As explained in the Joomla Users series of tutorials that are included in our Beyond the Basics course, Joomla now has a sophisticated access control system that should appease even the fussiest of developers. However, testing and then troubleshooting issues can be a pain for administrators and I've previously recommended that anyone who uses these features should consider buying an extension called ACL Manager. Today I'll introduce you to another useful tool called Master User.
At time of writing, Master User is compatible with Joomla 2.5 & 1.5. Check the current status at the Joomla Extensions Directory.
When building a website with access control, it's necessary to create test accounts at various levels and login using those account details to check that things are working as expected. There's no way around that. Once the site is live, you might add content and need to test that this is accessible by the correct users.
It works. No it doesn't. Yes it does. No it doesn't!
Troubleshooting ACL problems can sometimes be challenging because what works for you, might not work for your user. For example you may receive a support inquiry from a customer claiming they can't access a particular part of your site. You check this using a test account and find that it works and advise accordingly. They reply saying it is still a problem. This continues until you discover that the problem is unique to their account.
The above scenarios are more easily solved by logging in as the actual user. Of course logging in requires a username and password. Obtaining the username is easy enough from the User Manager page in Administrator. Ordinarily you would need to ask the user their password which they may not be comfortable divulging, especially if they chose an unsavoury word which is more common than you might think!
Master User gives administrators the ability to login as a different user without knowing that user's password. You enter the appropriate user's username as normal. However you then enter your own password. You're then logged in as that user and can test accordingly.
This might sound like you're weakening the security of Joomla, but keep the following in mind. Firstly you can restrict which administrator accounts can use this feature and/or restrict access by certain IP addresses. Also you can't login as a different administrator. If you're really worried, you can leave the plugin disabled and only enable it when you need to use this function.
Master User is a free extension. Kudos to Ian Scott for presenting this at this month's Sydney Joomla User Group.