pages/login/LoginHandler.inc.php

<?php

import('lib.pkp.pages.login.PKPLoginHandler');

class LoginHandler extends PKPLoginHandler {
   function signInAsUser($args, &$request) {
      $this->addCheck(new HandlerValidatorPress($this));
      $this->addCheck(new HandlerValidatorRoles($this, true, null, null, array(ROLE_ID_SITE_ADMIN, ROLE_ID_PRESS_MANAGER)));
      $this->validate();

      if (isset($args[0]) && !empty($args[0])) {
         $userId = (int)$args[0];
         $user =& $request->getUser();

         if (!Validation::canAdminister($userId, $user->getId())) {
            $this->setupTemplate();
            // We don't have administrative rights
            // over this user. Display an error.
            $templateMgr =& TemplateManager::getManager();
            $templateMgr->assign('pageTitle', 'manager.people');
            $templateMgr->assign('errorMsg', 'manager.people.noAdministrativeRights');
            $templateMgr->assign('backLink', $request->url(null, null, 'people', 'all'));
            $templateMgr->assign('backLinkLabel', 'manager.people.allUsers');
            return $templateMgr->display('common/error.tpl');
         }

         $userDao =& DAORegistry::getDAO('UserDAO');
         $newUser =& $userDao->getById($userId);
         $session =& $request->getSession();

         // FIXME Support "stack" of signed-in-as user IDs?
         if (isset($newUser) && $session->getUserId() != $newUser->getId()) {
            $session->setSessionVar('signedInAs', $session->getUserId());
            $session->setSessionVar('userId', $userId);
            $session->setUserId($userId);
            $session->setSessionVar('username', $newUser->getUsername());
            $request->redirect(null, 'user');
         }
      }
      $request->redirect(null, $request->getRequestedPage());
   }

   function signOutAsUser($args, &$request) {
      $this->validate();

      $session =& $request->getSession();
      $signedInAs = $session->getSessionVar('signedInAs');

      if (isset($signedInAs) && !empty($signedInAs)) {
         $signedInAs = (int)$signedInAs;

         $userDao =& DAORegistry::getDAO('UserDAO');
         $oldUser =& $userDao->getById($signedInAs);

         $session->unsetSessionVar('signedInAs');

         if (isset($oldUser)) {
            $session->setSessionVar('userId', $signedInAs);
            $session->setUserId($signedInAs);
            $session->setSessionVar('username', $oldUser->getUsername());
         }
      }

      $request->redirect(null, 'user');
   }

   function _getLoginUrl($request) {
      return $request->url(null, 'login', 'signIn');
   }

   function _setMailFrom($request, &$mail) {
      $site =& $request->getSite();
      $press =& $request->getPress();

      // Set the sender based on the current context
      if ($press && $press->getSetting('supportEmail')) {
         $mail->setFrom($press->getSetting('supportEmail'), $press->getSetting('supportName'));
      } else {
         $mail->setFrom($site->getLocalizedContactEmail(), $site->getLocalizedContactName());
      }
   }

   function _redirectAfterLogin($request) {
      $press = $this->getTargetPress($request);
      // If there's a press, send them to the dashboard after login.
      if ($press && $request->getUserVar('source') == '' && array_intersect(
         array(ROLE_ID_SITE_ADMIN, ROLE_ID_PRESS_MANAGER, ROLE_ID_SERIES_EDITOR, ROLE_ID_AUTHOR, ROLE_ID_REVIEWER, ROLE_ID_PRESS_ASSISTANT),
         (array) $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES)
      )) {
         return $request->redirect($press->getPath(), 'dashboard');
      }
      // Fall back on the parent otherwise.
      return parent::_redirectAfterLogin($request);
   }

   function setupTemplate() {
      AppLocale::requireComponents(LOCALE_COMPONENT_OMP_MANAGER, LOCALE_COMPONENT_PKP_MANAGER);
      parent::setupTemplate();
   }
}

?>