More rigorous session-cleanup for BecomeUser
[usit-rt.git] / local / html / Admin / Tools / BecomeUser.html
CommitLineData
84fb5b46
MKG
1%# BEGIN BPS TAGGED BLOCK {{{
2%#
3%# COPYRIGHT:
4%#
5%# This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC
6%# <jesse@bestpractical.com>
7%#
8%# (Except where explicitly superseded by other copyright notices)
9%#
10%#
11%# LICENSE:
12%#
13%# This work is made available to you under the terms of Version 2 of
14%# the GNU General Public License. A copy of that license should have
15%# been provided with this software, but in any event can be snarfed
16%# from www.gnu.org.
17%#
18%# This work is distributed in the hope that it will be useful, but
19%# WITHOUT ANY WARRANTY; without even the implied warranty of
20%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21%# General Public License for more details.
22%#
23%# You should have received a copy of the GNU General Public License
24%# along with this program; if not, write to the Free Software
25%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26%# 02110-1301 or visit their web page on the internet at
27%# http://www.gnu.org/copyleft/gpl.html.
28%#
29%#
30%# CONTRIBUTION SUBMISSION POLICY:
31%#
32%# (The following paragraph is not intended to limit the rights granted
33%# to you to modify and distribute this software under the terms of
34%# the GNU General Public License and is only of importance to you if
35%# you choose to contribute your changes and enhancements to the
36%# community by submitting them to Best Practical Solutions, LLC.)
37%#
38%# By intentionally submitting any modifications, corrections or
39%# derivatives to this work, or any other work intended for use with
40%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
41%# you are the copyright holder for those contributions and you grant
42%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43%# royalty-free, perpetual, license to use, copy, create derivative
44%# works based on those contributions, and sublicense and distribute
45%# those contributions and any derivatives thereof.
46%#
47%# END BPS TAGGED BLOCK }}}
48
49<%init>
50 my $title = loc('Become User');
51 unless ($session{'CurrentUser'}->HasRight( Object=> $RT::System, Right => 'SuperUser')) {
52 Abort(loc('This feature is only available to system administrators'));
53 }
54
55 my($Users, $Message);
56 if ( defined($ARGS{'User'}) ) {
57
58 my $CurrentUserId = $session{'CurrentUser'}->id;
59 $session{'CurrentUser'}->Load($ARGS{'User'});
60 if (defined($session{'CurrentUser'}->id)){
61 $Message = "You are now: ".$session{'CurrentUser'}->Name;
62 }
63 else {
64 $session{'CurrentUser'}->Load($CurrentUserId); $Message = "User ".$ARGS{'User'}." not found."
65 }
66 delete $session{'my_rt_portlets'};
67 unless ( defined($ARGS{'submit'}) && $ARGS{'submit'} =~ m/super/ ){
8349b8eb 68 delete $session{'CurrentUser'}->{'_principal_obj'};
84fb5b46
MKG
69 }
70 }
71
72 $Users = RT::Users->new($RT::SystemUser);
73 $Users->LimitToPrivileged();
74 $Users->_DoSearch();
75
76
77</%init>
78
79% unless ($session{'CurrentUser'}->Privileged) {
80% RT::Interface::Web::Redirect( RT->Config->Get('WebURL') );
81% }
82
83<& /Admin/Elements/Header, Title => $title &>
84<& /Elements/Tabs &>
85<h2><% $Message %></h2>
86%if ($session{'CurrentUser'}->HasRight( Object=> $RT::System, Right => 'SuperUser')) {
87
88<h2><&|/l&>Select Privileged User</&></h2>
89<form name=BecomeUser action=BecomeUser.html>
90<select name="User" size="20">
91%while ( my $User = $Users->Next ) {
92<option value="<% $ValueAttribute eq 'Name' ? User->Name : $User->id %>" <% ($User->Id == $session{'CurrentUser'}->Id) ? 'SELECTED="SELECTED"' : ''%>><%$User->Name . " (" . $User->RealName . ")" %></option>
93%}
94</select>
95%#<& /Elements/Submit, Label => loc("Become User")&>
96<br>
97<input type="submit" name="submit" value="Become User" class="button" />
98<input type="submit" name="submit" value="Become User (super)" class="button" />
99<h2>Select any user ID/Name</h2>
100</form>
101<form name=BecomeUser action=BecomeUser.html>
102<input type="text" name="User" size="15">
103<input type="submit" name="submit" value="Become User" class="button" />
104<input type="submit" name="submit" value="Become User (super)" class="button" />
105</form>
106%} else {
107<% $session{'CurrentUser'}->Name %> does not have access to become another user.
108%}
109
110<%args>
111$ValueAttribute => 'id'
112</%args>