| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
* Use correct filter in certain places in twig templates.
* Another filter change.
* Reverse encoding strategy in site selector.
* Tweak to annotation escaping.
* Fix couple more double encoding issues.
* encode report name on unsubscription page
* Escape site name in quickaccess directive.
|
|
|
|
|
|
|
|
* Remove alias from user settings.
* Update UI test screenshot.
|
|
|
|
|
|
* Return access entries only for sites that still exist
* Fix UsersManager tests.
|
|
|
|
* Use Request::processRequest() so API events are triggered.
* Undo CustomDimensions submodule.
|
|
* Limit of editing of anonymous user in UI.
* Move some email styles to EmailStyles class.
* Show special warning when giving anonymous user view role.
* Make new text large.
* remove accidentally added files
|
|
* Add Access.modifyUserAccess event.
* Add some template events & use request::process for LanguagesManager API.
* Use the result of Sites.setSites in SitesManager API.
* More comments for Site::setSitesFromArray().
* fixing plugin test.
|
|
(#13391)
Makes sure when password is not deliberately set through API, ts_password_modified does not change.
|
|
|
|
build. (#13377)
* Fix tests and move AutoSuggest test to API plugin to shorten system tests build.
* Speed up system tests by clearing datatable manager cache before API call.
* Fix stalled test.
* Update log analytics submodule & VisitorGenerator submodule.
* Update expected system test output (subtable IDs changed).
|
|
complete. (#13342)
* Show confirm before changing a users password and show notification on save complete.
* Do not show password confirm is password input is blank.
|
|
|
|
|
|
UsersManager.getSitesForUser when current user is admin. (#13323)
|
|
|
|
* Fix two bugs in users manager component (bulk actions were limited to 100 rows and cancel link spanned whole container length).
* Add font styles to top of report link in email.
* remove commas
* Updated expected files.
* update tests again
* update test files again.
|
|
|
|
unprocessed (#12823)
* When a report has no data, check if it is for an unprocessed segment and display an explanatory notification.
* Remove transient notifications on reporting page change, allow datatable views to add notifications, use to display unprocessed segment message.
* Update changelog.
* Internationalize unprocessed segment message.
* Parse notification divs in dashboardWidget.js when setting widget content.
* Tweak message.
* Change PR to use different approach: throw exception when no archives found and segment is used, then detect exception in new event.
* Update changelog + document new event.
* Unfinished review changes
* more review fixes
* Do not show notification w/ custom segments.
* apply pr review
* Apply review.
* undo escaping since it was not needed & get test to pass
* Different strategy + new test.
* Fix tests.
* Update two expected screenshots.
|
|
* Put generated @theme LESS variables before everything else so theme LESS can override them.
* Update screenshots.
|
|
* Create empty components.
* Mock up users list pagination.
* Finish initial version of mockup.
* Tweak to UI
* More UI changes to new users manager screen.
* More UI changes
* Mock up user permission edits.
* More tweaks to user permission editing (on both edit form & in users table).
* add options
* Another iteration on the UsersManager UI.
* Update UsersManager UI again.
* Implementing parts of the UI, fixing issue w/ overlapping material selects, creating dropdown directives for dropdown w/ submenu using materializecss, change bulk actions to be dropdown button.
* Merge menu/submenu directives.
* More superuser UI only functionality.
* Fill out more logic of users manager UI + merging extra unneeded components/directives.
* More users manager UI only changes.
* Incomplete API method for new users list page.
* Fill in server side pagination logic w/ tests & generally get to work in UI.
* Make sure selects w/ placeholders can be unset.
* Add loading state to users list + fix pagination issues + resize pagination in case the numbers are large.
* Add last seen time to getUsersPlusAccessLevel() so it displays in UI.
* Add permission edit pagination AJAX query + server side code.
* Add "add access" button to user permission component.
* Change permissions column to role + remove superuser checkbox & merge w/ Role column.
* Delete user + bulk delete functionality.
* Get delete users to work when entire search is selected.
* Ask for confirmation before setting access in users list & implement access change logic.
* Get bulk access functionality on users list to work (w/ tests).
* Fix a bug in user table filtering + get permissions edit search to work.
* Complete logic for permissions edit.
* Change add user workflow so we do not have to save each permission edit in memory before saving whole user.
* Add/edit user functionality.
* Toggle superuser access functionality + some modal fixes.
* in users list display ajax loading notification so counter is not changed visibly before rows are loaded.
* initial review changes, disable functionality when viewing user is not superuser and some UI tweaks.
* Redo top controls for user permission edit and add slide up toast notification for when a site is added.
* Display warning in user permission edit if user has no access at all.
* Do not reload users after going back from user edit form.
* Force giving a new user access to a site when creating a user and make sure user list reloads if a user is modified, but does not realod if no user is modified.
