Add latest changes from gitlab-org/security/gitlab@14-3-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-09-29 13:02:17 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-09-29 13:02:17 +0000
commit: 6f10ecdeb6d8636ce7c9fb6cf7930f1a543f58df (patch)
tree: 959df42c10bab01d1bc81c87ea1ed8f9d3e4e98f /app/controllers/admin
parent: 003d8b5eac3aa173a7061b82d84ffaf28e8024f6 (diff)
download: gitlab-ce-6f10ecdeb6d8636ce7c9fb6cf7930f1a543f58df.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index dfc1434d909..cdfb3a32f4c 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -45,7 +45,7 @@ class Admin::UsersController < Admin::ApplicationController
   end
 
   def impersonate
-    if can?(user, :log_in)
+    if can?(user, :log_in) && !impersonation_in_progress?
       session[:impersonator_id] = current_user.id
 
       warden.set_user(user, scope: :user)
@@ -58,7 +58,9 @@ class Admin::UsersController < Admin::ApplicationController
       redirect_to root_path
     else
       flash[:alert] =
-        if user.blocked?
+        if impersonation_in_progress?
+          _("You are already impersonating another user")
+        elsif user.blocked?
           _("You cannot impersonate a blocked user")
         elsif user.internal?
           _("You cannot impersonate an internal user")
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-09-29 13:02:17 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-09-29 13:02:17 +0000
commit	6f10ecdeb6d8636ce7c9fb6cf7930f1a543f58df (patch)
tree	959df42c10bab01d1bc81c87ea1ed8f9d3e4e98f /app/controllers/admin
parent	003d8b5eac3aa173a7061b82d84ffaf28e8024f6 (diff)
download	gitlab-ce-6f10ecdeb6d8636ce7c9fb6cf7930f1a543f58df.tar.gz