Impersonation Feature For RDS priviledged users(super_user) #2

[imsahil2001]

Feature/Issue Description

User impersonation feature needs to be implemented which allows a privileged user (i.e., super-user) to impersonate a regular user, enabling the super-user to view the regular user’s data, such as tasks and progress, without logging in as the regular user.

User stories

• Super-user access to eligible users
• Read-only access post-impersonation
• Endpoint to allow/disallow impersonation

Expected Behavior

• To impersonate the desired user an api will be exposed which brings a list of users from which the main user can choose and go for impersonation. For this I will be using existing wrapper function fetchPaginatedUsers().
• I will be implementing the validations/checks to the endpoints of RDS status site https://status.realdevsquad.com/*(intially) so that post impersonation, we will be restricting the impersonated user to perform any PATCH/PUT/POST operation and only allow GET apis.
• An endpoint will be provided to allow users to grant or revoke permission for being impersonated by a super-user. Only users who have explicitly granted this permission can be impersonated by the super-user.

Note
This issue is dependent on this issue #2199 whose features will be implemented by Vinod (Discord-Id:vinod-godti-1). Rest all the above mentioned behavious will be implemented by me (Discordid-sahilr3009)

Current Behavior

NA

Screenshots

NA

Reproducibility

• This issue is reproducible
• This issue is not reproducible

Steps to Reproduce

NA

Severity/Priority

• Critical
• High
• Medium
• Low

Additional Information

Initial PRD

Checklist

• I have read and followed the project's code of conduct.
• I have searched for similar issues before creating this one.
• I have provided all the necessary information to understand and reproduce the issue.
• I am willing to contribute to the resolution of this issue.