Sets up impersonate for ssr pages too

src/clj/auto_ap/datomic/reports.clj

@@ -1,68 +0,0 @@
-(ns auto-ap.datomic.reports
-  (:require
-   [auto-ap.datomic
-    :refer [add-sorter-fields
-            apply-pagination
-            apply-sort-3
-            conn
-            merge-query
-            pull-many
-            query2]]
-   [auto-ap.graphql.utils :refer [can-see-client? extract-client-ids]]
-   [clj-time.coerce :as c]
-   [datomic.api :as dc]
-   [clojure.set :as set]))
-
-(def default-read '[:db/id :report/client :report/created :report/url :report/name :report/creator])
-
-(defn raw-graphql-ids [db args]
-
-  (let [valid-clients (extract-client-ids (:clients args)
-                                          (:client-id args)
-                                          (when (:client-code args)
-                                            [:client/code (:client-code args)]))
-        query (cond-> {:query {:find []
-                               :in '[$ [?c ...]]
-                               :where '[[?e :report/client ?c]]}
-                       :args [db valid-clients]} 
-
-                
-                (:sort args) (add-sorter-fields {"client" ['[?e :report/client ?c]
-                                                           '[?c :client/name ?sort-client]]
-                                                 "created" ['[?e :report/created ?sort-created]]
-                                                 "creator" ['[?e :report/creator ?sort-creator]]
-                                                 "name" ['[?e :report/name ?sort-name]
-                                                           ]}
-                                                args)
-
-                true
-                (merge-query {:query {:find ['?sort-default '?e] :where ['[?e :report/created ?sort-default]]}}))]
-    (->> (query2 query)
-      (apply-sort-3 (update args :sort conj {:sort-key "default-2" :asc true}))
-      (apply-pagination args))))
-
-(defn graphql-results [ids db args]
-  (let [results (->> (pull-many db default-read ids)
-                     (map #(update % :report/created c/from-date))
-                     (group-by :db/id))
-        valid-clients (extract-client-ids (:clients args)
-                                          (:client-id args)
-                                          (when (:client-code args)
-                                            [:client/code (:client-code args)]))]
-    (->> ids
-         (map results)
-         (filter identity)
-         
-         (map first)
-         (filter (fn [r]
-                   (let [used-clients (set (map :db/id (:report/client r)))]
-                     (= used-clients
-                        (set/intersection valid-clients
-                                          used-clients))))))))
-
-(defn get-graphql [args]
-  (let [db (dc/db conn)
-        {ids-to-retrieve :ids matching-count :count} (raw-graphql-ids db args)]
-    
-    [(->> (graphql-results ids-to-retrieve db args))
-     matching-count]))

src/clj/auto_ap/ssr/auth.clj

@@ -1,6 +1,16 @@
-(ns auto-ap.ssr.auth)
+(ns auto-ap.ssr.auth
+  (:require [buddy.sign.jwt :as jwt]
+            [config.core :refer [env]]))
 
 (defn logout [request]
   {:status 301
    :headers {"Location" "/login"}
    :session {}})
+
+
+(defn impersonate [request]
+  {:status  200
+   :session {:identity (dissoc (jwt/unsign (get-in request [:query-params "jwt"])
+                                           (:jwt-secret env)
+                                           {:alg :hs512})
+                               :exp)}})

src/clj/auto_ap/ssr/company/yodlee.clj

@@ -9,7 +9,7 @@
             pull-attr
             pull-many
             query2]]
-   [auto-ap.graphql.utils :refer [is-admin?]]
+   [auto-ap.graphql.utils :refer [assert-can-see-client is-admin?]]
    [auto-ap.ssr-routes :as ssr-routes]
    [auto-ap.ssr.components :as com]
    [auto-ap.ssr.grid-page-helper :as helper]
@@ -94,7 +94,10 @@ fastlink.open({fastLinkURL: '%s',
          ]
         [:div]))))
 
