Skip to content

feat(dashboard): allow admins to impersonate users for debugging#6061

Open
aicam wants to merge 2 commits into
apache:mainfrom
aicam:feat/impersonating
Open

feat(dashboard): allow admins to impersonate users for debugging#6061
aicam wants to merge 2 commits into
apache:mainfrom
aicam:feat/impersonating

Conversation

@aicam

@aicam aicam commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

What changes were proposed in this PR?

  • Add an admin-only POST /admin/user/impersonate/{uid} endpoint on AdminUserResource that mints a JWT for the target user via the same jwtToken(jwtClaims(user, ...)) path as login; returns 404 for a missing user and 400 for an INACTIVE user.
  • Block admin-to-admin impersonation: the endpoint returns 403 when the target has the ADMIN role, and the "Login As" button is disabled for admin rows in the UI.
  • Add a per-row "Login As" button in the admin user table (/dashboard/admin/user) that swaps the admin's token for the target user's token, stashing the admin's own token under a separate localStorage key.
  • Add a "Stop impersonating" item in the account menu that restores the stashed admin session.

Any related issues, documentation, discussions?

Closes: #6060

How was this PR tested?

  • Backend: run sbt "project WorkflowExecutionService" "testOnly org.apache.texera.web.resource.AdminUserResourceSpec", expect 4 passing tests (issued token claims match the target user, 404 for a missing uid, 400 for an INACTIVE user, 403 for an ADMIN target).
  • Frontend: run npx ng test --watch=false --include=src/app/common/service/user/user.service.spec.ts from frontend/, expect the impersonation specs to pass (start stashes the admin token and swaps in the target token, stop restores it, isImpersonating reflects state).
  • Manual: as an admin, open /dashboard/admin/user, click the Login As button on a REGULAR-user row, confirm the dashboard reloads as that user, then choose "Stop impersonating" from the account menu and confirm the admin session returns.
  • Manual (admin guard): confirm the Login As button is disabled on admin rows, and that POST /admin/user/impersonate/{uid} returns 403 for an ADMIN target while a REGULAR target returns 200.
Screenshot from 2026-07-02 10-13-17 Screenshot from 2026-07-02 10-13-55

Was this PR authored or co-authored using generative AI tooling?

Co-authored with Claude Opus 4.8 in compliance with ASF

Add an admin-only POST /admin/user/impersonate/{uid} endpoint that mints a
JWT for the target user (identical to a normal login token), returning 404
for a missing user and 400 for an INACTIVE user. The admin dashboard user
table gets a per-row button to log in as that user, stashing the admin's own
token so a "Stop impersonating" menu item can restore the original session.

Closes: apache#6060

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Automated Reviewer Suggestions

Based on the git blame history of the changed files, we recommend the following reviewers:

  • Contributors with relevant context: @jaeyun0503, @Yicong-Huang, @aglinxinyuan
    You can notify them by mentioning @jaeyun0503, @Yicong-Huang, @aglinxinyuan in a comment.

@github-actions github-actions Bot added feature engine frontend Changes related to the frontend GUI labels Jul 2, 2026
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

✅ No material benchmark regressions detected

🟢 2 better · 🔴 0 worse · ⚪ 13 noise (<±5%) · 0 without baseline

Compared against main 24b587f benchmarked on this same runner, so the delta is largely free of cross-runner hardware noise. The "7d avg" column still reflects the gh-pages dashboard. Treat <±5% as noise unless repeated.

Dashboard · Run

config throughput MB/s latency max Δ latest / 7d
🟢 bs=10 sw=10 sl=64 418 0.255 23,632/29,784/29,784 us 🟢 -6.5% / 🔴 +94.8%
bs=100 sw=10 sl=64 820 0.5 121,343/137,213/137,213 us ⚪ within ±5% / 🔴 +26.6%
bs=1000 sw=10 sl=64 918 0.56 1,094,604/1,125,877/1,125,877 us ⚪ within ±5% / 🔴 +9.7%
Baseline details

