Frontend: disable `impersonate` button for users with expired passwords
Summary
- In
app/views/admin/users/_head.html.haml - When:
-
impersonation_in_progress?is true OR -
user.password_expired?is true OR -
user.blocked?is true OR -
user.internal?is true OR -
!can?(user, :log_in)is true
-
- Then the
'Impersonate'button is disabled - And there is a tooltip with a message, depending on the scenario. Messages are specific to the scenario and can be found in https://gitlab.com/gitlab-org/gitlab/-/blob/ea0b85c59333d320c7c3264db6a51931ff2ff6c1/app/controllers/admin/users_controller.rb#L387-399:
- "You are already impersonating another user"
- "You cannot impersonate a blocked user"
- "You cannot impersonate a user with an expired password"
- "You cannot impersonate an internal user"
- "You cannot impersonate a user who cannot sign in" (To be updated in users_controller.rb)
## More details
Currently, if a user is blocked we just hide the `impersonate` button. We should make this behavior consistent across different scenarios. If we want to disable impersonation, for any reason, we should show the `impersonate` button in a disabled state and include a tooltip with a helpful message.
The original proposal in https://gitlab.com/gitlab-org/gitlab/-/issues/332667 was to disable the "Impersonate" button and provide a tooltip with the explanation when a user has an expired password. That aligns with our "Error prevention" guideline in Pajamas: https://design.gitlab.com/usability/error-prevention.
Impersonation was blocked for users with expired passwords in the backend, this issue is for showing the ideal state on the frontend.
Original issue describing why impersonating users with expired passwords is problematic: https://gitlab.com/gitlab-org/gitlab/-/issues/332667
MR for blocking this on the backend: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/103068
### Proposal
- disable button.
- Add a tool tip stating: `This user’s password is expired. You cannot impersonate a user with an expired password.`Edited by Jon Glassman