this is also a capability in a nextcloud app so an admin can more easily replicate a users bug report and see for themselves what’s going wrong. that said i struggle to see how you could implement that in such a way as to avoid abuse, but isn’t that true of any admin powers? this isn’t encrypted cloud storage, it’s a public forum. i’d imagine the process is at the very least heavily logged so other admins and maybe even federates to other instance admins or even mods too so impersonation actions are clearly visible as such. but i don’t know enough about code to read thru and see if it does in either app.