Sha256: ba6a56672eb1654536d442b3c6ab79e727bdf34c16006df503f1f2f344368d5c
Contents?: true
Size: 1.39 KB
Versions: 3
Compression:
Stored size: 1.39 KB
Contents
module MnoEnterprise
class ImpersonateController < ApplicationController
include MnoEnterprise::ImpersonateHelper
before_filter :authenticate_user!, except: [:destroy]
before_filter :current_user_must_be_admin!, except: [:destroy]
# Perform the user impersonate action
# GET /impersonate/user/123
def create
session[:impersonator_redirect_path] = params[:redirect_path].presence
@user = MnoEnterprise::User.find(params[:user_id])
if @user.present?
if @user.admin_role.present?
flash[:notice] = 'User is a staff member'
else
impersonate(@user)
end
else
flash[:notice] = "User doesn't exist"
end
path = mnoe_home_path
path = add_param_to_fragment(path, 'dhbRefId', params[:dhbRefId]) if params[:dhbRefId].present?
redirect_to path
end
# Revert the user impersonation
# GET /impersonation/revert
def destroy
if current_impersonator
# user = current_user
revert_impersonate
end
redirect_to session.delete(:impersonator_redirect_path).presence || '/admin/'
end
private
def current_user_must_be_admin!
unless current_user.admin_role.present?
flash[:error] = "You don't have access to this section."
redirect_to :back
end
rescue ActionController::RedirectBackError
redirect_to '/'
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems