Mascali
/
raspisms
mirror of https://github.com/RaspbianFrance/raspisms.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add function to impersonate a user

This commit is contained in:
osaajani 2021-07-13 01:21:23 +02:00
parent 33ae2b0010
commit ad93a7b537
7 changed files with 99 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@ -1 +1 @@
v3.1.5 v3.1.6

21
controllers/publics/Account.php
View File

@ -204,4 +204,25 @@ namespace controllers\publics;
return $this->redirect(\descartes\Router::url('Connect', 'login')); return $this->redirect(\descartes\Router::url('Connect', 'login'));
} }
/**
* Allow to stop impersonating a user
* @param mixed $csrf
*/
public function stop_impersonate()
{
$old_session = $_SESSION['old_session'] ?? false;
if (!$old_session)
{
\FlashMessage\FlashMessage::push('danger', 'Impossible de récupérer l\'identité originale, vous avez été deconnecté à la place.');
return $this->redirect(\descartes\Router::url('Connect', 'logout'));
}
$user_email = $_SESSION['user']['email'];
$_SESSION = $old_session;
\FlashMessage\FlashMessage::push('success', 'Vous n\'incarnez plus l\'utilisateur ' . $user_email . '.');
return $this->redirect(\descartes\Router::url('Dashboard', 'show'));
}
} }

1
controllers/publics/Connect.php
View File

@ -164,4 +164,5 @@ namespace controllers\publics;
return $this->redirect(\descartes\Router::url('Connect', 'login')); return $this->redirect(\descartes\Router::url('Connect', 'login'));
} }
} }

66
controllers/publics/User.php
View File

@ -18,6 +18,7 @@ class User extends \descartes\Controller
{ {
private $internal_user; private $internal_user;
private $internal_quota; private $internal_quota;
private $internal_setting;
/** /**
* Cette fonction est appelée avant toute les autres : * Cette fonction est appelée avant toute les autres :
@ -30,6 +31,7 @@ class User extends \descartes\Controller
$bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD); $bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD);
$this->internal_user = new \controllers\internals\User($bdd); $this->internal_user = new \controllers\internals\User($bdd);
$this->internal_quota = new \controllers\internals\Quota($bdd); $this->internal_quota = new \controllers\internals\Quota($bdd);
$this->internal_setting = new \controllers\internals\Setting($bdd);
\controllers\internals\Tool::verifyconnect(); \controllers\internals\Tool::verifyconnect();
@ -407,4 +409,68 @@ class User extends \descartes\Controller
return $this->redirect(\descartes\Router::url('User', 'list')); return $this->redirect(\descartes\Router::url('User', 'list'));
} }
/**
* Allow an admin to impersonate a user
* @param mixed $csrf
* @param array int $_GET['user_ids'] : Ids of users to impersonate, the array should actually contain one id only, we keep use of array for simpler compatibility in UI
*/
public function impersonate ($csrf)
{
if (!$this->verify_csrf($csrf))
{
\FlashMessage\FlashMessage::push('danger', 'Jeton CSRF invalid !');
return $this->redirect(\descartes\Router::url('User', 'list'));
}
if (count($_GET['user_ids']) != 1)
{
\FlashMessage\FlashMessage::push('danger', 'Vous devez séléctionner un et un seul utilisateur à incarner !');
return $this->redirect(\descartes\Router::url('User', 'list'));
}
$id_user = (int) $_GET['user_ids'][0];
//Check if this user exists
$user = $this->internal_user->get($id_user);
if (!$user)
{
\FlashMessage\FlashMessage::push('danger', 'Cet utilisateur n\'existe pas !');
return $this->redirect(\descartes\Router::url('User', 'list'));
}
$settings = $this->internal_setting->gets_for_user($id_user);
if (!$settings)
{
\FlashMessage\FlashMessage::push('danger', 'Impossible de charger les settings de cet utilisateur !');
return $this->redirect(\descartes\Router::url('User', 'list'));
}
if (\models\User::STATUS_ACTIVE !== $user['status'])
{
\FlashMessage\FlashMessage::push('danger', 'Impossible d\'incarner cet utilisateur car il est actuellement suspendu');
return $this->redirect(\descartes\Router::url('User', 'list'));
}
$user['settings'] = $settings;
//Save old session to get it back later
$old_session = $_SESSION;
$_SESSION = [
'old_session' => $old_session,
'impersonate' => true,
'connect' => true,
'user' => $user,
];
\FlashMessage\FlashMessage::push('success', 'Vous incarnez désormais l\'utilisateur ' . $user['email'] . '.');
return $this->redirect(\descartes\Router::url('Dashboard', 'show'));
}
} }

