Jump to content

Invision Community Blog


Managing successful online communities

Andy Millne
Sign in to follow this  
 

4.0 - Logging in as Members

Day to day administration of your site and particularly managing member permissions has been greatly improved in IPS Community Suite 4.0. It is now easier than ever to see who has access to what but there are still times when being able to see exactly what a member sees can be useful. Perhaps a member is reporting that they can't view a section of the site or they need assistance altering settings on their account? For this reason administrators can log in to other users accounts automatically via the admin control panel where allowed.

Security

When dealing with access to other people's accounts security is of critical importance and we take this very seriously. Permissions for this are of course controlled by the ACP restrictions system so the ability can be toggled easily on a per user or group basis only to trusted administrators. The member also does not need to reveal their password to the administrator and all login actions are recorded in the logs so security and an audit trail is maintained.

Logging In

The process of logging in as a user starts in much the same way as in previous versions of the suite. When viewing a member in the ACP you simply click sign in and a new window with your user session is created.



For IPS Community Suite 4.0 we have improved several areas of this implementation. Firstly, when logging in as a user you do not lose your existing admin session. You still show logged in as yourself but acting on behalf of somebody else. The user menu updates to show this and serve as a reminder so you do not forget to log out and continue posting using another account. All actions you now perform are as if you were logged in as the user themselves. Viewing and posting permissions reflect the user you are logged in as and any content created will show as if posted by that user.



In previous versions not having this workflow was frustrating as you would log in as another user and then when you were finished need to log back out and then log back in with your administrator account. We have now made this seamless. When logging out from another user account in IPS Community Suite 4.0 you are simply returned back to your original admin session with no need to log back in.

Summary

We hope that these small but powerful changes make for a much more productive workflow. Helping members with access issues and making sure your user permissions are set up correctly should now be much more practical and intuitive.

Sign in to follow this  

Comments



Recommended Comments

Firstly, when logging in as a user you do not lose your existing admin session. You still show logged in as yourself but acting on behalf of somebody else.

 

Perfect. This seems to be a small thing, but I find this a huge improvement!

Share this comment


Link to comment
Share on other sites

Firstly, when logging in as a user you do not lose your existing admin session. You still show logged in as yourself but acting on behalf of somebody else.

 

But there's an option to "kill" the Regular User session or do I have to logout and go back to ACP or login in my admin account ?

Share this comment


Link to comment
Share on other sites

 

But there's an option to "kill" the Regular User session or do I have to logout and go back to ACP or login in my admin account ?

 

 

When logging out from another user account in IPS Community Suite 4.0 you are simply returned back to your original admin session with no need to log back in.

Share this comment


Link to comment
Share on other sites

looks like there is a message thats helps the admin to know that he is logged in as a member ?

 

 

maybe you could also add a notifcation tab (with yellow warning sign) in site header which warns the admin that he is logged in as a member.

Share this comment


Link to comment
Share on other sites

 

In previous versions not having this workflow was frustrating as you would log in as another user and then when you were finished need to log back out and then log back in with your administrator account.

We have now made this seamless. When logging out from another user account in IPS Community Suite 4.0 you are simply returned back to your original admin session with no need to log back in.

GOOD improvement!

Share this comment


Link to comment
Share on other sites

I use this feature before on the current version and i actually get stuck as the user...Meaning if i log on as say Lindy and then i click sign-out...if i come back a few hours later and retype my site's name in it'll still show me logged on as lindy.

 

I hope that little glitch will be fixed with IPB4.

(The theme looks so lovely from what we can see)

Share this comment


Link to comment
Share on other sites

looks like there is a message thats helps the admin to know that he is logged in as a member ?

 

 

maybe you could also add a notifcation tab (with yellow warning sign) in site header which warns the admin that he is logged in as a member.

 

The name already shows in the site header.  I'm not sure a yellow notification icon is really necessary, but you could certainly add it in your own skin if you wanted to when you start using 4.0. :)

 

Is there some accountability measures for the member? Will or can they know when an admin is or has been logged in as them? Do they have access to the audit trail, or some semblance of one?

 

No.  The end user has no way to know if the admin has logged in as the user or not, and this is not something we are going to add at this time.  We will of course continue to monitor feedback on the feature to determine what changes, if any, are necessary in future releases.

