From 84a704f04326d547bbdfedf725ff6bda06d39014 Mon Sep 17 00:00:00 2001
From: Kev-Roche <kevin.roche@akretion.com>
Date: Tue, 14 May 2024 09:54:25 +0200
Subject: [PATCH 1/2] [14.0][ADD] impersonate_login

---
 impersonate_login/README.rst                  |  96 ++++
 impersonate_login/__init__.py                 |   1 +
 impersonate_login/__manifest__.py             |  30 ++
 impersonate_login/models/__init__.py          |   6 +
 impersonate_login/models/impersonate_log.py   |  26 ++
 impersonate_login/models/ir_http.py           |  20 +
 impersonate_login/models/mail_message.py      |  52 +++
 impersonate_login/models/mail_thread.py       |  30 ++
 impersonate_login/models/model.py             |  24 +
 impersonate_login/models/res_users.py         |  87 ++++
 impersonate_login/readme/CONTRIBUTORS.rst     |   1 +
 impersonate_login/readme/DESCRIPTION.rst      |   7 +
 impersonate_login/readme/USAGE.rst            |   2 +
 impersonate_login/security/group.xml          |  13 +
 .../security/ir.model.access.csv              |   2 +
 .../static/description/index.html             | 437 ++++++++++++++++++
 impersonate_login/static/src/css/navbar.scss  |  23 +
 .../static/src/js/abstract_web_client.js      |  18 +
 impersonate_login/static/src/js/user_menu.js  |  66 +++
 .../static/src/xml/user_menu.xml              |  22 +
 impersonate_login/views/assets.xml            |  24 +
 impersonate_login/views/impersonate_log.xml   |  36 ++
 impersonate_login/views/res_users.xml         |  22 +
 .../odoo/addons/impersonate_login             |   1 +
 setup/impersonate_login/setup.py              |   6 +
 25 files changed, 1052 insertions(+)
 create mode 100644 impersonate_login/README.rst
 create mode 100644 impersonate_login/__init__.py
 create mode 100644 impersonate_login/__manifest__.py
 create mode 100644 impersonate_login/models/__init__.py
 create mode 100644 impersonate_login/models/impersonate_log.py
 create mode 100644 impersonate_login/models/ir_http.py
 create mode 100644 impersonate_login/models/mail_message.py
 create mode 100644 impersonate_login/models/mail_thread.py
 create mode 100644 impersonate_login/models/model.py
 create mode 100644 impersonate_login/models/res_users.py
 create mode 100644 impersonate_login/readme/CONTRIBUTORS.rst
 create mode 100644 impersonate_login/readme/DESCRIPTION.rst
 create mode 100644 impersonate_login/readme/USAGE.rst
 create mode 100644 impersonate_login/security/group.xml
 create mode 100644 impersonate_login/security/ir.model.access.csv
 create mode 100644 impersonate_login/static/description/index.html
 create mode 100644 impersonate_login/static/src/css/navbar.scss
 create mode 100644 impersonate_login/static/src/js/abstract_web_client.js
 create mode 100644 impersonate_login/static/src/js/user_menu.js
 create mode 100644 impersonate_login/static/src/xml/user_menu.xml
 create mode 100644 impersonate_login/views/assets.xml
 create mode 100644 impersonate_login/views/impersonate_log.xml
 create mode 100644 impersonate_login/views/res_users.xml
 create mode 120000 setup/impersonate_login/odoo/addons/impersonate_login
 create mode 100644 setup/impersonate_login/setup.py

