user_impersonate 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- data/MIT-LICENSE +20 -0
- data/README.md +155 -0
- data/Rakefile +41 -0
- data/app/assets/javascripts/user_impersonate/application.js +15 -0
- data/app/assets/javascripts/user_impersonate/impersonate.js +2 -0
- data/app/assets/stylesheets/user_impersonate/application.css +13 -0
- data/app/assets/stylesheets/user_impersonate/impersonate.css +4 -0
- data/app/controllers/user_impersonate/application_controller.rb +4 -0
- data/app/controllers/user_impersonate/impersonate_controller.rb +107 -0
- data/app/helpers/user_impersonate/application_helper.rb +4 -0
- data/app/views/layouts/user_impersonate/application.html.erb +14 -0
- data/app/views/user_impersonate/_header.html.erb +60 -0
- data/app/views/user_impersonate/impersonate/index.html.erb +30 -0
- data/config/cucumber.yml +8 -0
- data/config/routes.rb +6 -0
- data/lib/generators/user_impersonate/USAGE +6 -0
- data/lib/generators/user_impersonate/templates/app/views/user_impersonate/_header.html.erb +60 -0
- data/lib/generators/user_impersonate/templates/config/initializers/user_impersonate.rb +11 -0
- data/lib/generators/user_impersonate/user_impersonate_generator.rb +15 -0
- data/lib/tasks/user_impersonate_tasks.rake +4 -0
- data/lib/user_impersonate.rb +5 -0
- data/lib/user_impersonate/devise_helpers.rb +31 -0
- data/lib/user_impersonate/engine.rb +12 -0
- data/lib/user_impersonate/version.rb +3 -0
- data/test/dummy/README.rdoc +261 -0
- data/test/dummy/Rakefile +7 -0
- data/test/dummy/app/assets/javascripts/application.js +15 -0
- data/test/dummy/app/assets/javascripts/home.js +2 -0
- data/test/dummy/app/assets/stylesheets/application.css +16 -0
- data/test/dummy/app/assets/stylesheets/home.css +7 -0
- data/test/dummy/app/controllers/application_controller.rb +3 -0
- data/test/dummy/app/controllers/home_controller.rb +4 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/helpers/home_helper.rb +2 -0
- data/test/dummy/app/models/user.rb +12 -0
- data/test/dummy/app/views/home/index.html.erb +11 -0
- data/test/dummy/app/views/layouts/application.html.erb +22 -0
- data/test/dummy/app/views/user_impersonate/_header.html.erb +65 -0
- data/test/dummy/config.ru +4 -0
- data/test/dummy/config/application.rb +60 -0
- data/test/dummy/config/boot.rb +10 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +40 -0
- data/test/dummy/config/environments/production.rb +67 -0
- data/test/dummy/config/environments/test.rb +37 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/devise.rb +232 -0
- data/test/dummy/config/initializers/inflections.rb +15 -0
- data/test/dummy/config/initializers/mime_types.rb +5 -0
- data/test/dummy/config/initializers/secret_token.rb +7 -0
- data/test/dummy/config/initializers/session_store.rb +8 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/devise.en.yml +58 -0
- data/test/dummy/config/locales/en.yml +5 -0
- data/test/dummy/config/routes.rb +8 -0
- data/test/dummy/db/development.sqlite3 +0 -0
- data/test/dummy/db/migrate/20120914174453_devise_create_users.rb +48 -0
- data/test/dummy/db/migrate/20120914184123_add_staff_flag_to_users.rb +5 -0
- data/test/dummy/db/schema.rb +36 -0
- data/test/dummy/db/test.sqlite3 +0 -0
- data/test/dummy/lib/tasks/cucumber.rake +65 -0
- data/test/dummy/log/development.log +10062 -0
- data/test/dummy/log/test.log +10080 -0
- data/test/dummy/public/404.html +26 -0
- data/test/dummy/public/422.html +26 -0
- data/test/dummy/public/500.html +25 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/dummy/script/rails +6 -0
