From ec18cbd58be905a369a371911c82a1bfa210d150 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 15 Sep 2014 22:55:06 +0200
Subject: [PATCH] Implemented to switch back to old user.

---
 .../app/controllers/users.js.coffee           |  1 +
 .../widget/switch_back_to_user.js.coffee      | 37 ++++++++++++++++
 .../views/widget/switch_back_to_user.jst.eco  |  4 ++
 app/assets/stylesheets/zzz.css.erb            | 23 +++++++---
 app/controllers/application_controller.rb     |  6 ++-
 app/controllers/sessions_controller.rb        | 44 +++++++++++++++++++
 config/routes/auth.rb                         | 17 +++----
 7 files changed, 118 insertions(+), 14 deletions(-)
 create mode 100644 app/assets/javascripts/app/controllers/widget/switch_back_to_user.js.coffee
 create mode 100644 app/assets/javascripts/app/views/widget/switch_back_to_user.jst.eco

diff --git a/app/assets/javascripts/app/controllers/users.js.coffee b/app/assets/javascripts/app/controllers/users.js.coffee
index 59e26c5f0..a1d8e2d1d 100644
--- a/app/assets/javascripts/app/controllers/users.js.coffee
+++ b/app/assets/javascripts/app/controllers/users.js.coffee
@@ -23,6 +23,7 @@ class Index extends App.Controller
     switchTo = (id,e) =>
       e.preventDefault()
       @disconnectClient()
+      $('#app').hide().attr('style', 'display: none!important')
       App.Auth._logout()
       window.location = App.Config.get('api_path') + '/sessions/switch/' + id
 
diff --git a/app/assets/javascripts/app/controllers/widget/switch_back_to_user.js.coffee b/app/assets/javascripts/app/controllers/widget/switch_back_to_user.js.coffee
new file mode 100644
index 000000000..0d6f6af74
--- /dev/null
+++ b/app/assets/javascripts/app/controllers/widget/switch_back_to_user.js.coffee
@@ -0,0 +1,37 @@
+class Widget extends App.Controller
+  events:
+    'click    .close':    'switchBack'
+
+  constructor: ->
+    super
+
+    # start widget
+    @bind 'app:ready', =>
+      @render()
+
+    # remove widget
+    @bind 'auth:logout', =>
+      App.Config.set('switch_back_to_possible', false)
+      @render()
+
+  render: (user) ->
+
+    # if no switch to user is active
+    if !App.Config.get('switch_back_to_possible') || _.isEmpty( App.Session.all() )
+      @el.html('')
+      $('#app').removeClass('switch-back-to-user-space')
+      return
+
+    # show switch back widget
+    @html App.view('widget/switch_back_to_user')()
+    $('#app').addClass('switch-back-to-user-space')
+
+  switchBack: (e) =>
+    e.preventDefault()
+    @disconnectClient()
+    $('#app').hide().attr('style', 'display: none!important')
+    App.Auth._logout()
+    window.location = App.Config.get('api_path') + '/sessions/switch_back'
+
+
+App.Config.set( 'switch_back_to_user', Widget, 'Widgets' )
diff --git a/app/assets/javascripts/app/views/widget/switch_back_to_user.jst.eco b/app/assets/javascripts/app/views/widget/switch_back_to_user.jst.eco
new file mode 100644
index 000000000..a451c0ad6
--- /dev/null
+++ b/app/assets/javascripts/app/views/widget/switch_back_to_user.jst.eco
@@ -0,0 +1,4 @@
+<div class="switch-back-to-user fit">
+  <%- @T('Zammad looks like this for "%s"', @S('firstname') + ' ' + @S('lastname')  ) %>
+  <a href="#" class="close icon "></a>
+</div>
\ No newline at end of file
diff --git a/app/assets/stylesheets/zzz.css.erb b/app/assets/stylesheets/zzz.css.erb
index e3ed93080..01bfac106 100644
--- a/app/assets/stylesheets/zzz.css.erb
+++ b/app/assets/stylesheets/zzz.css.erb
@@ -1922,7 +1922,7 @@ footer {
 .sidebar {
   width: 32%;
   max-width: 300px;
-  padding: 20px;
+  padding: 8px 20px 20px 20px;
   background: white;
   border-right: 1px solid #e6e6e6;
   overflow: auto;
@@ -2186,7 +2186,7 @@ footer {
 
   .activity-avatar {
     padding-top: 16px;
-    padding-left: 14px;
+    padding-left: 2px;
     padding-right: 2px;
     margin-right: 10px;
   }
@@ -2196,7 +2196,7 @@ footer {
 
   .activity-body {
     color: #444a4f;
-    padding: 16px 26px 16px 2px;
+    padding: 16px 0 16px 2px;
     position: relative;
   }
 
