1040e7dbaSGreg Roach<?php 2040e7dbaSGreg Roach 3040e7dbaSGreg Roach/** 4040e7dbaSGreg Roach * webtrees: online genealogy 5*d11be702SGreg Roach * Copyright (C) 2023 webtrees development team 6040e7dbaSGreg Roach * This program is free software: you can redistribute it and/or modify 7040e7dbaSGreg Roach * it under the terms of the GNU General Public License as published by 8040e7dbaSGreg Roach * the Free Software Foundation, either version 3 of the License, or 9040e7dbaSGreg Roach * (at your option) any later version. 10040e7dbaSGreg Roach * This program is distributed in the hope that it will be useful, 11040e7dbaSGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of 12040e7dbaSGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13040e7dbaSGreg Roach * GNU General Public License for more details. 14040e7dbaSGreg Roach * You should have received a copy of the GNU General Public License 1589f7189bSGreg Roach * along with this program. If not, see <https://www.gnu.org/licenses/>. 16040e7dbaSGreg Roach */ 17040e7dbaSGreg Roach 18040e7dbaSGreg Roachdeclare(strict_types=1); 19040e7dbaSGreg Roach 20040e7dbaSGreg Roachnamespace Fisharebest\Webtrees\Http\RequestHandlers; 21040e7dbaSGreg Roach 22040e7dbaSGreg Roachuse Fisharebest\Webtrees\Auth; 2381b729d3SGreg Roachuse Fisharebest\Webtrees\Http\Exceptions\HttpNotFoundException; 24040e7dbaSGreg Roachuse Fisharebest\Webtrees\Log; 25040e7dbaSGreg Roachuse Fisharebest\Webtrees\Services\UserService; 26040e7dbaSGreg Roachuse Fisharebest\Webtrees\Session; 27b55cbc6bSGreg Roachuse Fisharebest\Webtrees\Validator; 28040e7dbaSGreg Roachuse Psr\Http\Message\ResponseInterface; 29040e7dbaSGreg Roachuse Psr\Http\Message\ServerRequestInterface; 30040e7dbaSGreg Roachuse Psr\Http\Server\RequestHandlerInterface; 31040e7dbaSGreg Roach 32040e7dbaSGreg Roachuse function response; 33040e7dbaSGreg Roach 34040e7dbaSGreg Roach/** 35040e7dbaSGreg Roach * Masquerade as another user, for testing and administration. 36040e7dbaSGreg Roach */ 37040e7dbaSGreg Roachclass Masquerade implements RequestHandlerInterface 38040e7dbaSGreg Roach{ 39c4943cffSGreg Roach private UserService $user_service; 40040e7dbaSGreg Roach 41040e7dbaSGreg Roach /** 42040e7dbaSGreg Roach * @param UserService $user_service 43040e7dbaSGreg Roach */ 44040e7dbaSGreg Roach public function __construct(UserService $user_service) 45040e7dbaSGreg Roach { 46040e7dbaSGreg Roach $this->user_service = $user_service; 47040e7dbaSGreg Roach } 48040e7dbaSGreg Roach 49040e7dbaSGreg Roach /** 50040e7dbaSGreg Roach * @param ServerRequestInterface $request 51040e7dbaSGreg Roach * 52040e7dbaSGreg Roach * @return ResponseInterface 53040e7dbaSGreg Roach */ 54040e7dbaSGreg Roach public function handle(ServerRequestInterface $request): ResponseInterface 55040e7dbaSGreg Roach { 56b55cbc6bSGreg Roach $user_id = Validator::attributes($request)->integer('user_id'); 57040e7dbaSGreg Roach $user = $this->user_service->find($user_id); 58040e7dbaSGreg Roach 59040e7dbaSGreg Roach if ($user === null) { 60d501c45dSGreg Roach throw new HttpNotFoundException('User ID ' . $user_id . ' not found'); 61040e7dbaSGreg Roach } 62040e7dbaSGreg Roach 63b55cbc6bSGreg Roach if (Validator::attributes($request)->user()->id() !== $user_id) { 64040e7dbaSGreg Roach Log::addAuthenticationLog('Masquerade as user: ' . $user->userName()); 65040e7dbaSGreg Roach Auth::login($user); 66040e7dbaSGreg Roach Session::put('masquerade', '1'); 67040e7dbaSGreg Roach } 68040e7dbaSGreg Roach 69040e7dbaSGreg Roach return response(); 70040e7dbaSGreg Roach } 71040e7dbaSGreg Roach} 72