Jump to content

Sign As member is a bit vulnerable


PatrickRQ

Recommended Posts

Hello,

We have different levels of permissions in our admin structure. I want to provide support of signing as other member to specific users but problem is they can sign as highest admin account. There should be setting to block specific users/groups from ability of signing as.

Link to comment
Share on other sites

If you create an unrestricted admin, they'll have permission to access the function and anything else.

You want to create a restricted admin and grant the specific member privilege to sign in as a member.

ACP > Members > Staff > Administrators

Choose the person or group...  set them as a RESTRICTED permission set, then go through what permissions they should have.  To sign in as a member, choose "Can sign in as members".

image.thumb.png.d13abd373164d115f96f5f75a5a61e3e.png

Link to comment
Share on other sites

@Randy Calvert, it won't help. Using restricted access is designed to use specific admin permissions for specific member or group. Problem here is the "Sign as member" privilege which allows to sign as any member. let's say you give "assign as member" to your super mods or junior admins - they will be able to login as you - his majesty the king ^^

Link to comment
Share on other sites

  • 1 month later...
On 4/26/2022 at 9:04 AM, PatrickRQ said:

@Randy Calvert, it won't help. Using restricted access is designed to use specific admin permissions for specific member or group. Problem here is the "Sign as member" privilege which allows to sign as any member. let's say you give "assign as member" to your super mods or junior admins - they will be able to login as you - his majesty the king ^^

Thing is, if you're concerned that by logging in as you they could do bad things, I wonder why you'd trust them to login as anyone, or indeed to login to the ACP at all?

Link to comment
Share on other sites

1 minute ago, Dll said:

Thing is, if you're concerned that by logging in as you they could do bad things, I wonder why you'd trust them to login as anyone, or indeed to login to the ACP at all?

I would tend to agree. You should be allowing only people you trust to access these areas

Link to comment
Share on other sites

32 minutes ago, Dll said:

I wonder why you'd trust them to login as anyone

Use case: moderator logs in as member to investigate the reported issue. Helpful to distinguish if the issue is reproducable e. g. permissions issue. Or if not, then probably browser-based. This helps to instruct the user further. 

Indeed the moderator should be able to login as member only, not as other moderator and not as admin.

Link to comment
Share on other sites

22 minutes ago, Sonya* said:

Use case: moderator logs in as member to investigate the reported issue. Helpful to distinguish if the issue is reproducable e. g. permissions issue. Or if not, then probably browser-based. This helps to instruct the user further. 

Indeed the moderator should be able to login as member only, not as other moderator and not as admin.

But, if you look at it as if you're a member of that community - if someone is going to be able to login as me, then I expect that person to be trustworthy. If the owner of the community doesn't trust them to login to their account, why should I trust that person to login to my account?

Edited by Dll
Link to comment
Share on other sites

1 minute ago, Dll said:

If the owner of the community doesn't trust them to login to their account, why should I trust that person to login to my account?

I do trust my moderators to login into member accounts to investigate the issues. But I do not want them to look into AdminCP with full permission:

  • they should not be able to change something by accident, as they are technically unexperienced
  • they should not be able to see payment history as this is not their business 😉 
Link to comment
Share on other sites

I think the point here is that the setting itself is not vulnerable. It does exactly what it says it does. The only thing that is vulnerable is the fact the person has been given those permissions. We have a suggestion in here for that to change, and I can certainly see your points there. However, as it stands at present, it would be wise not to set permissions for moderators based on how you believe it should work in the future.

Link to comment
Share on other sites

1 hour ago, Sonya* said:

I do trust my moderators to login into member accounts to investigate the issues. But I do not want them to look into AdminCP with full permission:

  • they should not be able to change something by accident, as they are technically unexperienced
  • they should not be able to see payment history as this is not their business 😉 

That's different to the original question and your original post though. The original point was allowing staff to log in as one user but not as another one. That's not related to technical proficiency or the chance of them making a mistake, that's purely related to whether you trust them or not, in my opinion. 

Particularly bearing in mind that just because a super-mod could log in as an admin, it still wouldn't mean they had full access to the acp, as that's separate, as far as I'm aware. 

Edited by Dll
Link to comment
Share on other sites

  • 2 months later...

There typically is not comments by staff on feature requests statuses. Simply watch the release notes to see if it was added.  

Asking for “updates” generally does not help. 

If this did super important to you, it’s most likely better to engage a 3rd party resource developer to implement on a custom basis for your community. 

Link to comment
Share on other sites

By the way: if this is functionality is ever being changed, I would also suggest to add other options, like removing access to personal messages, which are “personal” by definition and not something moderators should ever get access to. Frankly, I wouldn’t mind having that functionality removed altogether. I would feel much better if I could tell my members “there is no easy way to access messages” than to say “It’s actually super easy, but trust me, I am not going to (mis-)use it”. 

Edited by opentype
Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...