Emit audit log upon impersonation.

public-legacy/manage/users/user.php

@@ -58,6 +58,7 @@ if(CSRF::validateRequest() && $canEdit) {
             }
 
             if($allowToImpersonate) {
+                $msz->createAuditLog('USER_IMPERSONATE', [$userInfo->getId(), $userInfo->getUsername()]);
                 $authToken->setImpersonatedUserId($userInfo->getId());
                 $authToken->applyCookie();
                 url_redirect('index');

src/AuditLog/AuditLogInfo.php

@@ -135,5 +135,7 @@ class AuditLogInfo {
 
         'ROLE_CREATE' => 'Created role #%d.',
         'ROLE_UPDATE' => 'Updated role #%d.',
+
+        'USER_IMPERSONATE' => 'Impersonated user #%d %s.',
     ];
 }