diff --git a/impersonate_login/README.rst b/impersonate_login/README.rst
new file mode 100644
index 0000000000..5df334246f
--- /dev/null
+++ b/impersonate_login/README.rst
@@ -0,0 +1,96 @@
+=================
+Impersonate Login
+=================
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:1fca331cbc5f2dcb804e5612e5669a9ab4998d80f22d46d6683266580f9ca40f
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-auth/tree/14.0/impersonate_login
+    :alt: OCA/server-auth
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-impersonate_login
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=14.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+This module allows to login as another user.
+In the chatter, the user who is logged as another user is displayed.
+The mails and messages are sent from the orignal user.
+A table diplays the impersonated logins in technical.
+The user can return to his own user by clicking on the button "Return to my user".
+This module is very useful for the support team.
+An alternative module will be auth_admin_passkey.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+1. On the top right corner, click my user and "switch login"
+2. Same place to "return to my login"
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20impersonate_login%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+~~~~~~~
+
+* Akretion
+
+Contributors
+~~~~~~~~~~~~
+
+* Kévin Roche <kevin.roche@akretion.com>
+
+Maintainers
+~~~~~~~~~~~
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+.. |maintainer-Kev-Roche| image:: https://github.com/Kev-Roche.png?size=40px
+    :target: https://github.com/Kev-Roche
+    :alt: Kev-Roche
+
+Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:
+
+|maintainer-Kev-Roche| 
+
+This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/impersonate_login>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/impersonate_login/__init__.py b/impersonate_login/__init__.py
new file mode 100644
index 0000000000..0650744f6b
--- /dev/null
+++ b/impersonate_login/__init__.py
@@ -0,0 +1 @@
+from . import models
diff --git a/impersonate_login/__manifest__.py b/impersonate_login/__manifest__.py
new file mode 100644
index 0000000000..61c00eb90e
--- /dev/null
+++ b/impersonate_login/__manifest__.py
@@ -0,0 +1,30 @@
+# Copyright 2024 Akretion (https://www.akretion.com).
+# @author Kévin Roche <kevin.roche@akretion.com>
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+{
+    "name": "Impersonate Login",
+    "summary": "tools",
+    "version": "14.0.1.0.0",
+    "category": "Tools",
+    "website": "https://github.com/OCA/server-auth",
+    "author": "Akretion, Odoo Community Association (OCA)",
+    "maintainers": ["Kev-Roche"],
+    "license": "AGPL-3",
+    "application": False,
+    "installable": True,
+    "depends": [
+        "web",
+        "mail",
+    ],
+    "data": [
+        "views/assets.xml",
+        "views/res_users.xml",
+        "views/impersonate_log.xml",
+        "security/group.xml",
+        "security/ir.model.access.csv",
+    ],
+    "qweb": [
+        "static/src/xml/user_menu.xml",
+    ],
+}
diff --git a/impersonate_login/models/__init__.py b/impersonate_login/models/__init__.py
new file mode 100644
index 0000000000..debb66e9c1
--- /dev/null
+++ b/impersonate_login/models/__init__.py
@@ -0,0 +1,6 @@
+from . import res_users
+from . import ir_http
+from . import mail_thread
+from . import mail_message
+from . import impersonate_log
+from . import model
diff --git a/impersonate_login/models/impersonate_log.py b/impersonate_login/models/impersonate_log.py
new file mode 100644
index 0000000000..31ab131f63
--- /dev/null
+++ b/impersonate_login/models/impersonate_log.py
@@ -0,0 +1,26 @@
+# Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+# @author Kévin Roche <kevin.roche@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+
+from odoo import fields, models
+
+
+class ImpersonateLog(models.Model):
+    _name = "impersonate.log"
+    _description = "Impersonate Logs"
+
+    user_id = fields.Many2one(
+        comodel_name="res.partner",
+        string="User",
+    )
+    impersonated_partner_id = fields.Many2one(
+        comodel_name="res.partner",
+        string="Logged as",
+    )
+    date_start = fields.Datetime(
+        string="Start Date",
+    )
+    date_end = fields.Datetime(
+        string="End Date",
+    )
diff --git a/impersonate_login/models/ir_http.py b/impersonate_login/models/ir_http.py
new file mode 100644
index 0000000000..f01aa613d2
--- /dev/null
+++ b/impersonate_login/models/ir_http.py
@@ -0,0 +1,20 @@
+# Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+# @author Kévin Roche <kevin.roche@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import models
+from odoo.http import request
+
+
+class Http(models.AbstractModel):
+    _inherit = "ir.http"
+
+    def session_info(self):
+        session_info = super().session_info()
+        session_info.update(
+            {
+                "is_impersonate_user": request.env.user._is_impersonate_user(),
+                "impersonate_from_uid": request.session.impersonate_from_uid,
+            }
+        )
+        return session_info
diff --git a/impersonate_login/models/mail_message.py b/impersonate_login/models/mail_message.py
new file mode 100644
index 0000000000..332d117ee3
--- /dev/null
+++ b/impersonate_login/models/mail_message.py
@@ -0,0 +1,52 @@
+# Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+# @author Kévin Roche <kevin.roche@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import _, api, fields, models
+from odoo.http import request
+
+
+class Message(models.Model):
+    _inherit = "mail.message"
+
+    impersonated_author_id = fields.Many2one(
+        comodel_name="res.partner",
+        string="Impersonated Author",
+        compute="_compute_impersonated_author_id",
+        store=True,
+    )
+
+    body = fields.Html(
+        compute="_compute_message_body",
+        store=True,
+    )
+
+    @api.depends("author_id")
+    def _compute_impersonated_author_id(self):
+        for rec in self:
+            if request and request.session.impersonate_from_uid:
+                rec.impersonated_author_id = (
+                    self.env["res.users"]
+                    .browse(request.session.impersonate_from_uid)
+                    .partner_id.id
+                )
+            else:
+                rec.impersonated_author_id = False
+
+    @api.depends("author_id", "impersonated_author_id")
+    def _compute_message_body(self):
+        for rec in self:
+            additional_info = ""
+            if (
+                request
+                and request.session.impersonate_from_uid
+                and rec.impersonated_author_id
+            ):
+                current_partner = (
+                    self.env["res.users"].browse(request.session.uid).partner_id
+                )
+                additional_info = _(f"Logged as {current_partner.name}")
+            if rec.body and additional_info:
+                rec.body = f"<b>{additional_info}</b><br/>{rec.body}"
+            else:
+                rec.body = additional_info
diff --git a/impersonate_login/models/mail_thread.py b/impersonate_login/models/mail_thread.py
new file mode 100644
index 0000000000..1c1f80da83
--- /dev/null
+++ b/impersonate_login/models/mail_thread.py
@@ -0,0 +1,30 @@
+# Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+# @author Kévin Roche <kevin.roche@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import models
+from odoo.http import request
+
+
+class MailThread(models.AbstractModel):
+    _inherit = "mail.thread"
+
+    def _message_compute_author(
+        self, author_id=None, email_from=None, raise_exception=True
+    ):
+        if (
+            request
+            and request.session.impersonate_from_uid
+            and author_id in [request.session.uid, None]
+        ):
+            author = (
+                self.env["res.users"]
+                .browse(request.session.impersonate_from_uid)
+                .partner_id
+            )
+            email = author.email_formatted
+            return author.id, email
+        else:
+            return super()._message_compute_author(
+                author_id, email_from, raise_exception
+            )
diff --git a/impersonate_login/models/model.py b/impersonate_login/models/model.py
new file mode 100644
index 0000000000..61f6e6655d
--- /dev/null
+++ b/impersonate_login/models/model.py
@@ -0,0 +1,24 @@
+# Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+# @author Kévin Roche <kevin.roche@akretion.com>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import api, models
+from odoo.http import request
+
+
+class BaseModel(models.AbstractModel):
+    _inherit = "base"
+
+    @api.model_create_multi
+    def _create(self, data_list):
+        res = super()._create(data_list)
+        if request and request.session.impersonate_from_uid:
+            for rec in res:
+                rec.create_uid = request.session.impersonate_from_uid
+        return res
+
+    def write(self, vals):
+        res = super().write(vals)
+        if request and request.session.impersonate_from_uid:
+            self.write_uid = request.session.impersonate_from_uid
+        return res
diff --git a/impersonate_login/models/res_users.py b/impersonate_login/models/res_users.py
new file mode 100644
index 0000000000..f7e8cea4b0
--- /dev/null
+++ b/impersonate_login/models/res_users.py
@@ -0,0 +1,87 @@
+# Copyright 2024 Akretion (https://www.akretion.com).
+# @author Kévin Roche <kevin.roche@akretion.com>
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+import logging
+
+from odoo import _, api, fields, models
+from odoo.exceptions import UserError
+from odoo.http import request
+from odoo.service import security
+
+logger = logging.getLogger(__name__)
+
+
+class Users(models.Model):
+    _inherit = "res.users"
+
+    def _get_partner_name(self, user_id):
+        return self.env["res.users"].browse(user_id).partner_id.name
+
+    def _is_impersonate_user(self):
+        self.ensure_one()
+        return self.has_group("impersonate_login.group_impersonate_login")
+
+    def impersonate_login(self):
+        if request:
+            if request.session.impersonate_from_uid:
+                raise UserError(_("You are already Logged as another user."))
+            if self.id == request.session.uid:
+                raise UserError(_("It's you."))
+            if request.env.user._is_impersonate_user():
+                target_uid = self.id
+                request.session.impersonate_from_uid = self._uid
+                request.session.uid = target_uid
+                impersonate_log = (
+                    self.env["impersonate.log"]
+                    .sudo()
+                    .create(
+                        {
+                            "user_id": self.env["res.users"]
+                            .browse(self._uid)
+                            .partner_id.id,
+                            "impersonated_partner_id": self.env["res.users"]
+                            .browse(target_uid)
+                            .partner_id.id,
+                            "date_start": fields.datetime.now(),
+                        }
+                    )
+                )
+                request.session.impersonate_log_id = impersonate_log.id
+                logger.info(
+                    f"IMPERSONATE: {self._get_partner_name(self._uid)} "
+                    f"Login as {self._get_partner_name(self.id)}"
+                )
+
+                request.env["res.users"].clear_caches()
+                request.session.session_token = security.compute_session_token(
+                    request.session, request.env
+                )
+                return {
+                    "type": "ir.actions.client",
+                    "tag": "reload",
+                }
+
+    @api.model
+    def back_to_origin_login(self):
+        if request:
+            from_uid = request.session.impersonate_from_uid
+            if from_uid:
+                request.session.uid = from_uid
+                self.env["impersonate.log"].sudo().browse(
+                    request.session.impersonate_log_id
+                ).write(
+                    {
+                        "date_end": fields.datetime.now(),
+                    }
+                )
+                request.env["res.users"].clear_caches()
+                request.session.impersonate_from_uid = False
+                request.session.impersonate_log_id = False
+                request.session.session_token = security.compute_session_token(
+                    request.session, request.env
+                )
+                logger.info(
+                    f"IMPERSONATE: {self._get_partner_name(from_uid)} "
+                    f"Logout as {self._get_partner_name(self._uid)}"
+                )
diff --git a/impersonate_login/readme/CONTRIBUTORS.rst b/impersonate_login/readme/CONTRIBUTORS.rst
new file mode 100644
index 0000000000..dcae277c8c
--- /dev/null
+++ b/impersonate_login/readme/CONTRIBUTORS.rst
@@ -0,0 +1 @@
+* Kévin Roche <kevin.roche@akretion.com>
diff --git a/impersonate_login/readme/DESCRIPTION.rst b/impersonate_login/readme/DESCRIPTION.rst
new file mode 100644
index 0000000000..7ffc13f484
--- /dev/null
+++ b/impersonate_login/readme/DESCRIPTION.rst
@@ -0,0 +1,7 @@
+This module allows to login as another user.
+In the chatter, the user who is logged as another user is displayed.
+The mails and messages are sent from the orignal user.
+A table diplays the impersonated logins in technical.
+The user can return to his own user by clicking on the button "Return to my user".
+This module is very useful for the support team.
+An alternative module will be auth_admin_passkey.
diff --git a/impersonate_login/readme/USAGE.rst b/impersonate_login/readme/USAGE.rst
new file mode 100644
index 0000000000..d0109247f9
--- /dev/null
+++ b/impersonate_login/readme/USAGE.rst
@@ -0,0 +1,2 @@
+1. On the top right corner, click my user and "switch login"
+2. Same place to "return to my login"
diff --git a/impersonate_login/security/group.xml b/impersonate_login/security/group.xml
new file mode 100644
index 0000000000..e996175066
--- /dev/null
+++ b/impersonate_login/security/group.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!-- Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+     @author Kévin Roche <kevin.roche@akretion.com>
+     License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -->
+<odoo>
+    <record model="res.groups" id="group_impersonate_login">
+        <field name="name">Impersonate Users</field>
+        <field
+            name="users"
+            eval="[(4, ref('base.user_root')), (4, ref('base.user_admin'))]"
+        />
+    </record>
+</odoo>
diff --git a/impersonate_login/security/ir.model.access.csv b/impersonate_login/security/ir.model.access.csv
new file mode 100644
index 0000000000..3a5c10c53d
--- /dev/null
+++ b/impersonate_login/security/ir.model.access.csv
@@ -0,0 +1,2 @@
+id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
+access_impersonate_log,impersonate logs,model_impersonate_log,base.group_user,1,1,0,0
diff --git a/impersonate_login/static/description/index.html b/impersonate_login/static/description/index.html
new file mode 100644
index 0000000000..f56e86fcd8
--- /dev/null
+++ b/impersonate_login/static/description/index.html
@@ -0,0 +1,437 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
+<title>Impersonate Login</title>
+<style type="text/css">
+
+/*
+:Author: David Goodger (goodger@python.org)
+:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $
+:Copyright: This stylesheet has been placed in the public domain.
+
+Default cascading style sheet for the HTML output of Docutils.
+
+See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
+customize this style sheet.
+*/
+
+/* used to remove borders from tables and images */
+.borderless, table.borderless td, table.borderless th {
+  border: 0 }
+
+table.borderless td, table.borderless th {
+  /* Override padding for "table.docutils td" with "! important".
+     The right padding separates the table cells. */
+  padding: 0 0.5em 0 0 ! important }
+
+.first {
+  /* Override more specific margin styles with "! important". */
+  margin-top: 0 ! important }
+
+.last, .with-subtitle {
+  margin-bottom: 0 ! important }
+
+.hidden {
+  display: none }
+
+.subscript {
+  vertical-align: sub;
+  font-size: smaller }
+
+.superscript {
+  vertical-align: super;
+  font-size: smaller }
+
+a.toc-backref {
+  text-decoration: none ;
+  color: black }
+
+blockquote.epigraph {
+  margin: 2em 5em ; }
+
+dl.docutils dd {
+  margin-bottom: 0.5em }
+
+object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
+  overflow: hidden;
+}
+
+/* Uncomment (and remove this text!) to get bold-faced definition list terms
+dl.docutils dt {
+  font-weight: bold }
+*/
+
+div.abstract {
+  margin: 2em 5em }
+
+div.abstract p.topic-title {
+  font-weight: bold ;
+  text-align: center }
+
+div.admonition, div.attention, div.caution, div.danger, div.error,
+div.hint, div.important, div.note, div.tip, div.warning {
+  margin: 2em ;
+  border: medium outset ;
+  padding: 1em }
+
+div.admonition p.admonition-title, div.hint p.admonition-title,
+div.important p.admonition-title, div.note p.admonition-title,
+div.tip p.admonition-title {
+  font-weight: bold ;
+  font-family: sans-serif }
+
+div.attention p.admonition-title, div.caution p.admonition-title,
+div.danger p.admonition-title, div.error p.admonition-title,
+div.warning p.admonition-title, .code .error {
+  color: red ;
+  font-weight: bold ;
+  font-family: sans-serif }
+
+/* Uncomment (and remove this text!) to get reduced vertical space in
+   compound paragraphs.
+div.compound .compound-first, div.compound .compound-middle {
+  margin-bottom: 0.5em }
+
+div.compound .compound-last, div.compound .compound-middle {
+  margin-top: 0.5em }
+*/
+
+div.dedication {
+  margin: 2em 5em ;
+  text-align: center ;
+  font-style: italic }
+
+div.dedication p.topic-title {