- data/test/dummy/test/fixtures/users.yml +14 -0
- data/test/dummy/test/unit/helpers/home_helper_test.rb +4 -0
- data/test/dummy/test/unit/user_test.rb +7 -0
- data/test/dummy/tmp/cache/assets/C0C/820/sprockets%2F2d9383a79c508f97f230886454184881 +0 -0
- data/test/dummy/tmp/cache/assets/C20/590/sprockets%2F235093f56314718870f0b3a4306ef981 +0 -0
- data/test/dummy/tmp/cache/assets/C2F/CD0/sprockets%2F03eaf29b936263599b816c6558761441 +0 -0
- data/test/dummy/tmp/cache/assets/C50/CE0/sprockets%2Fac24523561a51d8b542e705627985f44 +0 -0
- data/test/dummy/tmp/cache/assets/C51/630/sprockets%2F6acb2453ed54725270a79286038036d9 +0 -0
- data/test/dummy/tmp/cache/assets/CD8/370/sprockets%2F357970feca3ac29060c1e3861e2c0953 +0 -0
- data/test/dummy/tmp/cache/assets/CDF/870/sprockets%2Fb878faf942403e313a5b103e5d80488e +0 -0
- data/test/dummy/tmp/cache/assets/CDF/E90/sprockets%2F9621b3e1f0ea31cd644eb79996e76000 +0 -0
- data/test/dummy/tmp/cache/assets/CEB/3F0/sprockets%2F661a60a2c7729f6d58ee1b74b366a588 +0 -0
- data/test/dummy/tmp/cache/assets/CF9/7C0/sprockets%2F40fc2f3d2a468a00e463f1d313cb1683 +0 -0
- data/test/dummy/tmp/cache/assets/D05/360/sprockets%2Fa0b6daa86d2b41682b983a2715e7138a +0 -0
- data/test/dummy/tmp/cache/assets/D05/D40/sprockets%2F1c9faaf28d05409b88ad3113374d613c +0 -0
- data/test/dummy/tmp/cache/assets/D0A/D80/sprockets%2F7b632c53b622d38b006e5537c84d3fbe +0 -0
- data/test/dummy/tmp/cache/assets/D28/EE0/sprockets%2F3db0c2fc877f0331a811af24b5eb2802 +0 -0
- data/test/dummy/tmp/cache/assets/D32/A10/sprockets%2F13fe41fee1fe35b49d145bcc06610705 +0 -0
- data/test/dummy/tmp/cache/assets/D43/B90/sprockets%2F726a02947dce8f83fa9181d8ad550ac3 +0 -0
- data/test/dummy/tmp/cache/assets/D44/EF0/sprockets%2F8d4c011dff114dcee37337d0e776299d +0 -0
- data/test/dummy/tmp/cache/assets/D45/0E0/sprockets%2F3e99ab70e0b37bdeb2f674633e2c8835 +0 -0
- data/test/dummy/tmp/cache/assets/D47/3E0/sprockets%2Fd66b712f3d268a1b607eb686ef2b82d9 +0 -0
- data/test/dummy/tmp/cache/assets/D4E/1B0/sprockets%2Ff7cbd26ba1d28d48de824f0e94586655 +0 -0
- data/test/dummy/tmp/cache/assets/D5A/EA0/sprockets%2Fd771ace226fc8215a3572e0aa35bb0d6 +0 -0
- data/test/dummy/tmp/cache/assets/D6A/190/sprockets%2F759e72ee0bd652de230c2eac42c14f86 +0 -0
- data/test/dummy/tmp/cache/assets/D74/880/sprockets%2Fd5c41f40fb2af2c59969ebb1fb865804 +0 -0
- data/test/dummy/tmp/cache/assets/D7B/FD0/sprockets%2F72f171394cbb96492f3d0dca87dfff44 +0 -0
- data/test/dummy/tmp/cache/assets/D7C/110/sprockets%2F2bce4ec3f4f837664329f89ecc35a36a +0 -0
- data/test/dummy/tmp/cache/assets/D98/8B0/sprockets%2Fedbef6e0d0a4742346cf479f2c522eb0 +0 -0
- data/test/dummy/tmp/cache/assets/D9C/BF0/sprockets%2F936aa1edf76c03ce37fa4256ba7764bb +0 -0
- data/test/dummy/tmp/cache/assets/DA0/FF0/sprockets%2F4fd6b0f0ccd929d2d8e5e2714c524b8c +0 -0
- data/test/dummy/tmp/cache/assets/DAF/CD0/sprockets%2Fb69c4f14808eb26ba5d52e67ddef496f +0 -0
- data/test/dummy/tmp/cache/assets/DB1/3D0/sprockets%2Fcd635da8eb5a88d563febe9d4a468545 +0 -0
- data/test/dummy/tmp/cache/assets/DDC/400/sprockets%2Fcffd775d018f68ce5dba1ee0d951a994 +0 -0
- data/test/dummy/tmp/cache/assets/DF0/7A0/sprockets%2F2063d2525df419c0c6df4fbacdc4ced2 +0 -0
- data/test/dummy/tmp/cache/assets/E04/890/sprockets%2F2f5173deea6c795b8fdde723bb4b63af +0 -0
- data/test/dummy/tmp/cache/assets/E1C/610/sprockets%2Fc6bef1e11d6b0cdfab292b90cf16bd44 +0 -0
