public function addSetting(Setting $setting) { if ($this->idSite && $setting instanceof MeasurableSetting) { $setting->writableByCurrentUser = Piwik::isUserHasAdminAccess($this->idSite); } parent::addSetting($setting); }
public function configureAdminMenu(MenuAdmin $menu) { $userPreferences = new UserPreferences(); $idSite = $this->getIdSite($userPreferences->getDefaultWebsiteId()); if (Piwik::isUserHasAdminAccess($idSite)) { $menu->addMeasurableItem('Goals_Goals', $this->urlForAction('manage', array('idSite' => $idSite)), 40); } }
public function configureAdminMenu(MenuAdmin $menu) { $userPreferences = new UserPreferences(); $default = $userPreferences->getDefaultWebsiteId(); $idSite = Common::getRequestVar('idSite', $default, 'int'); if (Piwik::isUserHasAdminAccess($idSite)) { $menu->addDiagnosticItem('Custom Variables', $this->urlForAction('manage'), $orderId = 20); } }
public function configureUserMenu(MenuUser $menu) { $userPreferences = new UserPreferences(); $default = $userPreferences->getDefaultWebsiteId(); $idSite = Common::getRequestVar('idSite', $default, 'int'); if (Piwik::isUserHasAdminAccess($idSite)) { $menu->addManageItem('CustomDimensions_CustomDimensions', $this->urlForAction('manage'), $orderId = 16); } }
/** * Returns `true` if this setting can be displayed for the current user, `false` if otherwise. * * @return bool */ public function isWritableByCurrentUser() { if (isset($this->hasWritePermission)) { return $this->hasWritePermission; } // performance improvement, do not detect this in __construct otherwise likely rather "big" query to DB. if ($this->hasSiteBeenCreated()) { $this->hasWritePermission = Piwik::isUserHasAdminAccess($this->idSite); } else { $this->hasWritePermission = Piwik::hasUserSuperUserAccess(); } return $this->hasWritePermission; }
protected function checkAutoArchive($autoArchive, $idSite) { $autoArchive = (int) $autoArchive; if ($autoArchive) { $exception = new Exception("To prevent abuse, autoArchive=1 requires Super User or ControllerAdmin access."); if (empty($idSite)) { if (!Piwik::isUserIsSuperUser()) { throw $exception; } } else { if (!Piwik::isUserHasAdminAccess($idSite)) { throw $exception; } } } return $autoArchive; }
public static function configure(WidgetConfig $config) { $idSite = Common::getRequestVar('idSite', 0, 'int'); $config->setCategoryId('Goals_Goals'); $config->setSubcategoryId('Goals_ManageGoals'); $config->setIsNotWidgetizable(); if (empty($idSite)) { $config->disable(); return; } $goals = API::getInstance()->getGoals($idSite); if (Piwik::isUserHasAdminAccess($idSite)) { $config->setName('Goals_ManageGoals'); } else { $config->setName('Goals_CreateNewGOal'); } if (count($goals) === 0) { $config->disable(); } }
/** * This method is called when the JS from startOverlaySession() detects that the target domain * is not configured for the current site. */ public function showErrorWrongDomain() { $idSite = Common::getRequestVar('idSite', 0, 'int'); Piwik::checkUserHasViewAccess($idSite); $url = Common::getRequestVar('url', ''); $url = Common::unsanitizeInputValue($url); $message = Piwik::translate('Overlay_RedirectUrlError', array($url, "\n")); $message = nl2br(htmlentities($message)); $view = new View('@Overlay/showErrorWrongDomain'); $this->addCustomLogoInfo($view); $view->message = $message; if (Piwik::isUserHasAdminAccess($idSite)) { // TODO use $idSite to link to the correct row. This is tricky because the #rowX ids don't match // the site ids when sites have been deleted. $url = 'index.php?module=SitesManager&action=index'; $troubleshoot = htmlentities(Piwik::translate('Overlay_RedirectUrlErrorAdmin')); $troubleshoot = sprintf($troubleshoot, '<a href="' . $url . '" target="_top">', '</a>'); $view->troubleshoot = $troubleshoot; } else { $view->troubleshoot = htmlentities(Piwik::translate('Overlay_RedirectUrlErrorUser')); } return $view->render(); }
