On 11 May 2012, at 17:45, Robert Rothenberg wrote: > We're working on an application with a lot of users, and where the passwords > are encrypted (and future versions may also allow OpenID logins). > > Developers would like the ability for the "root" user to be able to become > another user, for the purposes of debugging problems that real users might > be having on a live system. > > How does one do this using the Authentication plugin? > > Obvious things to try like the $c->user($new_user) doesn't work, not does > the (internal) $c->set_authenticated($user, $real) method. >
The recommended approach would be to keep $c->user 'pure', and to arrange to stash the current user in a top level base chain part, or top level auto. If everything then subsequently uses $c->stash->{current_user} - then you can do your sudo (or whatever other mechanism you may need in future) simply by swapping out the user here. This makes things a lot more pure - as the canonical user that $c->user will give you is (more) immutable.. Also, if you swap the 'canonical' user part way through the request - when the session plugin comes to re-serialize the session at the end of request - you're pretty stuffed, as you're now writing out the wrong user… I.e. re-sudoing, or doing any root level action is likely to require you to log out and log in again - not what you actually want! :) Cheers t0m _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/