- data/test/dummy/tmp/capybara/capybara-201209141022223935955827.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141022422048391033.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141022483207542727.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141025331953416679.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141025405140553066.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141025479189502384.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141025536572788101.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141026535496719019.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141027001260256891.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141030296650320780.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141031072084990548.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141035147052886495.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141035572336747180.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141036191976624121.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141036193465232588.html +14 -0
- data/test/dummy/tmp/capybara/capybara-20120914103619649823379.html +14 -0
- data/test/dummy/tmp/capybara/capybara-20120914103639499751538.html +14 -0
- data/test/dummy/tmp/capybara/capybara-201209141036396957096322.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141036398706428277.html +14 -0
- data/test/dummy/tmp/capybara/capybara-201209141036581687315384.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141036584316306451.html +16 -0
- data/test/dummy/tmp/capybara/capybara-201209141036588664819750.html +16 -0
- data/test/dummy/tmp/pids/server.pid +1 -0
- data/test/integration/navigation_test.rb +10 -0
- data/test/test_helper.rb +15 -0
- data/test/unit/helpers/user_impersonate/impersonate_helper_test.rb +6 -0
- data/test/user_impersonate_test.rb +7 -0
- metadata +407 -0
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2012 YOURNAME
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,155 @@
|
|
1
|
+
# User Impersonate
|
2
|
+
|
3
|
+
Allow staff users to impersonate your normal users: see what they see, only do what they can do.
|
4
|
+
|
5
|
+
This concept and code was extracted from [Engine Yard Cloud](http://www.engineyard.com/products/cloud), which we use when we want to help support a customer remotely.
|
6
|
+
|
7
|
+
This Rails engine currently supports the following Rails authentication systems:
|
8
|
+
|
9
|
+
* [Devise](https://github.com/plataformatec/devise)
|
10
|
+
|
11
|
+
## Example usage
|
12
|
+
|
13
|
+
When you are impersonating a user you see what they see, with a header section above:
|
14
|
+
|
15
|
+
<img src="https://img.skitch.com/20120919-c8382rgdcub7gsh2p82k8reng3.png" alt="Impersonating a user" />
|
16
|
+
|
17
|
+
## Installation
|
18
|
+
|
19
|
+
Add the gem to your Rails application's Gemfile and run `bundle`:
|
20
|
+
|
21
|
+
``` ruby
|
22
|
+
gem "user_impersonate"
|
23
|
+
```
|
24
|
+
|
25
|
+
Run the (sort of optional) generator:
|
26
|
+
|
27
|
+
```
|
28
|
+
bundle
|
29
|
+
rails g user_impersonate
|
30
|
+
```
|
31
|
+
|
32
|
+
This adds the following line within your `config/routes.rb`:
|
33
|
+
|
34
|
+
``` ruby
|
35
|
+
mount UserImpersonate::Engine => "/impersonate", as: "impersonate_engine"
|
36
|
+
```
|
37
|
+
|
38
|
+
Include in your layout files support for `flash[:error]` and `flash[:notice]`, such as:
|
39
|
+
|
40
|
+
``` erb
|
41
|
+
<p class="notice"><%= flash[:notice] %></p>
|
42
|
+
<p class="alert"><%= flash[:error] %></p>
|
43
|
+
```
|
44
|
+
|
45
|
+
Next, add the impersonation header to your layouts:
|
46
|
+
|
47
|
+
``` erb
|
48
|
+
<% if current_staff_user %>
|
49
|
+
<%= render 'user_impersonate/header' %>
|
50
|
+
<% end %>
|
51
|
+
```
|
52
|
+
|
53
|
+
Next, add staff concept to your User model.
