Do not force api session usage for widgetized views (#16875)

author: Stefan Giehl <stefan@matomo.org> 2020-12-04 01:02:02 +0300
committer: GitHub <noreply@github.com> 2020-12-04 01:02:02 +0300
commit: d81b5cf0426b029c1ac5cdbaa084d1e7f55e5d50 (patch)
tree: 9666b8b841b04df900be671451aeda9e0f28d060 /plugins
parent: 0d5053c6d0f0f539d8ad460af70ce7cc86420fd0 (diff)
5 files changed, 14 insertions, 6 deletions
diff --git a/plugins/CoreHome/angularjs/common/services/piwik-api.js b/plugins/CoreHome/angularjs/common/services/piwik-api.js
index c98d13260a..53edc3f292 100644
--- a/plugins/CoreHome/angularjs/common/services/piwik-api.js
+++ b/plugins/CoreHome/angularjs/common/services/piwik-api.js
@@ -49,7 +49,8 @@ var hasBlockedContent = false;
         function withTokenInUrl()
         {
             postParams['token_auth'] = piwik.token_auth;
-            postParams['force_api_session'] = '1';
+            // When viewing a widgetized report there won't be any session that can be used, so don't force session usage
+            postParams['force_api_session'] = piwik.broadcast.isWidgetizeRequestWithoutSession() ? 0 : 1;
         }
 
         function isRequestToApiMethod() {
@@ -192,7 +193,8 @@ var hasBlockedContent = false;
         function getPostParams (params) {
             if (isRequestToApiMethod() || piwik.shouldPropagateTokenAuth) {
                 params.token_auth = piwik.token_auth;
-                params.force_api_session = '1';
+                // When viewing a widgetized report there won't be any session that can be used, so don't force session usage
+                params.force_api_session = piwik.broadcast.isWidgetizeRequestWithoutSession() ? 0 : 1;
             }
 
             return params;
@@ -278,7 +280,8 @@ var hasBlockedContent = false;
             if (_postParams_) {
                 if (postParams && postParams.token_auth && !_postParams_.token_auth) {
                     _postParams_.token_auth = postParams.token_auth;
-                    _postParams_.force_api_session = '1';
+                    // When viewing a widgetized report there won't be any session that can be used, so don't force session usage
+                    _postParams_.force_api_session = piwik.broadcast.isWidgetizeRequestWithoutSession() ? 0 : 1;
                 }
                 postParams = _postParams_;
             }
diff --git a/plugins/CoreHome/javascripts/broadcast.js b/plugins/CoreHome/javascripts/broadcast.js
index 06517de5aa..3faccf80a5 100644
--- a/plugins/CoreHome/javascripts/broadcast.js
+++ b/plugins/CoreHome/javascripts/broadcast.js
@@ -181,6 +181,10 @@ var broadcast = {
         return broadcast.getValueFromUrl('module') == 'Widgetize' && broadcast.getValueFromUrl('moduleToWidgetize') == 'Dashboard';
     },
 
+    isWidgetizeRequestWithoutSession: function() {
+        return broadcast.getValueFromUrl('module') == 'Widgetize' && broadcast.getValueFromUrl('module') == 'iframe' && broadcast.getValueFromUrl('force_api_session') != '1';
+    },
+
     /**
      * Returns if the current page is the login page
      * @return {boolean}
diff --git a/plugins/Morpheus/javascripts/ajaxHelper.js b/plugins/Morpheus/javascripts/ajaxHelper.js
index e5a8bbc43c..c2b19586a1 100644
--- a/plugins/Morpheus/javascripts/ajaxHelper.js
+++ b/plugins/Morpheus/javascripts/ajaxHelper.js
@@ -493,7 +493,8 @@ function ajaxHelper() {
         if (this.withToken || this._isRequestToApiMethod() || piwik.shouldPropagateTokenAuth) {
             return {
                 token_auth: piwik.token_auth,
-                force_api_session: '1'
+                // When viewing a widgetized report there won't be any session that can be used, so don't force session usage
+                force_api_session: broadcast.isWidgetizeRequestWithoutSession() ? 0 : 1
             };
         }
 
diff --git a/plugins/UserCountryMap/javascripts/realtime-map.js b/plugins/UserCountryMap/javascripts/realtime-map.js
index 416bed57ae..f3e6c0f648 100644
--- a/plugins/UserCountryMap/javascripts/realtime-map.js
+++ b/plugins/UserCountryMap/javascripts/realtime-map.js
@@ -148,7 +148,7 @@
                 return $.ajax({
                     url: 'index.php?' + $.param(params),
                     dataType: 'json',
-                    data: { token_auth: tokenAuth, force_api_session: '1' },
+                    data: { token_auth: tokenAuth, force_api_session: broadcast.isWidgetizeRequestWithoutSession() ? 0 : 1 },
                     type: 'POST'
                 });
             }
diff --git a/plugins/UserCountryMap/javascripts/visitor-map.js b/plugins/UserCountryMap/javascripts/visitor-map.js
index b48ce14c47..34ae214925 100644
--- a/plugins/UserCountryMap/javascripts/visitor-map.js
+++ b/plugins/UserCountryMap/javascripts/visitor-map.js
@@ -122,7 +122,7 @@
                 return $.ajax({
                     url: 'index.php?' + $.param(params),
                     dataType: dataType,
-                    data: { token_auth: token_auth, force_api_session: '1' },
+                    data: { token_auth: token_auth, force_api_session: broadcast.isWidgetizeRequestWithoutSession() ? 0 : 1 },
                     type: 'POST'
                 });
             }
author	Stefan Giehl <stefan@matomo.org>	2020-12-04 01:02:02 +0300
committer	GitHub <noreply@github.com>	2020-12-04 01:02:02 +0300
commit	d81b5cf0426b029c1ac5cdbaa084d1e7f55e5d50 (patch)
tree	9666b8b841b04df900be671451aeda9e0f28d060 /plugins
parent	0d5053c6d0f0f539d8ad460af70ce7cc86420fd0 (diff)