feat: Allow to impersonate users

pan93412 · pan93412 · commit af3dc412664d · 2024-10-24T00:43:27.000+08:00
diff --git a/config/packages/security.yaml b/config/packages/security.yaml
@@ -27,12 +27,12 @@ security:
         secret: "%kernel.secret%" # required
         lifetime: 604800 # 1 week in seconds
 
+      # https://symfony.com/doc/current/security/impersonating_user.html
+      switch_user: true
+
   # activate different ways to authenticate
   # https://symfony.com/doc/current/security.html#the-firewall
 
-  # https://symfony.com/doc/current/security/impersonating_user.html
-  # switch_user: true
-
   # Easy way to control access for large sections of your site
   # Note: Only the *first* access control that matches will be used
   access_control:
diff --git a/src/Controller/Admin/UserCrudController.php b/src/Controller/Admin/UserCrudController.php
@@ -5,6 +5,9 @@
 namespace App\Controller\Admin;
 
 use App\Entity\User;
+use EasyCorp\Bundle\EasyAdminBundle\Config\Action;
+use EasyCorp\Bundle\EasyAdminBundle\Config\Actions;
+use EasyCorp\Bundle\EasyAdminBundle\Config\Crud;
 use EasyCorp\Bundle\EasyAdminBundle\Controller\AbstractCrudController;
 use EasyCorp\Bundle\EasyAdminBundle\Field\ArrayField;
 use EasyCorp\Bundle\EasyAdminBundle\Field\AssociationField;
@@ -54,4 +57,13 @@ public function configureFields(string $pageName): iterable
             DateTimeField::new('updated_at', 'Updated at')->hideOnForm(),
         ];
     }
+
+    public function configureActions(Actions $actions): Actions
+    {
+        return $actions->add(
+            Crud::PAGE_INDEX,
+            Action::new('impersonate', 'Impersonate')
+                ->linkToUrl(fn (User $user) => "/?_switch_user={$user->getUserIdentifier()}")
+        );
+    }
 }
diff --git a/templates/components/Navbar.html.twig b/templates/components/Navbar.html.twig
@@ -57,9 +57,12 @@
                             {{ app.user.name }}
                         </button>
                         <ul class="dropdown-menu dropdown-menu-end p-2 rounded-3">
-                            {% if 'ROLE_ADMIN' in app.user.roles %}
+                            {% if is_granted('ROLE_ADMIN') %}
                                 <li><a class="dropdown-item rounded-2 mb-2" href="{{ path('admin') }}">管理後台</a></li>
                             {% endif %}
+                            {% if is_granted('IS_IMPERSONATOR') %}
+                                <li><a class="dropdown-item rounded-2 mb-2" href="{{ impersonation_exit_path(path('app_home')) }}">結束模擬</a></li>
+                            {% endif %}
                             <li><a class="dropdown-item rounded-2 mb-2" href="{{ path('app_profile') }}">個人資料</a></li>
                             <li><a class="dropdown-item rounded-2" href="{{ path('app_logout') }}">登出</a></li>
                         </ul>
diff --git a/translations/messages.zh_TW.yaml b/translations/messages.zh_TW.yaml
@@ -54,6 +54,7 @@ Mark Resolved: 標記為已解決
 Mark Closed: 標記為已關閉
 New & In Progress: 新問題 & 處理中
 Resolved & Closed: 已解決 & 已關閉
+Impersonate: 模擬使用者
 
 challenge.error-type.user: 輸入錯誤
 challenge.error-type.server: 伺服器錯誤
