| public static authenticateSuperUserOrAdmin ( $tokenAuth, $idSite ) |
public function test_authenticateSuperUserOrAdmin_ShouldAlwaysWorkForSuperUser()
{
Fixture::createSuperUser(false);
$token = Fixture::getTokenAuth();
$isAuthenticated = Request::authenticateSuperUserOrAdmin($token, 1);
$this->assertTrue($isAuthenticated);
$isAuthenticated = Request::authenticateSuperUserOrAdmin($token, 2);
$this->assertTrue($isAuthenticated);
}
private function authenticateBulkTrackingRequests($rawData)
{
$rawData = trim($rawData);
$rawData = Common::sanitizeLineBreaks($rawData);
// POST data can be array of string URLs or array of arrays w/ visit info
$jsonData = json_decode($rawData, $assoc = true);
if (isset($jsonData['requests'])) {
$this->requests = $jsonData['requests'];
}
$tokenAuth = Common::getRequestVar('token_auth', false, 'string', $jsonData);
if (empty($tokenAuth)) {
throw new Exception("token_auth must be specified when using Bulk Tracking Import. See <a href='http://developer.piwik.org/api-reference/tracking-api'>Tracking Doc</a>");
}
if (!empty($this->requests)) {
$idSitesForAuthentication = array();
foreach ($this->requests as &$request) {
// if a string is sent, we assume its a URL and try to parse it
if (is_string($request)) {
$params = array();
$url = @parse_url($request);
if (!empty($url)) {
@parse_str($url['query'], $params);
$request = $params;
}
}
// We need to check access for each single request
if (isset($request['idsite']) && !in_array($request['idsite'], $idSitesForAuthentication)) {
$idSitesForAuthentication[] = $request['idsite'];
}
}
foreach ($idSitesForAuthentication as $idSiteForAuthentication) {
// a Bulk Tracking request that is not authenticated should fail
if (!Request::authenticateSuperUserOrAdmin($tokenAuth, $idSiteForAuthentication)) {
throw new Exception("token_auth specified does not have Admin permission for site " . intval($idSiteForAuthentication));
}
}
}
return $tokenAuth;
}
