diff options
Diffstat (limited to 'plugins/SegmentEditor/API.php')
-rw-r--r-- | plugins/SegmentEditor/API.php | 164 |
1 files changed, 110 insertions, 54 deletions
diff --git a/plugins/SegmentEditor/API.php b/plugins/SegmentEditor/API.php index 19083f8e42..ad420009ea 100644 --- a/plugins/SegmentEditor/API.php +++ b/plugins/SegmentEditor/API.php @@ -10,12 +10,14 @@ */ /** - * The SegmentEditor API lets you add, update, delete custom Segments, and list saved segments. + * The SegmentEditor API lets you add, update, delete custom Segments, and list saved segments.a * * @package Piwik_SegmentEditor */ class Piwik_SegmentEditor_API { + const DELETE_SEGMENT_EVENT = 'SegmentEditor.delete'; + static private $instance = null; /** @@ -31,12 +33,19 @@ class Piwik_SegmentEditor_API protected function checkSegmentValue($definition, $idSite) { + // unsanitize so we don't record the HTML entitied segment + $definition = Piwik_Common::unsanitizeInputValue($definition); + $definition = str_replace("#", '%23', $definition); // hash delimiter + $definition = str_replace("'", '%27', $definition); // not encoded in JS + $definition = str_replace("&", '%26', $definition); + try { $segment = new Piwik_Segment($definition, $idSite); $segment->getHash(); } catch (Exception $e) { throw new Exception("The specified segment is invalid: " . $e->getMessage()); } + return $definition; } protected function checkSegmentName($name) @@ -52,16 +61,11 @@ class Piwik_SegmentEditor_API if ($enabledAllUsers && !Piwik::isUserIsSuperUser() ) { - throw new Exception("&enabledAllUsers=1 requires Super User access"); + throw new Exception("enabledAllUsers=1 requires Super User access"); } return $enabledAllUsers; } - - /** - * @param $idSite - * @throws Exception - */ protected function checkIdSite($idSite) { if (empty($idSite)) { @@ -74,6 +78,8 @@ class Piwik_SegmentEditor_API } Piwik::checkUserHasViewAccess($idSite); } + $idSite = (int)$idSite; + return $idSite; } protected function checkAutoArchive($autoArchive, $idSite) @@ -94,23 +100,63 @@ class Piwik_SegmentEditor_API return $autoArchive; } + protected function getSegmentOrFail($idSegment) + { + $segment = $this->get($idSegment); + + if (empty($segment)) { + throw new Exception("Requested segment not found"); + } + return $segment; + } + + protected function checkUserIsNotAnonymous() + { + if(Piwik::isUserIsAnonymous()) { + throw new Exception("To create, edit or delete Custom Segments, please sign in first."); + } + } + + /** + * Deletes a stored segment. + * + * @param $idSegment + */ public function delete($idSegment) { + $this->checkUserIsNotAnonymous(); + + // allow plugins using the segment to throw an exception or propagate the deletion + Piwik_PostEvent(self::DELETE_SEGMENT_EVENT, $idSegment); + $segment = $this->getSegmentOrFail($idSegment); $db = Zend_Registry::get('db'); $db->delete(Piwik_Common::prefixTable('segment'), 'idsegment = ' . $idSegment); return true; } + /** + * Modifies an existing stored segment. + * + * @param $idSegment The ID of the stored segment to modify. + * @param $name The new name of the segment. + * @param $definition The new definition of the segment. + * @param bool $idSite If supplied, associates the stored segment with as single site. + * @param bool $autoArchive Whether to automatically archive data with the segment or not. + * @param bool $enabledAllUsers Whether the stored segment is viewable by all users or just the one that created it. + * + */ public function update($idSegment, $name, $definition, $idSite = false, $autoArchive = false, $enabledAllUsers = false) { - $this->checkIdSite($idSite); + $this->checkUserIsNotAnonymous(); + $segment = $this->getSegmentOrFail($idSegment); + + $idSite = $this->checkIdSite($idSite); $this->checkSegmentName($name); - $this->checkSegmentValue($definition, $idSite); + $definition = $this->checkSegmentValue($definition, $idSite); $enabledAllUsers = $this->checkEnabledAllUsers($enabledAllUsers); $autoArchive = $this->checkAutoArchive($autoArchive, $idSite); - $segment = $this->getSegmentOrFail($idSegment); $bind = array( 'name' => $name, 'definition' => $definition, @@ -128,13 +174,23 @@ class Piwik_SegmentEditor_API return true; } - + /** + * Adds a new stored segment. + * + * @param $name The new name of the segment. + * @param $definition The new definition of the segment. + * @param bool $idSite If