laravel-impersonate icon indicating copy to clipboard operation
laravel-impersonate copied to clipboard
verified publisher icon 404labfr

Would be nice to add an @isImposter blade directive

Open BigBlockStudios opened this issue 2 years ago • 5 comments

Would be nice to add an @isImposter() blade directive - checking a session variable for someone impersonating ATM.

BigBlockStudios avatar Apr 20 '23 00:04 BigBlockStudios

To clarify: Are you asking for a way to check whether another user is logged-in via impersonation?

This package currently only exposes that the current user is logged-in via impersonation. It does that by checking the current user's session for the impersonation keys being present.

But there's nothing in this package that allows reaching into another user's session to track whether that person is being impersonated. Something would have to be stored in the database to know that state, and of course to reset it when the person logs out (and also to figure out when that user's session expires even if they didn't click logout). You could do that yourself by listening for the TakeImpersonation and LeaveImpersonation events in your own app, and store/reset something about those users in your own app's database to track it.

drbyte avatar Apr 20 '23 02:04 drbyte

Sorry, no I meant just to check if the current user is currently an imposter - as you said, you can find out by checking a session variable. so super tiny problem. maybe it just feels more consistent to me.,

BigBlockStudios avatar Apr 20 '23 15:04 BigBlockStudios

Sorry, no I meant just to check if the current user is currently an imposter - as you said, you can find out by checking a session variable. so super tiny problem. maybe it just feels more consistent to me.,

You can use @impersonating for that: https://github.com/404labfr/laravel-impersonate#when-the-user-is-impersonated

drbyte avatar Apr 21 '23 03:04 drbyte

I think @BigBlockStudios meant when we have a @canImpersonate and @impersonating at the same time, with what we have now, both the Impersonate Person and Leave Impersonation buttons are visible cause they both return true.

As a solution, I've did something like this

@impersonating($guard = null)
    <a class="dropdown-item" href="{{ route('impersonate.leave') }}">
          <i class="dropdown-icon fe fe-user"></i> Leave Impersonation
    </a>
@else
    @canImpersonate($guard = null)
          <a class="dropdown-item" href="{{ route('impersonate', $user->id) }}">
             <i class="dropdown-icon fe fe-user"></i> Impersonate Partner User
          </a>
    @endCanImpersonate 
@endImpersonating

simplyphp-moe avatar May 04 '23 15:05 simplyphp-moe

I've done it similarly:

//User.php model
    /**
     * Return true or false whether the user can be impersonated.
     * Here we deny impersonation of oneself as that would be pointless.
     */
    public function canBeImpersonated(): bool
    {
        return $this->id != Auth::id();
    }

                        @canImpersonate
                          @canBeImpersonated($user)
                        <div class="btn-group float-right d-print-none" role="group" aria-label="Impersonate">
                            <a href="{{ route('impersonate', $user->id) }}"><button type="button" class="btn btn-success text-center"><i class="fa fa-user-circle fa-lg" title="Impersonate this user"></i></button></a>&nbsp;
                        </div>
                          @endCanBeImpersonated
                        @endCanImpersonate

drbyte avatar May 06 '23 02:05 drbyte