Rename login_whitelist_ip config to login_allowlist_ip (#16413)

author: Thomas Steur <tsteur@users.noreply.github.com> 2020-10-01 23:12:31 +0300
committer: GitHub <noreply@github.com> 2020-10-01 23:12:31 +0300
commit: 82186597b37e255a5b13f6b9c7e53d323b2c501b (patch)
tree: 5f30ed30c5cd63d6451280e7a6b8081245be6316 /core
parent: 13cda22af49f616d1e5967364a041215f864d0c5 (diff)
8 files changed, 72 insertions, 12 deletions
diff --git a/core/API/CORSHandler.php b/core/API/CORSHandler.php
index 06e0af1f12..fb60b9a78e 100644
--- a/core/API/CORSHandler.php
+++ b/core/API/CORSHandler.php
@@ -45,7 +45,7 @@ class CORSHandler
             return;
         }
 
-        // specifically allow if it is one of the whitelisted CORS domains
+        // specifically allow if it is one of the allowlisted CORS domains
         if (!empty($_SERVER['HTTP_ORIGIN'])) {
             $origin = $_SERVER['HTTP_ORIGIN'];
             if (in_array($origin, $this->domains, true)) {
diff --git a/core/API/Request.php b/core/API/Request.php
index 7850e91aaf..b64723db70 100644
--- a/core/API/Request.php
+++ b/core/API/Request.php
@@ -19,7 +19,7 @@ use Piwik\Exception\PluginDeactivatedException;
 use Piwik\IP;
 use Piwik\Piwik;
 use Piwik\Plugin\Manager as PluginManager;
-use Piwik\Plugins\CoreHome\LoginWhitelist;
+use Piwik\Plugins\CoreHome\LoginAllowlist;
 use Piwik\SettingsServer;
 use Piwik\Url;
 use Piwik\UrlHelper;
@@ -237,11 +237,11 @@ class Request
 
             // IP check is needed here as we cannot listen to API.Request.authenticate as it would then not return proper API format response.
             // We can also not do it by listening to API.Request.dispatch as by then the user is already authenticated and we want to make sure
-            // to not expose any information in case the IP is not whitelisted.
-            $whitelist = new LoginWhitelist();
-            if ($whitelist->shouldCheckWhitelist() && $whitelist->shouldWhitelistApplyToAPI()) {
+            // to not expose any information in case the IP is not allowed.
+            $list = new LoginAllowlist();
+            if ($list->shouldCheckAllowlist() && $list->shouldAllowlistApplyToAPI()) {
                 $ip = IP::getIpFromHeader();
-                $whitelist->checkIsWhitelisted($ip);
+                $list->checkIsAllowed($ip);
             }
 
             // read parameters
diff --git a/core/DataTable/Filter/ColumnDelete.php b/core/DataTable/Filter/ColumnDelete.php
index 336e0faa3f..89aaa6663c 100644
--- a/core/DataTable/Filter/ColumnDelete.php
+++ b/core/DataTable/Filter/ColumnDelete.php
@@ -13,7 +13,7 @@ use Piwik\DataTable\BaseFilter;
 
 /**
  * Filter that will remove columns from a {@link DataTable} using either a blacklist,
- * whitelist or both.
+ * allowlist or both.
  *
  * This filter is used to handle the **hideColumn** and **showColumn** query parameters.
  *
@@ -129,7 +129,7 @@ class ColumnDelete extends BaseFilter
                     }
 
                     if (!$keep
-                        && $name !== 'label' // label cannot be removed via whitelisting
+                        && $name !== 'label' // label cannot be removed via allowlisting
                         && !isset($this->columnsToKeep[$name])
                     ) {
                         // we cannot remove row directly to prevent notice "ArrayIterator::next(): Array was modified
diff --git a/core/Metrics/Formatter.php b/core/Metrics/Formatter.php
index e98a93f4aa..25d306e7e5 100644
--- a/core/Metrics/Formatter.php
+++ b/core/Metrics/Formatter.php
@@ -167,7 +167,7 @@ class Formatter
      *
      * @param DataTable $dataTable The table to format metrics for.
      * @param Report|null $report The report the table belongs to.
-     * @param string[]|null $metricsToFormat Whitelist of names of metrics to format.
+     * @param string[]|null $metricsToFormat Allow a list of names of metrics to format.
      * @param boolean $formatAll If true, will also apply formatting to non-processed metrics like revenue.
      *                           This parameter is not currently supported and subject to change.
      * @api
diff --git a/core/Updates/3.0.0-b1.php b/core/Updates/3.0.0-b1.php
index 11d24eadbc..2613a95e16 100644
--- a/core/Updates/3.0.0-b1.php
+++ b/core/Updates/3.0.0-b1.php
@@ -62,7 +62,7 @@ class Updates_3_0_0_b1 extends Updates
         $updater->executeMigrations(__FILE__, $this->getMigrations($updater));
         $this->migratePluginEmailUpdateSetting();
 
