Re: [Catalyst] superuser switch-user session function?
On 07/08/2010 01:27 PM, w...@serensoft.com wrote: Hmm: Become-user? Is there a clean way to provide a means for sys-admins to become user to track down issues? It's much easier to diagnose when seeing what the user's seeing directly, when we look at it through our own eyes -- as opposed to relying on vague user-style descriptions (unrecognized date format vs doesn't work). use Catalyst qw/ ConfigLoader Static::Simple Session Session::Store::DBIC Session::State::Cookie Authentication Authentication::Credential::Password Authorization::Roles Authorization::ACL /; I just have the user log in and then admins can go to a page and steal the session cookie (storing it to browser) from any user from the db. I'm in a controlled env. with no danger from it, though =) -Sir ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] superuser switch-user session function?
Hmm: Become-user? Is there a clean way to provide a means for sys-admins to become user to track down issues? It's much easier to diagnose when seeing what the user's seeing directly, when we look at it through our own eyes -- as opposed to relying on vague user-style descriptions (unrecognized date format vs doesn't work). use Catalyst qw/ ConfigLoader Static::Simple Session Session::Store::DBIC Session::State::Cookie Authentication Authentication::Credential::Password Authorization::Roles Authorization::ACL /; -- will trillich I think it would be worse to expect nothing than to be disappointed. -- Anne (with an 'e') Shirley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] superuser switch-user session function?
w...@serensoft.com wrote on 07/08/2010 12:27 PM:
Hmm: Become-user?
Is there a clean way to provide a means for sys-admins to become user
to track down issues? It's much easier to diagnose when seeing what the
user's seeing directly, when we look at it through our own eyes -- as
opposed to relying on vague user-style descriptions (unrecognized date
format vs doesn't work).
I have implemented this feature in my app. I don't know how clean it
is, but my controller looked something like this:
package MyApp::Controller::Admin::Sudo;
use strict;
use warnings;
use Carp;
use Data::Dump qw( dump );
use base qw( Catalyst::Controller );
sub switch_user : Local {
my ( $self, $c ) = @_;
my $newusername = $c-req-params-{username};
if ( !$newusername ) {
$c-error404;
return;
}
if ( uc( $c-req-method ) ne 'POST' ) {
$c-error404;
return;
}
if ( exists $c-session-{sudo_switched_from} ) {
$c-error( already switched user from
. $c-session-{sudo_switched_from} );
$c-stash( error_msg =
'You must restore your original user first.' );
return;
}
my $oldusername = $c-user-id;
$c-log-info(user $oldusername sudo to user $newusername);
my $model = $c-model('Account');
my $groups = $model-get_groups_for( $newusername );
# logout as current user
$auth-logout($c);
# login as newuser
$auth-login( $c, $newusername, $groups );
$c-session-{sudo_switched_from} = $oldusername;
# redirect to user home page
$c-res-redirect( $c-uri_for('/my') );
}
sub restore_original_user : Local {
my ( $self, $c ) = @_;
my $orig_user = $c-session-{sudo_switched_from};
if ( !$orig_user ) {
$c-error404;
return;
}
my $current_user = $c-user-id;
my $model = $c-model('Account');
my $groups = $model-get_groups_for( $orig_user );
# logout as current user
$auth-logout($c);
# login as original user
$auth-login( $c, $orig_user, $groups );
# redirect to myMSI
$c-res-redirect( $c-uri_for('/my') );
}
--
Peter Karman . http://peknet.com/ . pe...@peknet.com
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
