Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dashboard & Sparklines should work when embedded with token_auth #1353

Closed
mattab opened this issue May 12, 2010 · 19 comments
Closed

Dashboard & Sparklines should work when embedded with token_auth #1353

mattab opened this issue May 12, 2010 · 19 comments
Labels
Bug For errors / faults / flaws / inconsistencies etc. Critical Indicates the severity of an issue is very critical and the issue has a very high priority.
Milestone

Comments

@mattab
Copy link
Member

mattab commented May 12, 2010

Bugs/limitations in "Widgets/Embed" feature:

See other report in duplicated #2451

See also related feature request #283

@mattab
Copy link
Member Author

mattab commented Aug 6, 2010

Also, embed widgets switch to Graph (Pie or vertical bar) always show "No data for this graph" while tag clouds and table work.

Probably token_auth not forwarded correctly or something similar..

@mattab
Copy link
Member Author

mattab commented Aug 6, 2010

(In [2875]) Refs #1353 Switching to display graph now work

@jonpasquier
Copy link

Here is a patch that forward the token_auth to the Live widget.

With this patch AJAX calls made from the Live widget are made with the token_auth parameter.

This allows embedding the Live widget into a page without having to grant anonymous view permission.

@jonpasquier
Copy link

Attachment:
live_plugin_with_token_forwarding.pacth

@anonymous-matomo-user
Copy link

Is this problem just about some widgets? I think the token_auth function is generally not working and not only a widget here and there. In my case it is absolutly important, because I include Piwik in my project as a suubstantial part and I think the developers outside won't include Piwik, if the option to include Piwik as a part of their services isn't working. So I really hope that this fdeature will be fixed in the near future.

@robocoder
Copy link
Contributor

The Live widget can be fixed.

The Dashboard isn't a widget, and wasn't designed to be embedded outside of Piwik.

@mattab
Copy link
Member Author

mattab commented Feb 5, 2011

jpasquier, thanks for your patch. I created a ticket at: #2068

bronco, all widgets should work with token_auth except Live and Dashboard. Let us know if you have issues.

vipsoft, Dashboard is not a widget, but because we display the link to the embeddable dashboard in the Widgets page, users might expect it to work with token_auth. This is low priority though (in particular, fixing Live! to work with token_auth is more important)

@anonymous-matomo-user
Copy link

Hello vipsoft,

I think I have to disagree. The dashboard is maybe not a widget but it has the potential to grow the usability of piwik.

I work on a project where users can create domains and organise them as well. One of the parts of the service is the own piwik user tracker similar to google. I try to make it easy as possible for the webmaster to do his business. So he see on the domain node all his informations included under several tabs. Also the piwik dashboard is a tab for easy using.

I can't tell the webmaster hey sorry I can't make it easy to show you your personal domain user data and statistics you have to klick -> piwik autologin(for easy login) -> landing on the website overview -> choose there your domain.???

I think in my personal opinion piwik is made for webmaster and I also think they got enough work to do so why should I make it more complicated then nessesary??

I mean Piwik is great absolutely but this small feature that auth tokens should just work enhances the flexibility,usability of piwik and for the user of piwik the webmaster.

This thread has now his age to make a desicion what should happen with this request? Maybe others would also like to include piwik in his programms but they can't of this security bug.

I hope really you could understand my point of view and tell me that u will try to spend a little time on that. I can't believe that this is really a big problem? Or can you offer a secure workaround to make it work?

best wishes bronco

@mattab
Copy link
Member Author

mattab commented Aug 21, 2011

bronco, according to our no bug policy we should indeed fix this issue, my bad. Increasing priority...

@anonymous-matomo-user
Copy link

Thx matt for your obligation in this case.

@anonymous-matomo-user
Copy link

By the way this bug #2058 is also still open and hopefully gets included in the next updates.

@anonymous-matomo-user
Copy link

We are also experiencing this problem, and would love a resolution or patch if possible. Just adding this entry in the hopes of adding weight to the issue.

@anonymous-matomo-user
Copy link

Also, in the "Evolution over the last days graph" the selection icon of which values to show doesn't work as a widget also. Same issue, it redirects to the login screen. It would be REALLY nice to fix this since these token_auth issues are unresolved since a long time.

@mattab
Copy link
Member Author

mattab commented Apr 29, 2012

Should be fixed asap now that we have an amazing Dashboard to embed thanks to Stefan great new feature!!

@anonymous-matomo-user
Copy link

my fast and dirty fix for graphs of "Evolution graphs" (and others..) is :

File : piwik/plugins/API/API.php

#line 91 aprox.

Replace:

return self::$instance;

for

Piwik_API_Request::reloadAuthUsingTokenAuth(@$_GET);
        return self::$instance;

I Attachment the patch in need case

@anonymous-matomo-user
Copy link

Attachment:
fix.patch

@mattab
Copy link
Member Author

mattab commented May 25, 2012

(In [6312]) refs #3011, refs #1353
Embed dashboard now works with token_auth, it is also possible to create new dashboards, change layout, and add any widget.
the sparklines also work.

Known bug:

  • The graph metrics picker does not display on hover for unknown reason in embed dashboard

@mattab
Copy link
Member Author

mattab commented May 29, 2012

Looks like it's finally working, very nice ;)

@mattab
Copy link
Member Author

mattab commented Oct 31, 2013

It seems the token_auth is not forwarded to the sparklines inside the widgets. See #4264

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug For errors / faults / flaws / inconsistencies etc. Critical Indicates the severity of an issue is very critical and the issue has a very high priority.
Projects
None yet
Development

No branches or pull requests

4 participants