| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
request, but force_api_session parameter is present as well (#17867)
|
|
* Ensure correct no access message is shown
* Add tests for access error messages
* fix ui tests
|
|
(#16595)
* Add new INI config [General] enable_framed_allow_write_admin_token_auth to allow framed matomo use case to still function in Matomo 4.
* Link to faq in exception message.
* apply pr feedback and write integration tests (not passing)
* fix test
* fix test
* update screenshot
* fix more ui tests
* update exception message
* update some expected screenshots
* update screenshot
Co-authored-by: Thomas Steur <tsteur@users.noreply.github.com>
|
|
* Compare token if value is 0
* when session is used always verify token
* also compare if a string is set
* update travis
Co-authored-by: sgiehl <stefan@matomo.org>
|
|
(#15889)
* Adding initial new code for cron archive rewrite.
* first pass at removing unused CronArchive code.
* unfinished commit
* fill out archiveinvalidator code
* getting some tests to pass
* unfinished commit
* fixing part of test
* Another test fix.
* another sql change
* fix broken merge or something else that went wrong
* Couple more fixes and extra logs.
* Fixing enough issues to get core archive command to run completely.
* Fix and log change.
* Fixed more segment/test related issues for CronArchiveTest. Includes optimization for no visits for period + segment process from handling.
* another optimization and possible build fix
* no visit optimization
* test fix
* Implement archiving_custom_ranges logic w/ queue based implementation
* fixes to get archivecrontest to work
* add logic to invalidate today period
* fix optimization and some tests
* Fixing more tests.
* Fixing more tests
* debug travis failure
* more test fixes
* more test fixes, removing more unneeded code, handling some TODOs
* Handle more TODOs including creating ArchiveFilter class for some cli options.
* tests and todos
* idarchives are specific to table + start on archivefilter tests
* one test
* more TODOs and tests
* more tests and todo taken care of
* handle more todos
* fixing more tests
* fix comment
* make sure autoarchiving is enabled for segments when cron archive picks them up
* Fixing test.
* apply more pr feedback
* order by date1 asc
* quick refactor
* use batch insert instead of createDummyArchives
* apply rest of pr feedback
* add removed events, add new test, fix an issue (when deleting idarchives older than do not lump all segments together).
* re-add fixed/shared siteids
* fix tests
* incomplete commit
* Insert archive entries into archive_invalidations table.
* Use invalidations table in core:archive and get ArchiveCronTest to pass.
* fixing some tests
* debugging travis
* fix more tests & remove DONE_IN_PROGRESS which is no longer used.
* fix more tests
* Allow forcing plugin specific archive in core:archive.
* When querying from archive data use all available archives including "all" archives and plugin specific archives.
* Adding some code for invalidating specific plugin archives.
* Get archive invalidation test to pass.
* add plugin capability to invalidate command
* Handle plugin only archives in core:archive.
* Add Archive test and get ArchiveCronTest to pass.
* update some expected files
* Fix some more tests.
* incomplete commit
* allow invalidating individual reports
* adding more API for DONE_PARTIAL support
* get archivecrontest to pass
* add archive processor tests
* fix some test randomnes
* when purging keep latest partial archives if there is no newer whole archive
* add rearchivereport method + some unfinished tests
* Add archiveReports API method, fix race condition in test, when archiving single report, always ignore inserting other reports.
* require archivers to handle partial archives themselves entirely instead of trying to do it automatically and allow requested report to be any string
* couple fixes
* Use core config option for last N montsh to invalidate.
* Add test for ArchiveSelector method.
* Ignore archives w/ deactivated plugins.
* Refactor queue looping into new QueueConsumer class.
* apply more review feedback + another fix
* invalidate segments too in reArchiveReport w/ etsts
* remove DONE_IN_PROGRESS, no longer used. use new status in query and add queue consumer test.
* forgot to add file
* delete old unneeded archives when finalizing a new one.
* tweak invalidation archive description
* add plugin archiving tests and get them to pass
* fix test
* many fixes
* fix another test
* update expected test files
* fix more tests
* last test fixes hopefully
* tweak log
* In case a column already exists, do not try to add it in an AddColumns migration or the entire migration will fail and no columns will be added.
* try to fix tests again
* fix again?
