Home Explore Help
Register Sign In
J1X
/
huginn
Watch 2
Star 0
Fork 0

Browse Source
Allow admins to login as another user (#1659)

* switch_to_user and switch_back routes

* Uses session to store original user id

Albert Sun 9 years ago
parent
c3ab764efc
commit
6bb61065ec
7 changed files with 79 additions and 5 deletions
Show Diff Stats
  1. 23 2
      app/controllers/admin/users_controller.rb
  2. 3 0
      app/views/admin/users/_form.html.erb
  3. 3 2
      app/views/admin/users/index.html.erb
  4. 1 1
      app/views/agents/index.html.erb
  5. 8 0
      app/views/layouts/_navigation.html.erb
  6. 4 0
      config/routes.rb
  7. 37 0
      spec/controllers/admin/users_controller_spec.rb

+ 23 - 2
app/controllers/admin/users_controller.rb
View File 

@@ -1,7 +1,7 @@
1 1 
 class Admin::UsersController < ApplicationController
2 
-  before_action :authenticate_admin!
2 
+  before_action :authenticate_admin!, except: [:switch_back]
3 3
4 
-  before_action :find_user, only: [:edit, :destroy, :update, :deactivate, :activate]
4 
+  before_action :find_user, only: [:edit, :destroy, :update, :deactivate, :activate, :switch_to_user]
5 5
6 6 
   helper_method :resource
7 7 
 
@@ -83,6 +83,27 @@ class Admin::UsersController < ApplicationController
83 83 
     end
84 84 
   end
85 85
86 
+  # allow an admin to sign-in as any other user
87 
+
88 
+  def switch_to_user
89 
+    if current_user != @user
90 
+      old_user = current_user
91 
+      sign_in(:user, @user, { bypass: true })
92 
+      session[:original_admin_user_id] = old_user.id
93 
+    end
94 
+    redirect_to agents_path
95 
+  end
96 
+
97 
+  def switch_back
98 
+    if session[:original_admin_user_id].present?
99 
+      sign_in(:user, User.find(session[:original_admin_user_id]), { bypass: true })
100 
+      session.delete(:original_admin_user_id)
101 
+    else
102 
+      redirect_to(root_path, alert: 'You must be an admin acting as a different user to do that.') and return
103 
+    end
104 
+    redirect_to admin_users_path
105 
+  end
106 
+
86 107 
   private
87 108
88 109 
   def find_user

+ 3 - 0
app/views/admin/users/_form.html.erb
View File 

@@ -22,5 +22,8 @@
22 22 
 <div class="row">
23 23 
   <div class="col-md-12">
24 24 
     <%= link_to icon_tag('glyphicon-chevron-left') + ' Back'.html_safe, admin_users_path, class: "btn btn-default" %>
25 
+    <% if @user.persisted? %>
26 
+      <%= link_to 'Become User', switch_to_user_admin_user_path(@user), class: "btn btn-default btn-info", data: { confirm: 'This will log you in as another user. Would you like to continue?' } %>
27 
+    <% end %>
25 28 
   </div>
26 29 
 </div>

+ 3 - 2
app/views/admin/users/index.html.erb
View File 

@@ -24,12 +24,13 @@
24 24 
               <td><%= link_to user.username, edit_admin_user_path(user) %></td>
25 25 
               <td><%= user.email %></td>
26 26 
               <td><%= user_account_state(user) %></td>
27 
-              <td><%= user.agents.active.count %></td>
28 
-              <td><%= user.agents.inactive.count %></td>
27 
+              <td><%= link_to user.agents.active.count, switch_to_user_admin_user_path(user), data: { confirm: 'This will log you in as another user. Would you like to continue?' } %></td>
28 
+              <td><%= link_to user.agents.inactive.count, switch_to_user_admin_user_path(user), data: { confirm: 'This will log you in as another user. Would you like to continue?' } %></td>
29 29 
               <td title='<%= user.created_at %>'><%= time_ago_in_words user.created_at %> ago</td>
30 30 
               <td>
31 31 
                 <div class="btn-group btn-group-xs">
32 32 
                   <% if user != current_user %>
33 
+                    <%= link_to 'Become User', switch_to_user_admin_user_path(user), class: "btn btn-default", data: { confirm: 'This will log you in as another user. Would you like to continue?' } %>
33 34 
                     <% if user.active? %>
34 35 
                       <%= link_to 'Deactivate', deactivate_admin_user_path(user), method: :put, class: "btn btn-default" %>
35 36 
                     <% else %>

