adamkiss/kirby-impersonate

Impersonate users in Kirby CMS Panel

Maintainers

Details

github.com/adamkiss/kirby-impersonate

Source

Issues

Installs: 12

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 1

Open Issues: 0

Type:kirby-plugin

0.6.1 2024-04-28 12:54 UTC

Requires

Requires (Dev)

MIT 0eb6468774a56e8f477c56fed78ab569ec71becd

This package is auto-updated.

Last update: 2025-01-28 14:32:49 UTC

README

This plugin allows impersonating users in your panel and/or frontend, by adding a session mark for "user is being impersonated" and then forcibly calling kirby()->impersonate() with the target user.

Installation

composer require adamkiss/kirby-impersonate

As with all Kirby plugins, downloading zip should also work. As should using git submodules, but I never tested that.

Usage

If you want to use this plugin only for your panel debugging, just install it, potentially configure who can impersonate/be impersonated and you're done. If you also want to test different frontend availability, you can change where the admin gets redirect after they start impersonation, and the frontend should just work as if it was the user being impersonated.

For notification about ongoing impersonation, you can use kirby()->user()->isImpersonated(), and you can use the route /__impersonate/stop to stop impersonation. For instance, using following in your template:

<?= kirby()->user()->isImpersonated() ? '<a href="/__impersonate/stop">Stop Impersonation</a>' : ''?>

Configuration

By default, any user with access to users table can impersonate any other user. At the start of the impersonation, window reload happens, and at the end of the impersonation, you'll be redirected to users view in the panel; All of these are configurable via options:

// config.php
return [
	'adamkiss.kirby-impersonate' => [
		'can-impersonate' => function () {
			// who can impersonate? this is a user method,
			// so "$this" is a user who's checked.
			// you have access to role, email, uuid…

			/** @var User $this */
			return true;
		},
		'can-be-impersonated' => function () {
			// who can be target of impersonation? this is a user method,
			// so "$this" is a user who's checked
			// you have access to role, email, uuid…

			/** @var User $this */
			return true;
		},
		
		// Since the start of redirection is in the users area, null just reloads
		// You can also use a string to get a URL, or a Closure with the impersonated user
		// if you need different redirects base on role / email / whatever
		'redirect-after-impersonation-start' => null,

		// Where you're redirected after the impersonation stops
		// this can be only a string
		'redirect-after-impersonation-stop' => kirby()->url('panel') . '/users',    ]
];

License

MIT, (c) 2024 Adam Kiss

See LICENSE.md for more information