It will overwrite the previous Auth object.
| public static reloadAuthUsingTokenAuth ( array $request = null ) : void | ||
| $request | array | If null, uses the default request ($_GET) |
| return | void | |
private function makeSureTestRunsInContextOfAnonymousUser()
{
Piwik::postEvent('Request.initAuthenticationObject');
$access = Access::getInstance();
$this->hasSuperUserAccess = $access->hasSuperUserAccess();
$access->setSuperUserAccess(false);
$access->reloadAccess(StaticContainer::get('Piwik\\Auth'));
Request::reloadAuthUsingTokenAuth(array('token_auth' => 'anonymous'));
}
public function iframe()
{
Request::reloadAuthUsingTokenAuth();
$this->init();
$controllerName = Common::getRequestVar('moduleToWidgetize');
$actionName = Common::getRequestVar('actionToWidgetize');
if ($controllerName == 'Dashboard' && $actionName == 'index') {
$view = new View('@Widgetize/iframe_empty');
} else {
$view = new View('@Widgetize/iframe');
}
$this->setGeneralVariablesView($view);
$view->setXFrameOptions('allow');
$view->content = FrontController::getInstance()->fetchDispatch($controllerName, $actionName);
return $view->render();
}
public function iframe()
{
Request::reloadAuthUsingTokenAuth();
$this->init();
$controllerName = Common::getRequestVar('moduleToWidgetize');
$actionName = Common::getRequestVar('actionToWidgetize');
if ($controllerName == 'API') {
throw new \Exception("Widgetizing API requests is not supported for security reasons. Please change query parameter 'moduleToWidgetize'.");
}
if ($controllerName == 'Dashboard' && $actionName == 'index') {
$view = new View('@Widgetize/iframe_empty');
} else {
$view = new View('@Widgetize/iframe');
}
$this->setGeneralVariablesView($view);
$view->setXFrameOptions('allow');
$view->content = FrontController::getInstance()->fetchDispatch($controllerName, $actionName);
return $view->render();
}
/**
* Must be called before dispatch()
* - checks that directories are writable,
* - loads the configuration file,
* - loads the plugin,
* - inits the DB connection,
* - etc.
*
* @throws Exception
* @return void
*/
public function init()
{
static $initialized = false;
if ($initialized) {
return;
}
$initialized = true;
$tmpPath = StaticContainer::get('path.tmp');
$directoriesToCheck = array($tmpPath, $tmpPath . '/assets/', $tmpPath . '/cache/', $tmpPath . '/logs/', $tmpPath . '/tcpdf/', $tmpPath . '/templates_c/');
Filechecks::dieIfDirectoriesNotWritable($directoriesToCheck);
$this->handleMaintenanceMode();
$this->handleProfiler();
$this->handleSSLRedirection();
Plugin\Manager::getInstance()->loadPluginTranslations();
Plugin\Manager::getInstance()->loadActivatedPlugins();
// try to connect to the database
try {
Db::createDatabaseObject();
Db::fetchAll("SELECT DATABASE()");
} catch (Exception $exception) {
if (self::shouldRethrowException()) {
throw $exception;
}
Log::debug($exception);
/**
* Triggered when Piwik cannot connect to the database.
*
* This event can be used to start the installation process or to display a custom error
* message.
*
* @param Exception $exception The exception thrown from creating and testing the database
* connection.
*/
Piwik::postEvent('Db.cannotConnectToDb', array($exception), $pending = true);
throw $exception;
}
// try to get an option (to check if data can be queried)
try {
Option::get('TestingIfDatabaseConnectionWorked');
} catch (Exception $exception) {
if (self::shouldRethrowException()) {
throw $exception;
}
Log::debug($exception);
/**
* Triggered when Piwik cannot access database data.
*
* This event can be used to start the installation process or to display a custom error
* message.
*
* @param Exception $exception The exception thrown from trying to get an option value.
*/
Piwik::postEvent('Config.badConfigurationFile', array($exception), $pending = true);
throw $exception;
}
// Init the Access object, so that eg. core/Updates/* can enforce Super User and use some APIs
Access::getInstance();
/**
* Triggered just after the platform is initialized and plugins are loaded.
*
* This event can be used to do early initialization.
*
* _Note: At this point the user is not authenticated yet._
*/
Piwik::postEvent('Request.dispatchCoreAndPluginUpdatesScreen');
$this->throwIfPiwikVersionIsOlderThanDBSchema();
\Piwik\Plugin\Manager::getInstance()->installLoadedPlugins();
// ensure the current Piwik URL is known for later use
if (method_exists('Piwik\\SettingsPiwik', 'getPiwikUrl')) {
SettingsPiwik::getPiwikUrl();
}
/**
* Triggered before the user is authenticated, when the global authentication object
* should be created.
*
* Plugins that provide their own authentication implementation should use this event
* to set the global authentication object (which must derive from {@link Piwik\Auth}).
*
* **Example**
*
* Piwik::addAction('Request.initAuthenticationObject', function() {
* StaticContainer::getContainer()->set('Piwik\Auth', new MyAuthImplementation());
* });
*/
Piwik::postEvent('Request.initAuthenticationObject');
try {
$authAdapter = StaticContainer::get('Piwik\\Auth');
} catch (Exception $e) {
$message = "Authentication object cannot be found in the container. Maybe the Login plugin is not activated?\n <br />You can activate the plugin by adding:<br />\n <code>Plugins[] = Login</code><br />\n under the <code>[Plugins]</code> section in your config/config.ini.php";
$ex = new AuthenticationFailedException($message);
$ex->setIsHtmlMessage();
throw $ex;
}
Access::getInstance()->reloadAccess($authAdapter);
// Force the auth to use the token_auth if specified, so that embed dashboard
// and all other non widgetized controller methods works fine
if (Common::getRequestVar('token_auth', false, 'string') !== false) {
Request::reloadAuthUsingTokenAuth();
}
SettingsServer::raiseMemoryLimitIfNecessary();
\Piwik\Plugin\Manager::getInstance()->postLoadPlugins();
/**
* Triggered after the platform is initialized and after the user has been authenticated, but
* before the platform has handled the request.
*
* Piwik uses this event to check for updates to Piwik.
*/
Piwik::postEvent('Platform.initialized');
}
public function oneClickResults()
{
Request::reloadAuthUsingTokenAuth($_POST);
Piwik::checkUserIsSuperUser();
$view = new View('@CoreUpdater/oneClickResults');
$view->coreError = Common::getRequestVar('error', '', 'string', $_POST);
$view->feedbackMessages = safe_unserialize(Common::unsanitizeInputValue(Common::getRequestVar('messages', '', 'string', $_POST)));
return $view->render();
}
/**
* Must be called before dispatch()
* - checks that directories are writable,
* - loads the configuration file,
* - loads the plugin,
* - inits the DB connection,
* - etc.
*
* @throws Exception
* @return void
*/
public function init()
{
static $initialized = false;
if ($initialized) {
return;
}
$initialized = true;
try {
Registry::set('timer', new Timer());
$directoriesToCheck = array('/tmp/', '/tmp/assets/', '/tmp/cache/', '/tmp/logs/', '/tmp/tcpdf/', '/tmp/templates_c/');
Filechecks::dieIfDirectoriesNotWritable($directoriesToCheck);
self::assignCliParametersToRequest();
Translate::loadEnglishTranslation();
$exceptionToThrow = self::createConfigObject();
if (Session::isFileBasedSessions()) {
Session::start();
}
$this->handleMaintenanceMode();
$this->handleSSLRedirection();
$this->handleProfiler();
$pluginsManager = \Piwik\Plugin\Manager::getInstance();
$pluginsToLoad = Config::getInstance()->Plugins['Plugins'];
$pluginsManager->loadPlugins($pluginsToLoad);
if ($exceptionToThrow) {
throw $exceptionToThrow;
}
try {
Db::createDatabaseObject();
Option::get('TestingIfDatabaseConnectionWorked');
} catch (Exception $exception) {
if (self::shouldRethrowException()) {
throw $exception;
}
/**
* Triggered if the INI config file has the incorrect format or if certain required configuration
* options are absent.
*
* This event can be used to start the installation process or to display a custom error message.
*
* @param Exception $exception The exception thrown from creating and testing the database
* connection.
*/
Piwik::postEvent('Config.badConfigurationFile', array($exception), $pending = true);
throw $exception;
}
// Init the Access object, so that eg. core/Updates/* can enforce Super User and use some APIs
Access::getInstance();
/**
* Triggered just after the platform is initialized and plugins are loaded.
*
* This event can be used to do early initialization.
*
* _Note: At this point the user is not authenticated yet._
*/
Piwik::postEvent('Request.dispatchCoreAndPluginUpdatesScreen');
\Piwik\Plugin\Manager::getInstance()->installLoadedPlugins();
// ensure the current Piwik URL is known for later use
if (method_exists('Piwik\\SettingsPiwik', 'getPiwikUrl')) {
$host = SettingsPiwik::getPiwikUrl();
}
/**
* Triggered before the user is authenticated, when the global authentication object
* should be created.
*
* Plugins that provide their own authentication implementation should use this event
* to set the global authentication object (which must derive from {@link Piwik\Auth}).
*
* **Example**
*
* Piwik::addAction('Request.initAuthenticationObject', function() {
* Piwik\Registry::set('auth', new MyAuthImplementation());
* });
*/
Piwik::postEvent('Request.initAuthenticationObject');
try {
$authAdapter = Registry::get('auth');
} catch (Exception $e) {
throw new Exception("Authentication object cannot be found in the Registry. Maybe the Login plugin is not activated?\n <br />You can activate the plugin by adding:<br />\n <code>Plugins[] = Login</code><br />\n under the <code>[Plugins]</code> section in your config/config.ini.php");
}
Access::getInstance()->reloadAccess($authAdapter);
// Force the auth to use the token_auth if specified, so that embed dashboard
// and all other non widgetized controller methods works fine
if (($token_auth = Common::getRequestVar('token_auth', false, 'string')) !== false) {
Request::reloadAuthUsingTokenAuth();
}
SettingsServer::raiseMemoryLimitIfNecessary();
Translate::reloadLanguage();
$pluginsManager->postLoadPlugins();
/**
* Triggered after the platform is initialized and after the user has been authenticated, but
* before the platform has handled the request.
*
* Piwik uses this event to check for updates to Piwik.
*/
Piwik::postEvent('Updater.checkForUpdates');
} catch (Exception $e) {
if (self::shouldRethrowException()) {
throw $e;
}
$debugTrace = $e->getTraceAsString();
Piwik_ExitWithMessage($e->getMessage(), $debugTrace, true);
}
}
