Add impersonation route
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
ef0b394113
commit
fb0fc14f69
1
api.go
1
api.go
@ -47,6 +47,7 @@ func declareAPIRoutes(router *gin.Engine) {
|
||||
_questions_cache_mutex.Unlock()
|
||||
})
|
||||
|
||||
declareAPIAdminAuthRoutes(apiAdminRoutes)
|
||||
declareAPIAdminAsksRoutes(apiAdminRoutes)
|
||||
declareAPIAuthGradesRoutes(apiAdminRoutes)
|
||||
declareAPIAdminHelpRoutes(apiAdminRoutes)
|
||||
|
||||
26
auth.go
26
auth.go
@ -27,6 +27,32 @@ func declareAPIAuthRoutes(router *gin.RouterGroup) {
|
||||
router.POST("/auth/logout", logout)
|
||||
}
|
||||
|
||||
func declareAPIAdminAuthRoutes(router *gin.RouterGroup) {
|
||||
router.POST("/auth/impersonate", func(c *gin.Context) {
|
||||
session := c.MustGet("Session").(*Session)
|
||||
|
||||
var u *User
|
||||
if err := c.ShouldBindJSON(&u); err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
newuser, err := getUser(int(u.Id))
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
session.IdUser = &newuser.Id
|
||||
session.Update()
|
||||
|
||||
c.JSON(http.StatusOK, authToken{
|
||||
User: newuser,
|
||||
CurrentPromo: currentPromo,
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
type authToken struct {
|
||||
*User
|
||||
CurrentPromo uint `json:"current_promo"`
|
||||
|
||||
@ -18,9 +18,25 @@
|
||||
export let uid;
|
||||
|
||||
let allPromos = false;
|
||||
|
||||
let myuser = null;
|
||||
let userP = null;
|
||||
$: userP = getUser(uid).then((u) => myuser = u)
|
||||
|
||||
function impersonate() {
|
||||
fetch('api/auth/impersonate', {
|
||||
method: 'POST',
|
||||
headers: {'Accept': 'application/json'},
|
||||
body: JSON.stringify({"id": myuser.id}),
|
||||
}).then(() => {
|
||||
if (res.status == 200) {
|
||||
user.update(res);
|
||||
}
|
||||
});
|
||||
}
|
||||
</script>
|
||||
|
||||
{#await getUser(uid)}
|
||||
{#await userP}
|
||||
<h2>
|
||||
Étudiant
|
||||
</h2>
|
||||
@ -42,13 +58,22 @@
|
||||
</h2>
|
||||
{#if student.promo}
|
||||
<span class="badge bg-success ms-1">{student.promo}</span>
|
||||
{#if $user && $user.is_admin && $user.current_promo && student.promo != $user.current_promo}
|
||||
{#if $user && $user.is_admin}
|
||||
{#if $user.current_promo && student.promo != $user.current_promo}
|
||||
<button
|
||||
class="btn btn-sm btn-warning mx-1"
|
||||
title="Passer sur la promo en cours"
|
||||
on:click={() => { student.promo = $user.current_promo; student.save(); }}
|
||||
>
|
||||
<i class="bi bi-arrow-up"></i>
|
||||
</button>
|
||||
{/if}
|
||||
<button
|
||||
class="btn btn-sm btn-warning mx-1"
|
||||
title="Passer sur la promo en cours"
|
||||
on:click={() => { student.promo = $user.current_promo; student.save(); }}
|
||||
class="btn btn-sm btn-primary mx-1"
|
||||
title="Impersonate"
|
||||
on:click={impersonate}
|
||||
>
|
||||
<i class="bi bi-arrow-up"></i>
|
||||
<i class="bi bi-person-bounding-box"></i>
|
||||
</button>
|
||||
{/if}
|
||||
{/if}
|
||||
|
||||
Reference in New Issue
Block a user