diff --git a/app/assets/javascripts/app/controllers/users.js.coffee b/app/assets/javascripts/app/controllers/users.js.coffee index 59e26c5f0..a1d8e2d1d 100644 --- a/app/assets/javascripts/app/controllers/users.js.coffee +++ b/app/assets/javascripts/app/controllers/users.js.coffee @@ -23,6 +23,7 @@ class Index extends App.Controller switchTo = (id,e) => e.preventDefault() @disconnectClient() + $('#app').hide().attr('style', 'display: none!important') App.Auth._logout() window.location = App.Config.get('api_path') + '/sessions/switch/' + id diff --git a/app/assets/javascripts/app/controllers/widget/switch_back_to_user.js.coffee b/app/assets/javascripts/app/controllers/widget/switch_back_to_user.js.coffee new file mode 100644 index 000000000..0d6f6af74 --- /dev/null +++ b/app/assets/javascripts/app/controllers/widget/switch_back_to_user.js.coffee @@ -0,0 +1,37 @@ +class Widget extends App.Controller + events: + 'click .close': 'switchBack' + + constructor: -> + super + + # start widget + @bind 'app:ready', => + @render() + + # remove widget + @bind 'auth:logout', => + App.Config.set('switch_back_to_possible', false) + @render() + + render: (user) -> + + # if no switch to user is active + if !App.Config.get('switch_back_to_possible') || _.isEmpty( App.Session.all() ) + @el.html('') + $('#app').removeClass('switch-back-to-user-space') + return + + # show switch back widget + @html App.view('widget/switch_back_to_user')() + $('#app').addClass('switch-back-to-user-space') + + switchBack: (e) => + e.preventDefault() + @disconnectClient() + $('#app').hide().attr('style', 'display: none!important') + App.Auth._logout() + window.location = App.Config.get('api_path') + '/sessions/switch_back' + + +App.Config.set( 'switch_back_to_user', Widget, 'Widgets' ) diff --git a/app/assets/javascripts/app/views/widget/switch_back_to_user.jst.eco b/app/assets/javascripts/app/views/widget/switch_back_to_user.jst.eco new file mode 100644 index 000000000..a451c0ad6 --- /dev/null +++ b/app/assets/javascripts/app/views/widget/switch_back_to_user.jst.eco @@ -0,0 +1,4 @@ +
+ <%- @T('Zammad looks like this for "%s"', @S('firstname') + ' ' + @S('lastname') ) %> + +
\ No newline at end of file diff --git a/app/assets/stylesheets/zzz.css.erb b/app/assets/stylesheets/zzz.css.erb index e3ed93080..01bfac106 100644 --- a/app/assets/stylesheets/zzz.css.erb +++ b/app/assets/stylesheets/zzz.css.erb @@ -1922,7 +1922,7 @@ footer { .sidebar { width: 32%; max-width: 300px; - padding: 20px; + padding: 8px 20px 20px 20px; background: white; border-right: 1px solid #e6e6e6; overflow: auto; @@ -2186,7 +2186,7 @@ footer { .activity-avatar { padding-top: 16px; - padding-left: 14px; + padding-left: 2px; padding-right: 2px; margin-right: 10px; } @@ -2196,7 +2196,7 @@ footer { .activity-body { color: #444a4f; - padding: 16px 26px 16px 2px; + padding: 16px 0 16px 2px; position: relative; } @@ -2219,7 +2219,7 @@ footer { } .activity-message { - padding-right: 20px; + padding-right: 0; } .activity-time { @@ -3114,6 +3114,19 @@ footer { display: block; } +.switch-back-to-user { + position: absolute; + background-color: #389ed9; + color: #fff; + height: 34px; + z-index: 1; + padding: 8px 9px; + top: -34px; +} +.switch-back-to-user-space { + top: 34px; +} + /* ---------------- @@ -3123,7 +3136,7 @@ footer { */ @media only screen and (max-width: 1280px) { - .sidebar-optional.sidebar { + .sidebar.optional { display: none; } } \ No newline at end of file diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1213a3894..d299c9e0a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -246,7 +246,11 @@ class ApplicationController < ActionController::Base config['timezones'][ t.name ] = diff } - return config + if session[:switched_from_user_id] + config['switch_back_to_possible'] = true + end + + config end # model helper diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index c8184be83..20b3e85db 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -5,6 +5,9 @@ class SessionsController < ApplicationController # "Create" a login, aka "log the user in" def create + # in case, remove switched_from_user_id + session[:switched_from_user_id] = nil + # authenticate user user = User.authenticate( params[:username], params[:password] ) @@ -128,6 +131,10 @@ class SessionsController < ApplicationController end def create_omniauth + + # in case, remove switched_from_user_id + session[:switched_from_user_id] = nil + auth = request.env['omniauth.auth'] if !auth @@ -158,6 +165,10 @@ class SessionsController < ApplicationController end def create_sso + + # in case, remove switched_from_user_id + session[:switched_from_user_id] = nil + user = User.sso(params) # Log the authorizing user in. @@ -199,6 +210,9 @@ class SessionsController < ApplicationController return false end + # remember old user + session[:switched_from_user_id] = current_user.id + # log new session user.activity_stream_log( 'switch to', current_user.id, true ) @@ -208,6 +222,36 @@ class SessionsController < ApplicationController redirect_to '/#' end + # "switch" back to user + def switch_back_to_user + + # check if it's a swich back + if !session[:switched_from_user_id] + response_access_deny + return false + end + + user = User.lookup( :id => session[:switched_from_user_id] ) + if !user + render( + :json => {}, + :status => :not_found + ) + return false + end + + # log end session + current_user.activity_stream_log( 'ended switch to', user.id, true ) + + # remove switched_from_user_id + session[:switched_from_user_id] = nil + + # set old session user again + current_user_set(user) + + redirect_to '/#' + end + def list return if deny_if_not_role('Admin') assets = {} diff --git a/config/routes/auth.rb b/config/routes/auth.rb index 5acc2ecf3..31b6717fd 100644 --- a/config/routes/auth.rb +++ b/config/routes/auth.rb @@ -2,18 +2,19 @@ Zammad::Application.routes.draw do api_path = Rails.configuration.api_path # omniauth - match '/auth/:provider/callback', :to => 'sessions#create_omniauth',:via => [:post, :get, :puts, :delete] + match '/auth/:provider/callback', :to => 'sessions#create_omniauth', :via => [:post, :get, :puts, :delete] # sso - match '/auth/sso', :to => 'sessions#create_sso', :via => [:post, :get] + match '/auth/sso', :to => 'sessions#create_sso', :via => [:post, :get] # sessions - match api_path + '/signin', :to => 'sessions#create', :via => :post - match api_path + '/signshow', :to => 'sessions#show', :via => :get - match api_path + '/signout', :to => 'sessions#destroy', :via => [:get, :delete] + match api_path + '/signin', :to => 'sessions#create', :via => :post + match api_path + '/signshow', :to => 'sessions#show', :via => :get + match api_path + '/signout', :to => 'sessions#destroy', :via => [:get, :delete] - match api_path + '/sessions/switch/:id', :to => 'sessions#switch_to_user', :via => :get - match api_path + '/sessions', :to => 'sessions#list', :via => :get - match api_path + '/sessions/:id', :to => 'sessions#delete', :via => :delete + match api_path + '/sessions/switch/:id', :to => 'sessions#switch_to_user', :via => :get + match api_path + '/sessions/switch_back', :to => 'sessions#switch_back_to_user', :via => :get + match api_path + '/sessions', :to => 'sessions#list', :via => :get + match api_path + '/sessions/:id', :to => 'sessions#delete', :via => :delete end \ No newline at end of file