diff options
author | Stefan Giehl <stefan@matomo.org> | 2021-03-22 01:01:28 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-22 01:01:28 +0300 |
commit | f100736dde9b34d07436a606ac57de6ab7e9feb7 (patch) | |
tree | d45e420cea7184e8f5658ab35e4ca9e52c64e876 /plugins/CoreHome | |
parent | 35994411bb9ffd56fe2c187db6105a76aff5563d (diff) |
Ensure login allow list is not checked for authenticated tracking requests (#17357)
* Ensure login allow list is not checked for authenticated tracking requests
* apply review feedback
* change event handler name
Co-authored-by: dizzy <diosmosis@users.noreply.github.com>
Diffstat (limited to 'plugins/CoreHome')
-rw-r--r-- | plugins/CoreHome/CoreHome.php | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/plugins/CoreHome/CoreHome.php b/plugins/CoreHome/CoreHome.php index aa5d05416a..83e25c867e 100644 --- a/plugins/CoreHome/CoreHome.php +++ b/plugins/CoreHome/CoreHome.php @@ -45,9 +45,9 @@ class CoreHome extends \Piwik\Plugin 'AssetManager.filterMergedJavaScripts' => 'filterMergedJavaScripts', 'Translate.getClientSideTranslationKeys' => 'getClientSideTranslationKeys', 'Metric.addComputedMetrics' => 'addComputedMetrics', - 'Request.initAuthenticationObject' => 'initAuthenticationObject', + 'Request.initAuthenticationObject' => 'checkAllowedIpsOnAuthentication', 'AssetManager.addStylesheets' => 'addStylesheets', - 'Request.dispatchCoreAndPluginUpdatesScreen' => 'initAuthenticationObject', + 'Request.dispatchCoreAndPluginUpdatesScreen' => 'checkAllowedIpsOnAuthentication', 'Tracker.setTrackerCacheGeneral' => 'setTrackerCacheGeneral', ); } @@ -73,11 +73,16 @@ class CoreHome extends \Piwik\Plugin $mergedContent = $themeStyles->toLessCode() . "\n" . $mergedContent; } - public function initAuthenticationObject() + public function checkAllowedIpsOnAuthentication() { + if (SettingsServer::isTrackerApiRequest()) { + // authenticated tracking requests should always work + return; + } + $isApi = Piwik::getModule() === 'API' && (Piwik::getAction() == '' || Piwik::getAction() == 'index'); - if (!SettingsServer::isTrackerApiRequest() && $isApi) { + if ($isApi) { // will be checked in API itself to make sure we return an API response in the proper format. return; } |