Skip to content

Commit

Permalink
- Fix Authenticatable usage by using AuthIdentifier in session.
Browse files Browse the repository at this point in the history 
- Use email as AuthIdentifierName in tests
  • Loading branch information
@gabsource
gabsource committed Dec 27, 2019
1 parent 9e83968 commit ae332fb
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 40 deletions.
2 changes: 1 addition & 1 deletion src/Controllers/ImpersonateController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public function take(Request $request, $id, $guardName = null)
$guardName = $guardName ?? $this->manager->getDefaultSessionGuard();

// Cannot impersonate yourself
if ($id == $request->user()->getKey() && ($this->manager->getCurrentAuthGuardName() == $guardName)) {
if ($id == $request->user()->getAuthIdentifier() && ($this->manager->getCurrentAuthGuardName() == $guardName)) {
abort(403);
}

Expand Down
10 changes: 5 additions & 5 deletions src/Services/ImpersonateManager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ public function __construct(Application $app)

/**
* @param int $id
* @return \Illuminate\Database\Eloquent\Model
* @return \Illuminate\Contracts\Auth\Authenticatable
* @throws Exception
*/
public function findUserById($id, $guardName = null)
Expand Down Expand Up @@ -60,7 +60,7 @@ public function getImpersonatorId()
}

/**
* @return \Illuminate\Database\Eloquent\Model
* @return \Illuminate\Contracts\Auth\Authenticatable
*/
public function getImpersonator()
{
Expand All @@ -86,8 +86,8 @@ public function getImpersonatorGuardUsingName()
}

/**
* @param \Illuminate\Database\Eloquent\Model $from
* @param \Illuminate\Database\Eloquent\Model $to
* @param \Illuminate\Contracts\Auth\Authenticatable $from
* @param \Illuminate\Contracts\Auth\Authenticatable $to
* @param string|null $guardName
* @return bool
*/
Expand All @@ -97,7 +97,7 @@ public function take($from, $to, $guardName = null)

try {
$currentGuard = $this->getCurrentAuthGuardName();
session()->put($this->getSessionKey(), $from->getKey());
session()->put($this->getSessionKey(), $from->getAuthIdentifier());
session()->put($this->getSessionGuard(), $currentGuard);
session()->put($this->getSessionGuardUsing(), $guardName);

Expand Down
48 changes: 24 additions & 24 deletions tests/ImpersonateManagerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,9 @@ public function it_can_be_accessed_from_container()
/** @test */
public function it_can_find_an_user()
{
$admin = $this->manager->findUserById(1, $this->firstGuard);
$user = $this->manager->findUserById(2, $this->firstGuard);
$superAdmin = $this->manager->findUserById(3, $this->secondGuard);
$admin = $this->manager->findUserById('[email protected]', $this->firstGuard);
$user = $this->manager->findUserById('[email protected]', $this->firstGuard);
$superAdmin = $this->manager->findUserById('[email protected]', $this->secondGuard);

$this->assertInstanceOf(User::class, $admin);
$this->assertInstanceOf(User::class, $user);
Expand All @@ -53,15 +53,15 @@ public function it_can_find_an_user()
public function it_can_verify_impersonating()
{
$this->assertFalse($this->manager->isImpersonating());
$this->app['session']->put($this->manager->getSessionKey(), 1);
$this->app['session']->put($this->manager->getSessionKey(), '[email protected]');
$this->assertTrue($this->manager->isImpersonating());
$this->assertEquals(1, $this->manager->getImpersonatorId());
$this->assertEquals('[email protected]', $this->manager->getImpersonatorId());
}

