Added moderator impersonation

2024-01-19 14:27:04 +01:00
parent a651c60808
commit 42c65ae06f
12 changed files with 179 additions and 7 deletions
--- a/app/Http/Controllers/Admin/ImpersonationController.php
+++ b/app/Http/Controllers/Admin/ImpersonationController.php
@@ -12,7 +12,7 @@ class ImpersonationController extends Controller
 {
    public function __construct()
    {
-        $this->middleware('admin');
+        $this->middleware('moderator');
    }

    public function impersonate($identifier) {
@@ -29,12 +29,33 @@ class ImpersonationController extends Controller
            }
        }

-        if (!$user) return $this->error([
-            'message'=> 'User not found.'
+        if (!$user) {
+            return $this->error([
+                'message'=> 'User not found.'
+            ]);
+        } else if ($user->admin) {
+            return $this->error([
+                'message' => 'You cannot impersonate an admin.',
+            ]);
+        }
+
+
+        \Log::warning('Impersonation started',[
+            'from_id' => auth()->id(),
+            'from_email' => auth()->user()->email,
+            'target_id' => $user->id,
+            'target_email' => $user->id,
        ]);

        // Be this user
-        $token = auth()->login($user);
+        if (auth()->user()->moderator) {
+            $token = auth()->claims([
+                'impersonating' => true,
+                'impersonator_id' => auth()->id(),
+            ])->login($user);
+        } else {
+            $token = auth()->login($user);
+        }
        return $this->success([
            'token' => $token
        ]);