You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I just had an idea because we use Nova and Impersonation quite excessively in our app.
Often it is very annoying when you've set up some complex table filters on a Nova resource and then you want to check something inside the app impersonated as another user. If you then reload the nova resource index while impersonating, you're getting a forbidden error, because the impersonated user does not have the permission to access nova.
What I tried to do is changing the Nova gate to grant access to the impersonating user as well with the help of the impersonation manager.
At first I thought this would already achieve what I wanted, but I had to quickly realize that Nova obviously still uses the current impersonated user for further checking of permissions via policies. This way you get into Nova, but you don't see much because the policies of the impersonated user forbid it.
So what I need is some kind of full overwrite of the nova user with the impersonating user so he can still see everything as if he was not impersonating. Of course the user should not be overridden for other parts of the app, because then the feature would be useless.
I'm searching for something like a nova user resolver that I could change to return the impersonating user instead of the impersonated, but only for nova context. So that it looks like nova doesn't even notice when a user enters a impersonation session.
I would be very glad if anyone could help with this idea.
The text was updated successfully, but these errors were encountered:
I just had an idea because we use Nova and Impersonation quite excessively in our app.
Often it is very annoying when you've set up some complex table filters on a Nova resource and then you want to check something inside the app impersonated as another user. If you then reload the nova resource index while impersonating, you're getting a forbidden error, because the impersonated user does not have the permission to access nova.
What I tried to do is changing the Nova gate to grant access to the impersonating user as well with the help of the impersonation manager.
At first I thought this would already achieve what I wanted, but I had to quickly realize that Nova obviously still uses the current impersonated user for further checking of permissions via policies. This way you get into Nova, but you don't see much because the policies of the impersonated user forbid it.
So what I need is some kind of full overwrite of the nova user with the impersonating user so he can still see everything as if he was not impersonating. Of course the user should not be overridden for other parts of the app, because then the feature would be useless.
I'm searching for something like a nova user resolver that I could change to return the impersonating user instead of the impersonated, but only for nova context. So that it looks like nova doesn't even notice when a user enters a impersonation session.
I would be very glad if anyone could help with this idea.
The text was updated successfully, but these errors were encountered: