private function migratePluginEmailUpdateSetting() { $isEnabled = Option::get('enableUpdateCommunicationPlugins'); Access::doAsSuperUser(function () use($isEnabled) { $settings = StaticContainer::get('Piwik\\Plugins\\CoreUpdater\\SystemSettings'); $settings->sendPluginUpdateEmail->setValue(!empty($isEnabled)); $settings->save(); }); }
function validateOwner() { try { $timezone = $this->owner->getValue(); if (!empty($timezone)) { Access::doAsSuperUser(function () use($timezone) { API::getInstance()->setDefaultTimezone($timezone); }); } } catch (\Exception $e) { return false; } return true; }
/** * Returns array containing data about the website: goals, URLs, etc. * * @param int $idSite * @return array */ static function getCacheWebsiteAttributes($idSite) { if ('all' == $idSite) { return array(); } $idSite = (int) $idSite; if ($idSite <= 0) { return array(); } $cache = self::getInstance(); $cacheContent = $cache->get($idSite); if (false !== $cacheContent) { return $cacheContent; } Tracker::initCorePiwikInTrackerMode(); $content = array(); Access::doAsSuperUser(function () use(&$content, $idSite) { /** * Triggered to get the attributes of a site entity that might be used by the * Tracker. * * Plugins add new site attributes for use in other tracking events must * use this event to put those attributes in the Tracker Cache. * * **Example** * * public function getSiteAttributes($content, $idSite) * { * $sql = "SELECT info FROM " . Common::prefixTable('myplugin_extra_site_info') . " WHERE idsite = ?"; * $content['myplugin_site_data'] = Db::fetchOne($sql, array($idSite)); * } * * @param array &$content Array mapping of site attribute names with values. * @param int $idSite The site ID to get attributes for. */ Piwik::postEvent('Tracker.Cache.getSiteAttributes', array(&$content, $idSite)); Common::printDebug("Website {$idSite} tracker cache was re-created."); }); // if nothing is returned from the plugins, we don't save the content // this is not expected: all websites are expected to have at least one URL if (!empty($content)) { $cache->set($idSite, $content); } return $content; }
public function doRun(InputInterface $input, OutputInterface $output) { $this->initPiwikHost($input); $this->initConfig($output); try { self::initPlugins(); } catch (\Exception $e) { // Piwik not installed yet, no config file? } Translate::reloadLanguage('en'); $commands = $this->getAvailableCommands(); foreach ($commands as $command) { $this->addCommandIfExists($command); } $self = $this; return Access::doAsSuperUser(function () use($input, $output, $self) { return call_user_func(array($self, 'Symfony\\Component\\Console\\Application::doRun'), $input, $output); }); }
public function doRun(InputInterface $input, OutputInterface $output) { if ($input->hasParameterOption('--xhprof')) { Profiler::setupProfilerXHProf(true, true); } $this->initPiwikHost($input); $this->initEnvironment($output); $this->initLoggerOutput($output); try { self::initPlugins(); } catch (ConfigNotFoundException $e) { // Piwik not installed yet, no config file? Log::warning($e->getMessage()); } $commands = $this->getAvailableCommands(); foreach ($commands as $command) { $this->addCommandIfExists($command); } $self = $this; return Access::doAsSuperUser(function () use($input, $output, $self) { return call_user_func(array($self, 'Symfony\\Component\\Console\\Application::doRun'), $input, $output); }); }
/** * Password reset confirmation action. Finishes the password reset process. * Users visit this action from a link supplied in an email. */ public function confirmResetPassword() { $errorMessage = null; $login = Common::getRequestVar('login', ''); $resetToken = Common::getRequestVar('resetToken', ''); try { $this->passwordResetter->confirmNewPassword($login, $resetToken); } catch (Exception $ex) { Log::debug($ex); $errorMessage = $ex->getMessage(); } if (is_null($errorMessage)) { // if success, show login w/ success message // have to do this as super user since redirectToIndex checks if there's a default website ID for // the current user and if not, doesn't redirect to the requested action. TODO: this behavior is wrong. somehow. $self = $this; Access::doAsSuperUser(function () use($self) { $self->redirectToIndex(Piwik::getLoginPluginName(), 'resetPasswordSuccess'); }); return null; } else { // show login page w/ error. this will keep the token in the URL return $this->login($errorMessage); } }
public function test_reloadAccess_DoesNotRemoveSuperUserAccess_IfUsedInDoAsSuperUser() { Access::getInstance()->setSuperUserAccess(false); Access::doAsSuperUser(function () { $access = Access::getInstance(); Core_AccessTest::assertTrue($access->hasSuperUserAccess()); $access->reloadAccess(); Core_AccessTest::assertTrue($access->hasSuperUserAccess()); }); }
/** * @return array|bool */ protected function updateComponents() { Access::getInstance(); return Access::doAsSuperUser(function () { $updater = new Updater(); $componentsWithUpdateFile = $updater->getComponentUpdates(); if (empty($componentsWithUpdateFile)) { return false; } $result = $updater->updateComponents($componentsWithUpdateFile); return $result; }); }
private function getAccessFor($login) { return Access::doAsSuperUser(function () use($login) { return UsersManagerAPI::getInstance()->getSitesAccessFromUser($login); }); }
