BUGFIX: Use a dynamic URL for user impersonation

[markusguenther]

As described in the issue, the impersonation does not work when Neos is running in a subfolder. This change adds a data attribute with a dynamic URL to the DOM, and the user impersonation is using this module URL as base.

Fixes: #4797

Review instructions

Use the user impersonation in the Backend modules (User Management and other) when Neos is running in a subfolder.
e.g. BASEURL.com/cms/neos

Checklist

• Code follows the PSR-2 coding style
• Tests have been created, run and adjusted as needed
• The PR is created against the lowest maintained branch
• Reviewer - PR Title is brief but complete and starts with FEATURE|TASK|BUGFIX
• Reviewer - The first section explains the change briefly for change-logs
• Reviewer - Breaking Changes are marked with !!! and have upgrade-instructions

[markusguenther]

This PR needs also an adjustment in the Neos-UI and will be linked soon.

[mhsdesign]

Hmm usually we avoid string concatenating routes in the frontend (see neos ui)
so i would prefer to boot the impersonation with server calculated endpoints instead of this as this is always rather flaky and also hard to track usages of this endpoint that way:

this._basePath + 'user-change'
this._basePath + 'status'
this._basePath + 'restore'

but its your feature do as you feel fit :D

[markusguenther]

@mhsdesign Yes that would be better but with Fluid you just have the <f:uri.action controller="Impersonate" package="Unikka.LoginAs" action="impersonateUserWithResponse" format="json" /> and this will lead to a not so nice URL. So I thought it would work better with that. I also thought about a new Helper for _getBasePath but I think the little duplication is ok here, as we don't use it somewhere else.

[markusguenther]

Ok, we don't need the UI adjustment as we already use the dynamic URL here.
https://github.com/markusguenther/neos-ui/blob/b575442d2700b429485c06b90119182d50720124/Resources/Private/Fusion/Backend/Root.fusion

[ahaeslich]

Just tested it in a project using this "subfolder" setup:

• Changing the user: ✅ works
• Redirect to Neos backend afterwards: ❌ doesn't work in both places (menu button and user administration)

We need to change the usage of window.location.pathname = '/neos' in both JS files:

neos-development-collection/Neos.Neos/Resources/Public/JavaScript/Components/TopBar/UserMenu.js

Line 94 in d246fea

window.location.pathname = '/neos'

neos-development-collection/Neos.Neos/Resources/Public/JavaScript/Module/Administration/UserManagement.js

Line 83 in d246fea

window.location.pathname = '/neos'

[ahaeslich]

@markusguenther I also found window.location.pathname = '/neos' in the UI:

https://github.com/neos/neos-ui/blob/38774df6064c977026b1bd518b90aa12ee2e9ef9/packages/neos-ui-sagas/src/UI/Impersonate/index.js#L41

[markusguenther]

We now have another PR in the Neos-UI neos/neos-ui#3713

[ahaeslich]

Tested it with success in combination with neos/neos-ui#3713.

I agree with @mhsdesign about the server calculated endpoints. We for sure can change this when we refactor the user backend module to not use fluid anymore.

[mhsdesign]

Thanks :D I dont know fluid well enough but i trust you so consider this as half approval ;)

[mhsdesign]

By reading ;)

[dlubitz]

Looks good by reading!

[mhsdesign]

Still not a fan of the uri concatenation on the client, even if the uri would be uglier if generated from the server.
Buuut i never stumbled upon this know and never before and as this is just a bugfix lets do it :D