octopyid / larapersonate Goto Github PK

Good day,

How can I show the impersonation function to the admin role only?

Thank you

It seems the middleware should ignore binary files. I'm new to PHP and Laravel, so I simply hacked a try-catch in the modify function and it works for now.

The exception is:

LogicException
The content cannot be set on a BinaryFileResponse instance.

• Impersonate Version: 2.0.8
• Laravel Version: v.8.77.1
• PHP Version: 8.0.13
• Database Driver & Version: Mysql, Ver 14.14 Distrib 5.7.34, for Linux (x86_64)
• Role Manager : spatie/laravel-permission

Description:

Attempt to lazy load roles when canBeImpersonated() function is added.

Steps To Reproduce:

1. On AppServiceProvider, add code below on boot function to prevent lazy loading on all models.

Model::preventLazyLoading(!app()->isProduction());

2. On model User, add code :

public function canBeImpersonated(): bool
  {
    return !$this->hasRole([Role::SUPER_ADMIN]);
  }

Result :

Thanks for providing the package. It's really easy to install.
Can you add some access control, so that only admin can impersonate other users? Sort of like what another package supports: https://github.com/404labfr/laravel-impersonate#defining-impersonation-authorization

We propose the following changes to enhance performance and reduce jQuery dependency:

• Replace jQuery Select2 with tail.select: To eliminate jQuery dependency and improve performance.
• Add Event Listeners: We will add appropriate event listeners after impersonation and when exiting impersonation to perform necessary actions based on the impersonation status change.
• Other Improvements: In addition to the main changes mentioned above, we will address other necessary improvements to enhance stability and security.

We will work diligently to implement these changes and ensure they adhere to the best practices in software development.

• Impersonate Version: 2.0.9
• Laravel Version: 8.80.0
• PHP Version: 8.1
• Database Driver & Version: mysql

Description:

The interface shows the user list and I can change user so that it shows that I am impersonating another person BUT...

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Models\User;
use Illuminate\Support\Facades\Auth;

class CustomReport extends Controller
{
    /**
     * Handle the incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function __invoke(Request $request)
    {
        $user = User::find(Auth::id())->first();
    }
}

$user doesn't change.

I wonder if I am going the wrong way about getting the current user?

Help appreciated, thanks.

PS. this package looks great, thank you, hope I can use it in practise.

The title somehow explains the whole bug, but just in case you want to reproduce it, try:

1. Add soft deletes column to users table.
2. Add a user, and delete it via system so the deleted_at column will be filled.
3. Re-check the account personate component, the soft-deleted user is still exists on the list.

Ho,

Love the package, i was wondering if there is a way to check if a user is being impersonated so then certain features of the application can be disabled, eg: login tracking

I am using the ui that you have built to impersonate user.

Hello,

I tried your package.

The installation was ok => I saw the logo in the bottom right of my page. OK

But when I choose a different user, I return every time to the login page.

Little precision, I use Jetstream.

Do you have an idea of what's wrong on my side please ?

Thank you for your time.

Discussed in #9

foreach (config('impersonate.field.search_keys', []) as $field) {
    $query->orWhere($field, 'LIKE', '%' . $request->get('search') . '%');
}

foreach (config('impersonate.field.search_keys', []) as $field) {
    if (count($relation = explode('.', $field)) > 1) {
        $query->orWhereRelation($relation[0], $relation[1], 'LIKE', '%' . $request->get('search') . '%');
    } else {
        $query->orWhere($field, 'LIKE', '%' . $request->get('search') . '%');
    }
}

'search_keys' => [
    'name', 
    'email',
    'relation.field_name',
],

This library currently has its own impersonation feature with a custom flow and logic in place. However, to harness a richer set of impersonation features and expedite development, I propose the integration of 404labfr/laravel-impersonate into this library.

Reasons:

1. Richer Feature Set: Laravel Impersonate offers robust and comprehensive impersonation features, including session management and most of the required workflow. This will enable us to save time and resources in development.

I am confident that with the integration of Laravel Impersonate, we will gain significant benefits from a more robust impersonation feature while preserving our existing UI.

Hi, before I get to the issue, I want to thank you for this package. Your package save me a lot of time.

The package works great if I used it directly on domain-level, but it broke when the project is in a sub-folder. To clarify my point, here's some diagram:

https://some-domain.com/                <-- This works just fine
https://some-domain.com/root-project    <-- This won't work

After un-minify the JavaScript file, I had to change the t.select2.ajax, t.on('change'), and s.on('click'). If un-minified, these codes are placed on line 33, 61, 64 respectively. Here's the code example I change:

t.select2({
    theme: "impersonate",
    ajax: {
-       url: "/impersonate/users",
+       url: "/root-project/impersonate/users",
        dataType: "JSON",
        method: "GET",
        delay: impersonate.config.delay,
        data: function (e) {
            return { search: e.term };
        },
        processResults: function (e) {
            return {
                results: i().map(e, function (e) {
                    return { id: e.key, text: e.val };
                }),
            };
        },
    },
}),
t.select2("open"),
t.select2("close"),
e.click(function () {
    r.toggleClass("impersonate-border"),
        e.find("img").toggleClass("impersonate-animate"),
        impersonate.active ? e.addClass("impersonate-toggle-active") : e.toggleClass("impersonate-toggle-active"),
        n.toggle("fast", function () {
            n.toggleClass("impersonate-content-toggled");
        }),
        impersonate.active ? (r.addClass("impersonate-wrapper-active"), n.addClass("impersonate-content-active")) : (r.addClass("impersonate-wrapper-non-active"), n.addClass("impersonate-content-non-active"));
}),
t.on("change", function () {
-     o("/impersonate/login", JSON.stringify({ user: this.value }));
+     o("/root-project/impersonate/login", JSON.stringify({ user: this.value }));
}),
s.on("click", function () {
-     o("/impersonate/leave", {});
+     o("/root-project/impersonate/leave", {});
});

I hope that explains the issue and could be fixed soon.
Best regards.

I'm trying to implement this package in a project using Laravel 11 (11.2.0) and Jetstream (5.0.2). I'm not using the UI as I'm initiating the impersonation through an existing CRUD. When trying to impersonate a user as follows:

$current_user->impersonate($impersonated_user);

Where $current_user is the currently logged in super user and $impersonated_user is the impersonation target, I get a Method Illuminate\Auth\RequestGuard::login does not exist exception thrown.

I believe I've followed the installation and configuration instructions correctly, but possibly I'm missing something?

Do you have any suggestions?