After impersonate, Logout redirects to system logout
ramonov opened this issue ยท 39 comments
After the nextcloud upgrade to version 21.0.1. I found that once your are in impersonated session, if you logout it will not redirect to previous login session it directly logout from system and login page shows up
I am seeing the same behaviour which worked fine with v20
I am seeing the same behaviour which worked fine with v20
yes it was working with v20
same here with NC 24 0 4 1
any evolution?
Did/Does work fine in NC25.0.4 with Impersonate 1.12.0.
OP issue is back in NC26.0.0RC2 with Impersonate 1.13.0.
yes it seems to ๐
I confirm the issue is back on my instance since NC26, Impersonate 1.13.0
Can confirm seeing the same thing on NC 25.0.5
Hi. I have updated my containers yesterday, and yes, 'impersonate' asks to login after quitting the user account.
Confirm total logout when exiting impersonated user on NC version 25.0.5.1, impersonate 1.12.0. Did NOT occur on NC 24.0.11, exiting from impersonated user would return to original login.
Tried reverting js/impersonate_logout.js and lib/Controller/LogoutController.php to previous state , but no change in results. (commit 2bb059c) [Edit fix link]
Log shows impersonation, but no logout:
{"reqId":"3iA5LMEnYz1FWLmbcPpD","level":2,"time":"2023-04-02T19:53:00+00:00","remoteAddr":"1.2.3.4","user":"xxx","app":"impersonate","method":"POST","url":"/index.php/apps/impersonate/user","message":"User xxx trying to impersonate user zzz","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/111.0","version":"25.0.5.1","data":{"app":"impersonate"},"id":"6429ea0f94813"}
{"reqId":"3iA5LMEnYz1FWLmbcPpD","level":2,"time":"2023-04-02T19:53:00+00:00","remoteAddr":"1.2.3.4","user":"xxx","app":"impersonate","method":"POST","url":"/index.php/apps/impersonate/user","message":"Changing to user zzz","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/111.0","version":"25.0.5.1","data":{"app":"impersonate"},"id":"6429ea0f947e6"}
Having several logins for 'me', I really loved this feature and miss it badly.
Same issue also 25.0.5 and 26.0.0. Once i impersonate a user and then i click on logout it dose not redirect me back the my profile but logs everything out. Before it never used to do this. I think it happen ever since the new version on the app was released
2.6.0.1 still has this issue.
Same on 25.0.6.
Nextcloud 24.0.10 and Impersonate 1.11.1 > no issue
Nextcloud 24.0.12 and Impersonate 1.11.1 > no issue
Nextcloud 25.06 and impersonate 1.12 > logs out both users
Nextcloud 26.01 and Impersonate 1.13 > logs out both users
Nextcloud 26.01 and Impersonate 1.13 still have this problem
Hi
I read somewhere that this was fixed, but it's still not.. after each update, this bug is back on track ^^
After login out of the impersonated account with the NC admin user, the main login screen is displayed: admin is logged out too. So, admin has to login after each impersonification, then go to users page again, which slows down the workflow ..
On NC AiO 5.2.2
NC 26.0.2
Impersonate app 1.13.1
fingers crossed
have a good day
Just tested it is fixed on my system, NC 26.0.2 with Impersonate app 1.13.1.
Wfm, too. @punkyard please log out (as admin, from your nc instance altogether), log in (as admin), then use impersonate a user and log out (from that impersonated user). You then should be back to your (still logged-in admin user).
thanks, this is not working. It's not the first time .. It come and goes with updates ..
Still does not work for me as well, logging out of the impersonated account just logs me out completely - NC v26.0.2 and Impersonate v1.13.1
Could this be related to what security is in place for the accounts? All my accounts have a minimum of using TOTP but most also use the Android app for authentication.
Please check the browser console for errors.
Please check the browser console for errors.
These are the only errors that appear from the moment I switch user to when I log out the user and get the log in screen:
Please check also errors after opening any page as impersonated user.
Please check also errors after opening any page as impersonated user.
I visited various parts of the site as the impersonated users, no problems show in the main browser and this is all that was logged:
Just tested on NC 27.0.0 RC3 and the redirect is working for me.
@Taomyn as impersonated user,, can you run the following in the browser console and report the result?
document.getElementById('logout').getElementsByTagName('a')[0].getAttribute('href');
document.getElementById('logout').onclick.toString();
@Taomyn yes, the original logic is not replaces with the impersonate logout mechanism. Did you try to clean your browser cache yet?
@Taomyn yes, the original logic is not replaces with the impersonate logout mechanism. Did you try to clean your browser cache yet?
Damn, I hoped that would be it but no, I cleared the cache, restarted the browser and it was the same, I even tried in private mode and it behaves the same way
Then you also do not see the "Logged in as Fooabar" notificaiton on the upper right? Which browser do you use?
Then you also do not see the "Logged in as Fooabar" notificaiton on the upper right? Which browser do you use?
Currently Edge, though when I get home later I can try it again with Brave. Both up-to-date.
Both of them Chrom(ium) in the end, but would still be good to verify whether the specific browser is a factor or not.
Both of them Chrom(ium) in the end, but would still be good to verify whether the specific browser is a factor or not.
So I tried Brave on my main PC and also Firefox on another, both full up-to-date, and the same behaviour where logging off the impersonated user logs me right out.
Can you check your browser console network log to see if impersonate_logout.js gets loaded properly after impersonating a user?
Can you check your browser console network log to see if impersonate_logout.js gets loaded properly after impersonating a user?
I only see it loading when choosing the user to impersonate it never appears again after that:
Just a thought (not sure if this could be the issue), but can you check if the impersonate app is maybe limited to specific user groups in the apps management? Could probably explain why the script is not loaded for the impersonated user then
Just a thought (not sure if this could be the issue), but can you check if the impersonate app is maybe limited to specific user groups in the apps management? Could probably explain why the script is not loaded for the impersonated user then
I think you've solved it:
After removing the limit and trying again all was working as expected including the small pop up stating the impersonation was in effect.
The limit was always there as far as I recall, not sure if I placed it or if it was default, but I do know that it all worked once before.
I take it the feature is locked to admins anyway?
I can only think of this being an issue when switching the app bootstrap implementation starting with Nextcloud 20. Before that I think the app.php file was always loaded which could explain why it worked even with the group limit. Not having that in place seems to be more sensible so I proposed #222 for that.
I've always limited 'impersonate' to admin group.
Loggin out sometimes worked, mainly it didn't.
I've uncheked group limitation in Apps, and apparently that brings logging out back to the admin account. It seems no other account has access to the 'impersonate' functionality.
Can you confirm no other account has access to Impersonate?
I've always limited 'impersonate' to admin group. Loggin out sometimes worked, mainly it didn't. I've uncheked group limitation in Apps, and apparently that brings logging out back to the admin account. It seems no other account has access to the 'impersonate' functionality. Can you confirm no other account has access to Impersonate?
It's limited to admins only. In admin settings you can choose other groups to be able to impersonate, but the default is limited to admins.