summaryrefslogtreecommitdiffstats
path: root/template/en/default/admin/sudo.html.tmpl
blob: 9c06055676e79ba9412b98ccd8b5ea7d4064ba74 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
[%# The contents of this file are subject to the Mozilla Public
  # License Version 1.1 (the "License"); you may not use this file
  # except in compliance with the License. You may obtain a copy of
  # the License at http://www.mozilla.org/MPL/
  #
  # Software distributed under the License is distributed on an "AS
  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
  # implied. See the License for the specific language governing
  # rights and limitations under the License.
  #
  # The Original Code is the Bugzilla Bug Tracking System.
  #
  # The Initial Developer of the Original Code is Netscape Communications
  # Corporation. Portions created by Netscape are
  # Copyright (C) 2005 Netscape Communications Corporation. All
  # Rights Reserved.
  #
  # Contributor(s): A. Karl Kornel <karl@kornel.name>
  #%]
  
[% PROCESS global/variables.none.tmpl %]

[% PROCESS global/header.html.tmpl
   title = "Begin sudo session"
   generate_api_token = 1
   style_urls = ['skins/standard/admin.css']
   doc_section = "useradmin.html#impersonatingusers"
 %]
 
[% DEFAULT target_login = "" %]

<p>
  The <b>sudo</b> feature of [% terms.Bugzilla %] allows you to impersonate a 
  user for a short time  While an sudo session is in progress, every action you 
  perform will be taking place as if you had logged in as the user whom will be 
  impersonating.
</p>

<p class="areyoureallyreallysure">
  This is a very powerful feature; you should be very careful while using it.  
  Your actions may be logged more carefully than normal.
</p>

<form action="relogin.cgi" method="POST">
  <p>
    To begin, 
    [% IF Param('usemenuforusers') %]
      select 
    [% ELSE %]
      enter the login of 
    [% END %]
    <label for="target_login">the <u>u</u>ser to impersonate</label>:
    [% INCLUDE global/userselect.html.tmpl
       id => "target_login"
       name => "target_login"
       value => target_login_default
       accesskey => "u"
       size => 30
    %]
  </p>
  
  [% IF !Param('usemenuforusers') %]
    <p>
      The username must be entered exactly.  No matching will be performed.
    </p>
  [% END %]
  
  <p>
    Next, please take a moment to explain <label for="reason">why you are doing
    this:<br>
    <input type="text" id="reason" name="reason" size="80" maxlength="200"
           value="[% reason_default FILTER html %]">
  </p>
  
  <p>
    The message you enter here will be sent to the impersonated user by email.
    You may leave this empty if you wish, but they will still know that you 
    are impersonating them.
  </p>
  
  [% IF user.authorizer.can_login %]
    <p>
      Finally, enter <label for="Bugzilla_password">your [% terms.Bugzilla %]
      password</label>:
      <input type="hidden" name="Bugzilla_login" value="[% user.login FILTER html %]">
      <input type="password" id="Bugzilla_password" name="Bugzilla_password" size="20">
      <input type="hidden" name="Bugzilla_login_token"
             value="[% login_request_token FILTER html %]">
      <br>
      This is done for two reasons.  First of all, it is done to reduce 
      the chances of someone doing large amounts of damage using your 
      already-logged-in account.  Second, it is there to force you to take the 
      time to consider if you really need to use this feature.
    </p>
  [% END %]
  
  <p>
    Click the button to begin the session:
    <input type="submit" id="begin_sudo" value="Begin Session">
    <input type="hidden" name="action" value="begin-sudo">
    <input type="hidden" name="token" value="[% token FILTER html %]">
  </p>

</form>

[% PROCESS global/footer.html.tmpl %]