Remove special logic for user 1 in masquerade_masquerade_access

Created on 3 September 2024, 4 months ago

Problem/Motivation

As per ✨ Remove special logic for user 1 in SwitchAccessCheck RTBC we should remove access checks for user 1. This issue is about the check in masquerade_masquerade_access that allows user 1 to masquerade as anyone. Note that this does not cover the "masquerade as super user" case, which is still tied to user 1.

Steps to reproduce

Proposed resolution

Remove these lines from masquerade_masquerade_access:

  // Uid 1 may masquerade as anyone.
  if ($user->id() == 1) {
    return TRUE;
  }

If the user is an admin user then $user->hasPermission('masquerade as any user') will return true.

Remaining tasks

User interface changes

API changes

Data model changes

📌 Task

Status

RTBC

Version

2.0

Component

Code

Created by

🇦🇺Australia mstrelan

Live updates comments and jobs are added and updated live.

Merge Requests

!17Remove special logic for user 1 in masquerade_masquerade_access
Open
🇦🇺Australia mstrelan
updated 4 months ago

Comments & Activities

Issue created by @mstrelan
Merge request !17Remove special logic for user 1 in masquerade_masquerade_access → (Open) created by mstrelan
Status changed to Needs review 4 months ago1:39am 3 September 2024
Comment 4 months ago →
🇦🇺Australia mstrelan
Pipeline finished with Success
4 months ago
Total: 347s
#272045
Status changed to RTBC 4 months ago3:35am 3 September 2024
Comment 4 months ago →
🇦🇺Australia acbramley

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024