Share this comment


Link to comment
Share on other sites

No.  The end user has no way to know if the admin has logged in as the user or not, and this is not something we are going to add at this time.  We will of course continue to monitor feedback on the feature to determine what changes, if any, are necessary in future releases.

 

So the "last active" isn't updated ?

Share this comment


Link to comment
Share on other sites

When dealing with access to other people's accounts security is of critical importance and we take this very seriously. Permissions for this are of course controlled by the ACP restrictions system so the ability can be toggled easily on a per user or group basis only to trusted administrators. The member also does not need to reveal their password to the administrator and all login actions are recorded in the logs so security and an audit trail is maintained.

 

Is there any granularity for things like allowing access to log in as a member to view permissions, but disable the ability to read their private messages or use a nexus cart or anything like that? That is, is this an all or nothing login? There are some people I'd like to trust with access, but it would require rewriting our Privacy Policy if all admins given access also theoretically have access to all saved data of that user.

Share this comment


Link to comment
Share on other sites

 

So the "last active" isn't updated ?

 

Ok I lied, the last active timestamp is still updated.  Most users don't manage to check this value on their profile before logging in themselves, however, so in practice this isn't that useful for most end users.  For it to be used for tracking purposes a user would have to make it a habit to remember the precise date/time they were last active and then visit their profile before logging in (because once they log in their timestamp will be updated) to compare.

 

When you sign in as a member, does that member show up in the list of online members?

 

Also, what happens if you sign in as a member when that member is already signed in?

 

Yes the member would show up in the online member list.

Nothing "happens" if the user is already signed in. You will both be signed in as the same user.

 

 

Is there any granularity for things like allowing access to log in as a member to view permissions, but disable the ability to read their private messages or use a nexus cart or anything like that? That is, is this an all or nothing login? There are some people I'd like to trust with access, but it would require rewriting our Privacy Policy if all admins given access also theoretically have access to all saved data of that user.

 

No, it's an all or nothing thing.  Just like in 3.x btw (your admins can login as a user if you allow them to in 3.x as well).

 

When IPB logs their IP addresses, does it only log registration and post IP's or does/will it log log in IP's and page viewing IP's? Thank you

 

We do not log IP addresses when just viewing pages or the site.  Things like voting, registering, downloading from IP.Downloads, commenting, etc. all log IP addresses, but not just general browsing (outside of the session table while the user is actually logged in, but this table is volatile and not preserved in any fashion when a session has ended).

Share this comment


Link to comment
Share on other sites

No, it's an all or nothing thing.  Just like in 3.x btw (your admins can login as a user if you allow them to in 3.x as well).


Yep, I haven't given out permissions currently to anyone else so sounds like for me at least it will be admin'd the same but get all the improvements as listed, so that's awesome news. I don't have nexus yet either but it's something we're planning on adding, so moreso i was curious that if a user had credit card info autosaved or something, we'd have more obligations to protect that info if other admins were given permission.

These 4.0 changes are amazing, thanks for all the updates!

Share this comment


Link to comment
Share on other sites

Since this feature can be turned off, I won't let it cause me to abandon my plans to convert to IPS. However, I would like to see, in future versions of course, more transparency and accountability to members. I regard their privacy very highly and would like to protect that privacy as much as possible. My hope is that this feature will get more attention and options and maybe even plugin developer participation in the not too distant future.

Share this comment


Link to comment
Share on other sites

Since this feature can be turned off, I won't let it cause me to abandon my plans to convert to IPS. However, I would like to see, in future versions of course, more transparency and accountability to members. I regard their privacy very highly and would like to protect that privacy as much as possible. My hope is that this feature will get more attention and options and maybe even plugin developer participation in the not too distant future.

 

I am a bit confused as to your reaction and feel you may be misunderstanding what this feature is for. This is an admin-only feature that allows you to login as a member so you can help diagnose problems and such. There is no privacy issue as you are already an admin and can already see everything they can see and more. This feature just makes running your community easier.

 

Also I should point out this feature has existed in 3.x for years (we are just make it better in 4.x) and of course if there is something about it you find scary then simply don't click the button in the AdminCP to use it :smile:. After all it's a button only you as an admin can even see.

Share this comment


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...