Admin Impersonation¶

Overview¶

Admins can impersonate any user to view the application exactly as that user sees it. This is used for support and debugging — the admin's session temporarily switches to the target user's identity.

Starting Impersonation¶

1. Admin clicks the "Users" link in the navigation bar (only visible to admins)
2. Selects an organisation from the dropdown
3. A paginated table of users in that organisation is displayed
4. Admin clicks "Impersonate" next to the target user
5. The admin's session switches to the target user and they are redirected to the home page
6. The admin now sees the application as that user — all data, settings, and views reflect the target user's account

The admin's original identity is preserved in the background so it can be restored.

UI Indicator¶

While impersonating, an amber banner appears in the navigation bar showing:

• The text "Impersonating" with the target user's email address
• A red "Stop impersonating" button

The current admin account is shown with a "(you)" label in the users table and cannot be impersonated.

Stopping Impersonation¶

1. Admin clicks "Stop impersonating" in the banner
2. The session is restored to the admin's original identity
3. The admin is redirected back to the Organisations page
4. The impersonation banner disappears

Access Control¶

Only accounts with admin privileges can access the Users page and impersonation features. Non-admin users who attempt to access these routes receive a 404 — the routes are hidden entirely rather than returning an authorization error.

Switching Targets¶

If an admin is already impersonating one user and impersonates another, the new target replaces the previous one. The admin's original identity is preserved — stopping impersonation always returns to the real admin account, regardless of how many times the target was switched.