Fixed SQL Exception in UsersManager\API->getUsersPlusRole() when access is managed by another plugin (#14900)

author: MichaelHeerklotz <michael.heerklotz@web.de> 2019-09-19 23:57:11 +0300
committer: Thomas Steur <tsteur@users.noreply.github.com> 2019-09-19 23:57:11 +0300
commit: a3a61b5a7f1aa5b99fe6f32abbc7c7dbfc9533e1 (patch)
tree: 937fc2d143146077cbaf74fee09480a2bafab6fe
parent: 97ab3b757ccf57c95ad8238eab86f3916e0b5722 (diff)
1 files changed, 20 insertions, 12 deletions
diff --git a/plugins/UsersManager/API.php b/plugins/UsersManager/API.php
index d2614f581d..b5a2596d33 100644
--- a/plugins/UsersManager/API.php
+++ b/plugins/UsersManager/API.php
@@ -323,19 +323,27 @@ class API extends \Piwik\Plugin\API
                 $loginsToLimit = $this->model->getUsersWithAccessToSites($adminIdSites);
             }
 
-            list($users, $totalResults) = $this->model->getUsersWithRole($idSite, $limit, $offset, $filter_search, $filter_access, $loginsToLimit);
-
-            foreach ($users as &$user) {
-                $user['superuser_access'] = $user['superuser_access'] == 1;
-                if ($user['superuser_access']) {
-                    $user['role'] = 'superuser';
-                    $user['capabilities'] = [];
-                } else {
-                    list($user['role'], $user['capabilities']) = $this->getRoleAndCapabilitiesFromAccess($user['access']);
-                    $user['role'] = empty($user['role']) ? 'noaccess' : reset($user['role']);
-                }
+            if ($loginsToLimit !== null && empty($loginsToLimit)) {
+                // if the current user is not the superuser, and getUsersWithAccessToSites() returned an empty result,
+                // access is managed by another plugin, and the current user cannot manage any user with UsersManager
+                Common::sendHeader('X-Matomo-Total-Results: 0');
+                return [];
+
+            } else {
+                list($users, $totalResults) = $this->model->getUsersWithRole($idSite, $limit, $offset, $filter_search, $filter_access, $loginsToLimit);
+
+                foreach ($users as &$user) {
+                    $user['superuser_access'] = $user['superuser_access'] == 1;
+                    if ($user['superuser_access']) {
+                        $user['role'] = 'superuser';
+                        $user['capabilities'] = [];
+                    } else {
+                        list($user['role'], $user['capabilities']) = $this->getRoleAndCapabilitiesFromAccess($user['access']);
+                        $user['role'] = empty($user['role']) ? 'noaccess' : reset($user['role']);
+                    }
 
-                unset($user['access']);
+                    unset($user['access']);
+                }
             }
         }
author	MichaelHeerklotz <michael.heerklotz@web.de>	2019-09-19 23:57:11 +0300
committer	Thomas Steur <tsteur@users.noreply.github.com>	2019-09-19 23:57:11 +0300
commit	a3a61b5a7f1aa5b99fe6f32abbc7c7dbfc9533e1 (patch)
tree	937fc2d143146077cbaf74fee09480a2bafab6fe
parent	97ab3b757ccf57c95ad8238eab86f3916e0b5722 (diff)