Skip to content

feat: add impersonate #141

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Clintonrocha98 wants to merge 6 commits into
base: 3.x
Choose a base branch
from
Open

feat: add impersonate #141

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
3b6fd3c
wip
Clintonrocha98 Nov 27, 2025
0c4e554
wip
Clintonrocha98 Nov 27, 2025
9a8ce65
feat(users): enhance impersonation action with tenant-based visibilit…
Clintonrocha98 Nov 28, 2025
b9f02cd
feat(user-dashboard): rename Dashboard to UserDashboard and update re…
Clintonrocha98 Nov 28, 2025
3910111
feat(seeder): add user and related data generation in BaseSeeder
Clintonrocha98 Nov 28, 2025
e883152
wip
Clintonrocha98 Nov 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions composer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@
"predis/predis": "^2.4.1",
"ryangjchandler/commonmark-blade-block": "^1.1",
"spatie/laravel-medialibrary": "^11.17.5",
"stechstudio/filament-impersonate": "^4.0",
Copy link

@coderabbitai coderabbitai bot Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

stechstudio/filament-impersonate Packagist package

💡 Result:

stechstudio/filament-impersonate — summary

  • What it is: a Filament plugin that lets admins impersonate users (uses 404labfr/laravel-impersonate). [1][2]
  • Latest Packagist version: 4.0.1 (released 2025-08-13). [1]
  • Requirements (example): filament/filament ^4.0 and lab404/laravel-impersonate ^1.7. [1]
  • Installs / popularity: ~1.97M installs, ~355 stars on GitHub. [1][2]
  • Source / repo: github.com/stechstudio/filament-impersonate. [2]

Install: composer require stechstudio/filament-impersonate. [1]

Sources: Packagist package page and project GitHub. [1][2]

🏁 Script executed:

#!/bin/bash
# Check what files changed in this PR to see if implementation code is included
git diff --name-only HEAD~1 HEAD 2>/dev/null | head -20 || echo "Git history not available"

# Also check composer.json to see all changes
git diff HEAD~1 HEAD composer.json 2>/dev/null || echo "Could not get git diff"

Repository: he4rt/he4rt-bot-api

Length of output: 85

🌐 Web query:

stechstudio/filament-impersonate security CVE vulnerability

💡 Result:

I found no CVE or public security advisory specifically for stechstudio/filament-impersonate. The repository itself is active on GitHub [1]. The notable Filament security issues that do have CVEs (e.g., CVE-2024-47186 affecting Filament core color components) are for the Filament project, not the stechstudio/filament-impersonate plugin [2]. Public CVE aggregators and advisories list Filament/core vulnerabilities but do not show a CVE entry for stechstudio/filament-impersonate [3].

If you want, I can:

  • monitor the repo’s GitHub Security Advisories and Dependabot alerts and notify you of any new advisories, or
  • scan your project for usage of this package and suggest mitigations.

Sources: GitHub repo (stechstudio/filament-impersonate) [1]; Filament CVE example (CVE-2024-47186) analysis [2]; CVE/advisory aggregator listings (no CVE for that plugin) [3].

🏁 Script executed:

#!/bin/bash
# Check if there are any implementation files for impersonate feature
# Look for config files, middleware, routes, controllers, or service providers

echo "=== Checking for impersonate-related implementation files ==="
fd -e php | xargs grep -l "impersonate\|Impersonate" 2>/dev/null | head -20

echo ""
echo "=== Checking for new files in config directory ==="
find . -path ./vendor -prune -o -type f -name "*impersonate*" -print 2>/dev/null

echo ""
echo "=== Checking composer.json changes ==="
cat composer.json | grep -A2 -B2 "filament-impersonate"

Repository: he4rt/he4rt-bot-api

Length of output: 471

PR adds only the composer dependency; implementation code is missing.

The package stechstudio/filament-impersonate (v4.0.1) is legitimate, well-maintained (1.97M installs, 355 stars), and has no known security vulnerabilities. Version ^4.0 is fully compatible with Laravel 12.40.2 and Filament ^4.2.3 (package requires filament/filament ^4.0).

However, this PR contains only the composer.json change. No implementation files (config, routes, middleware, service provider registration, etc.) were added. The impersonate feature will not function until these are included.

🤖 Prompt for AI Agents 
In composer.json at line 49, the PR adds the dependency
stechstudio/filament-impersonate but provides no implementation; add the missing
integration artifacts so the package actually works: register the package's
service provider (or add to the app providers array), add/publish and include
the package config file, wire up any required routes and middleware (and
register the middleware in kernel or Filament auth stack), and ensure any
required views/publishable assets are published and referenced; update
documentation or README and include tests or a simple usage example showing an
admin can impersonate a user.

"symfony/browser-kit": "v7.0.8",
"torchlight/torchlight-commonmark": "^0.6.0",
"torchlight/torchlight-laravel": "^0.6.1"
Expand Down
113 changes: 111 additions & 2 deletions composer.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.