diff --git a/cp/app/Controllers/RegistrarsController.php b/cp/app/Controllers/RegistrarsController.php
index ea5c184..538d6be 100644
--- a/cp/app/Controllers/RegistrarsController.php
+++ b/cp/app/Controllers/RegistrarsController.php
@@ -1543,7 +1543,7 @@ class RegistrarsController extends Controller
FROM registrar r
JOIN registrar_users ru ON ru.registrar_id = r.id
JOIN users u ON u.id = ru.user_id
- WHERE r.clid = ? AND u.roles_mask = 4
+ WHERE r.clid = ? AND u.roles_mask = 4 AND u.status = 0
ORDER BY ru.user_id ASC
', [ $args ]);
diff --git a/cp/app/Controllers/UsersController.php b/cp/app/Controllers/UsersController.php
index f938607..9d5b594 100644
--- a/cp/app/Controllers/UsersController.php
+++ b/cp/app/Controllers/UsersController.php
@@ -7,6 +7,7 @@ use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Container\ContainerInterface;
use Respect\Validation\Validator as v;
+use App\Auth\Auth;
class UsersController extends Controller
{
@@ -416,5 +417,41 @@ class UsersController extends Controller
return $response->withHeader('Location', '/user/update/'.$username)->withStatus(302);
}
}
-
+
+ public function impersonateUser(Request $request, Response $response, $args)
+ {
+ if ($_SESSION["auth_roles"] != 0) {
+ return $response->withHeader('Location', '/dashboard')->withStatus(302);
+ }
+
+ $db = $this->container->get('db');
+
+ if ($args) {
+ $args = trim($args);
+
+ if (!preg_match('/^[a-z0-9_-]+$/', $args)) {
+ $this->container->get('flash')->addMessage('error', 'Invalid user name');
+ return $response->withHeader('Location', '/users')->withStatus(302);
+ }
+
+ $user_id = $db->selectValue('
+ SELECT ru.user_id
+ FROM registrar r
+ JOIN registrar_users ru ON ru.registrar_id = r.id
+ JOIN users u ON u.id = ru.user_id
+ WHERE u.username = ? AND u.status = 0
+ ', [ $args ]);
+
+ if (!$user_id) {
+ $this->container->get('flash')->addMessage('error', 'The specified user does not exist or is no longer active');
+ return $response->withHeader('Location', '/users')->withStatus(302);
+ }
+
+ Auth::impersonateUser($user_id);
+ } else {
+ // Redirect to the users view
+ return $response->withHeader('Location', '/users')->withStatus(302);
+ }
+ }
+
}
\ No newline at end of file
diff --git a/cp/resources/views/admin/users/updateUser.twig b/cp/resources/views/admin/users/updateUser.twig
index 82d46f9..90fa1d1 100644
--- a/cp/resources/views/admin/users/updateUser.twig
+++ b/cp/resources/views/admin/users/updateUser.twig
@@ -172,29 +172,6 @@
{% include 'partials/footer.twig' %}
-
{% endblock %}
\ No newline at end of file
diff --git a/cp/resources/views/partials/js-registrars.twig b/cp/resources/views/partials/js-registrars.twig
index 6fab337..5e6b1ea 100644
--- a/cp/resources/views/partials/js-registrars.twig
+++ b/cp/resources/views/partials/js-registrars.twig
@@ -14,7 +14,7 @@
function actionsFormatter(cell, formatterParams, onRendered) {
return `
-
+
`;
}
diff --git a/cp/resources/views/partials/js-users.twig b/cp/resources/views/partials/js-users.twig
index 410a0f1..c75737e 100644
--- a/cp/resources/views/partials/js-users.twig
+++ b/cp/resources/views/partials/js-users.twig
@@ -14,7 +14,7 @@
function actionsFormatter(cell, formatterParams, onRendered) {
return `
-
+
`;
}
diff --git a/cp/routes/web.php b/cp/routes/web.php
index 60a0900..c2e2d1f 100644
--- a/cp/routes/web.php
+++ b/cp/routes/web.php
@@ -110,6 +110,7 @@ $app->group('', function ($route) {
$route->map(['GET', 'POST'], '/user/create', UsersController::class . ':createUser')->setName('createUser');
$route->get('/user/update/{user}', UsersController::class . ':updateUser')->setName('updateUser');
$route->post('/user/update', UsersController::class . ':updateUserProcess')->setName('updateUserProcess');
+ $route->get('/user/impersonate/{user}', UsersController::class . ':impersonateUser')->setName('impersonateUser');
$route->get('/epphistory', LogsController::class .':view')->setName('epphistory');
$route->get('/poll', LogsController::class .':poll')->setName('poll');