|
54
|
+
|
55
|
+
To test the engine out, make all users staff!
|
56
|
+
|
57
|
+
``` ruby
|
58
|
+
# app/models/user.rb
|
59
|
+
|
60
|
+
def staff?
|
61
|
+
true
|
62
|
+
end
|
63
|
+
|
64
|
+
# String to represent a user (email, name, etc)
|
65
|
+
def to_s
|
66
|
+
email
|
67
|
+
end
|
68
|
+
```
|
69
|
+
|
70
|
+
You can now go to [http://localhost:3000/impersonate](http://localhost:3000/impersonate) to see the list of users, except your own user account. If you impersonate one you will see the magic!
|
71
|
+
|
72
|
+
## Integration
|
73
|
+
|
74
|
+
To support this Rails engine, you need to add some things.
|
75
|
+
|
76
|
+
* `current_user` helper within controllers & helpers
|
77
|
+
* `current_user.staff?` - your `User` model needs a `staff?` to identify if the current user is allowed to impersonate other users; if missing, no user can access impersonation system
|
78
|
+
|
79
|
+
### User#staff?
|
80
|
+
|
81
|
+
One way to add this helper is to add a column to your User model:
|
82
|
+
|
83
|
+
```
|
84
|
+
rails g migration add_staff_flag_to_users staff:boolean
|
85
|
+
rake db:migrate db:test:prepare
|
86
|
+
```
|
87
|
+
|
88
|
+
## Customization
|
89
|
+
|
90
|
+
### Header
|
91
|
+
|
92
|
+
|
93
|
+
You can override the bright red header by creating a `app/views/user_impersonate/_header.html.erb` file (or whatever template system you like).
|
94
|
+
|
95
|
+
For example, the Engine Yard Cloud uses a header that looks like:
|
96
|
+
|
97
|
+
![](https://img.skitch.com/20120915-mk8mnpdsu5nuym3bxs678qf1a8.png)
|
98
|
+
|
99
|
+
The `app/views/user_impersonate/_header.html.haml` HAML partial for this header would be:
|
100
|
+
|
101
|
+
``` haml
|
102
|
+
%div#impersonating
|
103
|
+
.impersonate-controls.page
|
104
|
+
.impersonate-info.grid_12
|
105
|
+
You (
|
106
|
+
%span.admin_name= current_staff_user
|
107
|
+
) are impersonating
|
108
|
+
%span.user_name= link_to current_user, url_for([:admin, current_user])
|
109
|
+
( User id:
|
110
|
+
%span.user_id= current_user.id
|
111
|
+
)
|
112
|
+
- if current_user.no_accounts?
