Skip to content

Commit

Permalink
Wip impersonation
Browse files Browse the repository at this point in the history
  • Loading branch information
Sigve Røkenes committed Sep 15, 2023
1 parent 276d06c commit 90beb06
Show file tree
Hide file tree
Showing 7 changed files with 60 additions and 8 deletions.
20 changes: 18 additions & 2 deletions backend/root/custom_classes/middlewares.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

from django.http import HttpRequest, HttpResponse



LOG = logging.getLogger(__name__)

# This token can be imported anywhere to retrieve the values.
Expand Down Expand Up @@ -49,5 +51,19 @@ def __init__(self, get_response) -> None: # type: ignore # noqa: ANN001 # Uknow
self.get_response = get_response

def __call__(self, request: HttpRequest) -> HttpResponse:
print("YEEEET DUDE")
return self.get_response(request)

try:
impersonate = request.get_signed_cookie('impersonated_user_id', default=None)
if impersonate is not None:
from samfundet.models import User
request.user = User.objects.get(id=int(impersonate))
print("EYOO DUDE YOURE NOT YOURSELF")
except:
pass

response = self.get_response(request)

if hasattr(response, 'requested_impersonate_user'):
response.set_signed_cookie('impersonated_user_id', request.user.id)

return response
3 changes: 2 additions & 1 deletion backend/root/utils/routes.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
DO NOT WRITE IN THIS FILE, AS IT WILL BE OVERWRITTEN ON NEXT UPDATE.
THIS FILE WAS GENERATED BY: root.management.commands.generate_routes
LAST UPDATE: 2023-08-29 08:57:57.685488+00:00
LAST UPDATE: 2023-09-14 19:45:16.057665+00:00
"""

############################################################
Expand Down Expand Up @@ -424,6 +424,7 @@
samfundet__user = 'samfundet:user'
samfundet__groups = 'samfundet:groups'
samfundet__users = 'samfundet:users'
samfundet__impersonate = 'samfundet:impersonate'
samfundet__eventsperday = 'samfundet:eventsperday'
samfundet__eventsupcomming = 'samfundet:eventsupcomming'
samfundet__isclosed = 'samfundet:isclosed'
Expand Down
1 change: 1 addition & 0 deletions backend/samfundet/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@
path('user/', views.UserView.as_view(), name='user'),
path('groups/', views.AllGroupsView.as_view(), name='groups'),
path('users/', views.AllUsersView.as_view(), name='users'),
path('impersonate/', views.ImpersonateView.as_view(), name='impersonate'),
path('events-per-day/', views.EventPerDayView.as_view(), name='eventsperday'),
path('events-upcomming/', views.EventsUpcomingView.as_view(), name='eventsupcomming'),
path('isclosed/', views.IsClosedView().as_view(), name='isclosed'),
Expand Down
10 changes: 10 additions & 0 deletions backend/samfundet/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -344,6 +344,16 @@ class AllUsersView(ListAPIView):
queryset = User.objects.all()


class ImpersonateView(APIView):
permission_classes = [IsAuthenticated] # TODO authentication check

def post(self, request: Request) -> Response:
user_id = int(request.data.get('user_id')) if hasattr(request, 'user_id') else None
response = Response(status=200)
response.requested_impersonate_user = user_id
return response


class AllGroupsView(ListAPIView):
permission_classes = [IsAuthenticated]
serializer_class = GroupSerializer
Expand Down
23 changes: 20 additions & 3 deletions frontend/src/PagesAdmin/ImpersonateUserAdminPage/ImpersonateUserAdminPage.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { useEffect, useState } from 'react';
import { EventDto, UserDto } from '~/dto';
import { getUser, getUsers } from '~/api';
import { getUser, getUsers, impersonateUser } from '~/api';
import styles from './ImpersonateUserAdminPage.module.scss';
import { Table } from '~/Components/Table';
import secretAgent from '~/assets/memes/secret-service.gif';
Expand All @@ -11,6 +11,7 @@ import bondmusic from '~/assets/memes/jamesbond.mp3';
import { Icon } from '@iconify/react';
import { InputField } from '~/Components';
import { queryDto } from '~/utils';
import { useAuthContext } from '~/AuthContext';

export function ImpersonateUserAdminPage() {
const [query, setQuery] = useState<string>('');
Expand Down Expand Up @@ -39,6 +40,22 @@ export function ImpersonateUserAdminPage() {
return `${user.first_name} ${user.last_name}`;
}

const auth = useAuthContext();
function impersonate(user: UserDto) {
impersonateUser(user)
.then((ok) => {
if (ok) {
getUser()
.then((user) => auth.setUser(user))
.catch(console.error);
alert('nice, middleware is good, TODO proper handling in frontend');
}
})
.catch((err) => {
alert(JSON.stringify(err));
});
}

return (
<>
<div className={styles.root}>
Expand All @@ -55,10 +72,10 @@ export function ImpersonateUserAdminPage() {
<InputField<string> inputClassName={styles.inputClass} placeholder={'Search...'} onChange={setQuery} />
<div className={styles.userList}>
{displayUsers.map((u) => (
<div className={styles.userItem}>
<button className={styles.userItem} onClick={() => impersonate(u)}>
<span>{verboseUserName(u)}</span>
<span className={styles.email}>{u.email}</span>
</div>
</button>
))}
</div>
</div>
Expand Down
6 changes: 6 additions & 0 deletions frontend/src/api.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,12 @@ export async function getUser(): Promise<UserDto> {
return response.data;
}

export async function impersonateUser(user: UserDto): Promise<boolean> {
const url = BACKEND_DOMAIN + ROUTES.backend.samfundet__impersonate;
const response = await axios.post(url, { user_id: user.id }, { withCredentials: true });
return response.status == 200;
}

export async function getUsers(): Promise<UserDto[]> {
const url = BACKEND_DOMAIN + ROUTES.backend.samfundet__users;
const response = await axios.get<UserDto[]>(url, { withCredentials: true });
Expand Down
5 changes: 3 additions & 2 deletions frontend/src/routes/backend.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ THIS FILE IS AUTOGENERATED.
DO NOT WRITE IN THIS FILE, AS IT WILL BE OVERWRITTEN ON NEXT UPDATE.
THIS FILE WAS GENERATED BY: root.management.commands.generate_routes
LAST UPDATE: 2023-08-29 08:57:57.685488+00:00
LAST UPDATE: 2023-09-14 19:45:16.057665+00:00
"""
*/
// ############################################################
Expand Down Expand Up @@ -423,6 +423,7 @@ export const ROUTES_BACKEND = {
samfundet__user: '/user/',
samfundet__groups: '/groups/',
samfundet__users: '/users/',
samfundet__impersonate: '/impersonate/',
samfundet__eventsperday: '/events-per-day/',
samfundet__eventsupcomming: '/events-upcomming/',
samfundet__isclosed: '/isclosed/',
Expand All @@ -432,4 +433,4 @@ export const ROUTES_BACKEND = {
samfundet__active_recruitment_positions: '/active-recruitment-positions/',
static__path: '/static/:path',
media__path: '/media/:path',
} as const;
} as const;

0 comments on commit 90beb06

Please sign in to comment.