Hi,
we need to remove the “impersonate” functionality from the indico.
Is there any easy way to achieve this?
Thanks
Don’t give people who shouldn’t be able to do that admin permissions? FYI, impersonating users is logged so there is always a trace of when someone uses this.
Thanks for a prompt reply. That is right but only the VM administrator has access to log data. Therefore we need to deny impersonate even for the system administrator.
This request came from the business users since the system administrator will be from the IT department.
Thanks
You could use a plugin that connects to signals.rh.check_access for a sender of RHAdminImpersonate and then aborts with an error.
But the UI would still be there of course…
A cleaner solution would be to not give anyone outside IT full admin rights, and instead make your “normal admins” managers of the root category in case that’s enough for them…
1 Like
Thanks, this will solve the problem.