|
113
|
+
( No accounts )
|
114
|
+
- else
|
115
|
+
( Account name:
|
116
|
+
%span.account_id= link_to current_user.accounts.first, url_for([:admin, current_user.accounts.first])
|
117
|
+
, id:
|
118
|
+
%strong= current_user.accounts.first.id
|
119
|
+
)
|
120
|
+
.impersonate-buttons.grid_12
|
121
|
+
= form_tag url_for([:ssh_key, :admin, current_user]), :method => "put" do
|
122
|
+
%span Support SSH Key
|
123
|
+
= select_tag 'public_key', options_for_select(current_staff_user.keys.map {|k| k})
|
124
|
+
%button{:type => "submit"} Install SSH Key
|
125
|
+
or
|
126
|
+
= form_tag [:admin, :revert], :method => :delete, :class => 'revert-form' do
|
127
|
+
%button{:type => "submit"} Revert to admin
|
128
|
+
```
|
129
|
+
|
130
|
+
### Redirects
|
131
|
+
|
132
|
+
By default, when you impersonate and when you stop impersonating a user you are redirected to the root url.
|
133
|
+
|
134
|
+
Configure alternate paths using:
|
135
|
+
|
136
|
+
``` ruby
|
137
|
+
???
|
138
|
+
```
|
139
|
+
|
140
|
+
### User model & lookup
|
141
|
+
|
142
|
+
By default, it assumes the User model is `User`, that you use `User.find(id)` to find a user, and `aUser.id` to get the related id value.
|
143
|
+
|
144
|
+
You can fix this default behavior in `config/initializers/user_impersonate.rb`, which is created by the generator above.
|
145
|
+
|
146
|
+
``` ruby
|
147
|
+
module UserImpersonate
|
148
|
+
class Engine < Rails::Engine
|
149
|
+
config.user_class = "User"
|
150
|
+
config.user_finder = "find" # User.find
|
151
|
+
config.user_id_column = "id" # Such that User.find(aUser.id) works
|
152
|
+
config.user_is_staff_method = "staff?" # current_user.staff?
|
153
|
+
end
|
154
|
+
end
|
155
|
+
```
|
data/Rakefile
ADDED
@@ -0,0 +1,41 @@
|
|
1
|
+
#!/usr/bin/env rake
|
2
|
+
begin
|
3
|
+
require 'bundler/setup'
|
4
|
+
rescue LoadError
|
5
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
6
|
+
end
|
7
|
+
begin
|
8
|
+
require 'rdoc/task'
|
9
|
+
rescue LoadError
|
10
|
+
require 'rdoc/rdoc'
|
11
|
+
require 'rake/rdoctask'
|
12
|
+
RDoc::Task = Rake::RDocTask
|
13
|
+
end
|
14
|
+
|
15
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
16
|
+
rdoc.rdoc_dir = 'rdoc'
|
17
|
+
rdoc.title = 'UserImpersonate'
|
18
|
+
rdoc.options << '--line-numbers'
|
19
|
+
rdoc.rdoc_files.include('README.rdoc')
|
20
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
21
|
+
end
|
22
|
+
|
23
|
+
APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
|
24
|
+
load 'rails/tasks/engine.rake'
|
25
|
+
|
26
|
+
|
27
|
+
|
28
|
+
Bundler::GemHelper.install_tasks
|
29
|
+
|
30
|
+
require 'rake/testtask'
|
31
|
+
|
32
|
+
Rake::TestTask.new(:test) do |t|
|
33
|
+
t.libs << 'lib'
|
34
|
+
t.libs << 'test'
|
35
|
+
t.pattern = 'test/**/*_test.rb'
|
36
|
+
t.verbose = false
|
37
|
+
end
|
38
|
+
|
39
|
+
task :cucumber => 'app:cucumber'
|
40
|
+
# task :default => [:test, :spec, :cucumber]
|
41
|
+
task :default => [:test, :cucumber]
|
@@ -0,0 +1,15 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// the compiled file.
|
9
|
+
//
|
10
|
+
// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
|
11
|
+
// GO AFTER THE REQUIRES BELOW.
|
12
|
+
//
|
13
|
+
//= require jquery
|
14
|
+
//= require jquery_ujs
|
15
|
+
//= require_tree .
|
@@ -0,0 +1,13 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the top of the
|
9
|
+
* compiled file, but it's generally better to create a new file per style scope.
|
10
|
+
*
|
11
|
+
*= require_self
|
12
|
+
*= require_tree .
