rnsrk/wisski-cloud-distillery
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

admin: Allow impersonation and deactivation

Browse source
This commit is contained in:
Tom Wiesing 2023-01-17 12:25:23 +01:00
parent 2384ee0841
commit 7d0fb60d67
No known key found for this signature in database
6 changed files with 74 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
internal/dis/component/control/admin/admin.go
View file

@ -109,6 +109,8 @@ func (admin *Admin) HandleRoute(ctx context.Context, route string) (handler http
router.Handler(http.MethodPost, route+"users/disabletotp", admin.usersDisableTOTPHandler(ctx))
router.Handler(http.MethodPost, route+"users/password", admin.usersPasswordHandler(ctx))
router.Handler(http.MethodPost, route+"users/toggleadmin", admin.usersToggleAdmin(ctx))
router.Handler(http.MethodPost, route+"users/impersonate", admin.usersImpersonateHandler(ctx))
router.Handler(http.MethodPost, route+"users/unsetpassword", admin.usersUnsetPasswordHandler(ctx))
// add a handler for the component page
router.Handler(http.MethodGet, route+"components", httpx.HTMLHandler[componentContext]{

19
internal/dis/component/control/admin/html/users.html
View file

@ -25,6 +25,9 @@
<th>
Enabled
</th>
<th>
Has Password
</th>
<th>
Admin
</th>
@ -44,8 +47,10 @@
{{ .User.User }}
</td>
<td>
{{ .User.IsEnabled }}
{{ .User.IsEnabled }}
</td>
<td>
{{ .User.HasPassword }}
</td>
<td>
{{ .User.IsAdmin }}
@ -66,6 +71,11 @@
<input type="submit" class="pure-button" value="Update Password">
{{ $csrf }}
</form>
<form action="/admin/users/unsetpassword" method="POST" class="pure-form-group">
<input type="hidden" name="user" value="{{ .User.User }}">
<input type="submit" class="pure-button" value="Unset Password">
{{ $csrf }}
</form>
<form action="/admin/users/disable" method="POST" class="pure-form-group">
<input type="hidden" name="user" value="{{ .User.User }}">
<input type="submit" class="pure-button" {{ if (not .User.IsEnabled) }}disabled{{ end }} value="Disable">
@ -81,6 +91,11 @@
<input type="submit" class="pure-button pure-button-danger" value="Delete">
{{ $csrf }}
</form>
<form action="/admin/users/impersonate" method="POST" class="pure-form-group">
<input type="hidden" name="user" value="{{ .User.User }}">
<input type="submit" class="pure-button" {{ if (not .User.IsEnabled) }}disabled{{ end }} value="Impersonate">
{{ $csrf }}
</form>
</div>
</td>
</tr>

37
internal/dis/component/control/admin/users.go
View file

@ -219,3 +219,40 @@ func (admin *Admin) usersPasswordHandler(ctx context.Context) http.Handler {
return user.SetPassword(r.Context(), []byte(password))
})
}
func (admin *Admin) usersUnsetPasswordHandler(ctx context.Context) http.Handler {
return admin.useraction(ctx, "unset password", func(r *http.Request, user *auth.AuthUser) error {
user.PasswordHash = nil
return user.Save(r.Context())
})
}
func (admin *Admin) usersImpersonateHandler(ctx context.Context) http.Handler {
logger := zerolog.Ctx(ctx)
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if err := r.ParseForm(); err != nil {
logger.Err(err).Str("action", "impersonate").Msg("failed to parse form")
httpx.HTMLInterceptor.Fallback.ServeHTTP(w, r)
return
}
username := r.PostFormValue("user")
user, err := admin.Dependencies.Auth.User(r.Context(), username)
if err != nil {
logger.Err(err).Str("action", "impersonate").Msg("failed to get user")
httpx.HTMLInterceptor.Fallback.ServeHTTP(w, r)
return
}
// login the user into the session of the provided user
if err := admin.Dependencies.Auth.Login(w, r, user); err != nil {
logger.Err(err).Str("action", "impersonate").Msg("failed to login user")
httpx.HTMLInterceptor.Fallback.ServeHTTP(w, r)
return
}
// and go there
http.Redirect(w, r, "/user/", http.StatusSeeOther)
})
}