From 5d2b8c998e2d25d7a121aa474f31b06e407cd765 Mon Sep 17 00:00:00 2001
From: HB9HIL <fabian.berg@hb9hil.org>
Date: Mon, 19 Aug 2024 21:07:26 +0200
Subject: [PATCH] add config switch to disabled impersonate

---
 application/config/config.sample.php | 15 ++++++++++++++-
 application/controllers/User.php     | 12 ++++++++++++
 application/views/user/index.php     |  6 +++++-
 install/config/config.php            | 15 ++++++++++++++-
 4 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/application/config/config.sample.php b/application/config/config.sample.php
index bc1827e54..41b38f92e 100644
--- a/application/config/config.sample.php
+++ b/application/config/config.sample.php
@@ -669,4 +669,17 @@ $config['disable_oqrs'] = false;
 $config['special_callsign'] = false;
 
 // hides the usermenu; takes action only if "special_callsign" is true
-$config['sc_hide_usermenu'] = true;   
\ No newline at end of file
+$config['sc_hide_usermenu'] = true;   
+
+
+/*
+|--------------------------------------------------------------------------
+| Impersonate
+|--------------------------------------------------------------------------
+|
+| This config switch disables the impersonate feature. This feauture is used to impersonate another user.
+| Impersonate is enabled by default. To disable it, set the value to false.
+| 
+*/
+
+$config['disable_impersonate'] = false;   
\ No newline at end of file
diff --git a/application/controllers/User.php b/application/controllers/User.php
index 87f7d77c2..18f31eaaa 100644
--- a/application/controllers/User.php
+++ b/application/controllers/User.php
@@ -15,6 +15,13 @@ class User extends CI_Controller {
 		$data['results'] = $this->user_model->users();
 		$data['session_uid'] = $this->session->userdata('user_id');
 
+		// Check if impersonating is disabled in the config
+		if ($this->config->item('disable_impersonate')) {
+			$data['disable_impersonate'] = true;
+		} else {
+			$data['disable_impersonate'] = false;
+		}
+
 		// Get Date format
 		if($this->session->userdata('user_date_format')) {
 			// If Logged in and session exists
@@ -1175,6 +1182,11 @@ class User extends CI_Controller {
 
 	public function impersonate() {
 
+		// Check if impersonating is disabled in the config
+		if ($this->config->item('disable_impersonate')) {
+			show_404();
+		}
+
 		// Load the encryption library
 		if (!$this->load->is_loaded('encryption')) {
 			$this->load->library('encryption');
diff --git a/application/views/user/index.php b/application/views/user/index.php
index 984fa2199..aa8335ca3 100644
--- a/application/views/user/index.php
+++ b/application/views/user/index.php
@@ -51,7 +51,9 @@
 							<th></th>
 							<th style="text-align: center; vertical-align: middle;" scope="col"><?= __("Edit"); ?></th>
 							<th style="text-align: center; vertical-align: middle;" scope="col"><?= __("Password Reset"); ?></th>
-							<th style="text-align: center; vertical-align: middle;" scope="col"><?= __("Impersonate"); ?></th>
+							<?php if (!$disable_impersonate) { ?>
+								<th style="text-align: center; vertical-align: middle;" scope="col"><?= __("Impersonate"); ?></th>
+							<?php } ?>
 							<th style="text-align: center; vertical-align: middle;" scope="col"><?= __("Delete"); ?></th>
 						</tr>
 					</thead>
@@ -97,6 +99,7 @@
 									echo '<a class="btn btn-primary btn-sm ms-1 admin_pwd_reset" data-username="' . $row->user_name . '" data-callsign="' . $row->user_callsign . '" data-userid="' . $row->user_id . '" data-usermail="' . $row->user_email . '"><i class="fas fa-key"></i></a>';
 								}
 								?></td>
+							<?php if (!$disable_impersonate) { ?>
 							<td style="text-align: center; vertical-align: middle;">
 								<?php
 								if ($session_uid != $row->user_id) { ?>
@@ -154,6 +157,7 @@
 								<?php }
 								?>
 							</td>
+							<?php } ?>
 							<td style="text-align: center; vertical-align: middle;">
 								<?php
 								if ($session_uid != $row->user_id) {
diff --git a/install/config/config.php b/install/config/config.php
index bde541210..b4dd134a8 100644
--- a/install/config/config.php
+++ b/install/config/config.php
@@ -669,4 +669,17 @@ $config['disable_oqrs'] = false;
 $config['special_callsign'] = false;
 
 // hides the usermenu; takes action only if "special_callsign" is true
-$config['sc_hide_usermenu'] = true;  
\ No newline at end of file
+$config['sc_hide_usermenu'] = true;  
+
+
+/*
+|--------------------------------------------------------------------------
+| Impersonate
+|--------------------------------------------------------------------------
+|
+| This config switch disables the impersonate feature. This feauture is used to impersonate another user.
+| Impersonate is enabled by default. To disable it, set the value to false.
+| 
+*/
+
+$config['disable_impersonate'] = false;   
\ No newline at end of file