public function addNewGoal() { $view = new View('@Goals/addNewGoal'); $this->setGeneralVariablesView($view); $view->userCanEditGoals = Piwik::isUserHasAdminAccess($this->idSite); $view->onlyShowAddNewGoal = true; return $view->render(); }
public function editGoals() { $view = new View('@Goals/editGoals'); $this->setGeneralVariablesView($view); $this->setEditGoalsViewVariables($view); $view->userCanEditGoals = Piwik::isUserHasAdminAccess($this->idSite); return $view->render(); }
/** * The "Manage Users and Permissions" Admin UI screen */ function index() { Piwik::checkUserIsNotAnonymous(); Piwik::checkUserHasSomeAdminAccess(); $view = new View('@UsersManager/index'); $IdSitesAdmin = Request::processRequest('SitesManager.getSitesIdWithAdminAccess'); $idSiteSelected = 1; if (count($IdSitesAdmin) > 0) { $defaultWebsiteId = $IdSitesAdmin[0]; $idSiteSelected = Common::getRequestVar('idSite', $defaultWebsiteId); } if ($idSiteSelected === 'all') { $usersAccessByWebsite = array(); $defaultReportSiteName = $this->translator->translate('UsersManager_ApplyToAllWebsites'); } else { if (!Piwik::isUserHasAdminAccess($idSiteSelected) && count($IdSitesAdmin) > 0) { // make sure to show a website where user actually has admin access $idSiteSelected = $IdSitesAdmin[0]; } $defaultReportSiteName = Site::getNameFor($idSiteSelected); try { $usersAccessByWebsite = Request::processRequest('UsersManager.getUsersAccessFromSite', array('idSite' => $idSiteSelected)); } catch (NoAccessException $e) { return $this->noAdminAccessToWebsite($idSiteSelected, $defaultReportSiteName, $e->getMessage()); } } // we dont want to display the user currently logged so that the user can't change his settings from admin to view... $currentlyLogged = Piwik::getCurrentUserLogin(); $usersLogin = Request::processRequest('UsersManager.getUsersLogin'); foreach ($usersLogin as $login) { if (!isset($usersAccessByWebsite[$login])) { $usersAccessByWebsite[$login] = 'noaccess'; } } unset($usersAccessByWebsite[$currentlyLogged]); // $usersAccessByWebsite is not supposed to contain unexistant logins, but it does when upgrading from some old Piwik version foreach ($usersAccessByWebsite as $login => $access) { if (!in_array($login, $usersLogin)) { unset($usersAccessByWebsite[$login]); continue; } } ksort($usersAccessByWebsite); $users = array(); $superUsers = array(); $usersAliasByLogin = array(); $formatter = new Formatter(); if (Piwik::isUserHasSomeAdminAccess()) { $view->showLastSeen = true; $users = Request::processRequest('UsersManager.getUsers'); foreach ($users as $index => $user) { $usersAliasByLogin[$user['login']] = $user['alias']; $lastSeen = LastSeenTimeLogger::getLastSeenTimeForUser($user['login']); $users[$index]['last_seen'] = $lastSeen == 0 ? false : $formatter->getPrettyTimeFromSeconds(time() - $lastSeen); } if (Piwik::hasUserSuperUserAccess()) { foreach ($users as $user) { if ($user['superuser_access']) { $superUsers[] = $user['login']; } } } } $view->hasOnlyAdminAccess = Piwik::isUserHasSomeAdminAccess() && !Piwik::hasUserSuperUserAccess(); $view->anonymousHasViewAccess = $this->hasAnonymousUserViewAccess($usersAccessByWebsite); $view->idSiteSelected = $idSiteSelected; $view->defaultReportSiteName = $defaultReportSiteName; $view->users = $users; $view->superUserLogins = $superUsers; $view->usersAliasByLogin = $usersAliasByLogin; $view->usersCount = count($users) - 1; $view->usersAccessByWebsite = $usersAccessByWebsite; $websites = Request::processRequest('SitesManager.getSitesWithAdminAccess'); uasort($websites, array('Piwik\\Plugins\\UsersManager\\Controller', 'orderByName')); $view->websites = $websites; $this->setBasicVariablesView($view); return $view->render(); }