+ 1 - 1
app/views/agents/index.html.erb
View File 

@@ -2,7 +2,7 @@
2 2 
   <div class='row'>
3 3 
     <div class='col-md-12'>
4 4 
       <div class="page-header">
5 
-        <h2>Your Agents</h2>
5 
+        <h2><%= session[:original_admin_user_id].present? ? "#{current_user.username}’s Agents" : 'Your Agents' %></h2>
6 6 
       </div>
7 7
8 8 
       <%= render 'agents/table' %>

+ 8 - 0
app/views/layouts/_navigation.html.erb
View File 

@@ -60,9 +60,17 @@
60 60 
     <li class="dropdown">
61 61 
       <a href="#" class="dropdown-toggle" data-toggle="dropdown">
62 62 
         Account
63 
+        <% if user_signed_in? && session[:original_admin_user_id].present? %>
64 
+          <span class="label label-warning"><%= current_user.username %></span>
65 
+        <% end %>
63 66 
         <b class="caret"></b>
64 67 
       </a>
65 68 
       <ul class="dropdown-menu" role="menu" aria-labelledby="dLabel">
69 
+        <% if user_signed_in? && session[:original_admin_user_id].present? %>
70 
+          <li>
71 
+            <%= link_to 'Switch Back to Admin User', switch_back_admin_users_path, tabindex: '-1' %>
72 
+          </li>
73 
+        <% end %>
66 74 
         <li>
67 75 
           <% if user_signed_in? %>
68 76 
             <%= link_to 'Account', edit_user_registration_path, :tabindex => "-1" %>

+ 4 - 0
config/routes.rb
View File 

@@ -84,6 +84,10 @@ Huginn::Application.routes.draw do
84 84 
       member do
85 85 
         put :deactivate
86 86 
         put :activate
87 
+        get :switch_to_user
88 
+      end
89 
+      collection do
90 
+        get :switch_back
87 91 
       end
88 92 
     end
89 93 
   end

+ 37 - 0
spec/controllers/admin/users_controller_spec.rb
View File 

@@ -19,4 +19,41 @@ describe Admin::UsersController do
19 19 
       end
20 20 
     end
21 21 
   end
22 
+
23 
+  describe 'GET #switch_to_user' do
24 
+    it "switches to another user" do
25 
+      sign_in users(:jane)
26 
+
27 
+      get :switch_to_user, :id => users(:bob).id
28 
+      expect(response).to redirect_to(agents_path)
29 
+      expect(subject.session[:original_admin_user_id]).to eq(users(:jane).id)
30 
+    end
31 
+
32 
+    it "does not switch if not admin" do
33 
+      sign_in users(:bob)
34 
+
35 
+      get :switch_to_user, :id => users(:jane).id
36 
+      expect(response).to redirect_to(root_path)
37 
+    end
38 
+  end
39 
+
40 
+  describe 'GET #switch_back' do
41 
+    it "switches to another user and back" do
42 
+      sign_in users(:jane)
43 
+
44 
+      get :switch_to_user, :id => users(:bob).id
45 
+      expect(response).to redirect_to(agents_path)
46 
+      expect(subject.session[:original_admin_user_id]).to eq(users(:jane).id)
47 
+
48 
+      get :switch_back
49 
+      expect(response).to redirect_to(admin_users_path)
50 
+      expect(subject.session[:original_admin_user_id]).to be_nil
51 
+    end
52 
+
53 
+    it "does not switch_back without having switched" do
54 
+      sign_in users(:bob)
55 
+      get :switch_back
56 
+      expect(response).to redirect_to(root_path)
57 
+    end
58 
+  end
22 59 
 end