Added impersonation for admins

lib/fetch-user-impersonation.ts

@@ -0,0 +1,67 @@
+import { auth } from "@/auth";
+import { db } from "./db";
+
+export default async function fetchUserWithImpersonation(req: Request) {
+    const session = await auth()
+    
+    if (session) {
+        const user = fetch(session.user.id)
+        if (user) {
+          return user
+        }
+    }
+
+    const token = req.headers?.get('x-api-key')
+    if (token === null || token === undefined)
+        return null
+
+    const key = await db.apiKey.findFirst({
+      where: {
+        id: token as string
+      }
+    })
+
+    if (!key) return null
+
+    return fetch(key.userId)
+}
+
+const fetch = async (userId: string) => {
+    const user = await db.user.findFirst({
+      where: {
+        id: userId
+      }
+    })
+
+    if (!user) return null
+
+    if (user.role == "ADMIN") {
+        const impersonation = await db.impersonation.findFirst({
+          where: {
+            sourceId: userId
+          }
+        })
+
+        if (impersonation) {
+            const copied = await db.user.findFirst({
+              where: {
+                id: impersonation.targetId
+              }
+            })
+
+            if (copied) {
+                return {
+                  id: copied.id,
+                  username: copied.name,
+                  role: copied.role
+                }
+            }
+        }
+    }
+
+    return {
+      id: user.id,
+      username: user.name,
+      role: user.role
+    }
+}

lib/fetch-user.ts

@@ -0,0 +1,43 @@
+import { auth } from "@/auth";
+import { db } from "./db";
+
+export default async function fetchUser(req: Request) {
+    const session = await auth()
+    
+    if (session) {
+        const user = fetch(session.user.id)
+        if (user) {
+          return user
+        }
+    }
+
+    const token = req.headers?.get('x-api-key')
+    if (token === null || token === undefined)
+        return null
+
+    const key = await db.apiKey.findFirst({
+      where: {
+        id: token as string
+      }
+    })
+
+    if (!key) return null
+
+    return fetch(key.userId)
+}
+
+const fetch = async (userId: string) => {
+  const user = await db.user.findFirst({
+    where: {
+      id: userId
+    }
+  })
+
+  if (!user) return null
+
+  return {
+    id: user.id,
+    username: user.name,
+    role: user.role
+  }
+}

lib/validate-api.ts

@@ -1,40 +0,0 @@
-import { auth } from "@/auth";
-import { db } from "./db";
-
-export default async function fetchUserUsingAPI(req: Request) {
-    const session = await auth()
-    
-    if (session) {
-        const user = await db.user.findFirst({
-          where: {
-            name: session.user?.name
-          }
-        })
-
-        return {
-          id: user?.id,
-          username: user?.name
-        }
-    }
-
-    const token = req.headers?.get('x-api-key')
-    if (token === null || token === undefined)
-        return null
-
-    const key = await db.apiKey.findFirst({
-      where: {
-        id: token as string
-      }
-    })
-
-    const user = await db.user.findFirst({
-      where: {
-        id: key?.userId
-      }
-    })
-
-    return {
-      id: user?.id,
-      username: user?.name
-    }
-}