|
13
|
+
*/
|
@@ -0,0 +1,107 @@
|
|
1
|
+
require_dependency "user_impersonate/application_controller"
|
2
|
+
|
3
|
+
module UserImpersonate
|
4
|
+
class ImpersonateController < ApplicationController
|
5
|
+
before_filter :authenticate_user!
|
6
|
+
before_filter :current_user_must_be_staff!, except: ["destroy"]
|
7
|
+
|
8
|
+
# Display list of all users, except current (staff) user
|
9
|
+
# Is this exclusion unnecessary complexity?
|
10
|
+
# Normal apps wouldn't bother with this action; rather they would
|
11
|
+
# go straight to GET /impersonate/user/123 (create action)
|
12
|
+
def index
|
13
|
+
users_table = Arel::Table.new(user_table.to_sym) # e.g. :users
|
14
|
+
id_column = users_table[user_id_column.to_sym] # e.g. users_table[:id]
|
15
|
+
@users = user_class.order("updated_at DESC").
|
16
|
+
where(
|
17
|
+
id_column.not_in [
|
18
|
+
current_user.send(user_id_column.to_sym) # e.g. current_user.id
|
19
|
+
])
|
20
|
+
if params[:search]
|
21
|
+
@users = @users.where("name like ?", "%#{params[:search]}%")
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
# Perform the user impersonate action
|
26
|
+
# GET /impersonate/user/123
|
27
|
+
def create
|
28
|
+
@user = find_user(params[:user_id])
|
29
|
+
impersonate(@user)
|
30
|
+
redirect_on_impersonate(@user)
|
31
|
+
end
|
32
|
+
|
33
|
+
# Revert the user impersonation
|
34
|
+
# GET /impersonation/revert
|
35
|
+
def destroy
|
36
|
+
unless current_staff_user
|
37
|
+
flash[:notice] = "You weren't impersonating anyone"
|
38
|
+
redirect_on_revert and return
|
39
|
+
end
|
40
|
+
user = current_user
|
41
|
+
revert_impersonate
|
42
|
+
if user
|
43
|
+
flash[:notice] = "No longer impersonating #{user}"
|
44
|
+
redirect_on_revert(user)
|
45
|
+
else
|
46
|
+
flash[:notice] = "No longer impersonating a user"
|
47
|
+
redirect_on_revert
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
private
|
52
|
+
def current_user_must_be_staff!
|
53
|
+
unless user_is_staff?(current_user)
|
54
|
+
flash[:error] = "You don't have access to this section."
|
55
|
+
redirect_to :back
|
56
|
+
end
|
57
|
+
rescue ActionController::RedirectBackError
|
58
|
+
redirect_to '/'
|
59
|
+
end
|
60
|
+
|
61
|
+
# Helper to load a User, using all the UserImpersonate config options
|
62
|
+
def find_user(id)
|
63
|
+
user_class.send(user_finder_method, id)
|
64
|
+
end
|
65
|
+
|
66
|
+
# Similar to user.staff?
|
67
|
+
# Using all the UserImpersonate config options
|
68
|
+
def user_is_staff?(user)
|
69
|
+
current_user.respond_to?(user_is_staff_method.to_sym) &&
|
70
|
+
current_user.send(user_is_staff_method.to_sym)
|
71
|
+
end
|
72
|
+
|
73
|
+
def user_finder_method
|
74
|
+
(UserImpersonate::Engine.config.try(:user_finder) || "find").to_sym
|
75
|
+
end
|
76
|
+
|
77
|
+
def user_class_name
|
78
|
+
UserImpersonate::Engine.config.try(:user_class) || "User"
|
79
|
+
end
|
80
|
+
|
81
|
+
def user_class
|
82
|
+
user_class_name.constantize
|
83
|
+
end
|
84
|
+
|
85
|
+
def user_table
|
86
|
+
user_class_name.tableize
|
87
|
+
end
|
88
|
+
|
89
|
+
def user_id_column
|
90
|
+
UserImpersonate::Engine.config.try(:user_id_column) || "id"
|
91
|
+
end
|
92
|
+
|
93
|
+
def user_is_staff_method
|
94
|
+
UserImpersonate::Engine.config.try(:user_is_staff_method) || "staff?"