+  font-weight: bold ;
+  font-style: normal }
+
+div.figure {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+div.footer, div.header {
+  clear: both;
+  font-size: smaller }
+
+div.line-block {
+  display: block ;
+  margin-top: 1em ;
+  margin-bottom: 1em }
+
+div.line-block div.line-block {
+  margin-top: 0 ;
+  margin-bottom: 0 ;
+  margin-left: 1.5em }
+
+div.sidebar {
+  margin: 0 0 0.5em 1em ;
+  border: medium outset ;
+  padding: 1em ;
+  background-color: #ffffee ;
+  width: 40% ;
+  float: right ;
+  clear: right }
+
+div.sidebar p.rubric {
+  font-family: sans-serif ;
+  font-size: medium }
+
+div.system-messages {
+  margin: 5em }
+
+div.system-messages h1 {
+  color: red }
+
+div.system-message {
+  border: medium outset ;
+  padding: 1em }
+
+div.system-message p.system-message-title {
+  color: red ;
+  font-weight: bold }
+
+div.topic {
+  margin: 2em }
+
+h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
+h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
+  margin-top: 0.4em }
+
+h1.title {
+  text-align: center }
+
+h2.subtitle {
+  text-align: center }
+
+hr.docutils {
+  width: 75% }
+
+img.align-left, .figure.align-left, object.align-left, table.align-left {
+  clear: left ;
+  float: left ;
+  margin-right: 1em }
+
+img.align-right, .figure.align-right, object.align-right, table.align-right {
+  clear: right ;
+  float: right ;
+  margin-left: 1em }
+
+img.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+table.align-center {
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.align-left {
+  text-align: left }
+
+.align-center {
+  clear: both ;
+  text-align: center }
+
+.align-right {
+  text-align: right }
+
+/* reset inner alignment in figures */
+div.align-right {
+  text-align: inherit }
+
+/* div.align-center * { */
+/*   text-align: left } */
+
+.align-top    {
+  vertical-align: top }
+
+.align-middle {
+  vertical-align: middle }
+
+.align-bottom {
+  vertical-align: bottom }
+
+ol.simple, ul.simple {
+  margin-bottom: 1em }
+
+ol.arabic {
+  list-style: decimal }
+
+ol.loweralpha {
+  list-style: lower-alpha }
+
+ol.upperalpha {
+  list-style: upper-alpha }
+
+ol.lowerroman {
+  list-style: lower-roman }
+
+ol.upperroman {
+  list-style: upper-roman }
+
+p.attribution {
+  text-align: right ;
+  margin-left: 50% }
+
+p.caption {
+  font-style: italic }
+
+p.credits {
+  font-style: italic ;
+  font-size: smaller }
+
+p.label {
+  white-space: nowrap }
+
+p.rubric {
+  font-weight: bold ;
+  font-size: larger ;
+  color: maroon ;
+  text-align: center }
+
+p.sidebar-title {
+  font-family: sans-serif ;
+  font-weight: bold ;
+  font-size: larger }
+
+p.sidebar-subtitle {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+p.topic-title {
+  font-weight: bold }
+
+pre.address {
+  margin-bottom: 0 ;
+  margin-top: 0 ;
+  font: inherit }
+
+pre.literal-block, pre.doctest-block, pre.math, pre.code {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+pre.code .ln { color: grey; } /* line numbers */
+pre.code, code { background-color: #eeeeee }
+pre.code .comment, code .comment { color: #5C6576 }
+pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
+pre.code .literal.string, code .literal.string { color: #0C5404 }
+pre.code .name.builtin, code .name.builtin { color: #352B84 }
+pre.code .deleted, code .deleted { background-color: #DEB0A1}
+pre.code .inserted, code .inserted { background-color: #A3D289}
+
+span.classifier {
+  font-family: sans-serif ;
+  font-style: oblique }
+
+span.classifier-delimiter {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+span.interpreted {
+  font-family: sans-serif }
+
+span.option {
+  white-space: nowrap }
+
+span.pre {
+  white-space: pre }
+
+span.problematic {
+  color: red }
+
+span.section-subtitle {
+  /* font-size relative to parent (h1..h6 element) */
+  font-size: 80% }
+
+table.citation {
+  border-left: solid 1px gray;
+  margin-left: 1px }
+
+table.docinfo {
+  margin: 2em 4em }
+
+table.docutils {
+  margin-top: 0.5em ;
+  margin-bottom: 0.5em }
+
+table.footnote {
+  border-left: solid 1px black;
+  margin-left: 1px }
+
+table.docutils td, table.docutils th,
+table.docinfo td, table.docinfo th {
+  padding-left: 0.5em ;
+  padding-right: 0.5em ;
+  vertical-align: top }
+
+table.docutils th.field-name, table.docinfo th.docinfo-name {
+  font-weight: bold ;
+  text-align: left ;
+  white-space: nowrap ;
+  padding-left: 0 }
+
+/* "booktabs" style (no vertical lines) */
+table.docutils.booktabs {
+  border: 0px;
+  border-top: 2px solid;
+  border-bottom: 2px solid;
+  border-collapse: collapse;
+}
+table.docutils.booktabs * {
+  border: 0px;
+}
+table.docutils.booktabs th {
+  border-bottom: thin solid;
+  text-align: left;
+}
+
+h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
+h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
+  font-size: 100% }
+
+ul.auto-toc {
+  list-style-type: none }
+
+</style>
+</head>
+<body>
+<div class="document" id="impersonate-login">
+<h1 class="title">Impersonate Login</h1>
+
+<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! This file is generated by oca-gen-addon-readme !!
+!! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! source digest: sha256:1fca331cbc5f2dcb804e5612e5669a9ab4998d80f22d46d6683266580f9ca40f
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/14.0/impersonate_login"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-impersonate_login"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=14.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p>This module allows to login as another user.
+In the chatter, the user who is logged as another user is displayed.
+The mails and messages are sent from the orignal user.
+A table diplays the impersonated logins in technical.
+The user can return to his own user by clicking on the button “Return to my user”.
+This module is very useful for the support team.
+An alternative module will be auth_admin_passkey.</p>
+<p><strong>Table of contents</strong></p>
+<div class="contents local topic" id="contents">
+<ul class="simple">
+<li><a class="reference internal" href="#usage" id="toc-entry-1">Usage</a></li>
+<li><a class="reference internal" href="#bug-tracker" id="toc-entry-2">Bug Tracker</a></li>
+<li><a class="reference internal" href="#credits" id="toc-entry-3">Credits</a><ul>
+<li><a class="reference internal" href="#authors" id="toc-entry-4">Authors</a></li>
+<li><a class="reference internal" href="#contributors" id="toc-entry-5">Contributors</a></li>
+<li><a class="reference internal" href="#maintainers" id="toc-entry-6">Maintainers</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="section" id="usage">
+<h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
+<ol class="arabic simple">
+<li>On the top right corner, click my user and “switch login”</li>
+<li>Same place to “return to my login”</li>
+</ol>
+</div>
+<div class="section" id="bug-tracker">
+<h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
+<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-auth/issues">GitHub Issues</a>.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+<a class="reference external" href="https://github.com/OCA/server-auth/issues/new?body=module:%20impersonate_login%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<p>Do not contact contributors directly about support or help with technical issues.</p>
+</div>
+<div class="section" id="credits">
+<h1><a class="toc-backref" href="#toc-entry-3">Credits</a></h1>
+<div class="section" id="authors">
+<h2><a class="toc-backref" href="#toc-entry-4">Authors</a></h2>
+<ul class="simple">
+<li>Akretion</li>
+</ul>
+</div>
+<div class="section" id="contributors">
+<h2><a class="toc-backref" href="#toc-entry-5">Contributors</a></h2>
+<ul class="simple">
+<li>Kévin Roche &lt;<a class="reference external" href="mailto:kevin.roche&#64;akretion.com">kevin.roche&#64;akretion.com</a>&gt;</li>
+</ul>
+</div>
+<div class="section" id="maintainers">
+<h2><a class="toc-backref" href="#toc-entry-6">Maintainers</a></h2>
+<p>This module is maintained by the OCA.</p>
+<a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
+<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.</p>
+<p>Current <a class="reference external" href="https://odoo-community.org/page/maintainer-role">maintainer</a>:</p>
+<p><a class="reference external image-reference" href="https://github.com/Kev-Roche"><img alt="Kev-Roche" src="https://github.com/Kev-Roche.png?size=40px" /></a></p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-auth/tree/14.0/impersonate_login">OCA/server-auth</a> project on GitHub.</p>
+<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
+</div>
+</div>
+</div>
+</body>
+</html>
diff --git a/impersonate_login/static/src/css/navbar.scss b/impersonate_login/static/src/css/navbar.scss
new file mode 100644
index 0000000000..556a38a5ee
--- /dev/null
+++ b/impersonate_login/static/src/css/navbar.scss
@@ -0,0 +1,23 @@
+body.o_is_impersonated .o_menu_systray {
+    background: repeating-linear-gradient(
+        135deg,
+        #32d804,
+        #32d804 10px,
+        #373435 10px,
+        #373435 20px
+    );
+    border-bottom-left-radius: 20px;
+
+    > li {
+        > a,
+        > label {
+            &:hover {
+                background-color: fade_out($o-navbar-inverse-link-hover-bg, 0.5);
+            }
+        }
+    }
+
+    .show .dropdown-toggle {
+        background-color: fade_out($o-navbar-inverse-link-hover-bg, 0.5);
+    }
+}
diff --git a/impersonate_login/static/src/js/abstract_web_client.js b/impersonate_login/static/src/js/abstract_web_client.js
new file mode 100644
index 0000000000..1c3ef6d444
--- /dev/null
+++ b/impersonate_login/static/src/js/abstract_web_client.js
@@ -0,0 +1,18 @@
+// Copyright 2024 Akretion (https://www.akretion.com).
+// @author Kévin Roche <kevin.roche@akretion.com>
+// License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+odoo.define("impersonate_login.AbstractWebClient", function (require) {
+    "use strict";
+
+    var AbstractWebClient = require("web.AbstractWebClient");
+    var session = require("web.session");
+
+    AbstractWebClient.include({
+        _onWebClientStarted: function () {
+            this._super.apply(this, arguments);
+            if (session.impersonate_from_uid) {
+                this.$el.addClass("o_is_impersonated");
+            }
+        },
+    });
+});
diff --git a/impersonate_login/static/src/js/user_menu.js b/impersonate_login/static/src/js/user_menu.js
new file mode 100644
index 0000000000..ad3672ac1b
--- /dev/null
+++ b/impersonate_login/static/src/js/user_menu.js
@@ -0,0 +1,66 @@
+// Copyright 2024 Akretion (https://www.akretion.com).
+// @author Kévin Roche <kevin.roche@akretion.com>
+// License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+odoo.define("impersonate_login.UserMenu", function (require) {
+    "use strict";
+
+    var UserMenu = require("web.UserMenu");
+    var core = require("web.core");
+    var session = require("web.session");
+    var _t = core._t;
+
+    UserMenu.include({
+        start: function () {
+            this.toggleImpersonationLinks();
+            return this._super.apply(this, arguments);
+        },
+
+        _onMenuImpersonate: function () {
+            var self = this;
+            this._rpc({
+                model: "ir.model.data",
+                method: "xmlid_to_res_model_res_id",
+                args: ["impersonate_login.impersonate_res_users_tree"],
+            }).then(function (data) {
+                self.do_action({
+                    type: "ir.actions.act_window",
+                    name: _t("Users"),
+                    res_model: "res.users",
+                    target: "new",
+                    view_mode: "list",
+                    views: [[data[1], "list"]],
+                    domain: [["share", "=", false]],
+                });
+            });
+        },
+
+        _onMenuOrigin_login: function () {
+            var self = this;
+            return self
+                ._rpc({
+                    model: "res.users",
+                    method: "back_to_origin_login",
+                    args: [],
+                })
+                .then(function () {
+                    location.reload(true);
+                });
+        },
+
+        toggleImpersonationLinks: function () {
+            var returnToLogin = this.$('[data-menu="origin_login"]');
+            var impersonateLogin = this.$('[data-menu="impersonate"]');
+            if (session.impersonate_from_uid) {
+                returnToLogin.removeClass("d-none");
+                impersonateLogin.addClass("d-none");
+            } else if (session.is_impersonate_user) {
+                returnToLogin.addClass("d-none");
+                impersonateLogin.removeClass("d-none");
+            } else {
+                returnToLogin.addClass("d-none");
+                impersonateLogin.addClass("d-none");
+            }
+        },
+    });
+});
diff --git a/impersonate_login/static/src/xml/user_menu.xml b/impersonate_login/static/src/xml/user_menu.xml
new file mode 100644
index 0000000000..bce12c050c
--- /dev/null
+++ b/impersonate_login/static/src/xml/user_menu.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!-- Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+     @author Kévin Roche <kevin.roche@akretion.com>
+     License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -->
+<templates id="template" xml:space="preserve">
+     <t t-extend="UserMenu.Actions">
+         <t t-jquery="[data-menu='logout']" t-operation="before">
+             <a
+                role="menuitem"
+                href="#"
+                data-menu="origin_login"
+                class="dropdown-item"
+            >🔙 To my Login</a>
+             <a
+                role="menuitem"
+                href="#"
+                data-menu="impersonate"
+                class="dropdown-item"
+            >🔄 Switch Login</a>
+        </t>
+     </t>
+ </templates>
diff --git a/impersonate_login/views/assets.xml b/impersonate_login/views/assets.xml
new file mode 100644
index 0000000000..cf15b77905
--- /dev/null
+++ b/impersonate_login/views/assets.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <template id="assets_backend" inherit_id="web.assets_backend">
+        <xpath expr="." position="inside">
+            <script
+                type="text/javascript"
+                src="/impersonate_login/static/src/js/user_menu.js"
+            />
+            <script
+                type="text/javascript"
+                src="/impersonate_login/static/src/js/abstract_web_client.js"
+            />
+        </xpath>
+    </template>
+    <template id="assets_common" inherit_id="web.assets_common">
+        <xpath expr="." position="inside">
+            <link
+                rel="stylesheet"
+                type="text/scss"
+                href="/impersonate_login/static/src/css/navbar.scss"
+            />
+        </xpath>
+    </template>
+</odoo>
diff --git a/impersonate_login/views/impersonate_log.xml b/impersonate_login/views/impersonate_log.xml
new file mode 100644
index 0000000000..3e504f924e
--- /dev/null
+++ b/impersonate_login/views/impersonate_log.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" ?>
+<!--
+  Copyright 2024 Akretion
+  License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+-->
+<odoo>
+    <record id="impersonate_log_tree" model="ir.ui.view">
+        <field name="name">impersonate.log.tree</field>
+        <field name="model">impersonate.log</field>
+        <field name="arch" type="xml">
+            <tree>
+                <field name="user_id" />
+                <field name="impersonated_partner_id" />
+                <field name="date_start" />
+                <field name="date_end" />
+            </tree>
+        </field>
+    </record>
+
+
+    <record id="impersonate_log_action" model="ir.actions.act_window">
+        <field name="name">Impersonate Login Logs</field>
+        <field name="res_model">impersonate.log</field>
+        <field name="view_id" ref="impersonate_log_tree" />
+        <field name="view_mode">tree</field>
+    </record>
+
+    <menuitem
+        id="menu_impersonate_log"
+        name="Impersonated Logs"
+        action="impersonate_log_action"
+        parent="base.menu_custom"
+        sequence="100"
+    />
+
+</odoo>
diff --git a/impersonate_login/views/res_users.xml b/impersonate_login/views/res_users.xml
new file mode 100644
index 0000000000..1cab54289f
--- /dev/null
+++ b/impersonate_login/views/res_users.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!-- Copyright (C) 2024 Akretion (<http://www.akretion.com>).
+     @author Kévin Roche <kevin.roche@akretion.com>
+     License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -->
+<odoo>
+    <record model="ir.ui.view" id="impersonate_res_users_tree">
+        <field name="model">res.users</field>
+        <field name="inherit_id" ref="base.view_users_tree" />
+        <field name="type">tree</field>
+        <field name="arch" type="xml">
+            <field name="name" position="before">
+                <button
+                    string="Switch Login"
+                    name="impersonate_login"
+                    type="object"
+                    class="btn btn-info"
+                    groups="impersonate_login.group_impersonate_login"
+                />
+            </field>
+        </field>
+    </record>
+</odoo>
diff --git a/setup/impersonate_login/odoo/addons/impersonate_login b/setup/impersonate_login/odoo/addons/impersonate_login
new file mode 120000
index 0000000000..28a00b94c8
--- /dev/null
+++ b/setup/impersonate_login/odoo/addons/impersonate_login
@@ -0,0 +1 @@
+../../../../impersonate_login
\ No newline at end of file
diff --git a/setup/impersonate_login/setup.py b/setup/impersonate_login/setup.py
new file mode 100644
index 0000000000..28c57bb640
--- /dev/null
+++ b/setup/impersonate_login/setup.py
@@ -0,0 +1,6 @@
+import setuptools
+
+setuptools.setup(
+    setup_requires=['setuptools-odoo'],
+    odoo_addon=True,
+)