public function isUserCanAddNewSegment($idSite) { if (Piwik::isUserIsAnonymous()) { return false; } $requiredAccess = Config::getInstance()->General['adding_segment_requires_access']; $authorized = $requiredAccess == 'view' && Piwik::isUserHasViewAccess($idSite) || $requiredAccess == 'admin' && Piwik::isUserHasAdminAccess($idSite) || $requiredAccess == 'superuser' && Piwik::hasUserSuperUserAccess(); return $authorized; }
/** * Returns true if the current user can modify or delete a specific annotation. * * A user can modify/delete a note if the user has admin access for the site OR * the user has view access, is not the anonymous user and is the user that * created the note in question. * * @param int $idSite The site ID the annotation belongs to. * @param array $annotation The annotation. * @return bool */ public static function canUserModifyOrDelete($idSite, $annotation) { // user can save if user is admin or if has view access, is not anonymous & is user who wrote note $canEdit = Piwik::isUserHasAdminAccess($idSite) || !Piwik::isUserIsAnonymous() && Piwik::getCurrentUserLogin() == $annotation['user']; return $canEdit; }
public function configureView(ViewDataTable $view) { $idGoal = Common::getRequestVar('idGoal', 0, 'string'); $idSite = $this->getIdSite(); if ($view->isViewDataTableId(Sparklines::ID)) { /** @var Sparklines $view */ $isEcommerceEnabled = $this->isEcommerceEnabled($idSite); $onlySummary = Common::getRequestVar('only_summary', 0, 'int'); if ($onlySummary && !empty($idGoal)) { if (is_numeric($idGoal)) { $view->config->title_attributes = array('piwik-goal-page-link' => $idGoal); } // in Goals overview summary we show proper title for a goal $goal = $this->getGoal($idGoal); if (!empty($goal['name'])) { $view->config->title = Piwik::translate('Goals_GoalX', "'" . $goal['name'] . "'"); } } else { $view->config->title = ''; } $numberFormatter = NumberFormatter::getInstance(); $view->config->filters[] = function (DataTable $table) use($numberFormatter, $idSite) { $firstRow = $table->getFirstRow(); if ($firstRow) { $revenue = $firstRow->getColumn('revenue'); $currencySymbol = Site::getCurrencySymbolFor($idSite); $revenue = $numberFormatter->formatCurrency($revenue, $currencySymbol, GoalManager::REVENUE_PRECISION); $firstRow->setColumn('revenue', $revenue); $conversionRate = $firstRow->getColumn('conversion_rate'); if (false !== $conversionRate) { $firstRow->setColumn('conversion_rate', $numberFormatter->formatPercent($conversionRate, $precision = 1)); } $conversions = $firstRow->getColumn('nb_conversions'); if (false !== $conversions) { $firstRow->setColumn('nb_conversions', $numberFormatter->formatNumber($conversions)); } $visitsConverted = $firstRow->getColumn('nb_visits_converted'); if (false !