/** @test */
public function it_can_clear_impersonating()
{
$this->app['session']->put($this->manager->getSessionKey(), 1);
$this->app['session']->put($this->manager->getSessionKey(), '[email protected]');
$this->app['session']->put($this->manager->getSessionGuard(), 'guard_name');
$this->app['session']->put($this->manager->getSessionGuardUsing(), 'guard_using_name');
$this->assertTrue($this->app['session']->has($this->manager->getSessionKey()));
Expand All @@ -76,11 +76,11 @@ public function it_can_clear_impersonating()
/** @test */
public function it_can_take_impersonating()
{
$this->app['auth']->guard($this->firstGuard)->loginUsingId(1);
$this->app['auth']->guard($this->firstGuard)->loginUsingId('[email protected]');
$this->assertTrue($this->app['auth']->check());
$this->manager->take($this->app['auth']->user(), $this->manager->findUserById(2, $this->firstGuard), $this->firstGuard);
$this->assertEquals(2, $this->app['auth']->user()->getKey());
$this->assertEquals(1, $this->manager->getImpersonatorId());
$this->manager->take($this->app['auth']->user(), $this->manager->findUserById('[email protected]', $this->firstGuard), $this->firstGuard);
$this->assertEquals('[email protected]', $this->app['auth']->user()->getAuthIdentifier());
$this->assertEquals('[email protected]', $this->manager->getImpersonatorId());
$this->assertEquals($this->firstGuard, $this->manager->getImpersonatorGuardName());
$this->assertEquals($this->firstGuard, $this->manager->getImpersonatorGuardUsingName());
$this->assertTrue($this->manager->isImpersonating());
Expand All @@ -89,15 +89,15 @@ public function it_can_take_impersonating()
/** @test */
public function it_can_take_impersonating_other_guard()
{
$this->app['auth']->guard($this->secondGuard)->loginUsingId(1);
$this->app['auth']->guard($this->secondGuard)->loginUsingId('[email protected]');
$this->assertTrue($this->app['auth']->guard($this->secondGuard)->check());
$this->manager->take(
$this->app['auth']->guard($this->secondGuard)->user(),
$this->manager->findUserById(3, $this->firstGuard),
$this->manager->findUserById('[email protected]', $this->firstGuard),
$this->firstGuard
);
$this->assertEquals(3, $this->app['auth']->user()->getKey());
$this->assertEquals(1, $this->manager->getImpersonatorId());
$this->assertEquals('[email protected]', $this->app['auth']->user()->getAuthIdentifier());
$this->assertEquals('[email protected]', $this->manager->getImpersonatorId());
$this->assertEquals($this->secondGuard, $this->manager->getImpersonatorGuardName());
$this->assertEquals($this->firstGuard, $this->manager->getImpersonatorGuardUsingName());
$this->assertTrue($this->manager->isImpersonating());
Expand All @@ -106,8 +106,8 @@ public function it_can_take_impersonating_other_guard()
/** @test */
public function it_can_leave_impersonating()
{
$this->app['auth']->loginUsingId(1);
$this->manager->take($this->app['auth']->user(), $this->manager->findUserById(2, $this->firstGuard));
$this->app['auth']->loginUsingId('[email protected]');
$this->manager->take($this->app['auth']->user(), $this->manager->findUserById('[email protected]', $this->firstGuard));
$this->assertTrue($this->manager->leave());
$this->assertFalse($this->manager->isImpersonating());
$this->assertInstanceOf(User::class, $this->app['auth']->user());
Expand All @@ -116,10 +116,10 @@ public function it_can_leave_impersonating()
/** @test */
public function it_can_leave_impersonating_other_guard()
{
$this->app['auth']->guard($this->secondGuard)->loginUsingId(1);
$this->app['auth']->guard($this->secondGuard)->loginUsingId('[email protected]');
$this->manager->take(
$this->app['auth']->guard($this->secondGuard)->user(),
$this->manager->findUserById(2, $this->firstGuard),
$this->manager->findUserById('[email protected]', $this->firstGuard),
$this->firstGuard
);
$this->assertTrue($this->manager->leave());
Expand All @@ -130,11 +130,11 @@ public function it_can_leave_impersonating_other_guard()
/** @test */
public function it_keeps_remember_token_when_taking_and_leaving()
{
$admin = $this->manager->findUserById(1, $this->firstGuard);
$admin = $this->manager->findUserById('[email protected]', $this->firstGuard);
$admin->remember_token = 'impersonator_token';
$admin->save();

$user = $this->manager->findUserById(2, $this->firstGuard);
$user = $this->manager->findUserById('[email protected]', $this->firstGuard);
$user->remember_token = 'impersonated_token';
$user->save();