From a108a9a7255aba2908532eed5f4ce59e7d0b52dc Mon Sep 17 00:00:00 2001
From: Kev-Roche <kevin.roche@akretion.com>
Date: Sun, 1 Sep 2024 16:12:51 +0200
Subject: [PATCH 2/2] [IMP] add improvements from V17

---
 impersonate_login/README.rst                  |  34 ++-
 impersonate_login/__init__.py                 |   1 +
 impersonate_login/__manifest__.py             |   1 +
 impersonate_login/hooks.py                    |  19 ++
 impersonate_login/models/impersonate_log.py   |   3 +-
 impersonate_login/models/mail_message.py      |  33 ++-
 impersonate_login/models/mail_thread.py       |  32 +--
 impersonate_login/models/model.py             |  16 +-
 impersonate_login/models/res_users.py         |  36 ++-
 impersonate_login/readme/CONTRIBUTORS.rst     |   4 +-
 impersonate_login/readme/DESCRIPTION.rst      |  23 +-
 impersonate_login/readme/USAGE.rst            |   5 +-
 .../static/description/index.html             |  44 +--
 impersonate_login/tests/__init__.py           |   1 +
 .../tests/test_impersonate_login.py           | 259 ++++++++++++++++++
 15 files changed, 444 insertions(+), 67 deletions(-)
 create mode 100644 impersonate_login/hooks.py
 create mode 100644 impersonate_login/tests/__init__.py
 create mode 100644 impersonate_login/tests/test_impersonate_login.py

