Sha256: ba6a56672eb1654536d442b3c6ab79e727bdf34c16006df503f1f2f344368d5c
Contents?: true
Size: 1.39 KB
Versions: 3
Compression:
Stored size: 1.39 KB
Contents
module MnoEnterprise class ImpersonateController < ApplicationController include MnoEnterprise::ImpersonateHelper before_filter :authenticate_user!, except: [:destroy] before_filter :current_user_must_be_admin!, except: [:destroy] # Perform the user impersonate action # GET /impersonate/user/123 def create session[:impersonator_redirect_path] = params[:redirect_path].presence @user = MnoEnterprise::User.find(params[:user_id]) if @user.present? if @user.admin_role.present? flash[:notice] = 'User is a staff member' else impersonate(@user) end else flash[:notice] = "User doesn't exist" end path = mnoe_home_path path = add_param_to_fragment(path, 'dhbRefId', params[:dhbRefId]) if params[:dhbRefId].present? redirect_to path end # Revert the user impersonation # GET /impersonation/revert def destroy if current_impersonator # user = current_user revert_impersonate end redirect_to session.delete(:impersonator_redirect_path).presence || '/admin/' end private def current_user_must_be_admin! unless current_user.admin_role.present? flash[:error] = "You don't have access to this section." redirect_to :back end rescue ActionController::RedirectBackError redirect_to '/' end end end
Version data entries
3 entries across 3 versions & 1 rubygems