Skip to content

Commit

Permalink
Adding new option to completely disable the Plugins enable/disable/un…
Browse files Browse the repository at this point in the history 
…install features: enable_plugins_admin is 1 by default.
  • Loading branch information
@mattab
mattab committed Jan 7, 2014
1 parent b929a98 commit c1301a0
Show file tree
Hide file tree
Showing 7 changed files with 110 additions and 48 deletions.
21 changes: 14 additions & 7 deletions config/global.ini.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -348,13 +348,6 @@
; With this option, you can disable the framed mode of the Overlay plugin. Use it if your website contains a framebuster.
overlay_disable_framed_mode = 0

; By setting this option to 0, you can disable the Piwik marketplace. This is useful to prevent giving the Super user
; the access to disk and install custom PHP code (Piwik plugins).
enable_marketplace = 1

; By setting this option to 0, you can prevent Super User from editing the Geolocation settings.
enable_geolocation_admin = 1

; If php is running in a chroot environment, when trying to import CSV files with createTableFromCSVFile(),
; Mysql will try to load the chrooted path (which is imcomplete). To prevent an error, here you can specify the
; absolute path to the chroot environment. eg. '/path/to/piwik/chrooted/'
Expand All @@ -364,6 +357,20 @@
; This may for example be useful when doing Mysql AWS replication
enable_load_data_infile = 1

; By setting this option to 0, you can disable the Piwik marketplace. This is useful to prevent giving the Super user
; the access to disk and install custom PHP code (Piwik plugins).
enable_marketplace = 1

; By setting this option to 0:
; - links to Enable/Disable/Uninstall plugins will be hidden and disabled
; - links to Uninstall themes will be disabled (but user can still enable/disable themes)
; - as well as disabling plugins admin actions (such as "Upload new plugin"), setting this to 1 will have same effect as setting enable_marketplace=1
enable_plugins_admin = 1

; By setting this option to 0, you can prevent Super User from editing the Geolocation settings.
enable_geolocation_admin = 1


[Tracker]
; Piwik uses first party cookies by default. If set to 1,
; the visit ID cookie will be set on the Piwik server domain as well
Expand Down
1 change: 1 addition & 0 deletions lang/en.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -716,6 +716,7 @@
"ThemesManagement": "Manage Themes",
"MainDescription": "Plugins extend and expand the functionality of Piwik. Once a plugin is installed, you may activate it or deactivate it here.",
"ThemesDescription": "Themes can change the appearance of Piwik user interface,\n and provide a completely new visual experience to enjoy your analytics reports.",
"DoMoreContactPiwikAdmins": "To install a new plugin or a new theme, please get in touch with your Piwik admins.",
"Theme": "Theme",
"Version": "Version",
"Status": "Status",
Expand Down
107 changes: 71 additions & 36 deletions plugins/CorePluginsAdmin/Controller.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ private function createUpdateOrInstallView($template, $nonceName)
static::dieIfMarketplaceIsDisabled();

$pluginName = $this->initPluginModification($nonceName);
$this->dieIfPluginAdminDisabledAndIsPlugin($pluginName);

$view = $this->configureView('@CorePluginsAdmin/' . $template);

Expand Down Expand Up @@ -84,6 +85,7 @@ public function installPlugin()

public function uploadPlugin()
{
static::dieIfPluginsAdminIsDisabled();
Piwik::checkUserIsSuperUser();

$nonce = Common::getRequestVar('nonce', null, 'string');
Expand Down Expand Up @@ -152,7 +154,19 @@ public function pluginDetails()
private function dieIfMarketplaceIsDisabled()
{
if (!CorePluginsAdmin::isMarketplaceEnabled()) {
throw new \Exception('The Marketplace is disabled. Enable the Marketplace by changing the config entry "enable_marketplace" to 1.');
throw new \Exception('The Marketplace feature has been disabled.
You may enable the Marketplace by changing the config entry "enable_marketplace" to 1.
Please contact your Piwik admins with your request so they can assist.');
}

$this->dieIfPluginsAdminIsDisabled();
}

private function dieIfPluginsAdminIsDisabled()
{
if (!CorePluginsAdmin::isPluginsAdminEnabled()) {
throw new \Exception('Enabling, disabling and uninstalling plugins has been disabled by Piwik admins.
Please contact your Piwik admins with your request so they can assist you.');
}
}

Expand Down Expand Up @@ -193,7 +207,7 @@ public function browseThemes()
return $view->render();
}

function extend()
public function extend()
{
static::dieIfMarketplaceIsDisabled();

Expand Down Expand Up @@ -222,6 +236,7 @@ private function createPluginsOrThemesView($template, $themesOnly)

$view->pluginNamesHavingSettings = $this->getPluginNamesHavingSettingsForCurrentUser();
$view->isMarketplaceEnabled = CorePluginsAdmin::isMarketplaceEnabled();
$view->isPluginsAdminEnabled = CorePluginsAdmin::isPluginsAdminEnabled();

