Hello, I have an interesting requirement. Don''t know how to do it. I have an Admin, which can see a list of users. All the users will have a button (Login). The Admin can click on the Login button to to access the user''s account. If Admin does this he will be logged out of his account. But how to access back his own account if he tries to come out of that user''s account? Thanks -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/NRZJEKsdFgEJ. For more options, visit https://groups.google.com/groups/opt_out.
On Sep 26, 2012, at 4:58 AM, Avi wrote:> Hello, > > I have an interesting requirement. Don''t know how to do it. > I have an Admin, which can see a list of users. > All the users will have a button (Login). > The Admin can click on the Login button to to access the user''s account. > If Admin does this he will be logged out of his account. But how to access back his own account if he tries to come out of that user''s account? >What method are you using for authentication? I did something similar in Devise, where I allowed the admin to impersonate another user. I hooked into the current_user method and allowed an admin user to assume the identity of another user without logging out. Since admins were allowed to see everything anyway (in CanCan) I didn''t need to do anything special besides store the ID of the account I was impersonating in the session. Walter -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Currently I am using CanCan. Can you please explain a bit more on your solution? On Wednesday, September 26, 2012 6:51:43 PM UTC+5:30, Walter Lee Davis wrote:> > > On Sep 26, 2012, at 4:58 AM, Avi wrote: > > > Hello, > > > > I have an interesting requirement. Don''t know how to do it. > > I have an Admin, which can see a list of users. > > All the users will have a button (Login). > > The Admin can click on the Login button to to access the user''s account. > > If Admin does this he will be logged out of his account. But how to > access back his own account if he tries to come out of that user''s account? > > > > What method are you using for authentication? I did something similar in > Devise, where I allowed the admin to impersonate another user. I hooked > into the current_user method and allowed an admin user to assume the > identity of another user without logging out. Since admins were allowed to > see everything anyway (in CanCan) I didn''t need to do anything special > besides store the ID of the account I was impersonating in the session. > > Walter > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/udMtXUaASAoJ. For more options, visit https://groups.google.com/groups/opt_out.
> > On Sep 26, 2012, at 4:58 AM, Avi wrote: >> >> > Hello, >> > >> > I have an interesting requirement. Don''t know how to do it. >> > I have an Admin, which can see a list of users. >> > All the users will have a button (Login). >> > The Admin can click on the Login button to to access the user''s >> account. >> > If Admin does this he will be logged out of his account. But how to >> access back his own account if he tries to come out of that user''s account? >> > >> >I''m not sure if this can help: https://github.com/plataformatec/devise/wiki/How-To:-Sign-in-as-another-user-if-you-are-an-admin but I saw that once when I was looking in devise wiki and I recall now. Javier -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
On Sep 26, 2012, at 11:52 PM, Avi wrote:> Currently I am using CanCan. > Can you please explain a bit more on your solution?#users_controller.rb before_filter :authenticate_impersonator!, :only => [:index, :impersonate, :stop_impersonating] def impersonate session[:impersonating] = params[:practice_id] redirect_to( ''/calendar'' ) end def stop_impersonating session[:impersonating] = nil redirect_to( ''/users/index'' ) end def authenticate_impersonator! redirect_to(:root) unless (can? :impersonate, User) end #application_controller.rb helper_method :current_practice def current_practice if session[:impersonating] Practice.find session[:impersonating] else current_user.practice end end #views/layouts/index.html.erb <%- if session[:impersonating] -%> <div id="impersonating"> <p>Currently impersonating <strong><%= current_practice.name %></strong> <%= link_to "Stop Impersonating", "/users/stop_impersonating", :class => "form_button delete" %></p> </div> <%- end -%> Everything in this solution centers around the current_practice helper, which is where I used the session to side-step the current user and pretend to be another. Walter> > On Wednesday, September 26, 2012 6:51:43 PM UTC+5:30, Walter Lee Davis wrote: > > On Sep 26, 2012, at 4:58 AM, Avi wrote: > > > Hello, > > > > I have an interesting requirement. Don''t know how to do it. > > I have an Admin, which can see a list of users. > > All the users will have a button (Login). > > The Admin can click on the Login button to to access the user''s account. > > If Admin does this he will be logged out of his account. But how to access back his own account if he tries to come out of that user''s account? > > > > What method are you using for authentication? I did something similar in Devise, where I allowed the admin to impersonate another user. I hooked into the current_user method and allowed an admin user to assume the identity of another user without logging out. Since admins were allowed to see everything anyway (in CanCan) I didn''t need to do anything special besides store the ID of the account I was impersonating in the session. > > Walter > > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/udMtXUaASAoJ. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Hello, I am lil bit confused. Will this help on returning back to the admin user again? On Thursday, September 27, 2012 9:54:20 AM UTC+5:30, Walter Lee Davis wrote:> > On Sep 26, 2012, at 11:52 PM, Avi wrote: > > > Currently I am using CanCan. > > Can you please explain a bit more on your solution? > > #users_controller.rb > before_filter :authenticate_impersonator!, :only => [:index, > :impersonate, :stop_impersonating] > > def impersonate > session[:impersonating] = params[:practice_id] > redirect_to( ''/calendar'' ) > end > > def stop_impersonating > session[:impersonating] = nil > redirect_to( ''/users/index'' ) > end > > def authenticate_impersonator! > redirect_to(:root) unless (can? :impersonate, User) > end > > #application_controller.rb > helper_method :current_practice > def current_practice > if session[:impersonating] > Practice.find session[:impersonating] > else > current_user.practice > end > end > > #views/layouts/index.html.erb > > <%- if session[:impersonating] -%> > <div id="impersonating"> > <p>Currently impersonating <strong><%= current_practice.name%></strong> <%= link_to "Stop Impersonating", "/users/stop_impersonating", > :class => "form_button delete" %></p> > </div> > <%- end -%> > > > Everything in this solution centers around the current_practice helper, > which is where I used the session to side-step the current user and pretend > to be another. > > Walter > > > > > On Wednesday, September 26, 2012 6:51:43 PM UTC+5:30, Walter Lee Davis > wrote: > > > > On Sep 26, 2012, at 4:58 AM, Avi wrote: > > > > > Hello, > > > > > > I have an interesting requirement. Don''t know how to do it. > > > I have an Admin, which can see a list of users. > > > All the users will have a button (Login). > > > The Admin can click on the Login button to to access the user''s > account. > > > If Admin does this he will be logged out of his account. But how to > access back his own account if he tries to come out of that user''s account? > > > > > > > What method are you using for authentication? I did something similar in > Devise, where I allowed the admin to impersonate another user. I hooked > into the current_user method and allowed an admin user to assume the > identity of another user without logging out. Since admins were allowed to > see everything anyway (in CanCan) I didn''t need to do anything special > besides store the ID of the account I was impersonating in the session. > > > > Walter > > > > > > -- > > You received this message because you are subscribed to the Google > Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonra...-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org<javascript:>. > > > To unsubscribe from this group, send email to > rubyonrails-ta...-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org <javascript:>. > > To view this discussion on the web visit > https://groups.google.com/d/msg/rubyonrails-talk/-/udMtXUaASAoJ. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/WJ-3bA_74CsJ. For more options, visit https://groups.google.com/groups/opt_out.
Is gem "switch_user" really useful ? Because it needs devise I guess ? On Thursday, September 27, 2012 9:35:23 AM UTC+5:30, JavierQQ wrote:> > On Sep 26, 2012, at 4:58 AM, Avi wrote: >>> >>> > Hello, >>> > >>> > I have an interesting requirement. Don''t know how to do it. >>> > I have an Admin, which can see a list of users. >>> > All the users will have a button (Login). >>> > The Admin can click on the Login button to to access the user''s >>> account. >>> > If Admin does this he will be logged out of his account. But how to >>> access back his own account if he tries to come out of that user''s account? >>> > >>> >> > I''m not sure if this can help: > > > https://github.com/plataformatec/devise/wiki/How-To:-Sign-in-as-another-user-if-you-are-an-admin > > but I saw that once when I was looking in devise wiki and I recall now. > > Javier >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/67uX1QzkoFcJ. For more options, visit https://groups.google.com/groups/opt_out.
On Sep 27, 2012, at 12:54 AM, Avi wrote:> Hello, > > I am lil bit confused. > Will this help on returning back to the admin user again?The admin user never leaves or logs out, but because current_practice is used for anything that the admin sees, the page gets re-loaded with all the content relevant to that practice, not the admin''s own account. It helps in this case that admin is able to see everything. You could not do this trick if that was not the case. Walter> > On Thursday, September 27, 2012 9:54:20 AM UTC+5:30, Walter Lee Davis wrote: > On Sep 26, 2012, at 11:52 PM, Avi wrote: > > > Currently I am using CanCan. > > Can you please explain a bit more on your solution? > > #users_controller.rb > before_filter :authenticate_impersonator!, :only => [:index, :impersonate, :stop_impersonating] > > def impersonate > session[:impersonating] = params[:practice_id] > redirect_to( ''/calendar'' ) > end > > def stop_impersonating > session[:impersonating] = nil > redirect_to( ''/users/index'' ) > end > > def authenticate_impersonator! > redirect_to(:root) unless (can? :impersonate, User) > end > > #application_controller.rb > helper_method :current_practice > def current_practice > if session[:impersonating] > Practice.find session[:impersonating] > else > current_user.practice > end > end > > #views/layouts/index.html.erb > > <%- if session[:impersonating] -%> > <div id="impersonating"> > <p>Currently impersonating <strong><%= current_practice.name %></strong> <%= link_to "Stop Impersonating", "/users/stop_impersonating", :class => "form_button delete" %></p> > </div> > <%- end -%> > > > Everything in this solution centers around the current_practice helper, which is where I used the session to side-step the current user and pretend to be another. > > Walter > > > > > On Wednesday, September 26, 2012 