Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

After upgrading to 1.4, Live Plugin embeded as a widget causes user to be redirected to Piwik login screen #2416

Closed
jonpasquier opened this Issue · 5 comments

2 participants

@jonpasquier

I have embeded the Live Plugin as a widget (iframe) into an external website.
Since I have updated to the 1.4 version of Piwik, whenever a user enter on the page where the widget is embeded, he is redirected to the Piwik login screen with en error message "you cannot access this resource, a 'view' permission on site XX is required".

It seems that the problem comes from the controller of the Live plugin which makes calls to Piwik_API and Piwik_Live_API without having authenticated the user.

Here is a patch that ensures that the authentication token is used to authenticate user before starting to use the API.
Keywords: live widget

@mattab
Owner

Does it still work when the token auth is not passed, ie. in the normal dashboard?

@jonpasquier

Yes, it does work.
If you are logged in Piwik and go to the page with the embedded widget, it works as well.

It seems that the problem comes from some functions in the Piwik_Live_API that check whether the user has view access to the site before doing anything.

@mattab
Owner

OK Thanks for the patch, we'll try and commit it for the next release

@mattab
Owner

(In [4827]) Fixes #2416 - Kuddos jpasquier for the patch

@jonpasquier jonpasquier added this to the 1.5 - Piwik 1.5 milestone
@mattab mattab was assigned by jonpasquier
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.