* apply some review feedback + fix test
* fix test
* fix another test
* couple fixes
* Remove extra param.
* apply pr feedback
* check for usable archive before invalidating and before initiating archiving
* fixing tests
* fixing tests
* fixing tests
* fix another test issue
* fix archiveinvalidator test
* fix one test and debug another
* more debugging
* fix test
* use twig
* remove no longer needed change
* add back previous logic
* fix tracking is not working
* apply pr feedback and add tests
* fixing tests
* update submodule
* debugging random travis failure
* update test
* more debugging
* more debugging
* another attempt at debugging
* Lets try this fix
* trying to fix the build
* debug
* simpler test
* fix test
* fix test
* fix test
* fix test
* fix test failure
* update screenshots
* update screenshots
Co-authored-by: Thomas Steur <tsteur@users.noreply.github.com>
|
|
|
|
* update doc blocks with new name
* submodule updates
* updates expected UI files
|
|
|
|
* some initial work
* add security page
* backing up some code
* more functionality
* adjust more UI parts
* adjust more code
* more tweaks
* add todo note
* few tweaks
* make sure date is in right format
* fix not existing column
* few fixes
* available hashes
* use different hash algo so tests run on php 5
* fix name of aglorithm
* trying to fix some tests
* another try to fix some tests
* more fixes
* more fixes
* few fixes
* update template
* fix some tests
* fix test
* fixing some tests
* various test fixes
* more fixes
* few more tests
* more tests
* various tweaks
* add translations
* add some ui tests
* fix selector
* tweaks
* trying to fix some ui tests
* fallback to regular authentication if needed
* fix call authenticate on null
* fix user settings
* fix some tests
* few fixes
* fix more ui tests
* update schema
* Update plugins/CoreHome/angularjs/widget-loader/widgetloader.directive.js
Co-Authored-By: Stefan Giehl <stefan@matomo.org>
* fix maps are not showing data
* trying to fix some tests
* set correct token
* trying to fix tracking failure
* minor tweaks and fixes
* fix more tests
* fix screenshot test
* trigger event so brute force logic is executed
* test no fallback to actual authentication
* allow fallback
* apply review feedback
* fix some tests
* fix tests
* make sure location values from query params are limited properly before attempting a db insert
* make sure plugin uninstall migration reloads plugins, make sure 4.0.0-b1 migration removes unique index that is no longer used, use defaults extra file in SqlDump to get test to run on travis
* Fix UI tests.
* update expected screenshot
Co-authored-by: Stefan Giehl <stefan@matomo.org>
Co-authored-by: diosmosis <diosmosis@users.noreply.github.com>
|
|
FrontController::init() (#15591)
|
|
It shouldn't change any logic. While debugging noticed some nested `doAsSuperUser` calls and was wondering if this could cause random issues... Also if actually logged in user is already super user, we don't need to fake anything...
|
|
It should not say `you must be logged in` but eg `You can't access this resource as it requires 'view' access for the website id = 1.`
|
|
strings in the future." in Access class (#15142)
refs https://github.com/matomo-org/wp-matomo/issues/72
[10-Nov-2019 16:43:37 UTC] PHP Deprecated: strpos(): Non-string needles will be interpreted as strings in the future. Use an explicit chr() call to preserve the current behavior in htdocs/wp-content/plugins/matomo/app/core/Access.php on line 717
|
|
(#14829)
|
|
|
|
I updated the link tag for all php files with the new matomo link.
Not sure if it is realistic that this will get merged but I though that someday someone has to do this(?)
|
|
|
|
* Add Access.modifyUserAccess event.
* Add some template events & use request::process for LanguagesManager API.
* Use the result of Sites.setSites in SitesManager API.
* More comments for Site::setSitesFromArray().
* fixing plugin test.
|
|
* Fix capabilities weren't detected correctly
* added test
|
|
* Create empty components.
* Mock up users list pagination.
* Finish initial version of mockup.
* Tweak to UI
* More UI changes to new users manager screen.
* More UI changes
* Mock up user permission edits.
* More tweaks to user permission editing (on both edit form & in users table).
* add options
* Another iteration on the UsersManager UI.
* Update UsersManager UI again.
* Implementing parts of the UI, fixing issue w/ overlapping material selects, creating dropdown directives for dropdown w/ submenu using materializecss, change bulk actions to be dropdown button.