* Add form help to the non-straightforward fields.
* Remove old usersmanager code & fix pagination bug.
* Add help icon explaining roles to users list + permission edit.
* Allow admin users to create other users + fix some regressions when making page-users-list not reload every time.
* Apply self review changes.
* Do not allow editing user details when an admin user edits a user.
* Starting on UI tests.
* Limit users displayed in page list to those that already have access to sites the current user is an admin of.
* Refactor bulk/single AJAX calls & redraw component boundaries (users manager component owns user search state, paged users list owns table/control state).
* Get add existing user modal to work.
* write most UI tests + modify fixture
* Fill out rest of UI test suite & get the rest to pass.
* fix couple regressions
* Get UI tests to pass and start on translation.
* adding translations
* try to fix some tests
* Fixing API tests.
* Fixing UsersManager tests.
* Fix UI tests.
* Add capabilities to new API output.
* remove non-existant file references.
* Add Write role to dropdowns.
* Select from proper join.
* tweak test
* Updating UI tests.
* Change styling of user permissions edit.
* Update screenshots
* Apply some PR feedback.
* apply some review feedback
* more review changes
* update file headers
* remove some TODOs
* fix some tests
* some more review fixes
* update test files
* Fix failing tests.
|
|
|
|
* Modifying "cookie authentication" to be more secure.
Instead of authenticating by token auth if it exists in the cookie, validate an existing session. If the session
has the user name stored as a session var, it has been authenticated. If the request has the same IP address and
user agent as the request that created the session, the request is from the user that created the session. If
both of these are true, then the session is valid, and we don't need a token auth to authenticate.
If the session is deleted before the Piwik auth cookie expires (due to garbage collection), we attempt to
re-authenticate using a secure hash of the token auth. We don't do this on every request since password_verify()
will, at BEST, add 3.5ms to every request.
* Invalidate existing sessions after user password change.
Invalidation is accomplished w/o having to individually touch sessions by:
1. Using the password hash as the piwik_auth key secret, instead of the token auth. So when a password changes, existing piwik_auth keys are no longer valid. This affects session re-authentication.
2. Saving the session start time & the last time a user's password was modified, and checking that the session start time is always newer than the password modification time.
* Set session.gc_maxlifetime to login_cookie_expire time so session data does not disappear, remove session re-auth functionality & tie cookie hash to password modified time instead of password hash to retain automatic session invalidation on password change.
* In SessionInitializer, clear other cookie values so previously stored token auths will be removed.
* Make sure anonymous user is still default user whan authenticating.
* fixing test failures
* Remove hash checking in piwik_auth cookie.
piwik_auth cookie still required since it's presence indicates we should use SessionAuth instead of the normal authentication mechanism. Since there's always a session, even if you're not logged in, PIWIK_SESSID can't be used by itself to determine this.
* Make sure session auth doesnt break in edge case where ts_password_modified column does not exist.
* Clarify session destruction/invalidation logic in SessionAuth.
* Make UsersManagerTest slightly more comprehensive.
* Use Date::now()->getTimestampUTC() instead of time() in SessionFingerprint::initialize().
* Check getUser returns correct user info in SessionAuth for sanity.
* Add SessionInitializer::getAuthCookie() back since it is @api.
* Remove IP address from session auth info + check.
* Refactor session start changes so it is started in one place only.
* Remove SessionAuthCookieFactory & deprecate auth cookie INI config vars (still needed for SessionInitializer deprectaed method).
* Make sure user can still login if ts_password_modified column is not present in database.
* Rename ts_password_modified Update class.
* Update comment in SessionAuth to include why Piwik tries to create another session.
* Restore 3.x-dev SessionInitializer for BC (deprecated), move new SessionInitializer to core, add tests for both SessionInitializers.
* Change update to 3.5 version.
* Make sure normal auth implementation is used if sessionauth fails so anonymous user can be logged in.
* On logout clear session fingerprint so same session cannot be used to login.
* Change update name + bump version, and make sure Session::rememberMe() is called before session is started (otherwise it has no effect).
* Fixing tests.
* apply review fixes
* remove test
|
|
* Replace proxy redirect with rel=noreferrer
* Add noopener
* Restore action=redirect for non-Matomo links
* Wrap referring URLs
* NO target on download link
* Fix Github links
* Fix whitespace
* Fix tests
* Revert change
* Revert changes
* Fix tests
* Add noreferrer shim for MSIE 10
* Remove all action=redirect links
* Restore noreferrer
* Restore test
* Fix one more occurrence
* Update changelog
* Combine if's
* Fix changelog wording
* Fix stray whitespace
|
|
|
|
* started working on some ACL concept
* acl implementation
* add category
* small tweaks
* more tweaks
* more api methods and fixes
* cache capabilities
* various enhancements, fixes, tweaks
* more tweaks
* added more tests and fixed some bugs
* fix parameter
* make sure to be BC
* make sure to be BC
* fix some tests
* more apis, translations, changelog entry, ...
