Enable user switching

2021-09-27 22:50:47 +10:00 · 2021-09-27 22:50:47 +10:00 · ca666e456a
commit ca666e456a
parent fa97fbb0c1
7 changed files with 123 additions and 4 deletions
--- a/app/Http/Controllers/UserSwitchController.php
+++ b/app/Http/Controllers/UserSwitchController.php
@ -0,0 +1,75 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Redirect;
+use Illuminate\Support\Facades\Session;
+
+use App\Models\User;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+
+class UserSwitchController extends Controller
+{
+	private const redirect = '/';
+
+	public function __construct()
+	{
+		$this->middleware('auth');
+	}
+
+	/**
+	 * Is the user authorised to switch to another user
+	 *
+	 * @param User $o
+	 * @return bool
+	 */
+	private function switch_authorised(User $o): bool
+	{
+		return Auth::user()->admin;
+	}
+
+	/**
+	 * Are we currently in a switch session
+	 *
+	 * @return bool
+	 */
+	private function switch_session(): bool
+	{
+		return ! Session::get('orig_user');
+	}
+
+	/**
+	 * Switch the user to another user
+	 *
+	 * @param User $o
+	 * @return RedirectResponse
+	 */
+	public function user_switch_start(User $o): RedirectResponse
+	{
+		if ($this->switch_session() AND $this->switch_authorised($o)) {
+			Session::put('orig_user',Auth::id());
+			Auth::login($o);
+
+		} else {
+			abort(404,'Not found');
+		}
+
+		return Redirect::to(self::redirect);
+	}
+
+	/**
+	 * Return the user back to the original user
+	 *
+	 * @return RedirectResponse
+	 */
+	public function user_switch_stop(): RedirectResponse
+	{
+		if ($id = Session::pull('orig_user')) {
+			$uo = User::find($id);
+			Auth::login($uo);
+		}
+
+		return Redirect::to(self::redirect);
+	}
+}
--- a/app/Models/User.php
+++ b/app/Models/User.php
@ -8,6 +8,8 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
 use Laravel\Passport\HasApiTokens;

+use App\Traits\UserSwitch;
+
 /**
 * Class User
 *
@ -24,7 +26,7 @@ use Laravel\Passport\HasApiTokens;
 */
 class User extends Authenticatable implements MustVerifyEmail
 {
-	use HasFactory,Notifiable,HasApiTokens;
+	use HasFactory,Notifiable,HasApiTokens,UserSwitch;

 	/**
 	 * The attributes that are mass assignable.
--- a/app/Traits/UserSwitch.php
+++ b/app/Traits/UserSwitch.php
@ -0,0 +1,31 @@
+<?php
+
+/**
+ * Check if users have been switched
+ */
+namespace App\Traits;
+
+use Illuminate\Support\Facades\Session;
+
+trait UserSwitch
+{
+	/**
+	 * Who is the original user
+	 *
+	 * @return mixed
+	 */
+	public function getSwitchedAttribute()
+	{
+		return Session::get('orig_user');
+	}
+
+	/**
+	 * Is this user an admin
+	 *
+	 * @return bool
+	 */
+	public function isAdmin(): bool
+	{
+		return (bool)$this->admin ?? FALSE;
+	}
+}
--- a/public/oldschool/css/main.css
+++ b/public/oldschool/css/main.css
@ -189,6 +189,7 @@ sup.success:after {
 	display:inline-block;
 	padding:8px 0 7px
 }
+#nav-menu ul li.switched,
 #nav-menu ul li a:active,
 #nav-menu ul li a:hover,
 #nav-menu ul li a:focus {
--- a/resources/views/layouts/partials/topmenu.blade.php
+++ b/resources/views/layouts/partials/topmenu.blade.php
@ -15,8 +15,15 @@

 	<ul class="float-end">
 		@auth
-			<li><a href="{{ url('settings') }}"><span>{{ Auth::user()->name }}</span></a></li>
-			<li><a href="{{ url('logout') }}"><span>Logout</span></a></li>
+			<li class="{{ Auth::user()->switched ? 'switched' : '' }}"><a href="{{ url('settings') }}"><span>{{ Auth::user()->name }}</span></a></li>
+			@if(Auth::user()->switched)
+				<li><a href="{{ url('admin/switch/stop') }}">
+					<span>Switch Back</span>
+				</a></li>
+			@else
+				<li><a href="{{ url('logout') }}"><span>Logout</span></a></li>
+			@endif
+
 		@endauth
 		@guest
 			<li><a href="{{ url('login') }}"><span>Login</span></a></li>
--- a/resources/views/user/home.blade.php
+++ b/resources/views/user/home.blade.php
@ -28,7 +28,7 @@
 				<tbody>
 				@foreach (\App\Models\User::orderBy('email')->cursor() as $oo)
 					<tr class="{{ $oo->admin ? 'admin' : '' }}">
-						<td><a href="{{ url('user/addedit',[$oo->id]) }}">{{ $oo->id }}</a></td>
+						<td><a href="{{ url('user/addedit',[$oo->id]) }}">{{ $oo->id }}</a> @if(Auth::user()->admin && (Auth::id() !== $oo->id))<span class="float-end"><a href="{{ url('admin/switch/start',[$oo->id]) }}"><i class="bi bi-person-bounding-box"></i></a></span>@endif</td>
 						<td>{{ $oo->email }}</td>
 						<td>{{ $oo->name }}</td>
 						<td>{{ $oo->active ? 'YES' : 'NO' }}</td>
--- a/routes/web.php
+++ b/routes/web.php
@ -10,6 +10,7 @@ use App\Http\Controllers\{HomeController,
 	FileareaController,
 	SystemController,
 	UserController,
+	UserSwitchController,
 	ZoneController};
 use App\Http\Controllers\Auth\LoginController;

@ -33,6 +34,8 @@ Auth::routes([
 	'verify'        => true,       // for email verification
 ]);
 Route::get('logout',[LoginController::class,'logout']);
+Route::get('admin/switch/start/{o}',[UserSwitchController::class,'user_switch_start']);
+Route::get('admin/switch/stop',[UserSwitchController::class,'user_switch_stop']);

 Route::redirect('/','about');
 Route::view('about','about');