[ic] Saving shopping carts on behalf of a customer.

Brian Kaney brian at vermonster.com
Tue Dec 7 10:25:15 EST 2004 

On Mon, 2004-12-06 at 23:30, Jon wrote:
> > On Mon, 2004-12-06 at 17:11, Brian Kaney wrote:
> > > On Sat, 2004-11-20 at 15:22, Jon wrote:
> > > > > Greetings,
> > > > >
> > > > > How difficult is it to save a shopping cart on behalf of a different user?
> > > > >
> > > > > I'd make it available only to privileged users.  The business goal is to create
> > > > > custom quotations for individual customers and then allow them to quickly
> > > > > purchase.  I think the built-in saved shopping cart function seems to be the
> > > > > best approach.
> > > > >
> > > > >
> > > >
> > > > Sorry if this doesn't sounds nice but why not just become that user ?
> > > > And of course only available to privileged users.
> > > > This makes me think of   su - OtherUser
> > > > Followed up with the saved shopping cart for that user.
> > > >
> > >
> > > I am trying out the switch user function from the "customers" panel.
> > >
> > > Is there a way I can tell if a user was *previously* logged in as a
> > > privileged user (like and admin or superuser)?
> > >
> > > I think there must be some way to tell.  If I logout, I become the last
> > > user I was logged in as.
> > >
> >
> > I am trying this method.  Basically, I look in session to see if 'su'
> > has been set:
> >
> > [perl]
> > if($Session->{su})
> > {
> >     return "You were an admin before!";
> > }
> > else
> > {
> >     return "You were never an admin!";
> > }
> > [/perl]
> >
> > Is this a good idea, is it safe to rely on this?
> >
> > Thanks in advance.
> >
> > - Brian
> >
> 
> Sorry if I was unclear what I was thinking but I wasn't meaning to literally su to the
> user.
> You're the admin of the cart and unless you have passwords encrypted couldn't
> you log in as that user to solve what you're trying to accomplish ?
> 

That won't work, because if I become the regular user, I don't have the
credentials I need.


I need to create a quotation for a user from non-standard products.

My approach was to try to use the "saved cart" feature.  I have a
special page for admins (privileged users) allowing importing quotations
from another system.  This should not be accessible to regular
customers.  The quote is imported and stuffed into a shopping cart, all
the items are basically "on the fly" items.


The issue I am having is the administrator needs to be able to save a
named shopping cart (containing the quotation) on behalf of another
user.


I found if I log in as admin and click on the "customers" tab, there is
a nice switch user function.  I can look into session and check if
$Session->{su} exists.  If it does, I can allow access to my privileged
functions.


This all seems to work, but I am wondering if it is safe to rely on the
existence of $Session->{su} for determining if the user's previous login
was su?


- Brian

More information about the interchange-users mailing list