* Merge menu/submenu directives.
* More superuser UI only functionality.
* Fill out more logic of users manager UI + merging extra unneeded components/directives.
* More users manager UI only changes.
* Incomplete API method for new users list page.
* Fill in server side pagination logic w/ tests & generally get to work in UI.
* Make sure selects w/ placeholders can be unset.
* Add loading state to users list + fix pagination issues + resize pagination in case the numbers are large.
* Add last seen time to getUsersPlusAccessLevel() so it displays in UI.
* Add permission edit pagination AJAX query + server side code.
* Add "add access" button to user permission component.
* Change permissions column to role + remove superuser checkbox & merge w/ Role column.
* Delete user + bulk delete functionality.
* Get delete users to work when entire search is selected.
* Ask for confirmation before setting access in users list & implement access change logic.
* Get bulk access functionality on users list to work (w/ tests).
* Fix a bug in user table filtering + get permissions edit search to work.
* Complete logic for permissions edit.
* Change add user workflow so we do not have to save each permission edit in memory before saving whole user.
* Add/edit user functionality.
* Toggle superuser access functionality + some modal fixes.
* in users list display ajax loading notification so counter is not changed visibly before rows are loaded.
* initial review changes, disable functionality when viewing user is not superuser and some UI tweaks.
* Redo top controls for user permission edit and add slide up toast notification for when a site is added.
* Display warning in user permission edit if user has no access at all.
* Do not reload users after going back from user edit form.
* Force giving a new user access to a site when creating a user and make sure user list reloads if a user is modified, but does not realod if no user is modified.
* Add form help to the non-straightforward fields.
* Remove old usersmanager code & fix pagination bug.
* Add help icon explaining roles to users list + permission edit.
* Allow admin users to create other users + fix some regressions when making page-users-list not reload every time.
* Apply self review changes.
* Do not allow editing user details when an admin user edits a user.
* Starting on UI tests.
* Limit users displayed in page list to those that already have access to sites the current user is an admin of.
* Refactor bulk/single AJAX calls & redraw component boundaries (users manager component owns user search state, paged users list owns table/control state).
* Get add existing user modal to work.
* write most UI tests + modify fixture
* Fill out rest of UI test suite & get the rest to pass.
* fix couple regressions
* Get UI tests to pass and start on translation.
* adding translations
* try to fix some tests
* Fixing API tests.
* Fixing UsersManager tests.
* Fix UI tests.
* Add capabilities to new API output.
* remove non-existant file references.
* Add Write role to dropdowns.
* Select from proper join.
* tweak test
* Updating UI tests.
* Change styling of user permissions edit.
* Update screenshots
* Apply some PR feedback.
* apply some review feedback
* more review changes
* update file headers
* remove some TODOs
* fix some tests
* some more review fixes
* update test files
* Fix failing tests.
|
|
While reviewing https://github.com/matomo-org/matomo/pull/13158 I noticed the third parameter for `in_array` to force string checking should not be set here I suppose as idSites might be either strings or integers.
|
|
* started working on some ACL concept
* acl implementation
* add category
* small tweaks
* more tweaks
* more api methods and fixes
* cache capabilities
* various enhancements, fixes, tweaks
* more tweaks
* added more tests and fixed some bugs
* fix parameter
* make sure to be BC
* make sure to be BC
* fix some tests
* more apis, translations, changelog entry, ...
* update db
* correct error message
* fix capabilities were not detected in tests
* directly access provider
* fix and add test
* JS api to check capabilities, better structure for capabilities in tests
* add ability to inject permissions
* apply review changes
* fix test
|
|
* Change to gender neutral phrasing in user-facing text
* Switch to gender neutral wording in docs/comments
|
|
|
|
|
|
override access loading behavior. Needed by UserGroups plugin.
|
|
|
|
|
|
|
|
superuser and has many sites
|
|
|
|
|
|
Access::doAsSuperUser().
|
|
code, few refactorings, all as part of our code cleanup strategy
|
|
|
|
|
|
to use free/libre instead of open source
|
|
using phpstorm optimize imports feature
|
|
|
|
Let's see if any test or screenshot test fails
|
|
|
|
|
|
|
|
|
|
|
|
|
|
refs #4609
|
|
|
