- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2019 07:11 AM
I need to stop an admin impersonating a sys admin.
I have updated the ImpersonateEvaluator script include to:
var ImpersonateEvaluator = Class.create();
ImpersonateEvaluator.prototype = {
initialize: function() {},
type: 'ImpersonateEvaluator',
canImpersonate: function(currentUser, impersonatedUser) {
var userImpersonated = impersonatedUser.getID();
if(userImpersonated == 'd0525df3db30f6c4e685f68dae961984') //d0525df3db30f6c4e685f68dae961984 refers to the sys_id of impersonated user
{
return false;
}
else
{
return true;
}
}
};This works well, but doesnt allow the sys admin to end impersonation by selecting himself. I need to log out and back in.
What would I need to add to this script to allow the sys admin to end impersonation without having to log out and back in?
Thanks in advance
Solved! Go to Solution.
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2019 07:50 AM
Hi simply add a condition that is checking for the user behind the impersonation. The only function I know and that is documented is gs.getImpersonatingUserName(). It does not give the sys_id but rather the user name, but user name should be unique so you should not have to much trouble with it, if you want you can also do a query on the sys_user table to get the sys_id of the user. Something like:
if(gs.getImpersonatingUserName() == 'sys_admin')
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2019 07:23 AM
You can add conidtion to check:
if(current user has role admin and logged in user is self){
return false;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2019 07:33 AM
Hi Matt,
Following thread might help you.
Can you limit Impersonator to specific users/groups as the target?
Mark If correct/Helpful.
Regards,
Ajay
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2019 07:50 AM
Hi simply add a condition that is checking for the user behind the impersonation. The only function I know and that is documented is gs.getImpersonatingUserName(). It does not give the sys_id but rather the user name, but user name should be unique so you should not have to much trouble with it, if you want you can also do a query on the sys_user table to get the sys_id of the user. Something like:
if(gs.getImpersonatingUserName() == 'sys_admin')- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2019 08:36 AM
Thanks Laurent, this set me on the right path and I achieved the solution with the following:
var ImpersonateEvaluator = Class.create();
ImpersonateEvaluator.prototype = {
initialize: function() {},
type: 'ImpersonateEvaluator',
canImpersonate: function(currentUser, impersonatedUser) {
var userImpersonated = impersonatedUser.getID();
if(userImpersonated == 'd0525df3db30f6c4e685f68dae961984') //d0525df3db30f6c4e685f68dae961984 refers to the sys_id of impersonated user
{
if (gs.getImpersonatingUserName() == 'sys_admin')
{
return true;
}
else
{
return false;
}
}
else
{
return true;
}
}
};