2
routes.php
View File

@ -21,6 +21,7 @@
'update_api_key' => '/account/update_api_key/{csrf}/', 'update_api_key' => '/account/update_api_key/{csrf}/',
'delete' => '/account/delete/{csrf}/', 'delete' => '/account/delete/{csrf}/',
'logout' => '/logout/', 'logout' => '/logout/',
'stop_impersonate' => '/stop_impersonate/{csrf}/',
], ],
'Command' => [ 'Command' => [
@ -148,6 +149,7 @@
'edit' => '/user/edit/', 'edit' => '/user/edit/',
'update' => '/user/update/{csrf}/', 'update' => '/user/update/{csrf}/',
'update_status' => '/user/delete/{status}/{csrf}/', 'update_status' => '/user/delete/{status}/{csrf}/',
'impersonate' => '/user/impersonate/{csrf}/',
], ],
'Phone' => [ 'Phone' => [

6
templates/incs/nav.php
View File

@ -21,7 +21,13 @@
</li> </li>
<li class="divider"></li> <li class="divider"></li>
<li> <li>
<?php if ($_SESSION['impersonate'] ?? false) { ?>
<li <?php echo $page == 'users' ? 'class="active"' : ''; ?>>
<a href="<?php echo \descartes\Router::url('Account', 'stop_impersonate', ['csrf' => $_SESSION['csrf']]); ?>"><i class="fa fa-fw fa-sign-out"></i> Ne plus incarner</a>
</li>
<?php } else { ?>
<a href="<?php echo \descartes\Router::url('Account', 'logout'); ?>"><i class="fa fa-fw fa-power-off"></i> Déconnexion</a> <a href="<?php echo \descartes\Router::url('Account', 'logout'); ?>"><i class="fa fa-fw fa-power-off"></i> Déconnexion</a>
<?php } ?>
</li> </li>
</ul> </ul>
</li> </li>

1
templates/user/list.php
View File

@ -58,6 +58,7 @@
<strong>Action pour la séléction :</strong> <strong>Action pour la séléction :</strong>
<button class="btn btn-default" type="submit" formaction="<?php echo \descartes\Router::url('User', 'update_status', ['csrf' => $_SESSION['csrf'], 'status' => 0]); ?>"><span class="fa fa-pause"></span> Suspendre</button> <button class="btn btn-default" type="submit" formaction="<?php echo \descartes\Router::url('User', 'update_status', ['csrf' => $_SESSION['csrf'], 'status' => 0]); ?>"><span class="fa fa-pause"></span> Suspendre</button>
<button class="btn btn-default" type="submit" formaction="<?php echo \descartes\Router::url('User', 'update_status', ['csrf' => $_SESSION['csrf'], 'status' => 1]); ?>"><span class="fa fa-play"></span> Activer</button> <button class="btn btn-default" type="submit" formaction="<?php echo \descartes\Router::url('User', 'update_status', ['csrf' => $_SESSION['csrf'], 'status' => 1]); ?>"><span class="fa fa-play"></span> Activer</button>
<button class="btn btn-default" type="submit" formaction="<?php echo \descartes\Router::url('User', 'impersonate', ['csrf' => $_SESSION['csrf']]); ?>"><span class="fa fa-child"></span> Incarner</button>
<button class="btn btn-default" type="submit" formaction="<?php echo \descartes\Router::url('User', 'edit'); ?>"><span class="fa fa-edit"></span> Modifier</button> <button class="btn btn-default" type="submit" formaction="<?php echo \descartes\Router::url('User', 'edit'); ?>"><span class="fa fa-edit"></span> Modifier</button>
<button class="btn btn-default btn-confirm" type="submit" formaction="<?php echo \descartes\Router::url('User', 'delete', ['csrf' => $_SESSION['csrf']]); ?>"><span class="fa fa-trash-o"></span> Supprimer</button> <button class="btn btn-default btn-confirm" type="submit" formaction="<?php echo \descartes\Router::url('User', 'delete', ['csrf' => $_SESSION['csrf']]); ?>"><span class="fa fa-trash-o"></span> Supprimer</button>
</div> </div>