* update db
* correct error message
* fix capabilities were not detected in tests
* directly access provider
* fix and add test
* JS api to check capabilities, better structure for capabilities in tests
* add ability to inject permissions
* apply review changes
* fix test
|
|
Removed '-' when editing password, so it does not need to be manually removed
Fixed indentation issues.
|
|
|
|
|
|
|
|
settings (#12558)
* add a couple of new platform features especially around validating settings
* more validators and other tweaks
* few tweaks
* allow plugins to add header script in JS tests
* some work on gdpr
* remove email feature
* menu update
* add date tooltip
* make sure privacy has its own icon
* added some text
* add opt out info
* better titles
* add some information about webserver logs
* add log import notice
* give angular some time to render
* show border around iframe
* make sure to place a notification in modal dialog if needed
* when opening a modal, make sure the top part is visible
* disable newsletter sign up by default
* command line tool to anonymize and remove previously tracked raw data
* implement some basic consent features into piwik.js
* minor tweak
* schedule entries to anonymize data in past
* let users anonymize historical data
* better overview
* better naming
* explain consent tracking
* add legitimate interest
* new menu structure for privacy
* use a proper db table for scheduled anonymizations
* add some tracker tests
* some tests and fixes
* couple of fixes and tests
* starting to add some UI tests
* more tweaks
* add missing file
* fix jslint
* have the field full width
* more tweaks
* create directory if needed
* various fixes
* fix some tests
* make sure keys will be always returned in same order
* more fixes
* fix some tests
* apply feedback from review
* fix some tests
* this might fix mysqli tests
* fix some tests
* trying to fix mysqli tests
* fix system test
* fix comment
* remove some duplicated code
* update method name
* trigger event when logs need to be deleted
* add possibility to anonymize userId and orderId
* trigger event in tracking code page
* expire consent in hours
* post another event
* update wording for privacy GDPR
* fix various ui tests
* fix some tests
* trying to fix ui tests
* trigger another test run
* fix system test
* fix some ui tests
* show a table of contents on tracking code page, fix title, add mobile apps and API
* fix ui test
* 3.5.0-b2 update
* Re-generate piwik.js
* fix job status and selector style
* make sure to include only sites with admin access
* some tweaks
* fix some ui tests
* fix some ui tests
* fix test
|
|
|
|
* move Overlay UI tests to Overlay plugin
* remove UI files that has been moved
* move Login UI tests to Login plugin
* check for element instead of comparing screenshots
* Move Installation UI tests to it's plugin
* Move UI tests for Marketplace to Marketplace plugin
* Updates Sync Screenshots command to download test files to correct directories
* ensure shortcut help is always tested with same useragent
* Move VisitorMap UI tests to UserCountryMap plugin
* Move Morpheus UI tests to plugin
* Move MultiSites UI tests zu plugin
* Move ActionsDataTable UI tests to Actions plugin
* Renames Test directories to tests
* Move UsersManager UI tests to plugin
* Move CoreUpdater UI tests to plugin
* Move DBStats UI tests to plugin
* Move Transitions UI tests to plugin
* Move Insights UI tests to plugin
* improve UI tests splitting on travis
* Moves SegmentEditor UI tests to plugin
* Moves SitesManager UI tests to plugin
* Moves ImageGraph UI tests to plugin
* move live ui test files to git lfs
* remove retry
* update test file
* improve splitting for travis
* prevent test from failing randomly
|
|
|
|
|
|
* Replace all occurences of Piwik in english translations of Actions plugin
* translation update
* Replace all occurences of Piwik in english translations of API plugin
* translation update
* Replace all occurences of Piwik in english translations of core
* replace Piwik occurrences
* Rename widget piwik.org blog => matomo.org blog
* fix widget name
* replaced some more piwik mentions
* Renamed to Matomo a few strings
* Replaced more strings to Matomo in JSON files, twig templates
* Replaced more strings to Matomo in INI file
* Replaced more strings to Matomo in API docs, error messages, feedback forms
* introduce API.getMatomoVersion and ExampleAPI.getMatomoVersion API + deprecate old ones
|
|
* renaming more Piwik mentions
* some more updates
* fix some tests
* support matomo partially as require string
* fix tests
* fix failing system test
* fix tests
* fix system test
* fix test
|
|
|
|
|
|
|
|
* http://piwik.org -> https://piwik.org
* more HTTPS URLs
* some more HTTPS URLs
* test README
* don't show "Plugin Hompage" for Piwik plugins
* fix tests
* compile minified js
(hope I didn't break anything)
* some more small changes
* fix UI test
* comment length in piwik.js changed due to https links
* fix test
* update ui file
* update submodule
|
