I have an interesting requirement. Don’t know how to do it.
I have an Admin, which can see a list of users.
All the users will have a button (Login).
The Admin can click on the Login button to to access the user’s account.
If Admin does this he will be logged out of his account. But how to
access
back his own account if he tries to come out of that user’s account?
I have an interesting requirement. Don’t know how to do it.
I have an Admin, which can see a list of users.
All the users will have a button (Login).
The Admin can click on the Login button to to access the user’s account.
If Admin does this he will be logged out of his account. But how to access back
his own account if he tries to come out of that user’s account?
What method are you using for authentication? I did something similar in
Devise, where I allowed the admin to impersonate another user. I hooked
into the current_user method and allowed an admin user to assume the
identity of another user without logging out. Since admins were allowed
to see everything anyway (in CanCan) I didn’t need to do anything
special besides store the ID of the account I was impersonating in the
session.
def impersonate
session[:impersonating] = params[:practice_id]
redirect_to( ‘/calendar’ )
end
def stop_impersonating
session[:impersonating] = nil
redirect_to( ‘/users/index’ )
end
def authenticate_impersonator!
redirect_to(:root) unless (can? :impersonate, User)
end
#application_controller.rb
helper_method :current_practice
def current_practice
if session[:impersonating]
Practice.find session[:impersonating]
else
current_user.practice
end
end
Everything in this solution centers around the current_practice helper,
which is where I used the session to side-step the current user and
pretend to be another.
I tried with passing Id & cookies[token] of that user & was able to
login
to that users profile.
But I am unable to get back to the profile of the Admin user.
On Thursday, September 27, 2012 10:37:11 AM UTC+5:30, Walter Lee D.
I am lil bit confused.
Will this help on returning back to the admin user again?
The admin user never leaves or logs out, but because current_practice is
used for anything that the admin sees, the page gets re-loaded with all
the content relevant to that practice, not the admin’s own account. It
helps in this case that admin is able to see everything. You could not
do this trick if that was not the case.
Walter
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.