Masquerade your way to better testing

Two elaborate feathered carnival masks sit on black velvet, a white rose between them. Image by annca from Pixabay
Choose the right mask for the job. Image by annca from Pixabay

As a Site Manager and Builder, you may find yourself being able to see too much. It's not true to what your users will see and you're not sure how the changes you're making will affect users with a restricted view based on their roles and permissions. For security reasons the Masquerade module has been restricted to the SiteFarm team, but we still have a method for you to feel confident the site configurations you make are the right ones for the roles involved.

Create a Drupal-based account

If, as a Site Manager, you've been involved in the process of creating user accounts you're familiar with the steps involved with making sure it's based on CAS. Drupal-based accounts are similar, yet simpler.

  1. Create a mock account on your site with whatever role you need to test.
    Example:
    • Email address: leave empty
    • Checkbox Allow user to log in via CAS: leave unchecked
    • Username: Editor Edwin
    • Password & Confirm Password: use a password manager to generate a secure password or, if a weak password is created, delete the account as soon as possible for the sake of your site's security.
    • Status: Active
    • Roles: Select a role from your list (example: Editor to match the name above)
  2. Click Save to finish creating the account.
  3. To use the new pseudo account, open an incognito browser window, go to your site's URL, and add '/user' to the end of the domain. This will give you the default Drupal login screen instead of CAS. Enter in the pseudo account's Username and Password information.
  4. Switch between windows so as to have one for your work versus the incognito window for testing.
  5. If you're not seeing changes you make in your real account reflected in the pseudo account, try clearing your site's cache and then refresh your masked account's browser window.
  6. When finished with your testing, delete all the unneeded users to ensure site security if the passwords are weak.

Category

Tags