gitlab-org--gitlab-foss/app/controllers/admin/impersonation_controller.rb

39 lines
943 B
Ruby
Raw Normal View History

class Admin::ImpersonationController < Admin::ApplicationController
skip_before_action :authenticate_admin!, only: :destroy
before_action :user
before_action :authorize_impersonator!
def create
2015-12-01 23:40:24 -05:00
if @user.blocked?
flash[:alert] = "You cannot impersonate a blocked user"
2015-12-01 23:40:24 -05:00
redirect_to admin_user_path(@user)
else
session[:impersonator_id] = current_user.username
session[:impersonator_return_to] = admin_user_path(@user)
2015-12-01 23:40:24 -05:00
warden.set_user(user, scope: 'user')
2015-12-01 23:40:24 -05:00
flash[:alert] = "You are impersonating #{user.username}."
2015-12-01 23:40:24 -05:00
redirect_to root_path
end
end
def destroy
redirect = session[:impersonator_return_to]
warden.set_user(user, scope: 'user')
session[:impersonator_return_to] = nil
session[:impersonator_id] = nil
redirect_to redirect || root_path
end
def user
@user ||= User.find_by!(username: params[:id] || session[:impersonator_id])
end
end