How do you test security configurations before adding any real world users to the system?
LabKey Server uses "impersonation" to solve this problem. You can impersonate a role, a group, or an individual user, shifting perspective on LabKey Server, viewing it as if logged in as a given role, group, or user.
To test the applications behavior, impersonate the groups in question, confirming that each group has access to the appropriate folders.
- Navigate to the Lab A folder.
- In the upper right, click your login badge -- this is your user name.
- Select Impersonate > Group, then select Lab A Group and click Impersonate in the popup.
- Hover over the folder menu.
- Notice that the Lab B folder is no longer visible -- while you impersonate, adopting the group A perspective, you don't have the role assignments necessary to see folder B at all.
- Using the login badge again, stop impersonating and switch to impersonation of group B. Notice that the server will return with the message "User does not have permission to perform this operation", because you are trying to see the Lab A folder while impersonating the Lab B group.
- Stop impersonating by clicking Stop Impersonating.