Sets up impersonate for ssr pages too

src/clj/auto_ap/ssr/auth.clj

@@ -1,6 +1,16 @@
-(ns auto-ap.ssr.auth)
+(ns auto-ap.ssr.auth
+  (:require [buddy.sign.jwt :as jwt]
+            [config.core :refer [env]]))
 
 (defn logout [request]
   {:status 301
    :headers {"Location" "/login"}
    :session {}})
+
+
+(defn impersonate [request]
+  {:status  200
+   :session {:identity (dissoc (jwt/unsign (get-in request [:query-params "jwt"])
+                                           (:jwt-secret env)
+                                           {:alg :hs512})
+                               :exp)}})

src/clj/auto_ap/ssr/company/yodlee.clj

@@ -9,7 +9,7 @@
             pull-attr
             pull-many
             query2]]
-   [auto-ap.graphql.utils :refer [is-admin?]]
+   [auto-ap.graphql.utils :refer [assert-can-see-client is-admin?]]
    [auto-ap.ssr-routes :as ssr-routes]
    [auto-ap.ssr.components :as com]
    [auto-ap.ssr.grid-page-helper :as helper]
@@ -94,7 +94,10 @@ fastlink.open({fastLinkURL: '%s',
          ]
         [:div]))))
 
-(defn reauthenticate [{:keys [form-params]}]
+(defn reauthenticate [{:keys [form-params identity]}]
+  (assert-can-see-client identity (-> (dc/pull (dc/db conn) '[{:yodlee-provider-account/client [:db/id]}] (Long/parseLong (get form-params "id")))
+                                      :yodlee-provider-account/client
+                                      :db/id))
   (html-response
     (com/modal
       {}

src/clj/auto_ap/ssr/core.clj

@@ -25,6 +25,7 @@
 
 (def key->handler
   (-> {:logout                                         auth/logout
+       :impersonate                                    (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin auth/impersonate)))
        :admin-history                                  (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page)))
        :admin-history-search                           (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page)))
        :admin-history-inspect                          (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/inspect)))
@@ -44,7 +45,7 @@
        :company-yodlee-table                           (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/table))
        :company-yodlee-fastlink-dialog                 (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/fastlink-dialog))
        :company-yodlee-provider-account-refresh        (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/refresh-provider-account))
-       :company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/reauthenticate))
+       :company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/reauthenticate))
        :company-reports                                (wrap-client-redirect-unauthenticated (wrap-secure company-reports/page))
        :company-reports-table                          (wrap-client-redirect-unauthenticated (wrap-secure company-reports/table))
        :company-reports-delete                         (wrap-client-redirect-unauthenticated (wrap-admin company-reports/delete-report))

src/clj/auto_ap/ssr/grid_page_helper.clj

@@ -184,6 +184,7 @@
           valid-clients (->> valid-clients
                              (take 20)
                              set)]
+      (println "VALID CLIENTS ARE" valid-clients)
       (handler (assoc request :trimmed-clients valid-clients)))))
 
 (defn table-route [grid-spec]

src/clj/auto_ap/ssr/pos/sales_orders.clj

@@ -150,6 +150,7 @@
 
                 true
                 (merge-query {:query {:find ['?sort-default '?e]}}))]
+    (clojure.pprint/pprint query)
     (cond->> (query2 query)
       true (apply-sort-3 query-params)
       true (apply-pagination query-params))))