mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-02-14 16:55:13 -05:00
a78b08f5e7
## Summary Implement comprehensive admin user impersonation functionality to enable admins to act on behalf of any user for debugging and support purposes. ## 🔐 Security Features - **Admin Role Validation**: Only users with 'admin' role can impersonate others - **Header-Based Authentication**: Uses `X-Act-As-User-Id` header for impersonation requests - **Comprehensive Audit Logging**: All impersonation attempts logged with admin details - **Secure Error Handling**: Proper HTTP 403/401 responses for unauthorized access - **SSR Safety**: Client-side environment checks prevent server-side rendering issues ## 🏗️ Architecture ### Backend Implementation (`autogpt_libs/auth/dependencies.py`) - Enhanced `get_user_id` FastAPI dependency to process impersonation headers - Admin role verification using existing `verify_user()` function - Audit trail logging with admin email, user ID, and target user - Seamless integration with all existing routes using `get_user_id` dependency ### Frontend Implementation - **React Hook**: `useAdminImpersonation` for state management and API calls - **Security Banner**: Prominent warning when impersonation is active - **Admin Panel**: Control interface for starting/stopping impersonation - **Session Persistence**: Maintains impersonation state across page refreshes - **Full Page Refresh**: Ensures all data updates correctly on state changes ### API Integration - **Header Forwarding**: All API requests include impersonation header when active - **Proxy Support**: Next.js API proxy forwards headers to backend - **Generated Hooks**: Compatible with existing React Query API hooks - **Error Handling**: Graceful fallback for storage/authentication failures ## 🎯 User Experience ### For Admins 1. Navigate to `/admin/impersonation` 2. Enter target user ID (UUID format with validation) 3. System displays security banner during active impersonation 4. All API calls automatically use impersonated user context 5. Click "Stop Impersonation" to return to admin context ### Security Notice - **Audit Trail**: All impersonation logged with `logger.info()` including admin email - **Session Isolation**: Impersonation state stored in sessionStorage (not persistent) - **No Token Manipulation**: Uses header-based approach, preserving admin's JWT - **Role Enforcement**: Backend validates admin role on every impersonated request ## 🔧 Technical Details ### Constants & Configuration - `IMPERSONATION_HEADER_NAME = "X-Act-As-User-Id"` - `IMPERSONATION_STORAGE_KEY = "admin-impersonate-user-id"` - Centralized in `frontend/src/lib/constants.ts` and `autogpt_libs/auth/dependencies.py` ### Code Quality Improvements - **DRY Principle**: Eliminated duplicate header forwarding logic - **Icon Compliance**: Uses Phosphor Icons per coding guidelines - **Type Safety**: Proper TypeScript interfaces and error handling - **SSR Compatibility**: Environment checks for client-side only operations - **Error Consistency**: Uniform silent failure with logging approach ### Testing - Updated backend auth dependency tests for new function signatures - Added Mock Request objects for comprehensive test coverage - Maintained existing test functionality while extending capabilities ## 🚀 CodeRabbit Review Responses All CodeRabbit feedback has been addressed: 1. ✅ **DRY Principle**: Refactored duplicate header forwarding logic 2. ✅ **Icon Library**: Replaced lucide-react with Phosphor Icons 3. ✅ **SSR Safety**: Added environment checks for sessionStorage 4. ✅ **UI Improvements**: Synchronous initialization prevents flicker 5. ✅ **Error Handling**: Consistent silent failure with logging 6. ✅ **Backend Validation**: Confirmed comprehensive security implementation 7. ✅ **Type Safety**: Addressed TypeScript concerns 8. ✅ **Code Standards**: Followed all coding guidelines and best practices ## 🧪 Testing Instructions 1. **Login as Admin**: Ensure user has admin role 2. **Navigate to Panel**: Go to `/admin/impersonation` 3. **Test Impersonation**: Enter valid user UUID and start impersonation 4. **Verify Banner**: Security banner should appear at top of all pages 5. **Test API Calls**: Verify credits/graphs/etc show impersonated user's data 6. **Check Logging**: Backend logs should show impersonation audit trail 7. **Stop Impersonation**: Verify return to admin context works correctly ## 📝 Files Modified ### Backend - `autogpt_libs/auth/dependencies.py` - Core impersonation logic - `autogpt_libs/auth/dependencies_test.py` - Updated test signatures ### Frontend - `src/hooks/useAdminImpersonation.ts` - State management hook - `src/components/admin/AdminImpersonationBanner.tsx` - Security warning banner - `src/components/admin/AdminImpersonationPanel.tsx` - Admin control interface - `src/app/(platform)/admin/impersonation/page.tsx` - Admin page - `src/app/(platform)/admin/layout.tsx` - Navigation integration - `src/app/(platform)/layout.tsx` - Banner integration - `src/lib/autogpt-server-api/client.ts` - Header injection for API calls - `src/lib/autogpt-server-api/helpers.ts` - Header forwarding logic - `src/app/api/proxy/[...path]/route.ts` - Proxy header forwarding - `src/app/api/mutators/custom-mutator.ts` - Enhanced error handling - `src/lib/constants.ts` - Shared constants ## 🔒 Security Compliance - **Authorization**: Admin role required for impersonation access - **Authentication**: Uses existing JWT validation with additional role checks - **Audit Logging**: Comprehensive logging of all impersonation activities - **Error Handling**: Secure error responses without information leakage - **Session Management**: Temporary sessionStorage without persistent data - **Header Validation**: Proper sanitization and validation of impersonation headers This implementation provides a secure, auditable, and user-friendly admin impersonation system that integrates seamlessly with the existing AutoGPT Platform architecture. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Admin user impersonation to view the app as another user. * New "User Impersonation" admin page for entering target user IDs and managing sessions. * Sidebar link for quick access to the impersonation page. * Persistent impersonation state that updates app data (e.g., credits) and survives page reloads. * Top warning banner when impersonation is active with a Stop Impersonation control. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Claude <noreply@anthropic.com>