== $visitsConverted) { $firstRow->setColumn('nb_visits_converted', $numberFormatter->formatNumber($visitsConverted)); } } }; $view->config->addTranslations(array('nb_visits' => Piwik::translate('VisitsSummary_NbVisitsDescription'), 'nb_conversions' => Piwik::translate('Goals_ConversionsDescription'), 'nb_visits_converted' => Piwik::translate('General_NVisits'), 'conversion_rate' => Piwik::translate('Goals_OverallConversionRate'), 'revenue' => Piwik::translate('Goals_OverallRevenue'))); $allowMultiple = Common::getRequestVar('allow_multiple', 0, 'int'); if ($allowMultiple) { $view->config->addSparklineMetric(array('nb_conversions', 'nb_visits_converted'), $order = 10); } else { $view->config->addSparklineMetric(array('nb_conversions'), $order = 10); } $view->config->addSparklineMetric(array('conversion_rate'), $order = 20); if (empty($idGoal)) { // goals overview sparklines below evolution graph if ($isEcommerceEnabled) { // this would be ideally done in Ecommerce plugin but then it is hard to keep same order $view->config->addSparklineMetric(array('revenue'), $order = 30); } } else { if ($onlySummary) { // in Goals Overview we list an overview for each goal.... $view->config->addTranslation('conversion_rate', Piwik::translate('Goals_ConversionRate')); } elseif ($isEcommerceEnabled) { // in Goals detail page... $view->config->addSparklineMetric(array('revenue'), $order = 30); } } } else { if ($view->isViewDataTableId(Evolution::ID)) { if (!empty($idSite) && Piwik::isUserHasAdminAccess($idSite)) { $view->config->title_edit_entity_url = 'index.php' . Url::getCurrentQueryStringWithParametersModified(array('module' => 'Goals', 'action' => 'manage', 'forceView' => null, 'viewDataTable' => null, 'showtitle' => null, 'random' => null)); } $goal = $this->getGoal($idGoal); if (!empty($goal['name'])) { $view->config->title = Piwik::translate('Goals_GoalX', "'" . $goal['name'] . "'"); if (!empty($goal['description'])) { $view->config->description = $goal['description']; } } else { $view->config->title = Piwik::translate('General_EvolutionOverPeriod'); } if (empty($view->config->columns_to_display)) { $view->config->columns_to_display = array('nb_conversions'); } } } }
private function setUserCanEditGoals(View $view) { $view->userCanEditGoals = Piwik::isUserHasAdminAccess($this->idSite); }
private function setGoalOptions(View $view) { $view->userCanEditGoals = Piwik::isUserHasAdminAccess($this->idSite); $view->goalTriggerTypeOptions = array('visitors' => Piwik::translate('Goals_WhenVisitors'), 'manually' => Piwik::translate('Goals_Manually')); $view->goalMatchAttributeOptions = array(array('key' => 'url', 'value' => Piwik::translate('Goals_VisitUrl')), array('key' => 'title', 'value' => Piwik::translate('Goals_VisitPageTitle')), array('key' => 'event', 'value' => Piwik::translate('Goals_SendEvent')), array('key' => 'file', 'value' => Piwik::translate('Goals_Download')), array('key' => 'external_website', 'value' => Piwik::translate('Goals_ClickOutlink'))); $view->allowMultipleOptions = array(array('key' => '0', 'value' => Piwik::translate('Goals_DefaultGoalConvertedOncePerVisit')), array('key' => '1', 'value' => Piwik::translate('Goals_AllowGoalConvertedMoreThanOncePerVisit'))); $view->eventTypeOptions = array(array('key' => 'event_category', 'value' => Piwik::translate('Events_EventCategory')), array('key' => 'event_action', 'value' => Piwik::translate('Events_EventAction')), array('key' => 'event_name', 'value' => Piwik::translate('Events_EventName'))); $view->patternTypeOptions = array(array('key' => 'contains', 'value' => Piwik::translate('Goals_Contains', '')), array('key' => 'exact', 'value' => Piwik::translate('Goals_IsExactly', '')), array('key' => 'regex', 'value' => Piwik::translate('Goals_MatchesExpression', ''))); }