Commit 70f8559a authored by Oliver Bartsch's avatar Oliver Bartsch Committed by Benni Mack
Browse files

[BUGFIX] Extract switch user handling from EXT:beuser

The switch user handling was previously placed in EXT:beuser,
more precisely in the BackendUserControllers' indexAction.
It was therefore necessary to link to the extbase based
controller with a mix of prefixed arguments and the non
prefixed "switchUser" argument. Latter was internally
evaluated with GU:_GP(). This means, switching users was
done via GET requests in an extbase action, but only in
case a non extbase prefixed argument was set.

In #94209 this got worse when the BackendUserGroupController
was merged into BackendUserController. Since this controller
features a "remember my last action" functionality, switch user
could no longer reliably be triggered. The evaluation of the
non extbase prefixed "switchUser" argument only took place in
the "user listing" (indexAction) and the success of the call
therefore depended on the users' last called action, as this
action was automatically used.

This patch now extracts the switch user functionality from
EXT:beuser into a dedicated EXT:backend controller, featuring
two ajax routes "/switch/user" and "/switch/user/exit". Both
accessible via POST requests only. To trigger those requests,
a new JS module "TYPO3/CMS/Backend/SwitchUser" is introduced.
This also allows to completely remove the logout hook by using
the concrete markup (custom element) for the "exit" button.

Resolves: #94426
Related: #94209
Releases: master
Change-Id: I556b323fe6ae77cf696e7e34dbbe269eb4f9927a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/69635

Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Tested-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
parent da9c6df5
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
import {html, TemplateResult, LitElement} from 'lit';
import {customElement, property} from 'lit/decorators';
import AjaxRequest from 'TYPO3/CMS/Core/Ajax/AjaxRequest';
import {AjaxResponse} from 'TYPO3/CMS/Core/Ajax/AjaxResponse';
import Notification = require('TYPO3/CMS/Backend/Notification');
enum Modes {
switch = 'switch',
exit = 'exit',
}
/**
* Module: TYPO3/CMS/Backend/SwitchUser
*
* @example
* <typo3-switch-user targetUser="123" mode="switch">
* <button>Switch user</button>
* </typo3-switch-user>
*/
@customElement('typo3-backend-switch-user')
class SwitchUser extends LitElement {
@property({type: String}) targetUser: string;
@property({type: Modes}) mode: Modes = Modes.switch;
public constructor() {
super();
this.addEventListener('click', (e: Event): void => {
e.preventDefault();
if (this.mode === Modes.switch) {
this.handleSwitchUser();
} else if (this.mode === Modes.exit) {
this.handleExitSwitchUser();
}
});
}
protected render(): TemplateResult {
return html`<slot></slot>`;
}
private handleSwitchUser(): void {
if (!this.targetUser) {
// Invalid request without target user
Notification.error('Switching to user went wrong.');
return;
}
(new AjaxRequest(TYPO3.settings.ajaxUrls.switch_user)).post({
targetUser: this.targetUser,
}).then(async (response: AjaxResponse): Promise<any> => {
const data = await response.resolve();
if (data.success === true && data.url) {
top.window.location.href = data.url;
} else {
Notification.error('Switching to user went wrong.');
}
});
}
private handleExitSwitchUser(): void {
(new AjaxRequest(TYPO3.settings.ajaxUrls.switch_user_exit)).post({}).then(async (response: AjaxResponse): Promise<any> => {
const data = await response.resolve();
if (data.success === true && data.url) {
top.window.location.href = data.url;
} else {
Notification.error('Exiting current user went wrong.');
}
});
}
}
......@@ -20,7 +20,7 @@ use TYPO3\CMS\Backend\Routing\UriBuilder;
use TYPO3\CMS\Backend\Toolbar\ToolbarItemInterface;
