N.542, N.912 Finalized the API UserRights::Impersonate. This is an enabler for several enhancements.

git-svn-id: http://svn.code.sf.net/p/itop/code/trunk@4837 a333f486-631f-4898-b8df-5754b55c2be0

application/loginwebpage.class.inc.php

@@ -431,7 +431,7 @@ EOF
 		unset($_SESSION['auth_user']);
 		unset($_SESSION['login_mode']);
 		unset($_SESSION['archive_mode']);
-		unset($_SESSION['archive_allowed']);
+		unset($_SESSION['impersonate_user']);
 		UserRights::_ResetSessionCache();
 		// If it's desired to kill the session, also delete the session cookie.
 		// Note: This will destroy the session, and not just the session data!

core/userrights.class.inc.php

@@ -583,6 +583,13 @@ class UserRights
 			return false;
 		}
 		self::$m_oUser = $oUser;
+
+		if (isset($_SESSION['impersonate_user']))
+		{
+			self::$m_oRealUser = self::$m_oUser;
+			self::$m_oUser = self::FindUser($_SESSION['impersonate_user']);
+		}
+
 		Dict::SetUserLanguage(self::GetUserLanguage());
 		return true;
 	}
@@ -702,24 +709,50 @@ class UserRights
 		}
 	}
 
-	public static function Impersonate($sName, $sPassword)
+	/**
+	 * @param string $sName Login identifier of the user to impersonate
+	 * @return bool True if an impersonation occurred
+	 */
+	public static function Impersonate($sName)
 	{
 		if (!self::CheckLogin()) return false;
 
+		$bRet = false;
 		$oUser = self::FindUser($sName);
-		if (is_null($oUser))
+		if ($oUser)
 		{
-			return false;
+			$bRet = true;
+			if (is_null(self::$m_oRealUser))
+			{
+				// First impersonation
+				self::$m_oRealUser = self::$m_oUser;
+			}
+			if (self::$m_oRealUser && (self::$m_oRealUser->GetKey() == $oUser->GetKey()))
+			{
+				// Equivalent to "Deimpersonate"
+				self::Deimpersonate();
+			}
+			else
+			{
+				// Do impersonate!
+				self::$m_oUser = $oUser;
+				Dict::SetUserLanguage(self::GetUserLanguage());
+				$_SESSION['impersonate_user'] = $sName;
+				self::_ResetSessionCache();
+			}
 		}
-		if (!$oUser->CheckCredentials($sPassword))
+		return $bRet;
+	}
+
+	public static function Deimpersonate()
+	{
+		if (!is_null(self::$m_oRealUser))
 		{
-			return false;
+			self::$m_oUser = self::$m_oRealUser;
+			Dict::SetUserLanguage(self::GetUserLanguage());
+			unset($_SESSION['impersonate_user']);
+			self::_ResetSessionCache();
 		}
-
-		self::$m_oRealUser = self::$m_oUser;
-		self::$m_oUser = $oUser;
-		Dict::SetUserLanguage(self::GetUserLanguage());
-		return true;
 	}
 
 	public static function GetUser()
@@ -851,6 +884,11 @@ class UserRights
 		return self::$m_oRealUser->Get('login');
 	}
 
+	public static function GetRealUserObject()
+	{
+		return self::$m_oRealUser;
+	}
+
 	public static function GetRealUserId()
 	{
 		if (is_null(self::$m_oRealUser))
@@ -1193,6 +1231,10 @@ class UserRights
 		{
 			unset($_SESSION['profile_list']);
 		}
+		if (isset($_SESSION['archive_allowed']))
+		{
+			unset($_SESSION['archive_allowed']);
+		}
 	}
 }