Merge branch 'admin-impersonate-user' into 'dev'

app/views/_common/_components/navigation.volt: show both users if the user are... See merge request pnx/httpcb!33
2023-04-30 16:16:48 +00:00 · 2023-04-30 16:16:48 +00:00 · 50d8c004b0
commit 50d8c004b0
parent be4950ff88 8ae44d8988
6 changed files with 78 additions and 1 deletions
--- a/app/config/routes.yml
+++ b/app/config/routes.yml
@ -73,6 +73,9 @@ router:
    backend-user-edit:
      pattern: '/admin/user/{id:([0-9]+)}'
      path: backend::user::edit
+    backend-user-impersonate:
+      pattern: '/admin/impersonate/{id:([0-9]+)}'
+      path: backend::user::impersonate
    backend-user-activation-email:
      pattern: '/admin/user/{id:([0-9]+)}/activation'
      path: backend::user::activation-email
--- a/app/controllers/backend/UserController.php
+++ b/app/controllers/backend/UserController.php
@ -113,4 +113,17 @@ class UserController extends \Phalcon\Mvc\Controller
        }
        $this->response->redirect('/admin');
    }
+
+    public function impersonateAction($id)
+    {
+        $user = User::findFirstById($id);
+
+        try {
+            $this->auth->impersonate($user);
+            $this->response->redirect('/');
+        } catch (\Exception $ex) {
+            $this->flash->error($ex->getMessage());
+            $this->response->redirect('/admin');
+        }
+    }
 }
--- a/app/library/Auth.php
+++ b/app/library/Auth.php
@ -10,6 +10,7 @@ use App\Model\Data\User,
 class Auth extends Injectable
 {
    const SESSION_KEY = 'auth';
+    const IMPERSONATOR_ID = 'auth.impersonator';

    /**
     * Login using email/user + password combination.
@ -86,6 +87,40 @@ class Auth extends Injectable
        $this->eventsManager->fire('auth:onLogin', $this, 'System');
    }

+    public function getImpersonator()
+    {
+        $id = $this->session->get(self::IMPERSONATOR_ID);
+        return $id !== null ? User::findFirst($id) : null;
+    }
+
+    /**
+     * Impersonate a user
+     *
+     * @param User $user
+     */
+    public function impersonate(User $user)
+    {
+        $current = $this->getIdentity();
+        if ($current === null) {
+            throw new \InvalidArgumentException("Need to be authenticated to be able to impersonate someone");
+        }
+
+        if ($current->getId() === $user->getId()) {
+            // Same user
+            throw new \DomainException("Can't impersonate yourself");
+        }
+
+        $this->session->set(self::IMPERSONATOR_ID, $current->getId());
+        $this->setIdentity($user->getId());
+        $this->eventsManager->fire('auth:onImpersonate', $this, $current);
+    }
+
+    public function impersonateClear($imp_id)
+    {
+        $this->session->remove(self::IMPERSONATOR_ID);
+        $this->session->set(self::SESSION_KEY, $imp_id);
+    }
+
    /**
     * @param $identity
     * @return Auth
@ -135,7 +170,12 @@ class Auth extends Injectable
     */
    public function clearIdentity()
    {
-        $this->session->remove(self::SESSION_KEY);
+        $imp_id = $this->session->get(self::IMPERSONATOR_ID);
+        if ($imp_id !== null) {
+            $this->impersonateClear($imp_id);
+        } else {
+            $this->session->remove(self::SESSION_KEY);
+        }
        return $this;
    }
 }
--- a/app/listeners/ActivityLog.php
+++ b/app/listeners/ActivityLog.php
@ -23,6 +23,19 @@ class ActivityLog extends Injectable
        $this->_log($auth->getUser(), sprintf("Logged in (%s)", $type));
    }

+    /**
+     * On Impersonate event.
+     *
+     * @param Event $event
+     * @param Auth $auth
+     * @param User $user The user Impersonating the user in $auth
+     */
+    public function onImpersonate(Event $event, Auth $auth, User $user)
+    {
+        $imp = $auth->getUser();
+        $this->_log($user, sprintf("Impersonated user (%s:%s)", $imp->getId(), $imp->getUsername()));
+    }
+
    /**
     * @param Event $event
     * @param User $auth
--- a/app/views/_common/_components/navigation.volt
+++ b/app/views/_common/_components/navigation.volt
@ -12,6 +12,8 @@
               data-bs-toggle="dropdown" role="button" aria-expanded="false">

                {{ icon('solid/user') }} <strong>{{ auth.getUser().username }}</strong>
+                {% set imp = auth.getImpersonator() %}
+                {% if imp %}( {{ icon('solid/user-secret') }} {{ imp.username }} ){% endif %}
            </a>

            <ul class="dropdown-menu navigation-user-menu-dropdown-list">
--- a/app/views/backend/user/index.volt
+++ b/app/views/backend/user/index.volt
@ -20,6 +20,7 @@
            <th>Email</th>
            <th>Type</th>
            <th>Status</th>
+            <th>&nbsp;</th>
        </tr>
    </thead>

@ -37,6 +38,11 @@
            <td>{{ item.email }}</td>
            <td>{{ item.type | capitalize }}</td>
            <td><span class="badge {{ item.isActive() ? 'badge-success' : 'badge-danger' }}">{{ item.status }}</span></td>
+            <td>
+                <a title="Impersonate" href="{{ url(['for': 'backend-user-impersonate', 'id': item.id ]) }}">
+                    {{ icon('solid/user-secret') }}
+                </a>
+            </td>
        </tr>
    {% endfor %}
    </tbody>