Impersonation icon missing after upgrade from 0.0.5 to 0.1.0 (6e55300)

[agross]

Hi,

I've just upgraded the app from 9af19c4 to 6e55300. Now the impersonation icon is missing in the user list. The HTTP request to https://example.com/apps/impersonate/getimpersonatedata succeeds with HTTP/200.

With the previous version I enabled the app only for a specific group (admin). Is this sill required?

The new settings page shows "Allow subadmins to impersonate users from these groups". What is a subadmin? I have several users in the "admin" group and the regular/default admin account has been deleted.

I find the new setting a bit confusing:

[x] Allow subadmins to impersonate users from these groups
[ admin foo                                     ]
These groups will be able to impersonate.

Specifically, I'm referring to

These groups will be able to impersonate.

• Does that mean that users of the admin group are able to impersonate other admin users and foo users?
• Does that mean foo users are also able the impersonate anyone from admins and foos?

What I would like to achieve is that admin users are able to impersonate anyone in any group.

[sharidas]

This work is under progress. Yes admin user does have privilege to impersonate anyone.

[agross]

Yes admin user does have privilege to impersonate anyone.

Do you mean the default admin user or users in the admin group?

[sharidas]

The default admin user falls under the admin group.So any user under the admin group will have the privilege to impersonate any user.

[agross]

OK, thanks for the clarification!

The list of users on the Settings page would then be additional groups that have permission to impersonate anyone. Correct?

[sharidas]

They are the list of groups under which the users fall, which can be impersonated.

[agross]

Still confused. If

any user under the admin group will have the privilege to impersonate any user

how does the list of groups on the settings page influence "the privilege to impersonate any user"?

If users in the admin group can impersonate anyone, why do I need that list? Is it required to reduce the groups admins can impersonate to just a subset of all groups?

[sharidas]

This list is with respect to group admins and its users.

[agross]

So the term "subadmins" on the settings page is actually supposed to be "group admins"?

Which means that the group admins for groups listed on the settings page are allowed to impersonate as well? If so, can they also impersonate anyone or just the users of the groups they are admin for or all users of all groups listed on the settings page?

[sharidas]

Lets say we have user1, user2 and user3 who belong to group group1.
And user1 is the group admin of group1, then user1 can impersonate user2 and user3 only.