Categories

(63)
(43)
(8)
(26)
(68)
(95)

The Masquerade module: see your Drupal site through each user’s eyes!

18.04.2018
The Masquerade module: see your Drupal site through each user’s eyes!
Author:

Let us invite you to an exciting masquerade! Its mission is to check what each user can see or do on your website. Drupal has an awesomely flexible system of user roles and permissions, as well as opportunities for fine-grained user access. These are the keystones of Drupal security, smooth user experiences, and cool features. You can make the most out of them, and then test the result for different users with the help of the Masquerade module. Interested? Let the masquerade begin!

How the Masquerade module works

The essence of Drupal Masquerade

To check new features or settings related to user access or permissions, site builders and administrators usually create test user accounts.

Without the Masquerade module, they have to log in and out of these test accounts, which is not always convenient. The Masquerade module lets them switch accounts with no login procedures and surf the site as a particular user. They can easily try on the “mask” of any user and then take it off by clicking “Unmasquerade.”

Who can masquerade as who: user permissions

Usually, it’s only the administrator that’s allowed to do the masquerading. However, permissions to use masquerade can be fine-tuned in People — Roles — Permissions.

As you see, there is no option to masquerade as anonymous user, since it is considered a little buggy.

How to masquerade as a user

The module works a little differently in Drupal 6, 7, and 8. In today’s example, we will look at Drupal 8.

So, with the Masquerade module  installed and enabled, the “Masquerade as” option will become available next to each user in the dropdown list of “operations.” We can also see it on each user’s page.

In addition, there is a handy form for quick user switching that can be placed anywhere on the website, like any other block. In Structure — Block layout, we click on the site’s region where we want to see it, click “Place block”, find “Masquerade — Forms” on the list, click “Place block” again, and finally save the blocks.

It is very handy to have the “Masquerade as” form in the left sidebar. The “Unmasquerade” link is at the top of the page.

An example of Masquerade module’s use

It’s now time to invite a couple of our masquerade participants! Our authenticated users will be Colombina and Arlecchino.

In our example, authenticated users can post their content, and each user should have a “My masquerade photos” page where only they see the photos they authored.

For this experiment, let’s make sure that at least some pieces of content for this content type are authored by Colombina and Arlecchino. We can change this in the “Authored by” option of each piece of content.

Let’s now create a simple views with all photos. It now shows all of them yet with no filtering according to user.

To achieve this, we will go to views advanced settings. There, let’s add a relationship to author, as well as create a contextual filter that only displays the content if its author matches the current user ID. And the Masquerade module will then help us check if each user really sees their own photos only.

So our roleplay begins — we are going to the “Masquerade as” form in the left sidebar and masquerading as Colombina. That’s right, we can only see her content. Awesome!

Since only the administrator can use masquerade and we are now “Colombina,” the “Masquerade as” form disappeared from the sidebar.

Let’s click “Unmasquerade” at the top of the page to return to admin’s account, and then masquerade as Arlecchino. We only see Arlecchino’s content. Wonderful!

We should never forget to unmasquerade back. The masquerade has been successful and it is now over.

Final thoughts

That’s been a brief overview of what the Masquerade module can do for testing purposes. Drupal hides many more secrets, and its possibilities are unlimited.

Contact our team if you want to create amazing access-based features for your users, set up an order to all roles and permissions, get help with testing, and so much more!

5 votes, Rating: 5

Read also

1

The ability to easily integrate the site with third-party systems, output data to any application and “lock and seal” the site in terms of security — these advantages alone put Drupal at the head...

2

This was a blog post written by guest author Martin Postma (lolandese). He usually writes directly...

3

Taking into account technical capabilities, cost and development time, let’s now try to define what types of websites are a better fit for each CMS. What kinds of businesses and spheres of social...

4

Printed newspapers and magazines are now being displaced with Internet publications. How can Drupal help media and publishing organizations reach their readership among Internet users? Find out by...

5

There is no place for rivalry, even for such life-long competition as that between...

Subscribe to our blog updates