diff options
| author | Imre Farkas <ifarkas@gitlab.com> | 2018-11-24 13:39:16 +0100 |
|---|---|---|
| committer | Imre Farkas <ifarkas@gitlab.com> | 2018-11-29 09:37:16 +0100 |
| commit | bd3a4840329160a64c0cac25ed6c1d3b22f5bdb4 (patch) | |
| tree | 66749539b5aa0544c156374de84671f54dcaa080 /app/controllers/admin | |
| parent | c07183f0d3ce24e8cfcb93e71ae950d7067a8ce1 (diff) | |
| download | gitlab-ce-bd3a4840329160a64c0cac25ed6c1d3b22f5bdb4.tar.gz | |
Add config to disable impersonation
Adds gitlab.impersonation_enabled config option defaulting to true to
keep the current default behaviour.
Only the act of impersonation is modified, impersonation token
management is not affected.
Diffstat (limited to 'app/controllers/admin')
| -rw-r--r-- | app/controllers/admin/impersonations_controller.rb | 13 | ||||
| -rw-r--r-- | app/controllers/admin/users_controller.rb | 5 |
2 files changed, 6 insertions, 12 deletions
diff --git a/app/controllers/admin/impersonations_controller.rb b/app/controllers/admin/impersonations_controller.rb index 08d7e3b4fa2..65fe22bd8f4 100644 --- a/app/controllers/admin/impersonations_controller.rb +++ b/app/controllers/admin/impersonations_controller.rb @@ -5,23 +5,12 @@ class Admin::ImpersonationsController < Admin::ApplicationController before_action :authenticate_impersonator! def destroy - original_user = current_user - - warden.set_user(impersonator, scope: :user) - - Gitlab::AppLogger.info("User #{impersonator.username} has stopped impersonating #{original_user.username}") - - session[:impersonator_id] = nil - + original_user = stop_impersonation redirect_to admin_user_path(original_user), status: :found end private - def impersonator - @impersonator ||= User.find(session[:impersonator_id]) if session[:impersonator_id] - end - def authenticate_impersonator! render_404 unless impersonator && impersonator.admin? && !impersonator.blocked? end diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index b783c0e2a6f..e93be1c1ba2 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -2,6 +2,7 @@ class Admin::UsersController < Admin::ApplicationController before_action :user, except: [:index, :new, :create] + before_action :check_impersonation_availability, only: :impersonate def index @users = User.order_name_asc.filter(params[:filter]) @@ -227,4 +228,8 @@ class Admin::UsersController < Admin::ApplicationController result[:status] == :success end + + def check_impersonation_availability + access_denied! unless Gitlab.config.gitlab.impersonation_enabled + end end |