@@ -2219,7 +2219,7 @@ footer {
     }
 
   .activity-message {
-    padding-right: 20px;
+    padding-right: 0;
   }
 
   .activity-time {
@@ -3114,6 +3114,19 @@ footer {
   display: block;
 }
 
+.switch-back-to-user {
+  position: absolute;
+  background-color: #389ed9;
+  color: #fff;
+  height: 34px;
+  z-index: 1;
+  padding: 8px 9px;
+  top: -34px;
+}
+.switch-back-to-user-space {
+  top: 34px;
+}
+
 /*
 
   ----------------
@@ -3123,7 +3136,7 @@ footer {
 */
 
 @media only screen and (max-width: 1280px) {
-  .sidebar-optional.sidebar {
+  .sidebar.optional {
     display: none;
   }
 }
\ No newline at end of file
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1213a3894..d299c9e0a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -246,7 +246,11 @@ class ApplicationController < ActionController::Base
       config['timezones'][ t.name ] = diff
     }
 
-    return config
+    if session[:switched_from_user_id]
+      config['switch_back_to_possible'] = true
+    end
+
+    config
   end
 
   # model helper
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index c8184be83..20b3e85db 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -5,6 +5,9 @@ class SessionsController < ApplicationController
   # "Create" a login, aka "log the user in"
   def create
 
+    # in case, remove switched_from_user_id
+    session[:switched_from_user_id] = nil
+
     # authenticate user
     user = User.authenticate( params[:username], params[:password] )
 
@@ -128,6 +131,10 @@ class SessionsController < ApplicationController
   end
 
   def create_omniauth
+
+    # in case, remove switched_from_user_id
+    session[:switched_from_user_id] = nil
+
     auth = request.env['omniauth.auth']
 
     if !auth
@@ -158,6 +165,10 @@ class SessionsController < ApplicationController
   end
 
   def create_sso
+
+    # in case, remove switched_from_user_id
+    session[:switched_from_user_id] = nil
+
     user = User.sso(params)
 
     # Log the authorizing user in.
@@ -199,6 +210,9 @@ class SessionsController < ApplicationController
       return false
     end
 
+    # remember old user
+    session[:switched_from_user_id] = current_user.id
+
     # log new session
     user.activity_stream_log( 'switch to', current_user.id, true )
 
@@ -208,6 +222,36 @@ class SessionsController < ApplicationController
     redirect_to '/#'
   end
 
+  # "switch" back to user
+  def switch_back_to_user
+
+    # check if it's a swich back
+    if !session[:switched_from_user_id]
+      response_access_deny
+      return false
+    end
+
+    user = User.lookup( :id => session[:switched_from_user_id] )
+    if !user
+      render(
+        :json   => {},
+        :status => :not_found
+      )
+      return false
+    end
+
+    # log end session
+    current_user.activity_stream_log( 'ended switch to', user.id, true )
+
+    # remove switched_from_user_id
+    session[:switched_from_user_id] = nil
+
+    # set old session user again
+    current_user_set(user)
+
+    redirect_to '/#'
+  end
+
   def list
     return if deny_if_not_role('Admin')
     assets = {}
diff --git a/config/routes/auth.rb b/config/routes/auth.rb
index 5acc2ecf3..31b6717fd 100644
--- a/config/routes/auth.rb
+++ b/config/routes/auth.rb
@@ -2,18 +2,19 @@ Zammad::Application.routes.draw do
   api_path = Rails.configuration.api_path
 
   # omniauth
-  match '/auth/:provider/callback',         :to => 'sessions#create_omniauth',:via => [:post, :get, :puts, :delete]
+  match '/auth/:provider/callback',         :to => 'sessions#create_omniauth',      :via => [:post, :get, :puts, :delete]
 
   # sso
-  match '/auth/sso',                        :to => 'sessions#create_sso',     :via => [:post, :get]
+  match '/auth/sso',                        :to => 'sessions#create_sso',           :via => [:post, :get]
 
   # sessions
-  match api_path + '/signin',               :to => 'sessions#create',         :via => :post
-  match api_path + '/signshow',             :to => 'sessions#show',           :via => :get
-  match api_path + '/signout',              :to => 'sessions#destroy',        :via => [:get, :delete]
+  match api_path + '/signin',               :to => 'sessions#create',               :via => :post
+  match api_path + '/signshow',             :to => 'sessions#show',                 :via => :get
+  match api_path + '/signout',              :to => 'sessions#destroy',              :via => [:get, :delete]
 
-  match api_path + '/sessions/switch/:id',  :to => 'sessions#switch_to_user', :via => :get
-  match api_path + '/sessions',             :to => 'sessions#list',           :via => :get
-  match api_path + '/sessions/:id',         :to => 'sessions#delete',         :via => :delete
+  match api_path + '/sessions/switch/:id',  :to => 'sessions#switch_to_user',       :via => :get
+  match api_path + '/sessions/switch_back', :to => 'sessions#switch_back_to_user',  :via => :get
+  match api_path + '/sessions',             :to => 'sessions#list',                 :via => :get
+  match api_path + '/sessions/:id',         :to => 'sessions#delete',               :via => :delete
 
 end
\ No newline at end of file