Expand All @@ -151,10 +151,10 @@ public function it_keeps_remember_token_when_taking_and_leaving()
/** @test */
public function it_can_get_impersonator()
{
$this->app['auth']->loginUsingId(1);
$this->app['auth']->loginUsingId('[email protected]');
$this->assertTrue($this->app['auth']->check());
$this->manager->take($this->app['auth']->user(), $this->manager->findUserById(2));
$this->assertEquals(2, $this->app['auth']->user()->getKey());
$this->manager->take($this->app['auth']->user(), $this->manager->findUserById('[email protected]'));
$this->assertEquals('[email protected]', $this->app['auth']->user()->getAuthIdentifier());
$this->assertEquals(1, $this->manager->getImpersonator()->id);
$this->assertEquals('Admin', $this->manager->getImpersonator()->name);
}
Expand All @@ -170,7 +170,7 @@ public function it_renames_the_remember_web_cookie_when_taking_and_reverts_the_c
$cookies = [$cookie->getName() => $cookie->getValue(), 'random' => 'cookie'];
$this->app['request'] = (object) ['cookies' => new ParameterBag($cookies)];

$this->manager->take($this->app['auth']->user(), $this->manager->findUserById(2));
$this->manager->take($this->app['auth']->user(), $this->manager->findUserById('[email protected]'));
$this->assertArrayHasKey(ImpersonateManager::REMEMBER_PREFIX, session()->all());
$this->assertEquals([$cookie->getName(), $cookie->getValue()], session()->get(ImpersonateManager::REMEMBER_PREFIX));

Expand Down
20 changes: 10 additions & 10 deletions tests/ModelImpersonateTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,50 +23,50 @@ public function setUp(): void
/** @test */
public function it_can_impersonate()
{
$user = $this->app['auth']->loginUsingId(1);
$user = $this->app['auth']->loginUsingId('[email protected]');
$this->assertTrue($user->canImpersonate());
}

/** @test */
public function it_cant_impersonate()
{
$user = $this->app['auth']->loginUsingId(2);
$user = $this->app['auth']->loginUsingId('[email protected]');
$this->assertFalse($user->canImpersonate());
}

/** @test */
public function it_can_be_impersonate()
{
$user = $this->app['auth']->loginUsingId(1);
$user = $this->app['auth']->loginUsingId('[email protected]');
$this->assertTrue($user->canBeImpersonated());
}

/** @test */
public function it_cant_be_impersonate()
{
$user = $this->app['auth']->loginUsingId(3);
$user = $this->app['auth']->loginUsingId('[email protected]');
$this->assertFalse($user->canBeImpersonated());
}

/** @test */
public function it_impersonates()
{
$admin = $this->app['auth']->loginUsingId(1);
$admin = $this->app['auth']->loginUsingId('[email protected]');
$this->assertFalse($admin->isImpersonated());
$user = $this->manager->findUserById(2, $this->guard);
$user = $this->manager->findUserById('[email protected]', $this->guard);
$admin->impersonate($user, $this->guard);
$this->assertTrue($user->isImpersonated());
$this->assertEquals($this->app['auth']->user()->getKey(), 2);
$this->assertEquals($this->app['auth']->user()->getAuthIdentifier(), '[email protected]');
}

/** @test */
public function it_can_leave_impersonation()
{
$admin = $this->app['auth']->loginUsingId(1);
$user = $this->manager->findUserById(2, $this->guard);
$admin = $this->app['auth']->loginUsingId('[email protected]');
$user = $this->manager->findUserById('[email protected]', $this->guard);
$admin->impersonate($user, $this->guard);
$admin->leaveImpersonation();
$this->assertFalse($user->isImpersonated());
$this->assertNotEquals($this->app['auth']->user()->getKey(), 2);
$this->assertNotEquals($this->app['auth']->user()->getAuthIdentifier(), '[email protected]');
}
}
6 changes: 6 additions & 0 deletions tests/Stubs/Models/User.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,4 +39,10 @@ public function canBeImpersonated()
{
return $this->attributes['can_be_impersonated'] == 1;
}


public function getAuthIdentifierName()
{
return 'email';
}
}

0 comments on commit ae332fb

Please sign in to comment.