Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ankane/pretender

Last synced: 16 days ago
JSON representation

Host: GitHub
URL: https://github.com/ankane/pretender
Owner: ankane
License: mit
Created: 2013-03-05T06:18:38.000Z (over 11 years ago)
Default Branch: master
Last Pushed: 2024-09-27T01:44:06.000Z (about 2 months ago)
Last Synced: 2024-10-02T01:10:18.003Z (about 1 month ago)
Language: Ruby
Homepage:
Size: 86.9 KB
Stars: 1,287
Watchers: 15
Forks: 51
Open Issues: 1
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE.txt

Awesome Lists containing this project

README

        # Pretender

As an admin, there are times you want to see exactly what another user sees. Meet Pretender.

- Easily switch between users

- Minimal code changes

- Plays nicely with Action Cable and auditing tools

:boom: [Rock on](https://www.youtube.com/watch?v=SBjQ9tuuTJQ)

Pretender is flexible and lightweight - less than 100 lines of code :-)

Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/Sorcery/sorcery) to name a few.

:tangerine: Battle-tested at [Instacart](https://www.instacart.com/opensource)

[![Build Status](https://github.com/ankane/pretender/actions/workflows/build.yml/badge.svg)](https://github.com/ankane/pretender/actions)

## Installation

Add this line to your application’s Gemfile:

```ruby

gem "pretender"

```

And add this to your `ApplicationController`:

```ruby

class ApplicationController < ActionController::Base

  impersonates :user

end

```

## How It Works

Sign in as another user with:

```

impersonate_user(user)

```

The `current_user` method now returns the impersonated user.

You can access the true user with:

```

true_user

```

And stop impersonating with:

```ruby

stop_impersonating_user

```

### Sample Implementation

Create a controller

```ruby

class UsersController < ApplicationController

  before_action :require_admin! # your authorization method

  def index

    @users = User.order(:id)

  end

  def impersonate

    user = User.find(params[:id])

    impersonate_user(user)

    redirect_to root_path

  end

  def stop_impersonating

    stop_impersonating_user

    redirect_to root_path

  end

end

```

Add routes

```ruby

resources :users, only: [:index] do

  post :impersonate, on: :member

  post :stop_impersonating, on: :collection

end

```

Create an index view

```erb



  <% @users.each do |user| %>

    Sign in as <%= button_to user.name, impersonate_user_path(user), data: {turbo: false} %>

  <% end %>



```

And show when someone is signed in as another user in your application layout

```erb

<% if current_user != true_user %>

  You (<%= true_user.name %>) are signed in as <%= current_user.name %>

  <%= button_to "Back to admin", stop_impersonating_users_path, data: {turbo: false} %>

<% end %>

```

## Audits

If you keep audit logs with a library like [Audited](https://github.com/collectiveidea/audited), make sure it uses the **true user**.

```ruby

Audited.current_user_method = :true_user

```

## Action Cable

And add this to your `ApplicationCable::Connection`:

```ruby

module ApplicationCable

  class Connection < ActionCable::Connection::Base

    identified_by :current_user, :true_user

    impersonates :user

    def connect

      self.current_user = find_verified_user

      reject_unauthorized_connection unless current_user

    end

    private

    def find_verified_user

      env["warden"].user # for Devise

    end

  end

end

```

The `current_user` method now returns the impersonated user in channels.

## Configuration

Pretender is super flexible. You can change the names of methods and even impersonate multiple roles at the same time. Here’s the default configuration.

```ruby

impersonates :user,

             method: :current_user,

             with: ->(id) { User.find_by(id: id) }

```

Mold it to fit your application.

```ruby

impersonates :account,

             method: :authenticated_account,

             with: ->(id) { EnterpriseAccount.find_by(id: id) }

```

This creates three methods:

```ruby

true_account

impersonate_account

stop_impersonating_account

```

## History

View the [changelog](https://github.com/ankane/pretender/blob/master/CHANGELOG.md)

## Contributing

Everyone is encouraged to help improve this project. Here are a few ways you can help:

- [Report bugs](https://github.com/ankane/pretender/issues)

- Fix bugs and [submit pull requests](https://github.com/ankane/pretender/pulls)

- Write, clarify, or fix documentation

- Suggest or add new features

To get started with development:

```sh

git clone https://github.com/ankane/pretender.git

cd pretender

bundle install

bundle exec rake test

```