-        // added .woff and woff2 whitelisted file for apache webserver
+        // added .woff and woff2 allowlisted file for apache webserver
         ServerFilesGenerator::deleteHtAccessFiles();
         ServerFilesGenerator::createHtAccessFiles();
 
diff --git a/core/Updates/4.0.0-b3.php b/core/Updates/4.0.0-b3.php
new file mode 100644
index 0000000000..b2fa6fcaf0
--- /dev/null
+++ b/core/Updates/4.0.0-b3.php
@@ -0,0 +1,60 @@
+<?php
+/**
+ * Matomo - free/libre analytics platform
+ *
+ * @link https://matomo.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ *
+ */
+
+namespace Piwik\Updates;
+
+use Piwik\Config;
+use Piwik\Updater;
+use Piwik\Updates as PiwikUpdates;
+use Piwik\Updater\Migration\Factory as MigrationFactory;
+
+/**
+ * Update for version 4.0.0-b3.
+ */
+class Updates_4_0_0_b3 extends PiwikUpdates
+{
+    /**
+     * @var MigrationFactory
+     */
+    private $migration;
+
+    public function __construct(MigrationFactory $factory)
+    {
+        $this->migration = $factory;
+    }
+
+    public function getMigrations(Updater $updater)
+    {
+        $migrations = [];
+
+        $config = Config::getInstance();
+        $general = $config->General;
+        if (empty($general['login_whitelist_apply_to_reporting_api_requests'])) {
+            $migrations[] = $this->migration->config->set('General', 'login_allowlist_apply_to_reporting_api_requests', '0');
+        }
+
+        return $migrations;
+    }
+
+    public function doUpdate(Updater $updater)
+    {
+        $updater->executeMigrations(__FILE__, $this->getMigrations($updater));
+
+        $config = Config::getInstance();
+        $general = $config->General;
+        if (!empty($general['login_whitelist_ip'])) {
+            // the migration->config->set does not support arrays yet so we do it here.
+            $general['login_allowlist_ip'] = $general['login_whitelist_ip'];
+            $config->General = $general;
+            $config->forceSave();
+        }
+
+    }
+
+}
diff --git a/core/Url.php b/core/Url.php
index dbbf4dc98d..1ea88e17aa 100644
--- a/core/Url.php
+++ b/core/Url.php
@@ -219,7 +219,7 @@ class Url
             }
         }
 
-        // if host is in hardcoded whitelist, assume it's valid
+        // if host is in hardcoded allowlist, assume it's valid
         if (in_array($host, self::getAlwaysTrustedHosts())) {
             return true;
         }
diff --git a/core/Version.php b/core/Version.php
index 0a14caf528..7e45dd4d91 100644
--- a/core/Version.php
+++ b/core/Version.php
@@ -20,7 +20,7 @@ final class Version
      * The current Matomo version.
      * @var string
      */
-    const VERSION = '4.0.0-b2';
+    const VERSION = '4.0.0-b3';
     const MAJOR_VERSION = 4;
 
     public function isStableVersion($version)
author	Thomas Steur <tsteur@users.noreply.github.com>	2020-10-01 23:12:31 +0300
committer	GitHub <noreply@github.com>	2020-10-01 23:12:31 +0300
commit	82186597b37e255a5b13f6b9c7e53d323b2c501b (patch)
tree	5f30ed30c5cd63d6451280e7a6b8081245be6316 /core
parent	13cda22af49f616d1e5967364a041215f864d0c5 (diff)