diff --git a/impersonate_login/README.rst b/impersonate_login/README.rst
index 5df334246f..eb25fdab03 100644
--- a/impersonate_login/README.rst
+++ b/impersonate_login/README.rst
@@ -7,7 +7,7 @@ Impersonate Login
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:1fca331cbc5f2dcb804e5612e5669a9ab4998d80f22d46d6683266580f9ca40f
+   !! source digest: sha256:a9d881ab6f6e5777204c45f152c0af22753629ca4b46ac913fe8da3792573ca8
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
@@ -28,13 +28,22 @@ Impersonate Login
 
 |badge1| |badge2| |badge3| |badge4| |badge5|
 
-This module allows to login as another user.
-In the chatter, the user who is logged as another user is displayed.
-The mails and messages are sent from the orignal user.
-A table diplays the impersonated logins in technical.
-The user can return to his own user by clicking on the button "Return to my user".
-This module is very useful for the support team.
-An alternative module will be auth_admin_passkey.
+This module allows one user (for example, a member of the support team)
+to log in as another user. The impersonation session can be exited by
+clicking on the button "Back to Original User".
+
+To ensure that any abuse of this feature will not go unnoticed, the
+following measures are in place:
+
+-  In the chatter, it is displayed who is the user that is logged as
+   another user.
+-  Mails and messages are sent from the original user.
+-  Impersonated logins are logged and can be consulted through the
+   Settings -> Technical menu.
+-
+
+There is an alternative module to allow logins as another user
+(auth_admin_passkey), but it does not support these security mechanisms.
 
 **Table of contents**
 
@@ -44,8 +53,9 @@ An alternative module will be auth_admin_passkey.
 Usage
 =====
 
-1. On the top right corner, click my user and "switch login"
-2. Same place to "return to my login"
+The impersonating user must belong to group "Impersonate Users".
+- In the menu that is displayed when clicking on the user avatar on the top right corner, or in the res.users list, click "Switch Login" toi mpersonate another user.
+- On the top-right corner, the button "Back to Original User" is displayed in case the current user is being impersonated.
 
