Merge branch 'fxposter/gitlab-ce-login-from-admin'

CHANGELOG

@@ -4,6 +4,7 @@ v 8.1.0 (unreleased)
   - Add user preference to view activities as default dashboard (Stan Hu)
   - Fix bug where projects would appear to be stuck in the forked import state (Stan Hu)
   - Fix Error 500 in creating merge requests with > 1000 diffs (Stan Hu)
+  - Add option to admin area to sign in as a specific user (Pavel Forkert)
   - Show CI status on all pages where commits list is rendered
   - Automatically enable CI when push .gitlab-ci.yml file to repository
   - Move CI charts to project graphs area

app/controllers/admin/users_controller.rb

@@ -63,6 +63,12 @@ class Admin::UsersController < Admin::ApplicationController
     end
   end
 
+  def login_as
+    sign_in(user)
+    flash[:alert] = "Logged in as #{user.username}"
+    redirect_to root_path
+  end
+
   def disable_two_factor
     user.disable_two_factor!
     redirect_to admin_user_path(user),

app/views/admin/users/_head.html.haml

@@ -6,6 +6,8 @@
     %span.cred (Admin)
 
   .pull-right
+    - unless @user == current_user
+      = link_to 'Log in as this user', login_as_admin_user_path(@user), method: :post, class: "btn btn-grouped btn-info"
     = link_to edit_admin_user_path(@user), class: "btn btn-grouped" do
       %i.fa.fa-pencil-square-o
       Edit

config/routes.rb

@@ -262,6 +262,7 @@ Gitlab::Application.routes.draw do
         put :unblock
         put :unlock
         put :confirm
+        post :login_as
         patch :disable_two_factor
         delete 'remove/:email_id', action: 'remove_email', as: 'remove_email'
       end

spec/controllers/admin/users_controller_spec.rb

@@ -7,6 +7,21 @@ describe Admin::UsersController do
     sign_in(admin)
   end
 
+  describe 'POST login_as' do
+    let(:user) { create(:user) }
+
+    it 'logs admin as another user' do
+      expect(warden.authenticate(scope: :user)).not_to eq(user)
+      post :login_as, id: user.username
+      expect(warden.authenticate(scope: :user)).to eq(user)
+    end
+
+    it 'redirects user to homepage' do
+      post :login_as, id: user.username
+      expect(response).to redirect_to(root_path)
+    end
+  end
+
   describe 'DELETE #user with projects' do
     let(:user) { create(:user) }
     let(:project) { create(:project, namespace: user.namespace) }

spec/features/admin/admin_users_spec.rb

@@ -111,6 +111,27 @@ describe "Admin::Users", feature: true  do
       expect(page).to have_content(@user.name)
     end
 
+    describe 'Login as another user' do
+      it 'should show login button for other users and check that it works' do
+        another_user = create(:user)
+
+        visit admin_user_path(another_user)
+
+        click_link 'Log in as this user'
+
+        expect(page).to have_content("Logged in as #{another_user.username}")
+
+        page.within '.sidebar-user .username' do
+          expect(page).to have_content(another_user.username)
+        end
+      end
+
+      it 'should not show login button for admin itself' do
+        visit admin_user_path(@user)
+        expect(page).not_to have_content('Log in as this user')
+      end
+    end
+
     describe 'Two-factor Authentication status' do
       it 'shows when enabled' do
         @user.update_attribute(:two_factor_enabled, true)