Fix the "log in as" function

Previously the "log in as" function after 3b6e5a692b852a88f55b21a7210f60a6f7cfc24b
would attempt to log the admin user out before issuing the redirect. Unfortunately
this approach does not work on WhatDoTheyKnow, where the admin pages are served via
a different domain (secure.mysociety.org) and so do not share session information with
the rest of the site.

This commit changes it to mark the PostRedirect with circumstance == "login_as",
which signals the user controller to log out the previous user even if they are
an admin. In other words, the user is logged out on the main site rather than the
admin site, skirting this problem.

Closes #450.

1 files changed, 1 insertions, 2 deletions

diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb
index b2c084739..249030537 100644
--- a/app/controllers/admin_user_controller.rb
+++ b/app/controllers/admin_user_controller.rb
@@ -74,10 +74,9 @@ class AdminUserController < AdminController
     def login_as
         @admin_user = User.find(params[:id]) # check user does exist
 
-        post_redirect = PostRedirect.new( :uri => main_url(user_url(@admin_user)), :user_id => @admin_user.id)
+        post_redirect = PostRedirect.new( :uri => main_url(user_url(@admin_user)), :user_id => @admin_user.id, :circumstance => "login_as" )
         post_redirect.save!
         url = main_url(confirm_url(:email_token => post_redirect.email_token, :only_path => true))
-        session[:user_id] = nil # Log out current (usually admin) user, so we get logged in as the other user
 
         redirect_to url
     end