Masquerade by URL doesn't work

Open on Drupal.org →

Created on 8 January 2025, about 2 months ago

Problem/Motivation

Masquerade by URL doesn't work. Whenever you create a URL to masquerade as any role and then go to that URL you're met with an insufficient permission error, even if all available permissions for the msqrole have been set for every role.

Steps to reproduce

1. Install the msqrole module.
2. Configure the permissions related to the msqrole module such that all permissions are allowed for every available role.
3. Go to /admin/people/masquerade-role and generate a link with any or none of the roles selected (it doesn't matter).
4. Go to that link.
5. You will be met with an insufficient permission error.

Proposed resolution

To access the /admin/people/masquerade-role/set, the "masquerade as authenticated" permission is required. This permission is not available in the permission list for the msqrole module. My proposed solution is to make add this permission to the list. I've made a merge request containing this fix.

Remaining tasks

N/A

User interface changes

The "masquerade as authenticated" permission is now available in the permission list for the msqrole module.

API changes

N/A

Data model changes

N/A

🐛 Bug report

Status

Needs review

Version

1.0

Component

Code

Created by

julianriemersma

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Merge Requests

!8Masquerade by URL doesn't work
Merged
Unnamed author
updated 6 days ago

Comments & Activities

Issue created by @julianriemersma
Merge request !8Add "masquerade as authenticated" to permission list → (Merged) created by Unnamed author
Comment about 1 month ago →
🇧🇪Belgium RandalV
Hi @julianriemersma,

Sorry for the delay, I'll try to take a look into this ASAP.
I think something else might be wrong still, it's normal the authenticated role can't be chosen (since you *need* that role to use Masquerade by Role), but it shouldn't deny access when trying to masquerade as authenticated.

I think I've found a solution but need to do more testing.
Will keep you updated.
Comment 6 days ago →
System Message
randalv → closed merge request !8
Comment 6 days ago →
System Message
randalv → reopened merge request !8
Comment 6 days ago →
🇧🇪Belgium RandalV
Hi julianriemersma,

Thanks for reporting the issue!
I've finally gotten around to provide a fix, I had to fix it a bit differently because removing 'authenticated' from disallowed roles was creating some other issues.

I added a new release.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024