I agree. Can you send me a patch? On Sunday, 16 September 2012 08:52:41 UTC-5, Alan Etkin wrote: > > I just tested impersonation with last trunk version and is working fine > > Here's what I did: > > Register two users > Added an impersonate record in db.auth_permission (1 has permission to > impersonate 2) with appadmin > Logged in as 1 > Went to <app>/default/user/impersonate and submitted the form with value 2 > > However, I think there's a problem with this line in the book (ch. 9) > > "... *impersonate* allows a user to "impersonate" another user. This is > important for debugging and for support purposes. request.args[0] is the > id of the user to be impersonated..." > > Where request.args[0] is "mpersonate" for the refered case and going to > <app>/default/user/impersonate/<id> does not automatically impersonates. > > Also, on submission, the impersonation action returns the Row object of > the impersonated user. I think it shoul be more appropiate to present a > readonly form with that information. > > El sábado, 15 de septiembre de 2012 18:47:35 UTC-3, Michael Ellis escribió: >> >> I haven't worked with impersonate before. Thought I understood from the >> manual how to set it up, but apparently not. When I try to impersonate >> another user, I get "Forbidden" when I hit Submit after entering the user >> id. I'm running on localhost. Here's what the shell says I have in the >> auth tables. >> >> $ python web2py.py -S init -M >> Version 1.99.7 (2012-03-04 22:12:08) stable >> >> *I have 2 users,* >> >>> print db(db.auth_user.id>0).select() >> auth_user.id,auth_user.first_name,auth_user.last_name, ... >> 1,Michael,Ellis, ... *(me)* >> 2,John,Bigbooty, ... >> >> *and one group called 'admin',* >> >>> print db(db.auth_group.id>0).select() >> auth_group.id,auth_group.role,auth_group.description >> 1,admin,App administrator has permission to do anything including >> impersonation. >> >> *I'm a member of admin,* >> >>> print db(db.auth_membership.id>0).select() >> auth_membership.id,auth_membership.user_id,auth_membership.group_id >> 1,1,1 >> >> *and admin has permission to impersonate John (record 2 in db.auth_user)* >> >>> print db(db.auth_permission.id>0).select() >> auth_permission.id,auth_permission.group_id,auth_permission.name >> ,auth_permission.table_name,auth_permission.record_id >> 1,1,impersonate,db.auth_user,2 >> >> What am I doing wrong? >> >> Thanks, >> Mike >> >
--
