Implemented espionage mode

2024-11-23 23:58:02 -05:00 · 2014-02-26 14:14:43 -08:00 · 2014-02-26 14:14:43 -08:00 · b648098c95
commit b648098c95
parent a052180250
3 changed files with 65 additions and 1 deletions
--- a/app/templates/admin.jade
+++ b/app/templates/admin.jade
@ -2,6 +2,18 @@ extends /templates/base

 block content
  
+  h3 Espionage mode
+    h5 Please enter the email/username of the person you want to spy on
+    .form
+      .form-group
+        label.control-label Email 
+        input#user-email
+      .form-group
+        label.control-label Username 
+        input#user-username
+      
+    button.btn.btn-primary.btn-large#enter-espionage-mode 007
+  
  h3(data-i18n="admin.av_title") Admin Views

  h4(data-i18n="admin.av_entities_sub_title") Entities
--- a/app/views/admin_view.coffee
+++ b/app/views/admin_view.coffee
@ -1,6 +1,35 @@
+{backboneFailure, genericFailure} = require 'lib/errors'
 View = require 'views/kinds/RootView'
 template = require 'templates/admin'
+storage = require 'lib/storage'

 module.exports = class AdminView extends View
  id: "admin-view"
  template: template
+  
+  events:
+    'click #enter-espionage-mode': 'enterEspionageMode'
+    
+  enterEspionageMode: ->
+    userEmail = $("#user-email").val().toLowerCase()
+    username = $("#user-username").val().toLowerCase()
+    
+    userIdentifier = userEmail || username
+    postData =
+      usernameLower: username
+      emailLower: userEmail
+      
+    $.ajax
+      type: "POST",
+      url: "/auth/spy"
+      data: postData
+      success: @espionageSuccess
+      error: @espionageFailure
+    
+  espionageSuccess: (model) ->
+    storage.save('whoami',model)
+    window.location.reload()
+  espionageFailure: (jqxhr, status,error)->
+    console.log "There was an error entering espionage mode: #{error}"
+    
+    
--- a/server/routes/auth.coffee
+++ b/server/routes/auth.coffee
@ -28,7 +28,30 @@ module.exports.setup = (app) ->
        return done(null, user)
      )
  ))
-
+  app.post '/auth/spy', (req, res, next) ->
+    if req?.user?.isAdmin()
+      
+      username = req.body.usernameLower
+      emailLower = req.body.emailLower
+      if emailLower
+        query = {"emailLower":emailLower}
+      else if username
+        query = {"nameLower":username}
+      else
+        return errors.badInput res, "You need to supply one of emailLower or username"
+        
+      User.findOne query, (err, user) ->
+        if err? then return errors.serverError res, "There was an error finding the specified user"
+        
+        unless user then return errors.badInput res, "The specified user couldn't be found"
+          
+        req.logIn user, (err) ->
+          if err? then return errors.serverError res, "There was an error logging in with the specified"
+          res.send(UserHandler.formatEntity(req, user))
+          return res.end()
+    else
+      return errors.unauthorized res, "You must be an admin to enter espionage mode"
+      
  app.post('/auth/login', (req, res, next) ->
    authentication.authenticate('local', (err, user, info) ->
      return next(err) if err