maurohmartinez/impersonate-users-backpack-laravel

A simple package that adds the impersonate operation for admins

Maintainers

Details

github.com/maurohmartinez/impersonate-users-backpack-laravel

Source

Issues

Installs: 2 520

Dependents: 0

Suggesters: 0

Security: 0

Stars: 9

Watchers: 2

Forks: 2

Open Issues: 1

v1.0.14 2023-10-31 14:05 UTC

Requires

MIT d26b525ab8680bc0f05a2182d72801b73c9bbf4a

  • maurohmartinez <maurohmartinez.woop@gmail.com>

laravelbackpackforce ssl

This package is auto-updated.

Last update: 2024-04-30 00:28:41 UTC

README

This is a simple package to allow admins impersonate users.

alt text

Install

In your terminal:

# install the package
composer require maurohmartinez/impersonate-users-backpack-laravel

In case you want/need to publish files to further customize this package:

php artisan vendor:publish --provider="MHMartinez\ImpersonateUser\app\Providers\ImpersonateUserServiceProvider"

Usage

1- Add in your UserCrudController.

use \MHMartinez\ImpersonateUser\app\Http\Controllers\Operations\ImpersonateUserOperation;

This will add a button for List and Show Operations to impersonate users.

2- Next step is to handle the logic to indicate which admins have permission to impersonate others, or can be impersonated. You just need to modify a bit your User Model to implement the interface ImpersonateInterface like this:

class User extends Authenticatable implements ImpersonateInterface

And then add the following two methods in your User Model:

/**
 * If you use Laravel-Backpack/PermissionManager you can do like this.
 * But you can also add any logic you need. 
*/
public function canImpersonateOthers(): bool
{
    return $this->can('permission_to_impersonate'); // or replace "permission_to_impersonate" with the right permission
}
/**
 * Following the same example, you can deny admins from impersonating super admins. 
*/
public function canBeImpersonated(): bool
{
    return !$this->hasRole('superadmin'); // or replace "superadmin" with the right permission
}

3- Now, you just need to add the button to exit impersonating (no worries, it will only show up when needed). For example, you can add the button in topbar_right_content.blade.php like this:

@include('impersonate_user::exit_impersonated')

4- Important — If you want to impersonate non-admin users you will need to skip the backpack middleware that determines if the user is admin. This is because this operation will need to allow your impersonated non-admin user to use a backpack route to log you back. How to do it?

  • Publish the config file if you haven't done so (described here, above step one).
php artisan vendor:publish --provider="MHMartinez\ImpersonateUser\app\Providers\ImpersonateUserServiceProvider" --tag=config
  • Add the middleware classname like it follows, and you will be good to go:
return [
    'session_key' => 'impersonating_user',
    'base_guard' => 'backpack',
    'admin_middleware' => Path\To\Middleware\IsAdmin::class,
];

This will allow this operation to skip that middleware when logging out impersonated non-admin users.

Credits