$view->pluginsHavingUpdate = array();
$view->marketplacePluginNames = array();
Expand All @@ -239,13 +254,13 @@ private function createPluginsOrThemesView($template, $themesOnly)
return $view;
}

function plugins()
public function plugins()
{
$view = $this->createPluginsOrThemesView('plugins', $themesOnly = false);
return $view->render();
}

function themes()
public function themes()
{
$view = $this->createPluginsOrThemesView('themes', $themesOnly = true);
return $view->render();
Expand Down Expand Up @@ -366,39 +381,10 @@ public function safemode($lastError = array())
return $view->render();
}

public function deactivate($redirectAfter = true)
{
$pluginName = $this->initPluginModification(static::DEACTIVATE_NONCE);
\Piwik\Plugin\Manager::getInstance()->deactivatePlugin($pluginName);
$this->redirectAfterModification($redirectAfter);
}

protected function redirectAfterModification($redirectAfter)
{
if ($redirectAfter) {
Url::redirectToReferrer();
}
}

protected function initPluginModification($nonceName)
{
Piwik::checkUserIsSuperUser();

$nonce = Common::getRequestVar('nonce', null, 'string');

if (!Nonce::verifyNonce($nonceName, $nonce)) {
throw new \Exception(Piwik::translate('General_ExceptionNonceMismatch'));
}

Nonce::discardNonce($nonceName);

$pluginName = Common::getRequestVar('pluginName', null, 'string');
return $pluginName;
}

public function activate($redirectAfter = true)
{
$pluginName = $this->initPluginModification(static::ACTIVATE_NONCE);
$this->dieIfPluginAdminDisabledAndIsPlugin($pluginName);

\Piwik\Plugin\Manager::getInstance()->activatePlugin($pluginName);

Expand All @@ -413,8 +399,8 @@ public function activate($redirectAfter = true)
$message = Piwik::translate('CorePluginsAdmin_SuccessfullyActicated', array($pluginName));
if (SettingsManager::hasPluginSettingsForCurrentUser($pluginName)) {
$target = sprintf('<a href="index.php%s#%s">',
Url::getCurrentQueryStringWithParametersModified(array('module' => 'CoreAdminHome', 'action' => 'pluginSettings')),
$pluginName);
Url::getCurrentQueryStringWithParametersModified(array('module' => 'CoreAdminHome', 'action' => 'pluginSettings')),
$pluginName);
$message .= ' ' . Piwik::translate('CorePluginsAdmin_ChangeSettingsPossible', array($target, '</a>'));
}

Expand All @@ -428,9 +414,20 @@ public function activate($redirectAfter = true)
}
}

public function deactivate($redirectAfter = true)
{
$pluginName = $this->initPluginModification(static::DEACTIVATE_NONCE);
$this->dieIfPluginAdminDisabledAndIsPlugin($pluginName);

\Piwik\Plugin\Manager::getInstance()->deactivatePlugin($pluginName);
$this->redirectAfterModification($redirectAfter);
}

public function uninstall($redirectAfter = true)
{
$pluginName = $this->initPluginModification(static::UNINSTALL_NONCE);
// Uninstall is disabled in all cases (even for themes) - we do not use dieIfPluginAdminDisabledAndIsPlugin
$this->dieIfPluginsAdminIsDisabled();

$uninstalled = \Piwik\Plugin\Manager::getInstance()->uninstallPlugin($pluginName);

Expand All @@ -448,9 +445,47 @@ public function uninstall($redirectAfter = true)
$this->redirectAfterModification($redirectAfter);
}

protected function initPluginModification($nonceName)
{
Piwik::checkUserIsSuperUser();

$nonce = Common::getRequestVar('nonce', null, 'string');

if (!Nonce::verifyNonce($nonceName, $nonce)) {
throw new \Exception(Piwik::translate('General_ExceptionNonceMismatch'));
}

Nonce::discardNonce($nonceName);

$pluginName = Common::getRequestVar('pluginName', null, 'string');

return $pluginName;
}

protected function redirectAfterModification($redirectAfter)
{
if ($redirectAfter) {
Url::redirectToReferrer();
}
}

private function getPluginNamesHavingSettingsForCurrentUser()
{
return array_keys(SettingsManager::getPluginSettingsForCurrentUser());
}

protected function dieIfPluginAdminDisabledAndIsPlugin($pluginName)
{
$isTheme = false;
try {
$plugin = Plugin\Manager::getInstance()->loadPlugin($pluginName);
$isTheme = $plugin->isTheme();
} catch (\Exception $e) {
echo $e->getMessage();
}
if (!$isTheme) {
$this->dieIfPluginsAdminIsDisabled();
}
}

