Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
SugarCRM user switching / login as another user
<?php
/**
* Login as another user in SugarCRM and switch back to admin user
*
* Simply put this file into a custom entry point file and
* browse to it with the parameters 'user_name' or 'back_to_sudo'
*
* Usage:
* http://xxxxxxxxx/index.php?entryPoint=my_awesome_entry_point&user_name=mylittlepony
* http://xxxxxxxxx/index.php?entryPoint=my_awesome_entry_point&back_to_sudo=1
*
* @author Karl Metum <karl.metum@codehacker.se>
* @link http://www.codehacker.se
*/
if(!empty($_GET['user_name']) && $GLOBALS['current_user']->is_admin)
{
$user_focus = BeanFactory::getBean('Users');
$user_focus->retrieve_by_string_fields(array('user_name' => $_GET['user_name']));
if(!empty($user_focus->id))
{
if(empty($_SESSION['sudo_user_id']))
$_SESSION['sudo_user_id'] = $GLOBALS['current_user']->id;
$GLOBALS['current_user'] = $user_focus;
$_SESSION['authenticated_user_id'] = $user_focus->id;
echo "Successfully logged in as " . $GLOBALS['current_user']->user_name;
return;
}
}
elseif(!empty($_GET['back_to_sudo']) && !empty($_SESSION['sudo_user_id']))
{
$user_focus = BeanFactory::getBean('Users');
$user_focus->retrieve($_SESSION['sudo_user_id']);
if($user_focus->is_admin)
{
$_SESSION['sudo_user_id'] = null;
$GLOBALS['current_user'] = $user_focus;
$_SESSION['authenticated_user_id'] = $user_focus->id;
echo "Successfully logged back to sudo user: " . $GLOBALS['current_user']->user_name;
return;
}
}
die("No dice.");
@kalagera
Copy link

kalagera commented Jan 28, 2016

This is so simple and soooo useful! thank you!

@nleoncio
Copy link

nleoncio commented Jul 24, 2017

I am fairly new to Sugar but is looking for this functionality. Would you mind sharing how I could "install" this script to our instance of Sugar?

@Marlekin
Copy link

Marlekin commented Nov 14, 2017

This method of switching user no longer works as of 7.9.2. Most likely due to security patches against session hijacking. You need to instead call the endpoint rest/v10/oauth2/sudo/ and then replace the access token in the App cache store client side: App.cache.store.set('prod:SugarCRM:AuthAccessToken', <access_token from api call>); On navigating next time, you will act as the other user.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment