Refactor impersonation functionality and handle error messages

2024-01-11 22:52:30 +01:00 · 2024-01-11 22:52:30 +01:00 · 898c59104f
parent c91a592431
commit 898c59104f
4 changed files with 36 additions and 7 deletions
--- a/backend/app/Http/Controllers/AuthController.php
+++ b/backend/app/Http/Controllers/AuthController.php
@ -104,7 +104,7 @@ class AuthController extends Controller
        ];
    }

-    public function impersonate(Request $request, $user)
+    public function impersonate(Request $request, User $user)
    {
        $authUser = User::find($request->user()->id);
        if(!$authUser->canImpersonate()) {
@ -113,6 +113,20 @@ class AuthController extends Controller
            ], 401);
        }

+        //Check if can be impersonated
+        if(!$user->canBeImpersonated()) {
+            return response()->json([
+                'message' => 'Unauthorized'
+            ], 401);
+        }
+
+        //Check if currently impersonating
+        if(app('impersonate')->isImpersonating()) {
+            return response()->json([
+                'message' => 'Unauthorized'
+            ], 401);
+        }
+
        if(
            method_exists($request->user(), 'currentAccessToken') &&
            method_exists($request->user()->currentAccessToken(), 'delete')
@ -124,11 +138,10 @@ class AuthController extends Controller
            $request->session()->regenerateToken();
        }

-        $impersonatedUser = User::find($user);
-        $request->user()->impersonate($impersonatedUser);
-        $token = $impersonatedUser->createToken('auth_token')->plainTextToken;
+        $request->user()->impersonate($user);
+        $token = $user->createToken('auth_token')->plainTextToken;

-        Logger::log("Impersonato utente", $impersonatedUser, $authUser);
+        Logger::log("Impersonato utente", $user, $authUser);

        return response()->json([
            'access_token' => $token,
--- a/frontend/src/app/_components/table/table.component.ts
+++ b/frontend/src/app/_components/table/table.component.ts
@ -210,6 +210,14 @@ export class TableComponent implements OnInit, OnDestroy {
      this.auth.impersonate(user).then(() => {
        this.loadTableData();
        this.userImpersonate.emit(1);
+      }).catch((errMessage: any) => {
+        console.error(errMessage);
+        Swal.fire({
+          title: this.translate.instant("error_title"),
+          text: errMessage,
+          icon: 'error',
+          confirmButtonText: 'Ok'
+        });
      });
    }
  }
--- a/frontend/src/app/_routes/admin/info/admin-info.component.ts
+++ b/frontend/src/app/_routes/admin/info/admin-info.component.ts
@ -46,6 +46,14 @@ export class AdminInfoComponent implements OnInit {
      this.router.navigate(['/list']);
      this.auth.impersonate(user).then(() => {
        console.log(user);
+      }).catch((errMessage: any) => {
+        console.error(errMessage);
+        Swal.fire({
+          title: this.translateService.instant("error_title"),
+          text: errMessage,
+          icon: 'error',
+          confirmButtonText: 'Ok'
+        });
      });
    }
  }
--- a/frontend/src/app/_services/auth.service.ts
+++ b/frontend/src/app/_services/auth.service.ts
@ -128,7 +128,7 @@ export class AuthService {
        })
    }

-    public impersonate(user_id: number): Promise<void> {
+    public impersonate(user_id: number): Promise<void|string> {
        return new Promise((resolve, reject) => {
            this.api.post(`impersonate/${user_id}`).then((data) => {
                this.authToken.updateToken(data.access_token);
@ -142,7 +142,7 @@ export class AuthService {
                });
            }).catch((err) => {
                console.error(err);
-                reject();
+                reject(err.error.message);
            });
        });
    }