public function impersonateAction() { // Session user $user = $this->_getUser(); if ($this->getRequest()->isPost()) { if (!$this->_hasParam('orgId')) { throw new InvalidArgumentException("Organization Id is required"); } $orgId = $this->_getParam('orgId'); $org = $this->_orgSrv->load($orgId); if (!isset($org)) { throw new InvalidArgumentException("Invalid organization: " . $orgId); } $this->_helper->allowed('impersonate', $org); $this->_userSrv->impersonate($org); $this->view->data = $orgId; } else { if ($this->getRequest()->isDelete()) { if (!$user->isImpersonating()) { throw new InvalidArgumentException("User is not impersonating."); } $this->_userSrv->impersonate(); $this->view->data = true; } else { throw new ForbiddenException("Impersonate must be a post or delete request"); } } }