 Bug Tracker
 ===========
@@ -68,7 +78,9 @@ Authors
 Contributors
 ~~~~~~~~~~~~
 
-* Kévin Roche <kevin.roche@akretion.com>
+- Kévin Roche <kevin.roche@akretion.com>
+- [360ERP](https://www.360erp.com):
+  - Andrea Stirpe
 
 Maintainers
 ~~~~~~~~~~~
diff --git a/impersonate_login/__init__.py b/impersonate_login/__init__.py
index 0650744f6b..6d58305f5d 100644
--- a/impersonate_login/__init__.py
+++ b/impersonate_login/__init__.py
@@ -1 +1,2 @@
 from . import models
+from .hooks import pre_init_hook
diff --git a/impersonate_login/__manifest__.py b/impersonate_login/__manifest__.py
index 61c00eb90e..35b39b0e6a 100644
--- a/impersonate_login/__manifest__.py
+++ b/impersonate_login/__manifest__.py
@@ -27,4 +27,5 @@
     "qweb": [
         "static/src/xml/user_menu.xml",
     ],
+    "pre_init_hook": "pre_init_hook",
 }
diff --git a/impersonate_login/hooks.py b/impersonate_login/hooks.py
new file mode 100644
index 0000000000..bbbe495bd2
--- /dev/null
+++ b/impersonate_login/hooks.py
@@ -0,0 +1,19 @@
+# Copyright 2024 360ERP (<https://www.360erp.com>)
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import logging
+
+
+def pre_init_hook(cr):
+    """
+    Pre-create the impersonated_author_id column in the mail_message table
+    to prevent the ORM from invoking its compute method on a large volume
+    of existing mail messages.
+    """
+    logger = logging.getLogger(__name__)
+    logger.info("Add mail_message.impersonated_author_id column if not exists")
+    cr.execute(
+        "ALTER TABLE mail_message "
+        "ADD COLUMN IF NOT EXISTS "
+        "impersonated_author_id INTEGER"
+    )
diff --git a/impersonate_login/models/impersonate_log.py b/impersonate_login/models/impersonate_log.py
index 31ab131f63..83089611a6 100644
--- a/impersonate_login/models/impersonate_log.py
+++ b/impersonate_login/models/impersonate_log.py
@@ -11,8 +11,7 @@ class ImpersonateLog(models.Model):
     _description = "Impersonate Logs"
 
     user_id = fields.Many2one(
-        comodel_name="res.partner",
-        string="User",
+        comodel_name="res.users",
     )
     impersonated_partner_id = fields.Many2one(
         comodel_name="res.partner",
diff --git a/impersonate_login/models/mail_message.py b/impersonate_login/models/mail_message.py
index 332d117ee3..e7bf2fd4dc 100644
--- a/impersonate_login/models/mail_message.py
+++ b/impersonate_login/models/mail_message.py
@@ -4,6 +4,7 @@
 
 from odoo import _, api, fields, models
 from odoo.http import request
+from odoo.tools import html_escape
 
 
 class Message(models.Model):
@@ -11,14 +12,15 @@ class Message(models.Model):
 
     impersonated_author_id = fields.Many2one(
         comodel_name="res.partner",
-        string="Impersonated Author",
         compute="_compute_impersonated_author_id",
         store=True,
     )
 
     body = fields.Html(
         compute="_compute_message_body",
+        inverse="_inverse_message_body",
         store=True,
+        readonly=False,
     )
 
     @api.depends("author_id")
@@ -45,8 +47,33 @@ def _compute_message_body(self):
                 current_partner = (
                     self.env["res.users"].browse(request.session.uid).partner_id
                 )
-                additional_info = _(f"Logged as {current_partner.name}")
+                additional_info = _("Logged in as {}").format(
+                    html_escape(current_partner.name)
+                )
             if rec.body and additional_info:
                 rec.body = f"<b>{additional_info}</b><br/>{rec.body}"
             else:
-                rec.body = additional_info
+                rec.body = rec.body
+
+    def _inverse_message_body(self):
+        for rec in self:
+            additional_info = ""
+            if (
+                request
+                and request.session.impersonate_from_uid
+                and rec.impersonated_author_id
+            ):
+                current_partner = (
+                    self.env["res.users"].browse(request.session.uid).partner_id
+                )
+                additional_info = _("Logged in as {}").format(
+                    html_escape(current_partner.name)
+                )
+            if additional_info:
+                start_with = f"<b>{additional_info}</b><br/>"
+                if rec.body and rec.body.startswith(start_with):
+                    rec.body = rec.body
+                else:
+                    rec.body = f"{start_with}{rec.body}"
+            else:
+                rec.body = rec.body
diff --git a/impersonate_login/models/mail_thread.py b/impersonate_login/models/mail_thread.py
index 1c1f80da83..3fdd4a86d0 100644
--- a/impersonate_login/models/mail_thread.py
+++ b/impersonate_login/models/mail_thread.py
@@ -12,19 +12,19 @@ class MailThread(models.AbstractModel):
     def _message_compute_author(
         self, author_id=None, email_from=None, raise_exception=True
     ):
-        if (
-            request
-            and request.session.impersonate_from_uid
-            and author_id in [request.session.uid, None]
-        ):
-            author = (
-                self.env["res.users"]
-                .browse(request.session.impersonate_from_uid)
-                .partner_id
-            )
-            email = author.email_formatted
-            return author.id, email
-        else:
-            return super()._message_compute_author(
-                author_id, email_from, raise_exception
-            )
+        if request and request.session.impersonate_from_uid:
+            author = self.env["res.users"].browse(request.session.uid).partner_id
+            if author_id == author.id or author_id is None:
+                impersonate_from_author = (
+                    self.env["res.users"]
+                    .browse(request.session.impersonate_from_uid)
+                    .partner_id
+                )
+                email = impersonate_from_author.email_formatted
+                return impersonate_from_author.id, email
+
+        return super()._message_compute_author(
+            author_id,
+            email_from,
+            raise_exception,
+        )
diff --git a/impersonate_login/models/model.py b/impersonate_login/models/model.py
index 61f6e6655d..ece3334f91 100644
--- a/impersonate_login/models/model.py
+++ b/impersonate_login/models/model.py
@@ -12,13 +12,21 @@ class BaseModel(models.AbstractModel):
     @api.model_create_multi
     def _create(self, data_list):
         res = super()._create(data_list)
-        if request and request.session.impersonate_from_uid:
+        if (
+            request
+            and request.session.impersonate_from_uid
+            and "create_uid" in self._fields
+        ):
             for rec in res:
-                rec.create_uid = request.session.impersonate_from_uid
+                rec["create_uid"] = request.session.impersonate_from_uid
         return res
 
     def write(self, vals):
         res = super().write(vals)
-        if request and request.session.impersonate_from_uid:
-            self.write_uid = request.session.impersonate_from_uid
+        if (
+            request
+            and request.session.impersonate_from_uid
+            and "write_uid" in self._fields
+        ):
+            self._fields["write_uid"].write(self, request.session.impersonate_from_uid)
         return res
diff --git a/impersonate_login/models/res_users.py b/impersonate_login/models/res_users.py
index f7e8cea4b0..c3307dddd7 100644
--- a/impersonate_login/models/res_users.py
+++ b/impersonate_login/models/res_users.py
@@ -25,7 +25,10 @@ def _is_impersonate_user(self):
     def impersonate_login(self):
         if request:
             if request.session.impersonate_from_uid:
-                raise UserError(_("You are already Logged as another user."))
+                if self.id == request.session.impersonate_from_uid:
+                    return self.back_to_origin_login()
+                else:
+                    raise UserError(_("You are already Logged as another user."))
             if self.id == request.session.uid:
                 raise UserError(_("It's you."))
             if request.env.user._is_impersonate_user():
@@ -37,9 +40,7 @@ def impersonate_login(self):
                     .sudo()
                     .create(
                         {
-                            "user_id": self.env["res.users"]
-                            .browse(self._uid)
-                            .partner_id.id,
+                            "user_id": self._uid,
                             "impersonated_partner_id": self.env["res.users"]
                             .browse(target_uid)
                             .partner_id.id,
@@ -52,16 +53,34 @@ def impersonate_login(self):
                     f"IMPERSONATE: {self._get_partner_name(self._uid)} "
                     f"Login as {self._get_partner_name(self.id)}"
                 )
-
+                # invalidate session token cache as we've changed the uid
                 request.env["res.users"].clear_caches()
                 request.session.session_token = security.compute_session_token(
                     request.session, request.env
                 )
+
+                # reload the client;
                 return {
                     "type": "ir.actions.client",
                     "tag": "reload",
                 }
 
