From 3a25178697d13b4ec7fd8980784396bc967c3144 Mon Sep 17 00:00:00 2001 From: Julien Nahum Date: Wed, 24 Jan 2024 17:45:29 +0100 Subject: [PATCH] Fix impersonation for moderator --- .../Controllers/Admin/ImpersonationController.php | 15 +++++---------- routes/api.php | 2 +- 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/app/Http/Controllers/Admin/ImpersonationController.php b/app/Http/Controllers/Admin/ImpersonationController.php index 8f72753..c2dbf8a 100644 --- a/app/Http/Controllers/Admin/ImpersonationController.php +++ b/app/Http/Controllers/Admin/ImpersonationController.php @@ -39,7 +39,6 @@ class ImpersonationController extends Controller ]); } - \Log::warning('Impersonation started',[ 'from_id' => auth()->id(), 'from_email' => auth()->user()->email, @@ -47,15 +46,11 @@ class ImpersonationController extends Controller 'target_email' => $user->id, ]); - // Be this user - if (auth()->user()->moderator) { - $token = auth()->claims([ - 'impersonating' => true, - 'impersonator_id' => auth()->id(), - ])->login($user); - } else { - $token = auth()->login($user); - } + $token = auth()->claims(auth()->user()->admin ? [] : [ + 'impersonating' => true, + 'impersonator_id' => auth()->id(), + ])->login($user); + return $this->success([ 'token' => $token ]); diff --git a/routes/api.php b/routes/api.php index b381f5d..eaa87d6 100644 --- a/routes/api.php +++ b/routes/api.php @@ -116,7 +116,7 @@ Route::group(['middleware' => 'auth:api'], function () { }); }); - Route::group(['middleware' => 'admin', 'prefix' => 'admin'], function () { + Route::group(['middleware' => 'moderator', 'prefix' => 'admin'], function () { Route::get('impersonate/{identifier}', [\App\Http\Controllers\Admin\ImpersonationController::class, 'impersonate']); });