Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

After upgrading to 1.4, Live Plugin embeded as a widget causes user to be redirected to Piwik login screen #2416

Closed
jonpasquier opened this Issue · 5 comments

2 participants

Jonathan Pasquier Matthieu Aubry
Jonathan Pasquier

I have embeded the Live Plugin as a widget (iframe) into an external website.
Since I have updated to the 1.4 version of Piwik, whenever a user enter on the page where the widget is embeded, he is redirected to the Piwik login screen with en error message "you cannot access this resource, a 'view' permission on site XX is required".

It seems that the problem comes from the controller of the Live plugin which makes calls to Piwik_API and Piwik_Live_API without having authenticated the user.

Here is a patch that ensures that the authentication token is used to authenticate user before starting to use the API.
Keywords: live widget

Matthieu Aubry
Owner

Does it still work when the token auth is not passed, ie. in the normal dashboard?

Jonathan Pasquier

Yes, it does work.
If you are logged in Piwik and go to the page with the embedded widget, it works as well.

It seems that the problem comes from some functions in the Piwik_Live_API that check whether the user has view access to the site before doing anything.

Matthieu Aubry
Owner

OK Thanks for the patch, we'll try and commit it for the next release

Matthieu Aubry
Owner

(In [4827]) Fixes #2416 - Kuddos jpasquier for the patch

Jonathan Pasquier jonpasquier added this to the 1.5 - Piwik 1.5 milestone
Matthieu Aubry mattab was assigned by jonpasquier
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.