Impersonation (#1325)

* Initial impersonation * Impersonation audit * Keep super admin separate * Remove vscode settings * Comment cleanup * Comment out impersonation fixtures for now * Remove unused controlelr * Add impersonation testing (#1326) * Add impersonation testing * Remove unused method * Update schema.rb * Update brakeman --------- Co-authored-by: Zach Gollwitzer <zach@maybe.co>
2025-08-02 20:15:22 +02:00 · 2024-10-18 11:26:58 -05:00 · 2024-10-18 11:26:58 -05:00 · c7c281073f
commit c7c281073f
parent 4a3685f503
29 changed files with 477 additions and 16 deletions
--- a/db/migrate/20241009214601_add_super_admin_to_users.rb
+++ b/db/migrate/20241009214601_add_super_admin_to_users.rb
@ -0,0 +1,23 @@
+class AddSuperAdminToUsers < ActiveRecord::Migration[7.2]
+  def change
+    reversible do |dir|
+      dir.up do
+        change_column :users, :role, :string, default: 'member'
+
+        execute <<-SQL
+          DROP TYPE user_role;
+        SQL
+      end
+
+      dir.down do
+        execute <<-SQL
+          CREATE TYPE user_role AS ENUM ('admin', 'member');
+        SQL
+
+        change_column_default :users, :role, nil
+        change_column :users, :role, :user_role, using: 'role::user_role'
+        change_column_default :users, :role, 'member'
+      end
+    end
+  end
+end
--- a/db/migrate/20241017162347_create_impersonation_sessions.rb
+++ b/db/migrate/20241017162347_create_impersonation_sessions.rb
@ -0,0 +1,12 @@
+class CreateImpersonationSessions < ActiveRecord::Migration[7.2]
+  def change
+    create_table :impersonation_sessions, id: :uuid do |t|
+      t.references :impersonator, null: false, foreign_key: { to_table: :users }, type: :uuid
+      t.references :impersonated, null: false, foreign_key: { to_table: :users }, type: :uuid
+      t.string :status, null: false, default: 'pending'
+      t.timestamps
+    end
+
+    add_reference :sessions, :active_impersonator_session, type: :uuid, foreign_key: { to_table: :impersonation_sessions }
+  end
+end
--- a/db/migrate/20241017162536_create_impersonation_session_logs.rb
+++ b/db/migrate/20241017162536_create_impersonation_session_logs.rb
@ -0,0 +1,14 @@
+class CreateImpersonationSessionLogs < ActiveRecord::Migration[7.2]
+  def change
+    create_table :impersonation_session_logs, id: :uuid do |t|
+      t.references :impersonation_session, type: :uuid, foreign_key: true, null: false
+      t.string :controller
+      t.string :action
+      t.text :path
+      t.string :method
+      t.string :ip_address
+      t.text :user_agent
+      t.timestamps
+    end
+  end
+end