srizan/archived-hc-harbor
1
0
Fork 0
mirror of https://github.com/SrIzan10/hc-harbor.git synced 2026-05-01 10:45:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix admin impersonate perms

Browse Source
This commit is contained in:
Echo
2025-07-04 11:25:29 -04:00
parent 1d772b83d7
commit 1a0d839602
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/controllers/sessions_controller.rb
View File

@@ -176,6 +176,11 @@ class SessionsController < ApplicationController
user = User.find(params[:id])
if user.superadmin?
redirect_to root_path, alert: "nice try, you cant do that"
return
end
if user.admin? && !current_user.superadmin?
redirect_to root_path, alert: "nice try, you cant do that"
return

4
app/views/shared/_user_mention.html.erb
View File

@@ -24,11 +24,11 @@
</span>
<% end %>
<% if local_assigns.fetch(:show, []).include?(:neighborhood) && user.slack_neighborhood_channel.present? %>
<%= link_to "🏘️", "https://slack.com/app_redirect?channel=#{user.slack_neighborhood_channel}", target: "_blank" %>
<%= link_to "🏘️", "https://slack.com/app_redirect?channel={user.slack_neighborhood_channel}", target: "_blank" %>
<% end %>
<% unless current_user == user %>
<% admin_tool('', 'span') do %>
<% if !user.admin? || current_user.superadmin? %>
<% if (!user.admin? && !user.superadmin?) || (user.admin? && current_user.superadmin? && !user.superadmin?) %>
<%= link_to impersonate_user_path(user), class: "text-primary font-bold hover:text-red-300 transition-colors duration-200", data: { turbo_frame: "_top", turbo_prefetch: "false" } do %>
🥸
<% end %>