blob: 3bdbd9fab3eab13d487e6fdacb165052413d2e9c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
[%# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Bugzilla Bug Tracking System.
#
# The Initial Developer of the Original Code is Netscape Communications
# Corporation. Portions created by Netscape are
# Copyright (C) 2005 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s): A. Karl Kornel <karl@kornel.name>
#%]
[% PROCESS global/variables.none.tmpl %]
[% PROCESS global/header.html.tmpl
title = "Begin sudo session"
style_urls = ['skins/standard/admin.css']
%]
[% DEFAULT target_login = "" %]
<p>
The <b>sudo</b> feature of [% terms.Bugzilla %] allows you to impersonate a
user for a short time While an sudo session is in progress, every action you
perform will be taking place as if you had logged in as the user whom will be
impersonating.
</p>
<p class="areyoureallyreallysure">
This is a very powerful feature; you should be very careful while using it.
Your actions may be logged more carefully than normal.
</p>
<form action="relogin.cgi" method="POST">
<p>
To begin,
[% IF Param('usemenuforusers') %]
select
[% ELSE %]
enter the login of
[% END %]
<label for="target_login">the <u>u</u>ser to impersonate</label>:
[% INCLUDE global/userselect.html.tmpl
id => "target_login"
name => "target_login"
value => "$target_login_default"
accesskey => "u"
size => 30
multiple => 5
%]
</p>
[% IF !Param('usemenuforusers') %]
<p>
The username must be entered exactly. No matching will be performed.
</p>
[% END %]
<p>
Next, please take a moment to explain <label for="reason">why you are doing
this:<br>
<input type="text" id="reason" name="reason" size="80" maxlength="200"
value="[% reason_default FILTER html %]">
</p>
<p>
The message you enter here will be sent to the impersonated user by email.
You may leave this empty if you wish, but they will still know that you
are impersonating them.
</p>
[% IF user.authorizer.can_login %]
<p>
Finally, enter <label for="Bugzilla_password">your [% terms.Bugzilla %]
password</label>:
<input type="hidden" name="Bugzilla_login" value="
[%- user.login FILTER html %]">
<input type="password" id="Bugzilla_password" name="Bugzilla_password"
maxlength="20" size="20">
<br>
This is done for two reasons. First of all, it is done to reduce
the chances of someone doing large amounts of damage using your
already-logged-in account. Second, it is there to force you to take the
time to consider if you really need to use this feature.
</p>
[% END %]
<p>
Click the button to begin the session:
<input type="submit" value="Begin Session">
<input type="hidden" name="action" value="begin-sudo">
<input type="hidden" name="token" value="[% token FILTER html %]">
</p>
</form>
[% PROCESS global/footer.html.tmpl %]
|
