After upgrading to 1.4, Live Plugin embeded as a widget causes user to be redirected to Piwik login screen #2416

jonpasquier opened this Issue May 9, 2011 · 5 comments

2 participants


I have embeded the Live Plugin as a widget (iframe) into an external website.
Since I have updated to the 1.4 version of Piwik, whenever a user enter on the page where the widget is embeded, he is redirected to the Piwik login screen with en error message "you cannot access this resource, a 'view' permission on site XX is required".

It seems that the problem comes from the controller of the Live plugin which makes calls to Piwik_API and Piwik_Live_API without having authenticated the user.

Here is a patch that ensures that the authentication token is used to authenticate user before starting to use the API.
Keywords: live widget

Piwik Open Source Analytics member

Does it still work when the token auth is not passed, ie. in the normal dashboard?


Yes, it does work.
If you are logged in Piwik and go to the page with the embedded widget, it works as well.

It seems that the problem comes from some functions in the Piwik_Live_API that check whether the user has view access to the site before doing anything.

Piwik Open Source Analytics member

OK Thanks for the patch, we'll try and commit it for the next release

Piwik Open Source Analytics member

(In [4827]) Fixes #2416 - Kuddos jpasquier for the patch

@jonpasquier jonpasquier added this to the 1.5 - Piwik 1.5 milestone Jul 8, 2014
@mattab mattab was assigned by jonpasquier Jul 8, 2014
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment