gitmedia/presseportale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
presseportale/app/Actions/Admin/UserImpersonation.php
Kevin Adametz 5b8bdf4182
Some checks are pending
linter / quality (push) Waiting to run
Details
tests / ci (push) Waiting to run
Details
12-05-2026 Frontend dev
2026-05-12 18:32:33 +02:00

93 lines
2.2 KiB
PHP
Raw Permalink Blame History

<?php
namespace App\Actions\Admin;
use App\Models\User;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Support\Facades\Auth;
class UserImpersonation
{
public const SessionKey = 'impersonate_from';
public function canInitiate(User $user): bool
{
return $user->is_super_admin || $user->can('users:manage');
}
public function canStart(User $admin, User $target): bool
{
return $this->canInitiate($admin)
&& ! $admin->is($target)
&& ! $this->isActive()
&& $this->canBeImpersonated($target);
}
public function canBeImpersonated(User $target): bool
{
return $target->canAccessCustomer();
}
/**
* @throws AuthorizationException
*/
public function start(User $admin, User $target): void
{
if (! $this->canInitiate($admin)) {
throw new AuthorizationException(__('Du darfst keine Benutzer-Impersonation starten.'));
}
if ($admin->is($target)) {
return;
}
if ($this->isActive()) {
throw new AuthorizationException(__('Verschachtelte Benutzer-Impersonation ist nicht erlaubt.'));
}
if (! $this->canBeImpersonated($target)) {
throw new AuthorizationException(__('Dieser Benutzer kann nicht im Panel angemeldet werden.'));
}
session([self::SessionKey => $admin->getKey()]);
Auth::login($target);
}
public function stop(): ?User
{
$adminUserId = session(self::SessionKey);
session()->forget(self::SessionKey);
if (! is_numeric($adminUserId)) {
return null;
}
$admin = User::query()->find((int) $adminUserId);
if (! $admin?->canAccessAdmin()) {
return null;
}
Auth::login($admin);
return $admin;
}
public function isActive(): bool
{
return session()->has(self::SessionKey);
}
public function impersonator(): ?User
{
$adminUserId = session(self::SessionKey);
if (! is_numeric($adminUserId)) {
return null;
}
return User::query()->find((int) $adminUserId);
}
}
Reference in a new issue View git blame Copy permalink