use TYPO3\CMS\Core\Database\Connection;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Page\PageRenderer;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -71,9 +71,8 @@ class UserToolbarItem implements ToolbarItemInterface
$uriBuilder = GeneralUtility::makeInstance(UriBuilder::class);
$mostRecentUsers = [];
if (ExtensionManagementUtility::isLoaded('beuser')
&& $backendUser->isAdmin()
&& !$backendUser->getOriginalUserIdWhenInSwitchUserMode()
if ($backendUser->isAdmin()
&& $backendUser->getOriginalUserIdWhenInSwitchUserMode() === null
&& isset($backendUser->uc['recentSwitchedToUsers'])
&& is_array($backendUser->uc['recentSwitchedToUsers'])
) {
......@@ -89,18 +88,11 @@ class UserToolbarItem implements ToolbarItemInterface
$mostRecentUsers = array_flip($backendUser->uc['recentSwitchedToUsers']);
while ($row = $result->fetch()) {
$row['switchUserLink'] = (string)$uriBuilder->buildUriFromRoute(
'system_BeuserTxBeuser',
[
'SwitchUser' => $row['uid']
]
);
$mostRecentUsers[$row['uid']] = $row;
}
// Remove any item that is not an array (means, the stored uid is not available anymore)
$mostRecentUsers = array_filter($mostRecentUsers, function ($record) {
$mostRecentUsers = array_filter($mostRecentUsers, static function ($record) {
return is_array($record);
});
......@@ -111,11 +103,14 @@ class UserToolbarItem implements ToolbarItemInterface
}
}
GeneralUtility::makeInstance(PageRenderer::class)
->loadRequireJsModule('TYPO3/CMS/Backend/SwitchUser');
$view = $this->getFluidTemplateObject('UserToolbarItemDropDown.html');
$view->assignMultiple([
'modules' => $backendModuleRepository->findByModuleName('user')->getChildren(),
'logoutUrl' => (string)$uriBuilder->buildUriFromRoute('logout'),
'switchUserMode' => (int)$this->getBackendUser()->getOriginalUserIdWhenInSwitchUserMode(),
'switchUserMode' => $this->getBackendUser()->getOriginalUserIdWhenInSwitchUserMode() !== null,
'recentUsers' => $mostRecentUsers,
]);
return $view->render();
......
<?php
declare(strict_types=1);
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
namespace TYPO3\CMS\Backend\Controller;
use Psr\Http\Message\ResponseFactoryInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Backend\Authentication\Event\SwitchUserEvent;
use TYPO3\CMS\Backend\Routing\UriBuilder;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\EventDispatcher\EventDispatcher;
use TYPO3\CMS\Core\Session\Backend\SessionBackendInterface;
use TYPO3\CMS\Core\Session\SessionManager;
use TYPO3\CMS\Core\SysLog\Type;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* @internal This class is a specific Backend controller implementation and is not considered part of the Public TYPO3 API.
*/
class SwitchUserController
{
protected const RECENT_USERS_LIMIT = 3;
protected EventDispatcher $eventDispatcher;
protected UriBuilder $uriBuilder;
protected ResponseFactoryInterface $responseFactory;
protected SessionBackendInterface $sessionBackend;
public function __construct(
EventDispatcher $eventDispatcher,
UriBuilder $uriBuilder,
ResponseFactoryInterface $responseFactory
) {
$this->eventDispatcher = $eventDispatcher;
$this->uriBuilder = $uriBuilder;
$this->responseFactory = $responseFactory;
$this->sessionBackend = GeneralUtility::makeInstance(SessionManager::class)->getSessionBackend('BE');
}
/**
* Handle switching current user to the requested target user
*/
public function switchUserAction(ServerRequestInterface $request): ResponseInterface
{
$currentUser = $this->getBackendUserAuthentication();
$targetUserId = (int)($request->getParsedBody()['targetUser'] ?? 0);
if (!$targetUserId
|| $targetUserId === (int)($currentUser->user[$currentUser->userid_column] ?? 0)
|| !$currentUser->isAdmin()
|| $currentUser->getOriginalUserIdWhenInSwitchUserMode() !== null
) {
return $this->jsonResponse(['success' => false]);
}
$targetUser = BackendUtility::getRecord('be_users', $targetUserId, '*', BackendUtility::BEenableFields('be_users'));
