You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Angela Schreiber (Jira)" <ji...@apache.org> on 2023/05/16 10:23:00 UTC

[jira] [Updated] (OAK-10173) Allow members of configured principals to impersonate any user

     [ https://issues.apache.org/jira/browse/OAK-10173?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Angela Schreiber updated OAK-10173:
-----------------------------------
    Summary: Allow members of configured principals to impersonate any user  (was: Allow members of configured groups to impersonate any user)

> Allow members of configured principals to impersonate any user
> --------------------------------------------------------------
>
>                 Key: OAK-10173
>                 URL: https://issues.apache.org/jira/browse/OAK-10173
>             Project: Jackrabbit Oak
>          Issue Type: Story
>          Components: core, security-spi
>            Reporter: Antoniu N
>            Priority: Major
>
> The issue is related to AEM's [SITES-10289|https://jira.corp.adobe.com/browse/SITES-10289]
> Customer Use-case :
> Customer is an AMS customer so admin user is not constantly available. Customer can attempt to contact lock owner, however, they are not available as well.
> User will lock pages when they are working on it and may forget to unlock the page.
> Team will no longer be able to work on the locked page until AMS admin is available or lock owner admin is available to unlock the page.
> Customers have administrators available but administrators do not have the ability to unlock the pages.
> Steps to replicate :
> Impersonation:
> Create test-author user and add them to content-authors group
> Create test-admin user and add them to administrators group
> Log into the AEM instance as test-admin and try to impersonate test-author - this is not possible unless you are logged in as the actual "admin" user.
> Current/Experienced Behavior :
> Administrators are not able to unlock pages or impersonate users (unless their user id is added to the impersonators of the target user)
> Improved/Expected Behavior :
> Administrators should be able to unlock pages and impersonate other users.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)