Why `back` method needs authorization?

[lcjury]

I want to allow admins to masquerade other users, because of this, I override the masquerade_authorized? method with something like:

def masquerade_authorized?
  admin?
end

The "back_masquerade_path" also uses masquerade_authorized?; since I'm masquerading as a non-admin user, I cannot return to my previous user.

I'm doing something wrong?

[MartinSugasti]

You could do something like

def masquerade_authorized?
  admin? || params[:action] == 'back'
end