diff options
author | mattab <matthieu.aubry@gmail.com> | 2014-12-08 01:22:45 +0300 |
---|---|---|
committer | mattab <matthieu.aubry@gmail.com> | 2014-12-08 01:22:45 +0300 |
commit | 80bfa679076849f9056ef2fca1131d060cd67370 (patch) | |
tree | 725c590f32f0da1cb46f63bff096ac563e32fab6 | |
parent | 56b9f7b384ee2161e9f51c3f491c1461c2d7c424 (diff) |
fixes #6823 When there are several Super Users in Piwik, archive.php web cron should accept any of those Super User tokens
-rw-r--r-- | core/CronArchive.php | 19 | ||||
-rw-r--r-- | misc/cron/archive.php | 5 | ||||
-rw-r--r-- | plugins/UsersManager/UsersManager.php | 8 |
3 files changed, 18 insertions, 14 deletions
diff --git a/core/CronArchive.php b/core/CronArchive.php index eb4e45e383..1859e9fbba 100644 --- a/core/CronArchive.php +++ b/core/CronArchive.php @@ -73,6 +73,7 @@ class CronArchive private $segments = array(); private $piwikUrl = false; private $token_auth = false; + private $validTokenAuths = array(); private $visitsToday = 0; private $requests = 0; private $output = ''; @@ -961,19 +962,25 @@ class CronArchive private function initTokenAuth() { - $token = ''; + $tokens = array(); /** * @ignore */ - Piwik::postEvent('CronArchive.getTokenAuth', array(&$token)); - - $this->token_auth = $token; + Piwik::postEvent('CronArchive.getTokenAuth', array(&$tokens)); + + $this->validTokenAuths = $tokens; + $this->token_auth = array_shift($tokens); } - public function getTokenAuth() + public function isTokenAuthSuperUserToken($token_auth) { - return $this->token_auth; + if(empty($token_auth) + || strlen($token_auth) != 32) { + return false; + } + + return in_array($token_auth, $this->validTokenAuths); } private function initPiwikHost($piwikUrl = false) diff --git a/misc/cron/archive.php b/misc/cron/archive.php index 3975f90bea..28438cfa72 100644 --- a/misc/cron/archive.php +++ b/misc/cron/archive.php @@ -60,9 +60,8 @@ if (isset($_SERVER['argv']) && Piwik\Console::isSupported()) { if (!Piwik\Common::isPhpCliMode()) { $token_auth = Piwik\Common::getRequestVar('token_auth', '', 'string'); - if ($token_auth !== $archiver->getTokenAuth() - || strlen($token_auth) != 32 - ) { + if (!$archiver->isTokenAuthSuperUserToken($token_auth)) { + var_dump($token_auth); die('<b>You must specify the Super User token_auth as a parameter to this script, eg. <code>?token_auth=XYZ</code> if you wish to run this script through the browser. </b><br> However it is recommended to run it <a href="http://piwik.org/docs/setup-auto-archiving/">via cron in the command line</a>, since it can take a long time to run.<br/> In a shell, execute for example the following to trigger archiving on the local Piwik server:<br/> diff --git a/plugins/UsersManager/UsersManager.php b/plugins/UsersManager/UsersManager.php index ef9c4a35d2..8bfd20c2fc 100644 --- a/plugins/UsersManager/UsersManager.php +++ b/plugins/UsersManager/UsersManager.php @@ -67,15 +67,13 @@ class UsersManager extends \Piwik\Plugin $attributes['admin_token_auth'] = $tokens; } - public function getCronArchiveTokenAuth(&$token) + public function getCronArchiveTokenAuth(&$tokens) { $model = new Model(); $superUsers = $model->getUsersHavingSuperUserAccess(); - if (!empty($superUsers)) { - $superUser = array_shift($superUsers); - - $token = $superUser['token_auth']; + foreach($superUsers as $superUser) { + $tokens[] = $superUser['token_auth']; } } |