diff options
| author | diosmosis <benaka@piwik.pro> | 2014-09-30 04:19:58 +0400 |
|---|---|---|
| committer | diosmosis <benaka@piwik.pro> | 2014-09-30 16:37:37 +0400 |
| commit | 8e82428416bd17832b5f059ae8b6933f301c4719 (patch) | |
| tree | d2900459458e5107c24c86e5c6fcd5f03555fbe4 /core | |
| parent | 0401d7e82714a770a4835b1ad4a90a42fbed0f15 (diff) | |
Deprecating Piwik::setUserHasSuperUserAccess() and switching to Access::doAsSuperUser().
Diffstat (limited to 'core')
| -rw-r--r-- | core/Access.php | 36 | ||||
| -rw-r--r-- | core/CronArchive.php | 12 | ||||
| -rw-r--r-- | core/Piwik.php | 3 | ||||
| -rw-r--r-- | core/Tracker/Cache.php | 51 |
4 files changed, 69 insertions, 33 deletions
diff --git a/core/Access.php b/core/Access.php index d18310cb5b..578edaa044 100644 --- a/core/Access.php +++ b/core/Access.php @@ -8,6 +8,7 @@ */ namespace Piwik; +use Exception; use Piwik\Db; /** @@ -146,7 +147,14 @@ class Access if ($this->hasSuperUserAccess()) { return $this->reloadAccessSuperUser(); } + } + + if ($this->hasSuperUserAccess()) { + return $this->reloadAccessSuperUser(); + } + // if the Auth wasn't set, we may be in the special case of setSuperUser(), otherwise we fail TODO: docs + review + if ($this->auth === null) { return false; } @@ -422,6 +430,34 @@ class Access return $idSites; } + + /** + * Executes a callback with superuser privileges, making sure those privileges are rescinded + * before this method exits. Privileges will be rescinded even if an exception is thrown. + * + * @param callback $function The callback to execute. Should accept no arguments. + * @return mixed The result of `$function`. + * @throws Exception rethrows any exceptions thrown by `$function`. + * @api + */ + public static function doAsSuperUser($function) + { + $isSuperUser = self::getInstance()->hasSuperUserAccess(); + + self::getInstance()->setSuperUserAccess(true); + + try { + $result = $function(); + } catch (Exception $ex) { + self::getInstance()->setSuperUserAccess($isSuperUser); + + throw $ex; + } + + self::getInstance()->setSuperUserAccess($isSuperUser); + + return $result; + } } /** diff --git a/core/CronArchive.php b/core/CronArchive.php index 045e1f7c62..bbb4a7a6e4 100644 --- a/core/CronArchive.php +++ b/core/CronArchive.php @@ -219,10 +219,13 @@ class CronArchive */ public function main() { - $this->init(); - $this->run(); - $this->runScheduledTasks(); - $this->end(); + $self = $this; + Access::doAsSuperUser(function () use ($self) { + $self->init(); + $self->run(); + $self->runScheduledTasks(); + $self->end(); + }); } public function init() @@ -232,7 +235,6 @@ class CronArchive $this->initTokenAuth(); $this->initCheckCli(); $this->initStateFromParameters(); - Piwik::setUserHasSuperUserAccess(true); $this->logInitInfo(); $this->checkPiwikUrlIsValid(); diff --git a/core/Piwik.php b/core/Piwik.php index ea49b72675..16f50f387f 100644 --- a/core/Piwik.php +++ b/core/Piwik.php @@ -427,7 +427,10 @@ class Piwik * Helper method user to set the current as superuser. * This should be used with great care as this gives the user all permissions. * + * This method is deprecated, use {@link Access::doAsSuperUser()} instead. + * * @param bool $bool true to set current user as Super User + * @deprecated */ public static function setUserHasSuperUserAccess($bool = true) { diff --git a/core/Tracker/Cache.php b/core/Tracker/Cache.php index db442378e7..b8f0413c63 100644 --- a/core/Tracker/Cache.php +++ b/core/Tracker/Cache.php @@ -8,6 +8,7 @@ */ namespace Piwik\Tracker; +use Piwik\Access; use Piwik\ArchiveProcessor\Rules; use Piwik\CacheFile; use Piwik\Common; @@ -63,35 +64,29 @@ class Cache Tracker::initCorePiwikInTrackerMode(); - // save current user privilege and temporarily assume Super User privilege - $isSuperUser = Piwik::hasUserSuperUserAccess(); - Piwik::setUserHasSuperUserAccess(); - $content = array(); - - /** - * Triggered to get the attributes of a site entity that might be used by the - * Tracker. - * - * Plugins add new site attributes for use in other tracking events must - * use this event to put those attributes in the Tracker Cache. - * - * **Example** - * - * public function getSiteAttributes($content, $idSite) - * { - * $sql = "SELECT info FROM " . Common::prefixTable('myplugin_extra_site_info') . " WHERE idsite = ?"; - * $content['myplugin_site_data'] = Db::fetchOne($sql, array($idSite)); - * } - * - * @param array &$content Array mapping of site attribute names with values. - * @param int $idSite The site ID to get attributes for. - */ - Piwik::postEvent('Tracker.Cache.getSiteAttributes', array(&$content, $idSite)); - Common::printDebug("Website $idSite tracker cache was re-created."); - - // restore original user privilege - Piwik::setUserHasSuperUserAccess($isSuperUser); + Access::doAsSuperUser(function () use (&$content, $idSite) { + /** + * Triggered to get the attributes of a site entity that might be used by the + * Tracker. + * + * Plugins add new site attributes for use in other tracking events must + * use this event to put those attributes in the Tracker Cache. + * + * **Example** + * + * public function getSiteAttributes($content, $idSite) + * { + * $sql = "SELECT info FROM " . Common::prefixTable('myplugin_extra_site_info') . " WHERE idsite = ?"; + * $content['myplugin_site_data'] = Db::fetchOne($sql, array($idSite)); + * } + * + * @param array &$content Array mapping of site attribute names with values. + * @param int $idSite The site ID to get attributes for. + */ + Piwik::postEvent('Tracker.Cache.getSiteAttributes', array(&$content, $idSite)); + Common::printDebug("Website $idSite tracker cache was re-created."); + }); // if nothing is returned from the plugins, we don't save the content // this is not expected: all websites are expected to have at least one URL |