-(defn reauthenticate [{:keys [form-params]}]
+(defn reauthenticate [{:keys [form-params identity]}]
+  (assert-can-see-client identity (-> (dc/pull (dc/db conn) '[{:yodlee-provider-account/client [:db/id]}] (Long/parseLong (get form-params "id")))
+                                      :yodlee-provider-account/client
+                                      :db/id))
   (html-response
     (com/modal
       {}

src/clj/auto_ap/ssr/core.clj

@@ -25,6 +25,7 @@
 
 (def key->handler
   (-> {:logout                                         auth/logout
+       :impersonate                                    (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin auth/impersonate)))
        :admin-history                                  (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page)))
        :admin-history-search                           (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page)))
        :admin-history-inspect                          (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/inspect)))
@@ -44,7 +45,7 @@
        :company-yodlee-table                           (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/table))
        :company-yodlee-fastlink-dialog                 (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/fastlink-dialog))
        :company-yodlee-provider-account-refresh        (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/refresh-provider-account))
-       :company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/reauthenticate))
+       :company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/reauthenticate))
        :company-reports                                (wrap-client-redirect-unauthenticated (wrap-secure company-reports/page))
        :company-reports-table                          (wrap-client-redirect-unauthenticated (wrap-secure company-reports/table))
        :company-reports-delete                         (wrap-client-redirect-unauthenticated (wrap-admin company-reports/delete-report))

src/clj/auto_ap/ssr/grid_page_helper.clj

@@ -184,6 +184,7 @@
           valid-clients (->> valid-clients
                              (take 20)
                              set)]
+      (println "VALID CLIENTS ARE" valid-clients)
       (handler (assoc request :trimmed-clients valid-clients)))))
 
 (defn table-route [grid-spec]

src/clj/auto_ap/ssr/pos/sales_orders.clj

@@ -150,6 +150,7 @@
 
                 true
                 (merge-query {:query {:find ['?sort-default '?e]}}))]
+    (clojure.pprint/pprint query)
     (cond->> (query2 query)
       true (apply-sort-3 query-params)
       true (apply-pagination query-params))))

src/cljc/auto_ap/ssr_routes.cljc

@@ -1,6 +1,7 @@
 (ns auto-ap.ssr-routes)
 
-(def routes {"logout" :logout
+(def routes {"impersonate" :impersonate
+             "logout" :logout
              "search" :search
              "invoice" {"/glimpse" {"" {:get :invoice-glimpse
                                         :post :invoice-glimpse-upload

src/cljs/auto_ap/views/pages/admin/users/table.cljs

@@ -1,11 +1,32 @@
 (ns auto-ap.views.pages.admin.users.table
-  (:require 
+  (:require
-   [clojure.string :as str]
-   [re-frame.core :as re-frame]
-   [auto-ap.views.utils :refer [action-cell-width]]
-   [auto-ap.views.pages.admin.users.form :as form]
    [auto-ap.views.components.buttons :as buttons]
-   [auto-ap.views.components.grid :as grid]))
+   [auto-ap.views.components.grid :as grid]
+   [auto-ap.views.pages.admin.users.form :as form]
+   [auto-ap.views.utils
+    :refer [action-cell-width dispatch-event with-user]]
+   [clojure.string :as str]
+   [re-frame.core :as re-frame]))
+
+(re-frame/reg-event-fx
+  ::impersonated
+  (fn [_ [_ impersonate-jwt]]
+    (println "SUCCESED")
+    (.setItem js/localStorage "jwt" impersonate-jwt)
+    (.removeItem js/localStorage "last-client-id" nil)
+    (.removeItem js/localStorage "last-selected-clients" nil)
+    (.reload (.-location js/document ) true)
+    {}))
+
+(re-frame/reg-event-fx
+  ::impersonate
+  [with-user]
+  (fn [{:keys [db user]} [_ impersonate-jwt]]
+    (js/alert "HI")
+    
+    {:http {:method "GET"
+             :uri (str "/impersonate?jwt=" impersonate-jwt)
+             :on-success [::impersonated impersonate-jwt]}}))
 
 (re-frame/reg-event-fx
  ::params-changed
@@ -50,11 +71,7 @@
           [grid/cell {} role]
           [grid/cell {} (str/join ", " (map :name clients))]
           [grid/cell {}
-           [:a.button {:on-click (fn []
+           [:a.button {:on-click (dispatch-event [::impersonate (:impersonate-jwt c)])}
-                                   (.setItem js/localStorage "jwt" (:impersonate-jwt c))
-                                   (.removeItem js/localStorage "last-client-id" nil)
-                                   (.removeItem js/localStorage "last-selected-clients" nil)
-                                   (.reload (.-location js/document ) true))}
             "Impersonate"]