Download as
Browse Code »

Commit 4fdce824ea3f74db7a751d2de1b6cd97868eabeb

Authored by Braulio Bhavamitra
1 parent 0cf297a8
Exists in ratings_minor_fixes and in 3 other branches fix_sign_up_form, organization_ratings_improvements, profile_api_improvements

Option for admins to login as a different user

Showing 4 changed files with 55 additions and 8 deletions   Show diff stats
app/concerns/authenticated_system.rb
  Diff comments   View file @4fdce82
... ... @@ -2,15 +2,18 @@ module AuthenticatedSystem
2 2  
3 3 protected
4 4  
5   - def self.included base
6   - if base < ActionController::Base
7   - base.around_filter :user_set_current
8   - base.before_filter :login_from_cookie
  5 + extend ActiveSupport::Concern
  6 +
  7 + included do
  8 + if self < ActionController::Base
  9 + around_filter :user_set_current
  10 + before_filter :override_user
  11 + before_filter :login_from_cookie
9 12 end
10 13  
11 14 # Inclusion hook to make #current_user and #logged_in?
12 15 # available as ActionView helper methods.
13   - base.helper_method :current_user, :logged_in?
  16 + helper_method :current_user, :logged_in?
14 17 end
15 18  
16 19 # Returns true or false if the user is logged in.
... ... @@ -20,10 +23,9 @@ module AuthenticatedSystem
20 23 end
21 24  
22 25 # Accesses the current user from the session.
23   - def current_user
  26 + def current_user user_id = session[:user]
24 27 @current_user ||= begin
25   - id = session[:user]
26   - user = User.where(id: id).first if id
  28 + user = User.find_by id: user_id if user_id
27 29 user.session = session if user
28 30 User.current = user
29 31 user
... ... @@ -141,6 +143,13 @@ module AuthenticatedSystem
141 143 end
142 144 end
143 145  
  146 + def override_user
  147 + return if params[:override_user].blank?
  148 + return unless logged_in? and user.is_admin? environment
  149 + @current_user = nil
  150 + current_user params[:override_user]
  151 + end
  152 +
144 153 # When called with before_filter :login_from_cookie will check for an :auth_token
145 154 # cookie and log the user back in if apropriate
146 155 def login_from_cookie
... ...
app/helpers/url_helper.rb
  Diff comments   View file @4fdce82
... ... @@ -4,4 +4,12 @@ module UrlHelper
4 4 'javascript:history.back()'
5 5 end
6 6  
  7 + def default_url_options
  8 + options = {}
  9 +
  10 + options[:override_user] = params[:override_user] if params[:override_user].present?
  11 +
  12 + options
  13 + end
  14 +
7 15 end
... ...
test/functional/application_controller_test.rb
  Diff comments   View file @4fdce82
... ... @@ -506,6 +506,21 @@ class ApplicationControllerTest &lt; ActionController::TestCase
506 506 assert_redirected_to :controller => 'account', :action => 'login'
507 507 end
508 508  
  509 + should 'override user when current is an admin' do
  510 + user = create_user
  511 + other_user = create_user
  512 + environment = Environment.default
  513 + login_as user.login
  514 + @controller.stubs(:environment).returns(environment)
  515 +
  516 + get :index, override_user: other_user.id
  517 + assert_equal user, assigns(:current_user)
  518 +
  519 + environment.add_admin user.person
  520 + get :index, override_user: other_user.id
  521 + assert_equal other_user, assigns(:current_user)
  522 + end
  523 +
509 524 should 'do not allow member not included in whitelist to access an restricted environment' do
510 525 user = create_user
511 526 e = Environment.default
... ...
test/unit/url_helper_test.rb 0 → 100644
  Diff comments   View file @4fdce82
... ... @@ -0,0 +1,15 @@
  1 +require 'test_helper'
  2 +
  3 +class UrlHelperTest < ActionView::TestCase
  4 +
  5 + include UrlHelper
  6 +
  7 + def setup
  8 + end
  9 +
  10 + should 'preserve override_user if present' do
  11 + params[:override_user] = 1
  12 + assert_equal default_url_options[:override_user], params[:override_user]
  13 + end
  14 +
  15 +end
... ...