Latest main 24b587f from same runner

config metric PR latest main 7d avg Δ latest Δ 7d
bs=10 sw=10 sl=64 throughput 418 tuples/sec 428 tuples/sec 770.95 tuples/sec -2.3% -45.8%
bs=10 sw=10 sl=64 MB/s 0.255 MB/s 0.261 MB/s 0.471 MB/s -2.3% -45.8%
bs=10 sw=10 sl=64 p50 23,632 us 23,060 us 12,775 us +2.5% +85.0%
bs=10 sw=10 sl=64 p95 29,784 us 31,854 us 15,286 us -6.5% +94.8%
bs=10 sw=10 sl=64 p99 29,784 us 31,854 us 18,795 us -6.5% +58.5%
bs=100 sw=10 sl=64 throughput 820 tuples/sec 836 tuples/sec 976.93 tuples/sec -1.9% -16.1%
bs=100 sw=10 sl=64 MB/s 0.5 MB/s 0.51 MB/s 0.596 MB/s -2.0% -16.1%
bs=100 sw=10 sl=64 p50 121,343 us 118,863 us 102,557 us +2.1% +18.3%
bs=100 sw=10 sl=64 p95 137,213 us 135,361 us 108,383 us +1.4% +26.6%
bs=100 sw=10 sl=64 p99 137,213 us 135,361 us 115,249 us +1.4% +19.1%
bs=1000 sw=10 sl=64 throughput 918 tuples/sec 923 tuples/sec 1,009 tuples/sec -0.5% -9.0%
bs=1000 sw=10 sl=64 MB/s 0.56 MB/s 0.563 MB/s 0.616 MB/s -0.5% -9.1%
bs=1000 sw=10 sl=64 p50 1,094,604 us 1,082,065 us 997,695 us +1.2% +9.7%
bs=1000 sw=10 sl=64 p95 1,125,877 us 1,125,432 us 1,036,731 us +0.0% +8.6%
bs=1000 sw=10 sl=64 p99 1,125,877 us 1,125,432 us 1,069,334 us +0.0% +5.3%
Raw CSV
config_idx,batch_size,schema_width,string_len,num_batches,total_ms,total_tuples,total_bytes,tuples_per_sec,mb_per_sec,lat_p50_us,lat_p95_us,lat_p99_us
0,10,10,64,20,478.84,200,128000,418,0.255,23631.91,29783.80,29783.80
1,100,10,64,20,2440.44,2000,1280000,820,0.500,121343.09,137212.51,137212.51
2,1000,10,64,20,21784.90,20000,12800000,918,0.560,1094603.78,1125877.02,1125877.02

@codecov-commenter

codecov-commenter commented Jul 2, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 83.33333% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 56.91%. Comparing base (a1a7eb0) to head (8f69237).
⚠️ Report is 4 commits behind head on main.

Files with missing lines Patch % Lines
...ource/dashboard/admin/user/AdminUserResource.scala 83.33% 0 Missing and 2 partials ⚠️
Additional details and impacted files
@@             Coverage Diff              @@
##               main    #6061      +/-   ##
============================================
+ Coverage     56.38%   56.91%   +0.52%     
- Complexity     2986     3064      +78     
============================================
  Files          1129     1129              
  Lines         43794    43814      +20     
  Branches       4743     4746       +3     
============================================
+ Hits          24693    24936     +243     
+ Misses        17650    17445     -205     
+ Partials       1451     1433      -18     
Flag Coverage Δ *Carryforward flag
access-control-service 70.00% <ø> (ø) Carriedforward from 8da519c
agent-service 44.59% <ø> (ø) Carriedforward from 8da519c
amber 58.69% <83.33%> (+1.38%) ⬆️
computing-unit-managing-service 0.00% <ø> (ø) Carriedforward from 8da519c
config-service 52.30% <ø> (ø) Carriedforward from 8da519c
file-service 62.81% <ø> (ø) Carriedforward from 8da519c
frontend 50.12% <ø> (ø) Carriedforward from 8da519c
notebook-migration-service 78.57% <ø> (ø) Carriedforward from 8da519c
pyamber 90.20% <ø> (ø) Carriedforward from 8da519c
python 90.76% <ø> (ø) Carriedforward from 8da519c
workflow-compiling-service 55.14% <ø> (ø) Carriedforward from 8da519c

*This pull request uses carry forward flags. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Reject impersonating a user with the ADMIN role (403) in addition to the
existing missing/inactive guards, and disable the Login As button for admin
rows in the UI.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@chenlica

chenlica commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

@aicam this feature needs to be discussed first, as it's related to privacy of users. Please start a discussion and add its URL here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

engine feature frontend Changes related to the frontend GUI

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Allow admins to log in as (impersonate) any user for debugging

3 participants