public function test_authenticateSuperUserOrAdmin_ShouldAlwaysWorkForSuperUser() { Fixture::createSuperUser(false); $token = Fixture::getTokenAuth(); $isAuthenticated = Request::authenticateSuperUserOrAdmin($token, 1); $this->assertTrue($isAuthenticated); $isAuthenticated = Request::authenticateSuperUserOrAdmin($token, 2); $this->assertTrue($isAuthenticated); }
private function authenticateBulkTrackingRequests($rawData) { $rawData = trim($rawData); $rawData = Common::sanitizeLineBreaks($rawData); // POST data can be array of string URLs or array of arrays w/ visit info $jsonData = json_decode($rawData, $assoc = true); if (isset($jsonData['requests'])) { $this->requests = $jsonData['requests']; } $tokenAuth = Common::getRequestVar('token_auth', false, 'string', $jsonData); if (empty($tokenAuth)) { throw new Exception("token_auth must be specified when using Bulk Tracking Import. See <a href='http://developer.piwik.org/api-reference/tracking-api'>Tracking Doc</a>"); } if (!empty($this->requests)) { $idSitesForAuthentication = array(); foreach ($this->requests as &$request) { // if a string is sent, we assume its a URL and try to parse it if (is_string($request)) { $params = array(); $url = @parse_url($request); if (!empty($url)) { @parse_str($url['query'], $params); $request = $params; } } // We need to check access for each single request if (isset($request['idsite']) && !in_array($request['idsite'], $idSitesForAuthentication)) { $idSitesForAuthentication[] = $request['idsite']; } } foreach ($idSitesForAuthentication as $idSiteForAuthentication) { // a Bulk Tracking request that is not authenticated should fail if (!Request::authenticateSuperUserOrAdmin($tokenAuth, $idSiteForAuthentication)) { throw new Exception("token_auth specified does not have Admin permission for site " . intval($idSiteForAuthentication)); } } } return $tokenAuth; }