if ($targetUser === null) {
return $this->jsonResponse(['success' => false]);
}
if (ExtensionManagementUtility::isLoaded('beuser')) {
// Set backend user listing module as starting module if installed
$currentUser->uc['startModuleOnFirstLogin'] = 'system_BeuserTxBeuser';
}
$currentUser->uc['recentSwitchedToUsers'] = $this->generateListOfMostRecentSwitchedUsers($targetUserId);
$currentUser->writeUC();
// Write user switch to log
$currentUser->writelog(Type::LOGIN, 2, 0, 1, 'User %s switched to user %s (be_users:%s)', [
$currentUser->user[$currentUser->username_column] ?? '',
$targetUser['username'] ?? '',
$targetUserId,
]);
$sessionObject = $currentUser->getSession();
$sessionObject->set('backuserid', (int)($currentUser->user[$currentUser->userid_column] ?? 0));
$sessionRecord = $sessionObject->toArray();
$sessionRecord['ses_userid'] = $targetUserId;
$this->sessionBackend->update($sessionObject->getIdentifier(), $sessionRecord);
// We must regenerate the internal session so the new ses_userid is present in the userObject
$currentUser->enforceNewSessionId();
$event = new SwitchUserEvent(
$currentUser->getSession()->getIdentifier(),
$targetUser,
(array)$currentUser->user
);
$this->eventDispatcher->dispatch($event);
return $this->jsonResponse([
'success' => true,
'url' => $this->uriBuilder->buildUriFromRoute('main')
]);
}
/**
* Handle exiting the switch user mode
*/
public function exitSwitchUserAction(ServerRequestInterface $request): ResponseInterface
{
$currentUser = $this->getBackendUserAuthentication();
if ($currentUser->getOriginalUserIdWhenInSwitchUserMode() === null) {
return $this->jsonResponse(['success' => false]);
}
$sessionObject = $currentUser->getSession();
$originalUser = (int)$sessionObject->get('backuserid');
$sessionObject->set('backuserid', null);
$sessionRecord = $sessionObject->toArray();
$sessionRecord['ses_userid'] = $originalUser;
$this->sessionBackend->update($sessionObject->getIdentifier(), $sessionRecord);
// We must regenerate the internal session so the new ses_userid is present in the userObject
$currentUser->enforceNewSessionId();
return $this->jsonResponse([
'success' => true,
'url' => $this->uriBuilder->buildUriFromRoute('main')
]);
}
/**
* Generates a list of users to whom where switched in the past. This is limited by RECENT_USERS_LIMIT.
*
* @param int $targetUserUid
* @return int[]
*/
protected function generateListOfMostRecentSwitchedUsers(int $targetUserUid): array
{
$latestUserUids = [];
$backendUser = $this->getBackendUserAuthentication();
if (isset($backendUser->uc['recentSwitchedToUsers']) && is_array($backendUser->uc['recentSwitchedToUsers'])) {
$latestUserUids = $backendUser->uc['recentSwitchedToUsers'];
}
// Remove potentially existing user in that list
$index = array_search($targetUserUid, $latestUserUids, true);
if ($index !== false) {
unset($latestUserUids[$index]);
}
array_unshift($latestUserUids, $targetUserUid);
return array_slice($latestUserUids, 0, static::RECENT_USERS_LIMIT);
}
protected function jsonResponse(array $data): ResponseInterface
{
$response = $this->responseFactory
->createResponse()
->withAddedHeader('Content-Type', 'application/json; charset=utf-8');
$response->getBody()->write(json_encode($data));
return $response;
}
protected function getBackendUserAuthentication(): BackendUserAuthentication
{
return $GLOBALS['BE_USER'];
}
}
......@@ -213,6 +213,18 @@ return [
]
],
// Switch user
'switch_user' => [
'path' => '/switch/user',
'methods' => ['POST'],
'target' => Controller\SwitchUserController::class . '::switchUserAction'
],
'switch_user_exit' => [
'path' => '/switch/user/exit',
'methods' => ['POST'],
'target' => Controller\SwitchUserController::class . '::exitSwitchUserAction'
],
// Multi-factor authentication configuration
'mfa' => [
'path' => '/mfa',
......