|
95
|
+
end
|
96
|
+
|
97
|
+
def redirect_on_impersonate(impersonated_user)
|
98
|
+
url = UserImpersonate::Engine.config.try(:redirect_on_impersonate) || main_app.root_url
|
99
|
+
redirect_to url
|
100
|
+
end
|
101
|
+
|
102
|
+
def redirect_on_revert(impersonated_user = nil)
|
103
|
+
url = UserImpersonate::Engine.config.redirect_on_revert || root_url
|
104
|
+
redirect_to url
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>User Impersonate</title>
|
5
|
+
<%= stylesheet_link_tag "user_impersonate/application", :media => "all" %>
|
6
|
+
<%= javascript_include_tag "user_impersonate/application" %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
|
+
</head>
|
9
|
+
<body>
|
10
|
+
|
11
|
+
<%= yield %>
|
12
|
+
|
13
|
+
</body>
|
14
|
+
</html>
|
@@ -0,0 +1,60 @@
|
|
1
|
+
<style>
|
2
|
+
#impersonating {
|
3
|
+
width: 100%;
|
4
|
+
margin: 0;
|
5
|
+
padding: 12px 0;
|
6
|
+
background: #c70000;
|
7
|
+
border-bottom: 1px solid black;
|
8
|
+
line-height: 1.9;
|
9
|
+
font-size: 12px;
|
10
|
+
font-family: "Lucida Sans Unicode","Lucida Grande",Verdana,Arial,Helvetica,sans-serif;
|
11
|
+
}
|
12
|
+
#impersonating .impersonate-controls {
|
13
|
+
color: white;
|
14
|
+
font-weight: normal;
|
15
|
+
font-size: 15px;
|
16
|
+
max-width: 960px;
|
17
|
+
margin-left: auto;
|
18
|
+
margin-right: auto;
|
19
|
+
}
|
20
|
+
#impersonating .impersonate-controls .impersonate-info {
|
21
|
+
margin-bottom: 6px;
|
22
|
+
padding-bottom: 2px;
|
23
|
+
border-bottom: 1px solid #dd0000;
|
24
|
+
}
|
25
|
+
#impersonating .impersonate-controls form {
|
26
|
+
display: inline;
|
27
|
+
margin-right: 16px;
|
28
|
+
}
|
29
|
+
#impersonating .impersonate-controls .revert-form {
|
30
|
+
margin-left: 16px;
|
31
|
+
}
|
32
|
+
#impersonating .impersonate-controls select {
|
33
|
+
background: white;
|
34
|
+
}
|
35
|
+
#impersonating .impersonate-controls .admin_name, #impersonating .impersonate-controls .user_name, #impersonating .impersonate-controls .user_id, #impersonating .impersonate-controls .account_id {
|
36
|
+
font-weight: bold;
|
37
|
+
}
|
38
|
+
#impersonating .impersonate-controls a {
|
39
|
+
text-decoration: underline;
|
40
|
+
color: white;
|
41
|
+
}
|
42
|
+
</style>
|
43
|
+
<div id="impersonating">
|
44
|
+
<div class="impersonate-controls">
|
45
|
+
<div class="impersonate-info">
|
46
|
+
You (
|
47
|
+
<span class="admin_name"><%= current_staff_user %></span>
|
48
|
+
) are impersonating
|
49
|
+
<span class="admin_name"><%= current_user %></span>
|
50
|
+
( User id: <%= current_user.to_param %> )
|
51
|
+
</div>
|
52
|
+
|
53
|
+
<div class="impersonate-buttons">
|
54
|
+
<%= form_tag impersonate_engine.revert_impersonate_user_url,
|
55
|
+
:method => :delete, :class => 'revert-form' do %>
|
56
|
+
<button type = "submit"> Revert to admin</button>
|
57
|
+
<% end %>
|
58
|
+
</div>
|
59
|
+
</div>
|
60
|
+
</div>
|