Add concept of impersonation

README.md

@@ -79,7 +79,7 @@ Feel free to contribute to this project by submitting a pull request.
 - [ ] Add Default Subscriber Role when a user subscribes
 - [ ] Remove Default Subscriber Role when a user unsubscribes
 - [ ] Option for user to delete account
-- [ ] Add concept of Impersonation
+- [x] Add concept of Impersonation
 - [ ] Add more documentation
 
 # Credits

app/Http/Controllers/Auth/ImpersonateController.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+class ImpersonateController extends Controller
+{
+    public function impersonate(User $user)
+    {
+        // Ensure the authenticated user is a super admin
+        if (! Auth::user()->hasPermissionTo('impersonate users')) {
+            abort(403, 'Unauthorized');
+        }
+
+        // Store the current user ID in the session
+        session(['admin_user_id' => Auth::id()]);
+
+        // Log in as the target user
+        Auth::loginUsingId($user->id);
+
+        if (Auth::user()->hasPermissionTo('access dashboard')) {
+            return redirect(route('admin.dashboard'));
+        }
+
+        return redirect(route('home'));
+    }
+
+    public function stopImpersonating()
+    {
+        // Get the previous user ID from the session
+        $previousUserId = session('admin_user_id');
+
+        // Log back in as the previous user
+        Auth::loginUsingId($previousUserId);
+
+        // Remove the previous user ID from the session
+        session()->forget('admin_user_id');
+
+        return redirect(route('admin.dashboard'));
+    }
+}

database/seeders/PermissionSeeder.php

@@ -37,6 +37,8 @@ public function run()
         Permission::create(['name' => 'delete plans']);
         Permission::create(['name' => 'create plans']);
 
+        Permission::create(['name' => 'impersonate users']);
+
         $superAdmin = Role::findByName('Super Admin')->syncPermissions(Permission::all());
     }
 }

resources/views/livewire/admin/users.blade.php

@@ -66,6 +66,14 @@ class="rounded border border-gray-200 dark:bg-gray-700 dark:border-gray-600 dark
                             @endforeach
                         </x-table.cell>
                         <x-table.cell class="flex items-center space-x-2 justify-end">
+                            @can('impersonate users')
+                                @if ($user->id !== auth()->id())
+                                    <a href="{{ route('impersonate', $user) }}">
+                                        <button class="btn btn-secondary">{{ __('Impersonate') }}</button>
+                                    </a>
+                                @endif
+                            @endcan
+
                             @can('view users')
                                 <button class="btn btn-secondary">{{ __('Show') }}</button>
                             @endcan

resources/views/partials/header.blade.php

@@ -1,3 +1,19 @@
+@if (Session::has('admin_user_id'))
+    <div class="py-2 flex items-center justify-center bg-red-600">
+
+        <a href="{{ route('stop-impersonating') }}" class="mx-4 flex space-x-2 items-center ml-10 text-white">
+            <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none"
+                 stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"
+                 class="text-white">
+                <path
+                    d="M2 12a5 5 0 0 0 5 5 8 8 0 0 1 5 2 8 8 0 0 1 5-2 5 5 0 0 0 5-5V7h-5a8 8 0 0 0-5 2 8 8 0 0 0-5-2H2Z"></path>
+                <path d="M6 11c1.5 0 3 .5 3 2-2 0-3 0-3-2Z"></path>
+                <path d="M18 11c-1.5 0-3 .5-3 2 2 0 3 0 3-2Z"></path>
+            </svg>
+            <span>Stop impersonating</span>
+        </a>
+    </div>
+@endif
 <section class="relative w-full px-8 text-gray-700 bg-white body-font">
     <div class="container flex flex-col flex-wrap items-center justify-between py-5 mx-auto md:flex-row max-w-7xl">
         <a href="{{ route('home') }}"
@@ -33,10 +49,10 @@ class="inline-flex items-center justify-center px-4 py-2 text-base font-medium l
                             {{ __('My Account') }}
                         </a>
                         @can('access dashboard')
-                        <a href="{{ route('admin.dashboard') }}"
-                           class="inline-flex items-center justify-center px-4 py-2 text-base font-medium leading-6 text-gray-600 whitespace-no-wrap bg-white border border-gray-200 rounded-md shadow-sm hover:bg-gray-50 focus:outline-none focus:shadow-none">
-                            {{ __('Admin') }}
-                        </a>
+                            <a href="{{ route('admin.dashboard') }}"
+                               class="inline-flex items-center justify-center px-4 py-2 text-base font-medium leading-6 text-gray-600 whitespace-no-wrap bg-white border border-gray-200 rounded-md shadow-sm hover:bg-gray-50 focus:outline-none focus:shadow-none">
+                                {{ __('Admin') }}
+                            </a>
                         @endcan
                         <a
                             href="{{ route('logout') }}"

routes/web.php

@@ -1,6 +1,7 @@
 <?php
 
 use App\Http\Controllers\Auth\EmailVerificationController;
+use App\Http\Controllers\Auth\ImpersonateController;
 use App\Http\Controllers\Auth\LogoutController;
 use App\Http\Middleware\NotSubscribed;
 use App\Http\Middleware\Subscribed;
@@ -55,6 +56,10 @@
 
     Route::post('logout', LogoutController::class)
         ->name('logout');
+
+    Route::get('impersonate/{user}', [ImpersonateController::class, 'impersonate'])->middleware('can:impersonate users')->name('impersonate');
+    Route::get('stop-impersonating', [ImpersonateController::class, 'stopImpersonating'])->middleware('auth')->name('stop-impersonating');
+
 });
 
 // Subscription and Account stuff