Masquerade is not correctly supported.
I can masquerade as any user but can't go back.
It would be great to have optional masquerade support like it is done in session_limit.
Thanks!

Comments

tip-ok created an issue. See original summary.

jaypan’s picture

Status: Active » Postponed (maintainer needs more info)

I don't understand what you mean by 'can't go back', nor what that has to do with this module.

tip-ok’s picture

Thank you for your quick reply.
"Can't go back" means that it is not possible to turn off the masquerade if user has a pending password change and "Check for pending password change" is set to "on every page load".
So I can use masquerade and temporarily switch to another user account but I can't switch back to my previous account (only log out).
I am sorry if I was not clear enough.

jaypan’s picture

Status: Postponed (maintainer needs more info) » Fixed
StatusFileSize
new818 bytes

I whitelisted the path, which is now part of 7.x-2.x-dev. It will become part of the next full release, but I don't have any plans to release a new version until there are more features to be added as part of the module. So I'm adding a patch that contains the changes, you can apply the patch now, and next time the module is upgraded you won't need the patch anymore.

Unmasquerade path is also whitelisted in 8.x-1.0-beta2.

tip-ok’s picture

Now, when I switch to another user account with pending password change I just log out. So I still can't browse site as that user.

jaypan’s picture

Your issue must lie with some other module - I only whitelisted that path, I didn't alter the user object at all, nor do any redirects or anything. I simply the conditional that determines whether it should be checked if a redirect should occur. I changed this:

if($user->uid && !$ajax_request && !in_array(current_path(), array($change_password_url, 'user/logout', drupal_get_path_alias('user/logout'), 'user/password', drupal_get_path_alias('user/password'))))
{
  // Test to see if a redirect to the user edit page should occur

To this:

if($user->uid && !$ajax_request && !in_array(current_path(), array($change_password_url, 'user/logout', drupal_get_path_alias('user/logout'), 'user/password', drupal_get_path_alias('user/password'), 'masquerade/unswitch')))
{
  // Test to see if a redirect to the user edit page should occur

As you can see, I simply added the path 'masquerade/unswitch' to the paths at which the module checks on whether a redirect to the user edit page should occur. I also went through and did a double check to see if the module is altering the user object anywhere, which can cause a logout, and there is nothing. And finally I tested it on my local installation, and was able to switch back without issue.

So I believe your issue lies with another module.

tip-ok’s picture

Ok. I'll check another modules (I also have session_limit, password_policy, userprotect, conditional_fields and field_permissions).
Thank you.

tip-ok’s picture

The problem has lain in user status. It was equal to zero.
I've changed it and everything's okay now. Thanks a lot.

tip-ok’s picture

Status: Fixed » Closed (fixed)