supplied, associates the stored segment with as single site. + * @param bool $autoArchive Whether to automatically archive data with the segment or not. + * @param bool $enabledAllUsers Whether the stored segment is viewable by all users or just the one that created it. + * + * @return int The newly created segment Id + */ public function add($name, $definition, $idSite = false, $autoArchive = false, $enabledAllUsers = false) { - Piwik::checkUserIsNotAnonymous(); - $this->checkIdSite($idSite); + $this->checkUserIsNotAnonymous(); + $idSite = $this->checkIdSite($idSite); $this->checkSegmentName($name); - $this->checkSegmentValue($definition, $idSite); + $definition = $this->checkSegmentValue($definition, $idSite); $enabledAllUsers = $this->checkEnabledAllUsers($enabledAllUsers); $autoArchive = $this->checkAutoArchive($autoArchive, $idSite); @@ -153,25 +209,11 @@ class Piwik_SegmentEditor_API return $db->lastInsertId(); } - public function getSegmentsToAutoArchive($idSite = false) - { - Piwik::checkUserIsSuperUser(); - - $sqlRestrictSite = ''; - $bind = array(); - if ($idSite) { - $sqlRestrictSite = 'OR enable_only_idsite = ?'; - $bind = array($idSite); - } - $segments = Zend_Registry::get('db')->fetchAll("SELECT * - FROM " . Piwik_Common::prefixTable("segment") . " - WHERE auto_archive = 1 - AND deleted = 0 - AND (enable_only_idsite IS NULL " . $sqlRestrictSite . " )", $bind - ); - return $segments; - } - + /** + * Returns a stored segment by ID + * + * @param $idSegment + */ public function get($idSegment) { Piwik::checkUserHasSomeViewAccess(); @@ -179,8 +221,8 @@ class Piwik_SegmentEditor_API throw new Exception("idSegment should be numeric."); } $segment = Zend_Registry::get('db')->fetchRow("SELECT * " . - " FROM " . Piwik_Common::prefixTable("segment") . - " WHERE idsegment = ?", $idSegment); + " FROM " . Piwik_Common::prefixTable("segment") . + " WHERE idsegment = ?", $idSegment); if (empty($segment)) { return false; @@ -188,40 +230,54 @@ class Piwik_SegmentEditor_API try { Piwik::checkUserIsSuperUserOrTheUser($segment['login']); } catch (Exception $e) { - throw new Exception("You can only manage your own segments (unless you are Super User)."); + throw new Exception("You can only edit the custom segments you have created yourself. This segment was created and 'shared with you' by the Super User. " . + "To modify this segment, you can first create a new one by clicking on 'Add new segment'. Then you can customize the segment's definition."); } if ($segment['deleted']) { - throw new Exception("This segment is marked as deleted."); + throw new Exception("This segment is marked as deleted. "); } return $segment; } /** - * @param $idSegment - * @throws Exception + * Returns all stored segments. + * + * @param bool $idSite Whether to return stored segments that are only auto-archived for a specific idSite, or all of them. If supplied, must be a valid site ID. + * @param bool $returnOnlyAutoArchived Whether to only return stored segments that are auto-archived or not. + * @return array */ - protected function getSegmentOrFail($idSegment) + public function getAll($idSite = false, $returnOnlyAutoArchived = false) { - $segment = $this->get($idSegment); + if(!empty($idSite) ) { + Piwik::checkUserHasViewAccess($idSite); + } else { + Piwik::checkUserHasSomeViewAccess(); + } + $bind = array(); - if (empty($segment)) { - throw new Exception("Requested segment not found"); + // Build basic segment filtering + $whereIdSite = ''; + if(!empty($idSite)) { + $whereIdSite = 'enable_only_idsite = ? OR '; + $bind[] = $idSite; } - return $segment; - } - public function getAll($idSite) - { - Piwik::checkUserHasViewAccess($idSite); + $bind[] = Piwik::getCurrentUserLogin(); + + $extraWhere = ''; + if($returnOnlyAutoArchived) { + $extraWhere = ' AND auto_archive = 1'; + } + // Query $sql = "SELECT * " . - " FROM " . Piwik_Common::prefixTable("segment") . - " WHERE (enable_only_idsite = ? OR enable_only_idsite IS NULL) - AND (enable_all_users = 1 OR login = ?) - AND deleted = 0 - ORDER BY name ASC"; - $bind = array($idSite, Piwik::getCurrentUserLogin()); + " FROM " . Piwik_Common::prefixTable("segment") . + " WHERE ($whereIdSite enable_only_idsite = 0) + AND (enable_all_users = 1 OR login = ?) + AND deleted = 0 + $extraWhere + ORDER BY name ASC"; $segments = Zend_Registry::get('db')->fetchAll($sql, $bind); return $segments; |