Impersonation (#1325)

* Initial impersonation

* Impersonation audit

* Keep super admin separate

* Remove vscode settings

* Comment cleanup

* Comment out impersonation fixtures for now

* Remove unused controlelr

* Add impersonation testing (#1326)

* Add impersonation testing

* Remove unused method

* Update schema.rb

* Update brakeman

---------

Co-authored-by: Zach Gollwitzer <zach@maybe.co>

app/models/current.rb

@@ -1,7 +1,19 @@
 class Current < ActiveSupport::CurrentAttributes
-  attribute :session
   attribute :user_agent, :ip_address
 
-  delegate :user, to: :session, allow_nil: true
+  attribute :session
+
   delegate :family, to: :user, allow_nil: true
+
+  def user
+    impersonated_user || session&.user
+  end
+
+  def impersonated_user
+    session&.active_impersonator_session&.impersonated
+  end
+
+  def true_user
+    session&.user
+  end
 end

app/models/impersonation_session.rb

@@ -0,0 +1,39 @@
+class ImpersonationSession < ApplicationRecord
+  belongs_to :impersonator, class_name: "User"
+  belongs_to :impersonated, class_name: "User"
+
+  has_many :logs, class_name: "ImpersonationSessionLog"
+
+  enum :status, { pending: "pending", in_progress: "in_progress", complete: "complete", rejected: "rejected" }
+
+  scope :initiated, -> { where(status: [ :pending, :in_progress ]) }
+
+  validate :impersonator_is_super_admin
+  validate :impersonated_is_not_super_admin
+  validate :impersonator_different_from_impersonated
+
+  def approve!
+    update! status: :in_progress
+  end
+
+  def reject!
+    update! status: :rejected
+  end
+
+  def complete!
+    update! status: :complete
+  end
+
+  private
+    def impersonator_is_super_admin
+      errors.add(:impersonator, "must be a super admin to impersonate") unless impersonator.super_admin?
+    end
+
+    def impersonated_is_not_super_admin
+      errors.add(:impersonated, "cannot be a super admin") if impersonated.super_admin?
+    end
+
+    def impersonator_different_from_impersonated
+      errors.add(:impersonator, "cannot be the same as the impersonated user") if impersonator == impersonated
+    end
+end

app/models/impersonation_session_log.rb

@@ -0,0 +1,3 @@
+class ImpersonationSessionLog < ApplicationRecord
+  belongs_to :impersonation_session
+end

app/models/session.rb

@@ -1,5 +1,9 @@
 class Session < ApplicationRecord
   belongs_to :user
+  belongs_to :active_impersonator_session,
+    -> { where(status: :in_progress) },
+    class_name: "ImpersonationSession",
+    optional: true
 
   before_create do
     self.user_agent = Current.user_agent

app/models/user.rb

@@ -3,6 +3,8 @@ class User < ApplicationRecord
 
   belongs_to :family
   has_many :sessions, dependent: :destroy
+  has_many :impersonator_support_sessions, class_name: "ImpersonationSession", foreign_key: :impersonator_id, dependent: :destroy
+  has_many :impersonated_support_sessions, class_name: "ImpersonationSession", foreign_key: :impersonated_id, dependent: :destroy
   accepts_nested_attributes_for :family
 
   validates :email, presence: true, uniqueness: true
@@ -11,7 +13,7 @@ class User < ApplicationRecord
 
   normalizes :first_name, :last_name, with: ->(value) { value.strip.presence }
 
-  enum :role, { member: "member", admin: "admin" }, validate: true
+  enum :role, { member: "member", admin: "admin", super_admin: "super_admin" }, validate: true
 
   has_one_attached :profile_image do |attachable|
     attachable.variant :thumbnail, resize_to_fill: [ 300, 300 ]
@@ -23,6 +25,11 @@ class User < ApplicationRecord
     password_salt&.last(10)
   end
 
+  def request_impersonation_for(user_id)
+    impersonated = User.find(user_id)
+    impersonator_support_sessions.create!(impersonated: impersonated)
+  end
+
   def display_name
     [ first_name, last_name ].compact.join(" ").presence || email
   end