class Admin::ImpersonationsController < Admin::ApplicationController
  skip_before_action :authenticate_admin!
  before_action :authenticate_impersonator!

  def destroy
    original_user = current_user

    warden.set_user(impersonator, scope: :user)

    Gitlab::AppLogger.info("User #{original_user.username} has stopped impersonating #{impersonator.username}")

    session[:impersonator_id] = nil

    redirect_to admin_user_path(original_user)
  end

  private

  def impersonator
    @impersonator ||= User.find(session[:impersonator_id]) if session[:impersonator_id]
  end

  def authenticate_impersonator!
    render_404 unless impersonator && impersonator.is_admin? && !impersonator.blocked?
  end
end