Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I am logged in as user 1 with full permission to masquerade. I successfully masquerade as another user. However, when I reference the URL masquerade/unswitch I get an error that I do not have access to the page.
Hmmm whats up? I am using 7.x-1.0-rc5. There are no PHP errors. The Drupal logs show an access denied error followed by a second error "Warning: Cannot modify header information - headers already sent...".
Any ideas? Should I be using the 7.x-1.0-dev version?
See comment #10 as solution
Comments
Comment #1
webservant316 CreditAttribution: webservant316 commentedclarify title
Comment #2
andypost@webservant316 please try 7.x-1.0-dev version, also provide a url from which you are trying to unmasquerade.
it would be awesome if you provide more info about steps to reproduce the bug
Comment #3
webservant316 CreditAttribution: webservant316 commentedwill do when I get back in the office monday.
Comment #4
webservant316 CreditAttribution: webservant316 commentedOk I did a fresh install of masquerade 7.x-1.0-dev. I still have the exact same problem. I am able to switch to another user. However, I am unable to unswitch. Mydomain.com/masquerade/unswitch throws a no access error.
There are no PHP errors. However, there is this entry in the Drupal logs...
I am able to log out as the switched user and then log back in as the admin. However, that is not very convenient.
What other information can I give you?
Comment #5
andypostThis really strange, the url should have token so it seems that some of installed modules breaks masquerade at least prevents execution of
masquerade_menu_alter()
I recomment to to debug this, also try clear all cache ;)
Comment #6
webservant316 CreditAttribution: webservant316 commentedWhat does this statement mean?
Maybe I am simply calling the 'unswitch' command wrong. I didn't see the link anywhere and I am not using the navigation menu, so I was just manually typing 'masquerade/unswitch' in the URL.
Is the commend supposed to have an argument?
Comment #7
andypostyou can't manually type the url, try to use block or menu
Comment #8
webservant316 CreditAttribution: webservant316 commentedok - that is the problem. sorry for the trouble over such a simple thing.
Comment #9
stevendeleus CreditAttribution: stevendeleus commentedI need help with this. There is no unswitch link in the menu. Does this need some configuration?
Will the token be added automatically when I create a menu link masquerade/unswitch ?
Using the block didn't help much. It worked sometimes, but most often I got the access denied error.
I am using the adminimal menu. I'm not sure this is causing problems, but it seems to use caching.
Comment #10
ron_s CreditAttribution: ron_s commentedOne important point in case anyone is reading this thread -- if you have Login Destination installed (I'm using 7.x-1.1), and you're performing a redirect to the current page (using the "
<current>
" path), you need to add "masquerade/*" as pages to not allow redirects from in your Login Destination settings. Otherwise the site will say there are insufficient permissions to view the page.This happens both when attempting to masquerade and attempting to switch back, and adding "masquerade/*" fixes the issue.
Comment #11
andypost@ron_s better to file and link here new issue to modules compatible or add a line to readme
I think about that we just need to properly check referer and redirect to front page or login destination if enabled
Comment #12
andypostComment #13
ron_s CreditAttribution: ron_s commentedSure, I think adding a line to readme until there is a more proper check would be reasonable.
Comment #14
AaronBaumanStill having this issue with latest dev, but only on my local environment.
Are there undocumented requirements around cookies, or other settings?
Comment #15
AaronBaumanOK, resolved this by enabling mod_rewrite
Not sure how my clean URLs were working without this enabled, but enabling it fixed my issues with masquerade.
Comment #16
andypost#15 thanx for reporting, I'm sure we need to explore redirects with clean urls "off"
Comment #17
joelpittetI'm seeing this as well with clean url's "on". Is it
login_destination
for others seeing this?Comment #18
fox mulder CreditAttribution: fox mulder commented#10 resolved this problem on my site
Comment #19
andypost