[Catalyst] superuser "switch-user" session function?
Peter Karman
peter at peknet.com
Thu Jul 8 18:21:27 GMT 2010
will at serensoft.com wrote on 07/08/2010 12:27 PM:
> Hmm: Become-user?
>
> Is there a clean way to provide a means for sys-admins to "become user"
> to track down issues? It's much easier to diagnose when seeing what the
> user's seeing directly, when we look at it through our own eyes -- as
> opposed to relying on vague user-style descriptions ("unrecognized date
> format" vs "doesn't work").
I have implemented this feature in my app. I don't know how "clean" it
is, but my controller looked something like this:
package MyApp::Controller::Admin::Sudo;
use strict;
use warnings;
use Carp;
use Data::Dump qw( dump );
use base qw( Catalyst::Controller );
sub switch_user : Local {
my ( $self, $c ) = @_;
my $newusername = $c->req->params->{username};
if ( !$newusername ) {
$c->error404;
return;
}
if ( uc( $c->req->method ) ne 'POST' ) {
$c->error404;
return;
}
if ( exists $c->session->{sudo_switched_from} ) {
$c->error( "already switched user from "
. $c->session->{sudo_switched_from} );
$c->stash( error_msg =>
'You must restore your original user first.' );
return;
}
my $oldusername = $c->user->id;
$c->log->info("user $oldusername sudo to user $newusername");
my $model = $c->model('Account');
my $groups = $model->get_groups_for( $newusername );
# logout as current user
$auth->logout($c);
# login as newuser
$auth->login( $c, $newusername, $groups );
$c->session->{sudo_switched_from} = $oldusername;
# redirect to user home page
$c->res->redirect( $c->uri_for('/my') );
}
sub restore_original_user : Local {
my ( $self, $c ) = @_;
my $orig_user = $c->session->{sudo_switched_from};
if ( !$orig_user ) {
$c->error404;
return;
}
my $current_user = $c->user->id;
my $model = $c->model('Account');
my $groups = $model->get_groups_for( $orig_user );
# logout as current user
$auth->logout($c);
# login as original user
$auth->login( $c, $orig_user, $groups );
# redirect to myMSI
$c->res->redirect( $c->uri_for('/my') );
}
--
Peter Karman . http://peknet.com/ . peter at peknet.com
More information about the Catalyst
mailing list