Skip to content

Commit 5f2fd7b

Browse files
isshaddadisshaddad
committed
handle immpersonation request from plain customer cards
1 parent 8f025b0 commit 5f2fd7b

File tree

1 file changed

+24
-5
lines changed

1 file changed

+24
-5
lines changed

apps/webapp/app/routes/admin._index.tsx

Lines changed: 24 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,7 @@ import {
2121
} from "~/components/primitives/Table";
2222
import { useUser } from "~/hooks/useUser";
2323
import { adminGetUsers, redirectWithImpersonation } from "~/models/admin.server";
24-
import { commitImpersonationSession, setImpersonationId } from "~/services/impersonation.server";
25-
import { requireUserId } from "~/services/session.server";
24+
import { requireUser, requireUserId } from "~/services/session.server";
2625
import { createSearchParams } from "~/utils/searchParams";
2726

2827
export const SearchParams = z.object({
@@ -32,7 +31,29 @@ export const SearchParams = z.object({
3231

3332
export type SearchParams = z.infer<typeof SearchParams>;
3433

34+
const FormSchema = z.object({ id: z.string() });
35+
36+
async function handleImpersonationRequest(
37+
request: Request,
38+
userId: string
39+
): Promise<Response> {
40+
const user = await requireUser(request);
41+
if (!user.admin) {
42+
return redirect("/");
43+
}
44+
return redirectWithImpersonation(request, userId, "/");
45+
}
46+
3547
export const loader = async ({ request, params }: LoaderFunctionArgs) => {
48+
// Check if this is an impersonation request via query parameter (e.g., from Plain customer cards)
49+
const url = new URL(request.url);
50+
const impersonateUserId = url.searchParams.get("impersonate");
51+
52+
if (impersonateUserId) {
53+
return handleImpersonationRequest(request, impersonateUserId);
54+
}
55+
56+
// Normal loader logic for admin dashboard
3657
const userId = await requireUserId(request);
3758

3859
const searchParams = createSearchParams(request.url, SearchParams);
@@ -44,8 +65,6 @@ export const loader = async ({ request, params }: LoaderFunctionArgs) => {
4465
return typedjson(result);
4566
};
4667

47-
const FormSchema = z.object({ id: z.string() });
48-
4968
export async function action({ request }: ActionFunctionArgs) {
5069
if (request.method.toLowerCase() !== "post") {
5170
return new Response("Method not allowed", { status: 405 });
@@ -54,7 +73,7 @@ export async function action({ request }: ActionFunctionArgs) {
5473
const payload = Object.fromEntries(await request.formData());
5574
const { id } = FormSchema.parse(payload);
5675

57-
return redirectWithImpersonation(request, id, "/");
76+
return handleImpersonationRequest(request, id);
5877
}
5978

6079
export default function AdminDashboardRoute() {

0 commit comments

Comments
 (0)