Assuming you don't really need admin permissions and impersonated user permissions in the same request, a better approach might be to build the functionality you need into the application (perhaps via a plugin). Before starting impersonation, set a flag in the admin session (e.g., session.impersonate_id). Then, whenever a request comes in for the admin part of the app, if auth.is_impersonating() is True, pickle the user's session, call auth.impersonate(0), and store the pickled user session in the admin session. When a non-admin request comes in, check for the session.impersonate_id flag, and if present, call auth.impersonate(session.impersonate_id) and update the session with the previously stored user session. You could add UI elements to indicate when impersonation is happening and allow the admin to turn it off at any time. This approach simply switches back and forth between admin permissions and user permissions automatically depending on the request.
Anthony On Monday, April 6, 2015 at 12:43:07 PM UTC-4, Louis Amon wrote: > > Usually I would agree with you guys : browsers can manage separate > sessions perfectly well… but we are all devs here so we have a bias. > > Imagine you have -10 years of computer knowledge, and that you’re on the > phone with a customer and have to check data on your platform by > impersonating him. > > Most likely, you’re gonna forget that you have to use a separate session > and see an error message when trying to reach your back-office. > Call me an idiot but I’m pretty sure even I would, if caught in the moment. > > I do understand your concern about backwards compatibility though. > > > Maybe the tool I’m looking for is just a full-fledged CRM tool with a > badass API. > > Le 6 avr. 2015 à 18:34, Leonel Câmara <leonelcam...@gmail.com> a écrit : > > With all due respect to Support Team members across the globe, using two >> browsers isn’t something you should expect from them. > > > How hard is it to open a private browsing window of the same browser > (ctrl+shift+n)? Not to mention the problems that keeping the permissions of > the original user can have, there might be bugs that the user sees that the > support user impersonating won't. This is a bad idea. > > -- > Resources: > - http://web2py.com > <http://mandrillapp.com/track/click/30579528/web2py.com?p=eyJzIjoiSGpyVDZXSjRFODFheHZ3UDBuNnFnSVBzNkc0IiwidiI6MSwicCI6IntcInVcIjozMDU3OTUyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd2ViMnB5LmNvbVxcXC9cIixcImlkXCI6XCJmYmU1MzVmMDdhZjM0MDFkOThmOTNkZDE2OTZmZjk0ZlwiLFwidXJsX2lkc1wiOltcImQ4NTZmMWRiNzUyMTgzNmMwNmExODkzYjZiNjAyOTZjODYyM2Y2YTJcIl19In0> > - http://web2py.com/book > <http://mandrillapp.com/track/click/30579528/web2py.com?p=eyJzIjoidG5tRUlCOEhOdkpKdWtJSjlyN2IxNHF3aTVNIiwidiI6MSwicCI6IntcInVcIjozMDU3OTUyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd2ViMnB5LmNvbVxcXC9ib29rXCIsXCJpZFwiOlwiZmJlNTM1ZjA3YWYzNDAxZDk4ZjkzZGQxNjk2ZmY5NGZcIixcInVybF9pZHNcIjpbXCIzZDY5NjU1NDYyMzRmYTRjNjQ3ODRkN2U4NDU2Y2ViMDc1MmFjYzMzXCJdfSJ9> > > (Documentation) > - http://github.com/web2py/web2py > <http://mandrillapp.com/track/click/30579528/github.com?p=eyJzIjoiS0lsaG5XQ0FqajIxZGhPYk9hTnI4MVYzdzlVIiwidiI6MSwicCI6IntcInVcIjozMDU3OTUyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvZ2l0aHViLmNvbVxcXC93ZWIycHlcXFwvd2ViMnB5XCIsXCJpZFwiOlwiZmJlNTM1ZjA3YWYzNDAxZDk4ZjkzZGQxNjk2ZmY5NGZcIixcInVybF9pZHNcIjpbXCJiYjkxNmIwNzkyODMwZjgwOWJkZTUzNmI3MDEyYmU1NWZiYzllYmZjXCJdfSJ9> > > (Source code) > - https://code.google.com/p/web2py/issues/list > <http://mandrillapp.com/track/click/30579528/code.google.com?p=eyJzIjoiVHctR01jVUdacGFsX3lkb1ZJdW9ZRG9qaEQ4IiwidiI6MSwicCI6IntcInVcIjozMDU3OTUyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2NvZGUuZ29vZ2xlLmNvbVxcXC9wXFxcL3dlYjJweVxcXC9pc3N1ZXNcXFwvbGlzdFwiLFwiaWRcIjpcImZiZTUzNWYwN2FmMzQwMWQ5OGY5M2RkMTY5NmZmOTRmXCIsXCJ1cmxfaWRzXCI6W1wiOWUzNWQ2ZWU3MjczYTgyNzY1NWE1OTcyN2M1YTBlYmNiNTcxNGY4N1wiXX0ifQ> > > (Report Issues) > --- > You received this message because you are subscribed to a topic in the > Google Groups "web2py-users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/web2py/POYrBeZwvBk/unsubscribe > <http://mandrillapp.com/track/click/30579528/groups.google.com?p=eyJzIjoiVFM0eDRCODA2U1RCMHREYlFOTzRHMm02XzhvIiwidiI6MSwicCI6IntcInVcIjozMDU3OTUyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2dyb3Vwcy5nb29nbGUuY29tXFxcL2RcXFwvdG9waWNcXFwvd2ViMnB5XFxcL1BPWXJCZVp3dkJrXFxcL3Vuc3Vic2NyaWJlXCIsXCJpZFwiOlwiZmJlNTM1ZjA3YWYzNDAxZDk4ZjkzZGQxNjk2ZmY5NGZcIixcInVybF9pZHNcIjpbXCIwZjE1MDY2NDE3NWJmM2I5YTAyZTA5MWY5OGQxYzdmMDVjMTg5YTEzXCJdfSJ9> > . > To unsubscribe from this group and all its topics, send an email to > web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout > <http://mandrillapp.com/track/click/30579528/groups.google.com?p=eyJzIjoiTmJEQ1NUQ0NReGN5WmJRenJ3QjN4THlqa3FBIiwidiI6MSwicCI6IntcInVcIjozMDU3OTUyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2dyb3Vwcy5nb29nbGUuY29tXFxcL2RcXFwvb3B0b3V0XCIsXCJpZFwiOlwiZmJlNTM1ZjA3YWYzNDAxZDk4ZjkzZGQxNjk2ZmY5NGZcIixcInVybF9pZHNcIjpbXCIwZWZmMzNiY2NlMjU0ZTUyOTAyNTFiNTcwZTA5YjNhNDA3MzMxNzg2XCJdfSJ9> > . > > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