}
5 changes: 5 additions & 0 deletions plugins/CorePluginsAdmin/CorePluginsAdmin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,11 @@ public static function isMarketplaceEnabled()
return (bool) Config::getInstance()->General['enable_marketplace'];
}

public static function isPluginsAdminEnabled()
{
return (bool) Config::getInstance()->General['enable_plugins_admin'];
}

public function getJsFiles(&$jsFiles)
{
$jsFiles[] = "plugins/CoreHome/javascripts/popover.js";
Expand Down
8 changes: 6 additions & 2 deletions plugins/CorePluginsAdmin/templates/macros.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@

{% endmacro %}

{% macro tablePlugins(pluginsInfo, pluginNamesHavingSettings, activateNonce, deactivateNonce, uninstallNonce, isTheme, marketplacePluginNames) %}
{% macro tablePlugins(pluginsInfo, pluginNamesHavingSettings, activateNonce, deactivateNonce, uninstallNonce, isTheme, marketplacePluginNames, displayAdminLinks) %}

<div id="confirmUninstallPlugin" class="ui-confirm">

Expand All @@ -105,7 +105,9 @@
<th>{% if isTheme %}{{ 'CorePluginsAdmin_Theme'|translate }}{% else %}{{ 'General_Plugin'|translate }}{% endif %}</th>
<th>{{ 'General_Description'|translate }}</th>
<th class="status">{{ 'CorePluginsAdmin_Status'|translate }}</th>
{% if displayAdminLinks %}
<th class="action-links">{{ 'General_Action'|translate }}</th>
{% endif %}
</tr>
</thead>
<tbody id="plugins">
Expand Down Expand Up @@ -161,12 +163,13 @@
{{ 'CorePluginsAdmin_Active'|translate }}
{% else %}
{{ 'CorePluginsAdmin_Inactive'|translate }}
{% if plugin.uninstallable %} <br/> - <a data-pluginName="{{ name|escape('html_attr') }}" class="uninstall" href='index.php?module=CorePluginsAdmin&action=uninstall&pluginName={{ name }}&nonce={{ uninstallNonce }}'>{{ 'CorePluginsAdmin_ActionUninstall'|translate }}</a>{% endif %}
{% if plugin.uninstallable and displayAdminLinks %} <br/> - <a data-pluginName="{{ name|escape('html_attr') }}" class="uninstall" href='index.php?module=CorePluginsAdmin&action=uninstall&pluginName={{ name }}&nonce={{ uninstallNonce }}'>{{ 'CorePluginsAdmin_ActionUninstall'|translate }}</a>{% endif %}
{% endif %}

{%- endif %}
</td>

{% if displayAdminLinks %}
<td class="togl action-links" {% if isZeitgeist %}style="border-left-width:0px;"{% endif %}>
{% if not isZeitgeist -%}

Expand All @@ -182,6 +185,7 @@

{%- endif %}
</td>
{% endif %}
</tr>
{% endif %}
{% endfor %}
Expand Down
10 changes: 8 additions & 2 deletions plugins/CorePluginsAdmin/templates/plugins.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,17 @@

<h2>{{ 'CorePluginsAdmin_PluginsManagement'|translate }}</h2>

<p>{{ 'CorePluginsAdmin_MainDescription'|translate }}</p>
<p>{{ 'CorePluginsAdmin_MainDescription'|translate }}

{% if not isPluginsAdminEnabled %}
<br/>{{ 'CorePluginsAdmin_DoMoreContactPiwikAdmins'|translate }}
{% endif %}

</p>

{{ plugins.pluginsFilter(false, isMarketplaceEnabled) }}

{{ plugins.tablePlugins(pluginsInfo, pluginNamesHavingSettings, activateNonce, deactivateNonce, uninstallNonce, false, marketplacePluginNames) }}
{{ plugins.tablePlugins(pluginsInfo, pluginNamesHavingSettings, activateNonce, deactivateNonce, uninstallNonce, false, marketplacePluginNames, isPluginsAdminEnabled) }}

</div>
{% endblock %}
6 changes: 5 additions & 1 deletion plugins/CorePluginsAdmin/templates/themes.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,15 @@
{% if otherUsersCount > 0 %}
<br/> {{ 'CorePluginsAdmin_InfoThemeIsUsedByOtherUsersAsWell'|translate(otherUsersCount, themeEnabled) }}
{% endif %}
{% if not isPluginsAdminEnabled %}
<br/>{{ 'CorePluginsAdmin_DoMoreContactPiwikAdmins'|translate }}
{% endif %}

</p>

{{ plugins.pluginsFilter(true, isMarketplaceEnabled) }}

{{ plugins.tablePlugins(pluginsInfo, pluginNamesHavingSettings, activateNonce, deactivateNonce, uninstallNonce, true, marketplacePluginNames) }}
{{ plugins.tablePlugins(pluginsInfo, pluginNamesHavingSettings, activateNonce, deactivateNonce, uninstallNonce, true, marketplacePluginNames, true ) }}

</div>
{% endblock %}

0 comments on commit c1301a0

Please sign in to comment.