Just comparing modules, and Masquerade is far preferable to Devel Switch User, since it offers a more intuitive UI for switching back. However, there is one feature that's really convenient in devel in that it provides a path for switching, i.e. /devel/switch/[USERNAME]
Is there a reason why the masquerade function can't be provided as a path?
In my case, I'm trying to create a view field for a view so that I can provide a link such as "Masquerade as user" to go on an admin menu. A masquerade path would make this possible.
Thanks for the great module! I didn't see any place for an easy quick fix in the .module file, but if someone were to point me in the right direction, I might be able to work on it :)
Comments
Comment #1
krlucas CreditAttribution: krlucas commentedA path like that is susceptible to cross-site request forgeries. The links need a dynamic token added to them. Short of a patch to this module to add the Views' field (which wouldn't be all that hard -- I should contribute that), there are a couple of ways to pull that off.
One way to do it is to install the Views Custom Field module and add a PHP Code field to your view that contains php like this:
Or you could use similar code in a preprocessor in a custom module or your theme or in a template override in your theme.
If you install Views Custom Field you really have to trust people who can edit Views.
You really, really shouldn't have Devel enabled on production.
Comment #2
pcarman CreditAttribution: pcarman commentedI created a views' field masquerade link for my site. I will post it here once I clean it up. Its very basic, but could be a good starting point.
Comment #3
deekayen CreditAttribution: deekayen commentedMasquerade worked as you describe before masquerade 6.x-1.4, but unfortunately it changed for security.
http://drupal.org/node/835900
Comment #4
patcon CreditAttribution: patcon commentedoh hey, thanks deekayen :)
Comment #5
sk33lz CreditAttribution: sk33lz commented@krlucas, I tried your method to achieve this and it seems to generate the token fine, but I can't seem to get it to add the UID properly. Any more thoughts on creating a patch to fix this?
Thanks!
Comment #6
j4 CreditAttribution: j4 commentedI would also appreciate that.
Thanks
Jaya
Comment #7
justinthughes CreditAttribution: justinthughes commentedThank you krlucas, your code snippet worked perfectly for me!
Now my custom admin user list view has a nifty masquerade link next to each user! +1 million internet points my friend!
Comment #8
nattyweb CreditAttribution: nattyweb commentedExcellent - thanks krlucas; Googled this problem, came straight here, applied your solution, job done - all in two minutes.
Now I just have to figure out how yo take the newly-signed-in user to a page that doesn't give an Access denied message!