their files in case their password is lost. (CC @schiesbn)
In this case, we have two situations. Users who are service provider customers, who should be able to opt out Users who host themselves, and should not be able to opt out
And probably there are overlap cases.
The above "opt in" works great if you trust the user and don't trust the admin. We need to support the situation where the admin is in control and doesn't trust the user, such as users with ownCloud in a business. They too are community edition users. In situations like these, usually it is a setting that the admin configures. So perhaps checkboxes with user notification.
This is available as an community app: https://github.com/owncloud/impersonate
It would be great to have a feature where the admin can log in as any user. As the admin, I am having to get users passwords to help them set up certain aspects and to check some of their settings like sharing.
Is this possible?