I clicked impersonate a user, as they requested assistance and I wanted to see what access they had. I also wanted to understand how impersonate a user worked and what it’s used for.
I expected to simply see the same screen options that user would see, but was surprised when the screen displayed a draft of a post they were writing. It was an innocent post, but I didn’t feel comfortable seeing this work in progress & tried to exit immediately to respect their privacy. But I didn’t know how! I closed the browser, but when I returned to the site, it opened as the impersonated user again. I ended up logging out as that user, without knowing if I was also logging out the real user.
The lack of “EXIT” button during impersonation was discussed in this thread in 2014:
https://meta.discourse.org/t/impersonating-user-and-then-returning-to-admin/19382
Feature suggestions:
-
Display a confirmation message when someone clicks impersonate providing an indication of what’s involved, as it’s a serious action to take.
-
Add an obvious Exit or Stop Impersonating button.
-
If you don’t want to do #2 above, consider displaying a banner at the top saying something like:
“Currently impersonating User XXXXX - (take this action) to stop impersonating”
There’s currently no UI guidance about how to exit impersonation.