......@@ -91,6 +91,9 @@ services:
TYPO3\CMS\Backend\Controller\SiteConfigurationController:
tags: ['backend.controller']
TYPO3\CMS\Backend\Controller\SwitchUserController:
tags: ['backend.controller']
TYPO3\CMS\Backend\Controller\Wizard\TableController:
tags: ['backend.controller']
......
......@@ -33,32 +33,31 @@
<f:for each="{recentUsers}" as="user">
<div class="dropdown-table-row">
<div class="dropdown-table-column dropdown-table-title">
<a href="{user.switchUserLink}" title="{f:translate(key: 'usermodule.su.tooltip', arguments: '{0: user.username}')}">
<be:avatar backendUser="{user.uid}" size="32" />
<f:if condition="{user.realName}">
<f:then>
{user.realName}
</f:then>
<f:else>
{user.username}
</f:else>
</f:if>
</a>
<typo3-backend-switch-user mode="switch" targetUser="{user.uid}">
<button type="button" class="modulemenu-action" title="{f:translate(key: 'usermodule.su.tooltip', arguments: '{0: user.username}')}">
<be:avatar backendUser="{user.uid}" size="32" />&nbsp;{f:if(condition: user.realName, then: user.realName, else: user.username)}
</button>
</typo3-backend-switch-user>
</div>
</div>
</f:for>
</div>
<hr>
</f:if>
<a href="{logoutUrl}" class="btn btn-danger pull-left" target="_top">
<core:icon identifier="actions-logout" size="small" alternativeMarkupIdentifier="inline"/>
<f:if condition="{switchUserMode}">
<f:then>
{f:translate(key: 'LLL:EXT:core/Resources/Private/Language/locallang_core.xlf:buttons.exit') -> f:format.raw()}
</f:then>
<f:else>
{f:translate(key: 'LLL:EXT:core/Resources/Private/Language/locallang_core.xlf:buttons.logout') -> f:format.raw()}
</f:else>
</f:if>
</a>
<f:if condition="{switchUserMode}">
<f:then>
<typo3-backend-switch-user mode="exit">
<button type="button" class="btn btn-danger pull-left">
<core:icon identifier="actions-logout" size="small" alternativeMarkupIdentifier="inline"/>
{f:translate(key: 'LLL:EXT:core/Resources/Private/Language/locallang_core.xlf:buttons.exitSwitchUser')}
</button>
</typo3-backend-switch-user>
</f:then>
<f:else>
<a href="{logoutUrl}" class="btn btn-danger pull-left" target="_top">
<core:icon identifier="actions-logout" size="small" alternativeMarkupIdentifier="inline"/>
{f:translate(key: 'LLL:EXT:core/Resources/Private/Language/locallang_core.xlf:buttons.logout')}
</a>
</f:else>
</f:if>
</html>
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
var __decorate=this&&this.__decorate||function(e,t,r,o){var s,i=arguments.length,n=i<3?t:null===o?o=Object.getOwnPropertyDescriptor(t,r):o;if("object"==typeof Reflect&&"function"==typeof Reflect.decorate)n=Reflect.decorate(e,t,r,o);else for(var c=e.length-1;c>=0;c--)(s=e[c])&&(n=(i<3?s(n):i>3?s(t,r,n):s(t,r))||n);return i>3&&n&&Object.defineProperty(t,r,n),n},__importDefault=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};define(["require","exports","lit","lit/decorators","TYPO3/CMS/Core/Ajax/AjaxRequest","TYPO3/CMS/Backend/Notification"],(function(e,t,r,o,s,i){"use strict";var n;Object.defineProperty(t,"__esModule",{value:!0}),s=__importDefault(s),function(e){e.switch="switch",e.exit="exit"}(n||(n={}));let c=class extends r.LitElement{constructor(){super(),this.mode=n.switch,this.addEventListener("click",e=>{e.preventDefault(),this.mode===n.switch?this.handleSwitchUser():this.mode===n.exit&&this.handleExitSwitchUser()})}render(){return r.html`<slot></slot>`}handleSwitchUser(){this.targetUser?new s.default(TYPO3.settings.ajaxUrls.switch_user).post({targetUser:this.targetUser}).then(async e=>{const t=await e.resolve();!0===t.success&&t.url?top.window.location.href=t.url:i.error("Switching to user went wrong.")