Skocz do zawartości
"Idzie nowe..." - o zmianach i nie tylko ×
Przeniesienie zakupów z IPS Marketplace / Moving bought items from IPS Marketplace ×

[IPS Marketplace] (NE) 'Can sign in as members' enhancements

NewsBot
 Udostępnij

Rekomendowane odpowiedzi

NewsBot Arcymistrz

NewsBot

Opublikowano
Opublikowano

When enabled, the administrator permission "Can sign in as members?" provides an administrator with a "Sign in as...." link when viewing a member in the ACP. This link, when clicked, will redirect the administrator to the front-end of the site where they are effectively logged in as that user and able to view the site as that user.

A useful feature, which can help with understanding what a user sees and can do etc - however, it does allow that administrator to be able to sign in as other administrators and potentially gain access to sections of the site that are restricted from being viewed by that administrator normally.

In reality, you should only provide this permission to people whom you trust - however, if you do wish to be able to allow this permission for some administrators while stopping them from being able to sign in as 'higher-level' administrators, then this application assists with that.

How it works:

  • Upon installation, navigate to the application in the "NE Applications" section of your ACP - you'll be in the 'Protected Groups' listing.
  • Click 'Add protected group' and firstly select the group which you would like to protect.
  • There are 2 fields:
    • Allowed Group(s) - this a listing of the groups which have the 'Can sign in as member' permission
    • Allowed Member(s) - this is a listing of the members who have the 'Can sign in as member' permission exclusively applied to them
  • Simply pick the entries in those 2 fields, and save the form - those picked are the groups/members who will be able to see the option to allow them to sign in as members of that group chosen to be protected. Those unchosen will no longer see the option.

An additional feature is in place which will assist with catching 'bad actors' who might attempt to sign in as someone who they are not allowed to sign in as - the login attempt will fail gracefully, and the user will be re-directed to the home page of the site. In addition, the attempt will be logged to the Administrator logs:

Could contain: Text

 

 

 

 

Wyświetl pełną treść wpisu

Odnośnik do komentarza
Udostępnij na innych stronach

Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto

Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.

Zarejestruj nowe konto

Załóż nowe konto. To bardzo proste!

Zarejestruj się

Zaloguj się

Posiadasz już konto? Zaloguj się poniżej.

Zaloguj się
 Udostępnij
Tematy

  • Ostatnio przeglądający   0 użytkowników

    • Brak zarejestrowanych użytkowników przeglądających tę stronę.
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Umieściliśmy na Twoim urządzeniu pliki cookie, aby pomóc Ci usprawnić przeglądanie strony. Możesz dostosować ustawienia plików cookie, w przeciwnym wypadku zakładamy, że wyrażasz na to zgodę.