6:51:43 PM UTC+5:30, Walter Lee Davis wrote: > > > > On Sep 26, 2012, at 4:58 AM, Avi wrote: > > > > > Hello, > > > > > > I have an interesting requirement. Don''t know how to do it. > > > I have an Admin, which can see a list of users. > > > All the users will have a button (Login). > > > The Admin can click on the Login button to to access the user''s account. > > > If Admin does this he will be logged out of his account. But how to access back his own account if he tries to come out of that user''s account? > > > > > > > What method are you using for authentication? I did something similar in Devise, where I allowed the admin to impersonate another user. I hooked into the current_user method and allowed an admin user to assume the identity of another user without logging out. Since admins were allowed to see everything anyway (in CanCan) I didn''t need to do anything special besides store the ID of the account I was impersonating in the session. > > > > Walter > > > > > > -- > > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonra...-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > To unsubscribe from this group, send email to rubyonrails-ta...@googlegroups.com. > > To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/udMtXUaASAoJ. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/WJ-3bA_74CsJ. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
I tried with passing Id & cookies[token] of that user & was able to login to that users profile. But I am unable to get back to the profile of the Admin user. On Thursday, September 27, 2012 10:37:11 AM UTC+5:30, Walter Lee Davis wrote:> > > On Sep 27, 2012, at 12:54 AM, Avi wrote: > > > Hello, > > > > I am lil bit confused. > > Will this help on returning back to the admin user again? > > The admin user never leaves or logs out, but because current_practice is > used for anything that the admin sees, the page gets re-loaded with all the > content relevant to that practice, not the admin''s own account. It helps in > this case that admin is able to see everything. You could not do this trick > if that was not the case. > > Walter > > > > > On Thursday, September 27, 2012 9:54:20 AM UTC+5:30, Walter Lee Davis > wrote: > > On Sep 26, 2012, at 11:52 PM, Avi wrote: > > > > > Currently I am using CanCan. > > > Can you please explain a bit more on your solution? > > > > #users_controller.rb > > before_filter :authenticate_impersonator!, :only => [:index, > :impersonate, :stop_impersonating] > > > > def impersonate > > session[:impersonating] = params[:practice_id] > > redirect_to( ''/calendar'' ) > > end > > > > def stop_impersonating > > session[:impersonating] = nil > > redirect_to( ''/users/index'' ) > > end > > > > def authenticate_impersonator! > > redirect_to(:root) unless (can? :impersonate, User) > > end > > > > #application_controller.rb > > helper_method :current_practice > > def current_practice > > if session[:impersonating] > > Practice.find session[:impersonating] > > else > > current_user.practice > > end > > end > > > > #views/layouts/index.html.erb > > > > <%- if session[:impersonating] -%> > > <div id="impersonating"> > > <p>Currently impersonating <strong><%= current_practice.name%></strong> <%= link_to "Stop Impersonating", "/users/stop_impersonating", > :class => "form_button delete" %></p> > > </div> > > <%- end -%> > > > > > > Everything in this solution centers around the current_practice helper, > which is where I used the session to side-step the current user and pretend > to be another. > > > > Walter > > > > > > > > On Wednesday, September 26, 2012 6:51:43 PM UTC+5:30, Walter Lee Davis > wrote: > > > > > > On Sep 26, 2012, at 4:58 AM, Avi wrote: > > > > > > > Hello, > > > > > > > > I have an interesting requirement. Don''t know how to do it. > > > > I have an Admin, which can see a list of users. > > > > All the users will have a button (Login). > > > > The Admin can click on the Login button to to access the user''s > account. > > > > If Admin does this he will be logged out of his account. But how to > access back his own account if he tries to come out of that user''s account? > > > > > > > > > > What method are you using for authentication? I did something similar > in Devise, where I allowed the admin to impersonate another user. I hooked > into the current_user method and allowed an admin user to assume the > identity of another user without logging out. Since admins were allowed to > see everything anyway (in CanCan) I didn''t need to do anything special > besides store the ID of the account I was impersonating in the session. > > > > > > Walter > > > > > > > > > -- > > > You received this message because you are subscribed to the Google > Groups "Ruby on Rails: Talk" group. > > > To post to this group, send email to rubyonra...-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > > To unsubscribe from this group, send email to > rubyonrails-ta...-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > > To view this discussion on the web visit > https://groups.google.com/d/msg/rubyonrails-talk/-/udMtXUaASAoJ. > > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > > > > > > > -- > > You received this message because you are subscribed to the Google > Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonra...-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org<javascript:>. > > > To unsubscribe from this group, send email to > rubyonrails-ta...-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org <javascript:>. > > To view this discussion on the web visit > https://groups.google.com/d/msg/rubyonrails-talk/-/WJ-3bA_74CsJ. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/Mmv1hH6gGGIJ. For more options, visit https://groups.google.com/groups/opt_out.