}):i.error("Switching to user went wrong.")}handleExitSwitchUser(){new s.default(TYPO3.settings.ajaxUrls.switch_user_exit).post({}).then(async e=>{const t=await e.resolve();!0===t.success&&t.url?top.window.location.href=t.url:i.error("Exiting current user went wrong.")})}};__decorate([o.property({type:String})],c.prototype,"targetUser",void 0),__decorate([o.property({type:n})],c.prototype,"mode",void 0),c=__decorate([o.customElement("typo3-backend-switch-user")],c)}));
\ No newline at end of file
......@@ -15,21 +15,23 @@ declare(strict_types=1);
* The TYPO3 project - inspiring people to share!
*/
namespace TYPO3\CMS\Beuser\Tests\Unit\Controller;
namespace TYPO3\CMS\Backend\Tests\Unit\Controller;
use TYPO3\CMS\Beuser\Controller\BackendUserController;
use TYPO3\CMS\Backend\Controller\SwitchUserController;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
/**
* Test case
*/
class BackendUserControllerTest extends UnitTestCase
class SwitchUserControllerTest extends UnitTestCase
{
/**
* @var BackendUserController|\PHPUnit\Framework\MockObject\MockObject|\TYPO3\TestingFramework\Core\AccessibleObjectInterface
* Same as in SwitchUserController
*/
protected $subject;
protected const RECENT_USERS_LIMIT = 3;
protected SwitchUserController $subject;
protected function setUp(): void
{
......@@ -39,28 +41,28 @@ class BackendUserControllerTest extends UnitTestCase
'recentSwitchedToUsers' => []
];
$this->subject = $this->getAccessibleMock(BackendUserController::class, ['dummy'], [], '', false);
$this->subject = $this->getAccessibleMock(SwitchUserController::class, ['dummy'], [], '', false);
}
/**
* @test
*/
public function generateListOfLatestSwitchedUsersReturnsCorrectAmountAndOrder()
public function generateListOfLatestSwitchedUsersReturnsCorrectAmountAndOrder(): void
{
$items = range(1, BackendUserController::RECENT_USERS_LIMIT + 5);
$expected = array_reverse(array_slice($items, -BackendUserController::RECENT_USERS_LIMIT));
$items = range(1, self::RECENT_USERS_LIMIT + 5);
$expected = array_reverse(array_slice($items, -self::RECENT_USERS_LIMIT));
foreach ($items as $id) {
$GLOBALS['BE_USER']->uc['recentSwitchedToUsers'] = $this->subject->_call('generateListOfMostRecentSwitchedUsers', $id);
}
self::assertCount(BackendUserController::RECENT_USERS_LIMIT, $GLOBALS['BE_USER']->uc['recentSwitchedToUsers']);
self::assertCount(self::RECENT_USERS_LIMIT, $GLOBALS['BE_USER']->uc['recentSwitchedToUsers']);
self::assertSame($expected, $GLOBALS['BE_USER']->uc['recentSwitchedToUsers']);
}
/**
* @test
*/
public function listOfLatestSwitchedUsersDoesNotContainTheSameUserTwice()
public function listOfLatestSwitchedUsersDoesNotContainTheSameUserTwice(): void
{
$GLOBALS['BE_USER']->uc['recentSwitchedToUsers'] = $this->subject->_call('generateListOfMostRecentSwitchedUsers', 100);
$GLOBALS['BE_USER']->uc['recentSwitchedToUsers'] = $this->subject->_call('generateListOfMostRecentSwitchedUsers', 100);
......
