OFBiz OFBiz - Notifications

[jira] [Commented] (OFBIZ-10515) Impersonation of userLogin feature

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (OFBIZ-10515) Impersonation of userLogin feature

Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-10515?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16620775#comment-16620775 ]

Jacques Le Roux commented on OFBIZ-10515:
-----------------------------------------

Hi Gil,

I only reviewed (no tests) and it looks good to me. Here are few trivial remarks:
 * in userImpersonate service: "Login service to authenticate no external auth username without password, storing history" what is exactly a "no external auth user"?
 * maybe some comments could be improved (thanks for them), like "//Check if a visit in enable with a impersonation"
 * for "// After this line, contrary to in the login method, multi-tenant is not handled' should it not be a TODO? Does it makes sense to wonder (no brainer here)?
 * in hasUserLoginMorePermissionThan method I'd place {{.where("userLoginId", toUserLoginId)}} in the same order than {{.where("userLoginId", userLoginId)}}, easier for review ;)
 * I very like the documentation :)

> Impersonation of userLogin feature
> ----------------------------------
>
>                 Key: OFBIZ-10515
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-10515
>             Project: OFBiz
>          Issue Type: Improvement
>    Affects Versions: Trunk
>            Reporter: Gil Portenseigne
>            Assignee: Gil Portenseigne
>            Priority: Minor
>             Fix For: Upcoming Branch
>
>         Attachments: ImpersonationWidget.png, OFBIZ-10515.patch, OFBIZ-10515.patch, OFBIZ-10515.patch, OFBIZ-10515.patch, OFBIZ-10515.patch, impersonate-ico.png, impersonateButton.png
>
>
> This JIRA introduce a new feature that allow the impersonation of a login by an authorized user.
> This is implemeted with :·
> * A new service ‘userImpersonate’ that will check security, store impersonation in UserLoginHistory, and return the new session
> * Events ‘userImpersonate’ and ‘userDepersonate’ that will allow impersonation/depersonation action persisting current user session
> * A new modal widget in the common-theme that inform the user about ‘impersonation in process’ and offering a way to depersonate.
> * A new field in UserLoginHistory to store impersonation originator
> * A button in party viewprofile page to illustrate the feature



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
Free forum by Nabble Edit this page