private function getSetOfAllSites() { if ($this->allSites === null) { $this->allSites = array_flip(Access::doAsSuperUser(function () { return SitesManagerAPI::getInstance()->getSitesIdWithAtLeastViewAccess(); })); } return $this->allSites; }
/** * Returns user information based on a login or email. * * Derived classes can override this method to provide custom user querying logic. * * @param string $loginMail user login or email address * @return array `array("login" => '...', "email" => '...', "password" => '...')` or null, if user not found. */ protected function getUserInformation($loginOrMail) { $usersManager = $this->usersManagerApi; return Access::doAsSuperUser(function () use($loginOrMail, $usersManager) { $user = null; if ($usersManager->userExists($loginOrMail)) { $user = $usersManager->getUser($loginOrMail); } else { if ($usersManager->userEmailExists($loginOrMail)) { $user = $usersManager->getUserByEmail($loginOrMail); } } return $user; }); }
private function isUserLdapUser($login) { $user = Access::doAsSuperUser(function () use($login) { return UsersManagerAPI::getInstance()->getUser($login); }); return UserMapper::isUserLdapUser($user); }
/** * Returns list of int site IDs from site list found in LDAP. * * @param string $sitesSpec eg, `"1,2,3"` or `"all"` * @return int[] */ protected function getSitesFromSitesList($sitesSpec) { return Access::doAsSuperUser(function () use($sitesSpec) { return Site::getIdSitesFromIdSitesString($sitesSpec); }); }
/** * Creates a UserSynchronizer using INI configuration. * * @return UserSynchronizer */ public static function makeConfigured() { $result = new UserSynchronizer(); $result->setUserMapper(UserMapper::makeConfigured()); $result->setUsersManagerApi(UsersManagerAPI::getInstance()); $result->setUserModel(new UserModel()); if (Config::isAccessSynchronizationEnabled()) { $result->setUserAccessMapper(UserAccessMapper::makeConfigured()); Log::debug("UserSynchronizer::%s(): Using UserAccessMapper when synchronizing users.", __FUNCTION__); } else { Log::debug("UserSynchronizer::%s(): LDAP access synchronization not enabled.", __FUNCTION__); } $defaultSitesWithViewAccess = Config::getDefaultSitesToGiveViewAccessTo(); if (!empty($defaultSitesWithViewAccess)) { $siteIds = Access::doAsSuperUser(function () use($defaultSitesWithViewAccess) { return Site::getIdSitesFromIdSitesString($defaultSitesWithViewAccess); }); if (empty($siteIds)) { Log::warning("UserSynchronizer::%s(): new_user_default_sites_view_access INI config option has no " . "entries. Newly synchronized users will not have any access.", __FUNCTION__); } $result->setNewUserDefaultSitesWithViewAccess($siteIds); } Log::debug("UserSynchronizer::%s: configuring with defaultSitesWithViewAccess = %s", __FUNCTION__, $defaultSitesWithViewAccess); return $result; }
<?php return array('AnonymousPiwikUsageMeasurement.piwikVersion' => '2.14.3', 'AnonymousPiwikUsageMeasurement.phpVersion' => '5.5.27', 'Piwik\\Plugins\\AnonymousPiwikUsageMeasurement\\SystemSettings' => DI\factory(function () { // we cannot decorate here as we need to create an instance of settings as super user, the permissions // for writing / reading are detected on settings creation, not each time it is executed $settings = null; \Piwik\Access::doAsSuperUser(function () use(&$settings) { $settings = new Piwik\Plugins\AnonymousPiwikUsageMeasurement\SystemSettings(); // make sure no tracking is enabled when running tests, especially on travis and during ui tests $settings->trackToPiwik->setValue(false); $settings->ownPiwikSiteId->setValue(0); $settings->customPiwikSiteId->setValue(0); }); return $settings; }));
/** * Initializes and runs the cron archiver. */ public function main() { $self = $this; Access::doAsSuperUser(function () use($self) { $self->init(); $self->run(); $self->runScheduledTasks(); $self->end(); }); }
/** * Creates a UserSynchronizer using INI configuration. * * @return UserSynchronizer */ public static function makeConfigured() { $result = new UserSynchronizer(); $result->setUserMapper(UserMapper::makeConfigured()); $result->setUsersManagerApi(UsersManagerAPI::getInstance()); $result->setUserModel(new UserModel()); /** @var LoggerInterface $logger */ $logger = StaticContainer::get('Psr\\Log\\LoggerInterface'); if (Config::isAccessSynchronizationEnabled()) { $result->setUserAccessMapper(UserAccessMapper::makeConfigured()); $logger->debug("UserSynchronizer::{func}(): Using UserAccessMapper when synchronizing users.", array('func' => __FUNCTION__)); } else { $logger->debug("UserSynchronizer::{func}(): LDAP access synchronization not enabled.", array('func' => __FUNCTION__)); } $defaultSitesWithViewAccess = Config::getDefaultSitesToGiveViewAccessTo(); if (!empty($defaultSitesWithViewAccess)) { $siteIds = Access::doAsSuperUser(function () use($defaultSitesWithViewAccess) { return Site::getIdSitesFromIdSitesString($defaultSitesWithViewAccess); }); if (empty($siteIds)) { $logger->warning("UserSynchronizer::{func}(): new_user_default_sites_view_access INI config option has no " . "entries. Newly synchronized users will not have any access.", array('func' => __FUNCTION__)); } $result->setNewUserDefaultSitesWithViewAccess($siteIds); } $logger->debug("UserSynchronizer::{func}: configuring with defaultSitesWithViewAccess = {sites}", array('func' => __FUNCTION__, 'sites' => $defaultSitesWithViewAccess)); return $result; }