+    @api.model
+    def action_impersonate_login(self):
+        if request:
+            from_uid = request.session.impersonate_from_uid
+            if not from_uid:
+                action = self.env["ir.actions.act_window"]._for_xml_id(
+                    "base.action_res_users"
+                )
+                action["views"] = [[self.env.ref("base.view_users_tree").id, "tree"]]
+                action["domain"] = [
+                    ("id", "!=", self.env.user.id),
+                    ("share", "=", False),
+                ]
+                action["target"] = "new"
+                return action
+
     @api.model
     def back_to_origin_login(self):
         if request:
@@ -75,6 +94,7 @@ def back_to_origin_login(self):
                         "date_end": fields.datetime.now(),
                     }
                 )
+                # invalidate session token cache as we've changed the uid
                 request.env["res.users"].clear_caches()
                 request.session.impersonate_from_uid = False
                 request.session.impersonate_log_id = False
@@ -85,3 +105,9 @@ def back_to_origin_login(self):
                     f"IMPERSONATE: {self._get_partner_name(from_uid)} "
                     f"Logout as {self._get_partner_name(self._uid)}"
                 )
+
+            # reload the client;
+            return {
+                "type": "ir.actions.client",
+                "tag": "reload",
+            }
diff --git a/impersonate_login/readme/CONTRIBUTORS.rst b/impersonate_login/readme/CONTRIBUTORS.rst
index dcae277c8c..56c4cb59e2 100644
--- a/impersonate_login/readme/CONTRIBUTORS.rst
+++ b/impersonate_login/readme/CONTRIBUTORS.rst
@@ -1 +1,3 @@
-* Kévin Roche <kevin.roche@akretion.com>
+- Kévin Roche <kevin.roche@akretion.com>
+- [360ERP](https://www.360erp.com):
+  - Andrea Stirpe
diff --git a/impersonate_login/readme/DESCRIPTION.rst b/impersonate_login/readme/DESCRIPTION.rst
index 7ffc13f484..8df932e9d1 100644
--- a/impersonate_login/readme/DESCRIPTION.rst
+++ b/impersonate_login/readme/DESCRIPTION.rst
@@ -1,7 +1,16 @@
-This module allows to login as another user.
-In the chatter, the user who is logged as another user is displayed.
-The mails and messages are sent from the orignal user.
-A table diplays the impersonated logins in technical.
-The user can return to his own user by clicking on the button "Return to my user".
-This module is very useful for the support team.
-An alternative module will be auth_admin_passkey.
+This module allows one user (for example, a member of the support team)
+to log in as another user. The impersonation session can be exited by
+clicking on the button "Back to Original User".
+
+To ensure that any abuse of this feature will not go unnoticed, the
+following measures are in place:
+
+-  In the chatter, it is displayed who is the user that is logged as
+   another user.
+-  Mails and messages are sent from the original user.
+-  Impersonated logins are logged and can be consulted through the
+   Settings -> Technical menu.
+-
+
+There is an alternative module to allow logins as another user
+(auth_admin_passkey), but it does not support these security mechanisms.
diff --git a/impersonate_login/readme/USAGE.rst b/impersonate_login/readme/USAGE.rst
index d0109247f9..52029ce033 100644
--- a/impersonate_login/readme/USAGE.rst
+++ b/impersonate_login/readme/USAGE.rst
@@ -1,2 +1,3 @@
-1. On the top right corner, click my user and "switch login"
-2. Same place to "return to my login"
+The impersonating user must belong to group "Impersonate Users".
+- In the menu that is displayed when clicking on the user avatar on the top right corner, or in the res.users list, click "Switch Login" toi mpersonate another user.
+- On the top-right corner, the button "Back to Original User" is displayed in case the current user is being impersonated.
diff --git a/impersonate_login/static/description/index.html b/impersonate_login/static/description/index.html
index f56e86fcd8..dac3fa4f6b 100644
--- a/impersonate_login/static/description/index.html
+++ b/impersonate_login/static/description/index.html
@@ -9,10 +9,11 @@
 
 /*
 :Author: David Goodger (goodger@python.org)
-:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $
+:Id: $Id: html4css1.css 9511 2024-01-13 09:50:07Z milde $
 :Copyright: This stylesheet has been placed in the public domain.
 
 Default cascading style sheet for the HTML output of Docutils.
+Despite the name, some widely supported CSS2 features are used.
 
 See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
 customize this style sheet.
@@ -275,7 +276,7 @@
   margin-left: 2em ;
   margin-right: 2em }
 
-pre.code .ln { color: grey; } /* line numbers */
+pre.code .ln { color: gray; } /* line numbers */
 pre.code, code { background-color: #eeeeee }
 pre.code .comment, code .comment { color: #5C6576 }
 pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
@@ -301,7 +302,7 @@
 span.pre {
   white-space: pre }
 