......@@ -17,13 +17,11 @@ namespace TYPO3\CMS\Beuser\Controller;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Backend\Authentication\Event\SwitchUserEvent;
use TYPO3\CMS\Backend\Authentication\PasswordReset;
use TYPO3\CMS\Backend\Routing\UriBuilder as BackendUriBuilder;
use TYPO3\CMS\Backend\Template\Components\ButtonBar;
use TYPO3\CMS\Backend\Template\ModuleTemplate;
use TYPO3\CMS\Backend\Template\ModuleTemplateFactory;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Beuser\Domain\Model\BackendUser;
use TYPO3\CMS\Beuser\Domain\Model\Demand;
use TYPO3\CMS\Beuser\Domain\Model\ModuleData;
......@@ -33,8 +31,6 @@ use TYPO3\CMS\Beuser\Domain\Repository\BackendUserSessionRepository;
use TYPO3\CMS\Beuser\Service\UserInformationService;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Context\Context;
use TYPO3\CMS\Core\Http\PropagateResponseException;
use TYPO3\CMS\Core\Http\RedirectResponse;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Messaging\FlashMessage;
......@@ -57,11 +53,6 @@ use TYPO3\CMS\Extbase\Utility\LocalizationUtility;
*/
class BackendUserController extends ActionController
{
/**
* @var int
*/
const RECENT_USERS_LIMIT = 3;
protected ?ModuleData $moduleData = null;
protected ?ModuleTemplate $moduleTemplate = null;
protected BackendUserRepository $backendUserRepository;
......@@ -150,7 +141,6 @@ class BackendUserController extends ActionController
/**
* Displays all BackendUsers
* - Switch session to different user
*
* @param Demand|null $demand
* @param int $currentPage
......@@ -173,13 +163,7 @@ class BackendUserController extends ActionController
}
$backendUser->pushModuleData('tx_beuser', $this->moduleData->forUc());
// Switch user until logout
$switchUser = (int)GeneralUtility::_GP('SwitchUser');
if ($switchUser > 0) {
$this->switchUser($switchUser);
}
$compareUserList = $this->moduleData->getCompareUserList();
$backendUsers = $this->backendUserRepository->findDemanded($demand);
$paginator = new QueryResultPaginator($backendUsers, $currentPage, 50);
$pagination = new SimplePagination($paginator);
......@@ -212,6 +196,8 @@ class BackendUserController extends ActionController
->setDisplayName(LocalizationUtility::translate('backendUsers', 'beuser'));
$buttonBar->addButton($shortcutButton, ButtonBar::BUTTON_POSITION_RIGHT);
$this->pageRenderer->loadRequireJsModule('TYPO3/CMS/Backend/SwitchUser');
$this->moduleTemplate->setContent($this->view->render());
return $this->htmlResponse($this->moduleTemplate->renderContent());
}
......@@ -539,79 +525,6 @@ class BackendUserController extends ActionController
$this->redirect('groups');
}
/**
* Switches to a given user (SU-mode) and then redirects to the start page of the backend to refresh the navigation etc.
*
* @param int $switchUser BE-user record that will be switched to
*/
protected function switchUser($switchUser)
{
$backendUser = $this->getBackendUser();
$targetUser = BackendUtility::getRecord('be_users', $switchUser);
if (is_array($targetUser) && $backendUser->isAdmin()) {
// Set backend user listing module as starting module for switchback
$backendUser->uc['startModuleOnFirstLogin'] = 'system_BeuserTxBeuser';
$backendUser->uc['recentSwitchedToUsers'] = $this->generateListOfMostRecentSwitchedUsers($targetUser['uid']);
$backendUser->writeUC();
// User switch written to log