-span.problematic {
+span.problematic, pre.problematic {
   color: red }
 
 span.section-subtitle {
@@ -367,16 +368,24 @@ <h1 class="title">Impersonate Login</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! source digest: sha256:1fca331cbc5f2dcb804e5612e5669a9ab4998d80f22d46d6683266580f9ca40f
+!! source digest: sha256:a9d881ab6f6e5777204c45f152c0af22753629ca4b46ac913fe8da3792573ca8
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
 <p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/server-auth/tree/14.0/impersonate_login"><img alt="OCA/server-auth" src="https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-impersonate_login"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/server-auth&amp;target_branch=14.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
-<p>This module allows to login as another user.
-In the chatter, the user who is logged as another user is displayed.
-The mails and messages are sent from the orignal user.
-A table diplays the impersonated logins in technical.
-The user can return to his own user by clicking on the button “Return to my user”.
-This module is very useful for the support team.
-An alternative module will be auth_admin_passkey.</p>
+<p>This module allows one user (for example, a member of the support team)
+to log in as another user. The impersonation session can be exited by
+clicking on the button “Back to Original User”.</p>
+<p>To ensure that any abuse of this feature will not go unnoticed, the
+following measures are in place:</p>
+<ul class="simple">
+<li>In the chatter, it is displayed who is the user that is logged as
+another user.</li>
+<li>Mails and messages are sent from the original user.</li>
+<li>Impersonated logins are logged and can be consulted through the
+Settings -&gt; Technical menu.</li>
+<li></li>
+</ul>
+<p>There is an alternative module to allow logins as another user
+(auth_admin_passkey), but it does not support these security mechanisms.</p>
 <p><strong>Table of contents</strong></p>
 <div class="contents local topic" id="contents">
 <ul class="simple">
@@ -392,10 +401,9 @@ <h1 class="title">Impersonate Login</h1>
 </div>
 <div class="section" id="usage">
 <h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
-<ol class="arabic simple">
-<li>On the top right corner, click my user and “switch login”</li>
-<li>Same place to “return to my login”</li>
-</ol>
+<p>The impersonating user must belong to group “Impersonate Users”.
+- In the menu that is displayed when clicking on the user avatar on the top right corner, or in the res.users list, click “Switch Login” toi mpersonate another user.
+- On the top-right corner, the button “Back to Original User” is displayed in case the current user is being impersonated.</p>
 </div>
 <div class="section" id="bug-tracker">
 <h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
@@ -417,12 +425,16 @@ <h2><a class="toc-backref" href="#toc-entry-4">Authors</a></h2>
 <h2><a class="toc-backref" href="#toc-entry-5">Contributors</a></h2>
 <ul class="simple">
 <li>Kévin Roche &lt;<a class="reference external" href="mailto:kevin.roche&#64;akretion.com">kevin.roche&#64;akretion.com</a>&gt;</li>
+<li>[360ERP](<a class="reference external" href="https://www.360erp.com">https://www.360erp.com</a>):
+- Andrea Stirpe</li>
 </ul>
 </div>
 <div class="section" id="maintainers">
 <h2><a class="toc-backref" href="#toc-entry-6">Maintainers</a></h2>
 <p>This module is maintained by the OCA.</p>
-<a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
+<a class="reference external image-reference" href="https://odoo-community.org">
+<img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" />
+</a>
 <p>OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.</p>
diff --git a/impersonate_login/tests/__init__.py b/impersonate_login/tests/__init__.py
new file mode 100644
index 0000000000..d2f02c982b
--- /dev/null
+++ b/impersonate_login/tests/__init__.py
@@ -0,0 +1 @@
+from . import test_impersonate_login
diff --git a/impersonate_login/tests/test_impersonate_login.py b/impersonate_login/tests/test_impersonate_login.py
new file mode 100644
index 0000000000..85ba94b88d
--- /dev/null
+++ b/impersonate_login/tests/test_impersonate_login.py
@@ -0,0 +1,259 @@
+# Copyright 2024 360ERP (<https://www.360erp.com>)
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl)
+
+import json
+from uuid import uuid4
+
+from odoo.tests import HttpCase, tagged
+from odoo.tools import mute_logger
+
+
+@tagged("post_install", "-at_install")
+class TestImpersonateLogin(HttpCase):
+    def setUp(self):
+        super().setUp()
+        self.admin_user = self.env.ref("base.user_admin")
+        self.demo_user = self.env.ref("base.user_demo")
+
+    def _impersonate_user(self, user):
+        response = self.url_open(
+            "/web/dataset/call_button",
+            data=json.dumps(
+                {
+                    "params": {
+                        "model": "res.users",
+                        "method": "impersonate_login",
+                        "args": [user.id],
+                        "kwargs": {},
+                    },
+                }
+            ),
+            headers={"Content-Type": "application/json"},
+        )
+        self.assertEqual(response.status_code, 200)
+        return response.json()
+
+    def _action_impersonate_login(self):
+        response = self.url_open(
+            "/web/dataset/call_button",
+            data=json.dumps(
+                {
+                    "params": {
+                        "model": "res.users",
+                        "method": "action_impersonate_login",
+                        "args": [],
+                        "kwargs": {},
+                    },
+                }
+            ),
+            headers={"Content-Type": "application/json"},
+        )
+        self.assertEqual(response.status_code, 200)
+        return response.json()
+
+    def _get_session_info(self):
+        response = self.url_open(
+            "/web/session/get_session_info",
+            data=json.dumps(dict(jsonrpc="2.0", method="call", id=str(uuid4()))),
+            headers={"Content-Type": "application/json"},
+        )
+        self.assertEqual(response.status_code, 200)
+        return response.json()
+
+    def test_01_admin_impersonates_user_demo(self):
+        """Admin user impersonates Demo user"""
+        # Login as admin
+        self.authenticate(user="admin", password="admin")
+        self.assertEqual(self.session.uid, self.admin_user.id)
+
+        # Check get_session_info()
+        data = self._get_session_info()
+        result = data["result"]
+        self.assertEqual(result["username"], self.admin_user.login)
+        self.assertTrue(result["is_system"])
+        self.assertTrue(result["is_admin"])
+        self.assertTrue(result["is_impersonate_user"])
+        self.assertFalse(result["impersonate_from_uid"])
+
+        # Switch Login button
+        data = self._action_impersonate_login()
+        result = data["result"]
+        self.assertEqual(result["target"], "new")
+
+        # Impersonate demo user
+        data = self._impersonate_user(self.demo_user)
+        result = data["result"]
+        self.assertEqual(result["tag"], "reload")
+
+        # Check get_session_info()
+        data = self._get_session_info()
+        result = data["result"]
+        self.assertEqual(result["username"], self.demo_user.login)
+        self.assertFalse(result["is_system"])
+        self.assertFalse(result["is_admin"])
+        self.assertFalse(result["is_impersonate_user"])
+        self.assertEqual(result["impersonate_from_uid"], self.admin_user.id)
+
+        # Check impersonate log
+        log1 = self.env["impersonate.log"].search([], order="id desc", limit=1)
+        self.assertTrue(log1.date_start)
+        self.assertFalse(log1.date_end)
+
+        # Impersonate demo user again: error
+        with mute_logger("odoo.http"):
+            data = self._impersonate_user(self.demo_user)
+        result = data["error"]
+        self.assertEqual(
+            result["data"]["message"], "You are already Logged as another user."
+        )
+
+        # Back to original user
+        data = self._impersonate_user(self.admin_user)
+        result = data["result"]
+        self.assertEqual(result["tag"], "reload")
+
+        # Check get_session_info()
+        data = self._get_session_info()
+        result = data["result"]
+        self.assertEqual(result["username"], self.admin_user.login)
+        self.assertTrue(result["is_system"])
+        self.assertTrue(result["is_admin"])
+        self.assertTrue(result["is_impersonate_user"])
+        self.assertFalse(result["impersonate_from_uid"])
+
+        # Check impersonate log
+        log2 = self.env["impersonate.log"].search([], order="id desc", limit=1)
+        self.assertEqual(log1, log2)
+        self.assertTrue(log1.date_start)
+        self.assertTrue(log1.date_end)
+
+    def test_02_user_demo_impersonates_admin(self):
+        """Demo user impersonates Admin user"""
+        # Login as demo user
+        self.authenticate(user="demo", password="demo")
+        self.assertEqual(self.session.uid, self.demo_user.id)
+
+        # Check get_session_info()
+        data = self._get_session_info()
+        result = data["result"]
+        self.assertFalse(result["is_impersonate_user"])
+        self.assertFalse(result["impersonate_from_uid"])
+
+        # Impersonate demo user: is already current user
+        self.demo_user.groups_id += self.env.ref(
+            "impersonate_login.group_impersonate_login"
+        )
+        with mute_logger("odoo.http"):
+            data = self._impersonate_user(self.demo_user)
+        result = data["error"]
+        self.assertEqual(result["data"]["message"], "It's you.")
+
+        # Impersonate admin user
+        data = self._impersonate_user(self.admin_user)
+        result = data["result"]
+        self.assertEqual(result["tag"], "reload")
+
+        # Check get_session_info()
+        data = self._get_session_info()
+        result = data["result"]
+        self.assertEqual(result["username"], self.admin_user.login)
+        self.assertTrue(result["is_system"])
+        self.assertTrue(result["is_admin"])
+        self.assertTrue(result["is_impersonate_user"])
+        self.assertEqual(result["impersonate_from_uid"], self.demo_user.id)
+
+        # Impersonate admin user again: error
+        with mute_logger("odoo.http"):
+            data = self._impersonate_user(self.admin_user)
+        result = data["error"]
+        self.assertEqual(
+            result["data"]["message"], "You are already Logged as another user."
+        )
+
+        # Back to original user
+        data = self._impersonate_user(self.demo_user)
+        result = data["result"]
+        self.assertEqual(result["tag"], "reload")
+
+        # Check get_session_info()
+        data = self._get_session_info()
+        result = data["result"]
+        self.assertEqual(result["username"], self.demo_user.login)
+        self.assertFalse(result["is_system"])
+        self.assertFalse(result["is_admin"])
+        self.assertTrue(result["is_impersonate_user"])
+        self.assertFalse(result["impersonate_from_uid"])
+
+    def test_03_create_uid(self):
+        """Check the create_uid of records created
+        during an impersonated session"""
+        # Login as admin
+        self.authenticate(user="admin", password="admin")
+
+        # Impersonate demo user and create a contact
+        self._impersonate_user(self.demo_user)
+
+        response = self.url_open(
+            "/web/dataset/call_kw/res.partner/create",
+            data=json.dumps(
+                {
+                    "params": {
+                        "model": "res.partner",
+                        "method": "create",
+                        "args": [
+                            {
+                                "name": "Contact123",
+                            },
+                        ],
+                        "kwargs": {},
+                    },
+                }
+            ),
+            headers={"Content-Type": "application/json"},
+        )
+        self.assertEqual(response.status_code, 200)
+        data = response.json()
+        contact_id = data["result"]
+
+        contact = self.env["res.partner"].browse(contact_id)
+        self.assertEqual(contact.name, "Contact123")
+        self.assertEqual(contact.create_uid, self.admin_user)
+
+    def test_04_write_uid(self):
+        """Check the write_uid of records created
+        during an impersonated session"""
+        # Login as admin
+        self.authenticate(user="admin", password="admin")
+
+        # Create a contact
+        contact = self.env["res.partner"].create({"name": "ContactABC"})
+
+        # Impersonate demo user and modify a contact
+        self._impersonate_user(self.demo_user)
+
+        response = self.url_open(
+            "/web/dataset/call_kw/res.partner/write",
+            data=json.dumps(
+                {
+                    "params": {
+                        "model": "res.partner",
+                        "method": "write",
+                        "args": [
+                            [contact.id],
+                            {
+                                "ref": "abc",
+                            },
+                        ],
+                        "kwargs": {},
+                    },
+                }
+            ),
+            headers={"Content-Type": "application/json"},
+        )
+        self.assertEqual(response.status_code, 200)
+        data = response.json()
+        result = data["result"]
+
+        self.assertEqual(result, True)
+        self.assertEqual(contact.ref, "abc")
+        self.assertEqual(contact.write_uid, self.admin_user)