New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Archive cronjob core:archive should run when Piwik is using a different Login plugin (eg LoginHttpAuth) #5012
Comments
Attachment: Full archive.log output |
Being in ssh shell I got a InvalidArgumentException when I tried to run a 'php console core:archive" command on a "latest.zip" Piwik installation downloaded from website. Looks like Composer is a requirement if you try to run 'php console' and needs also 'composer update' at first run. |
@tassoman can you please create separate ticket for this console / composer bug? |
Thanks for the bug report! |
@mattab I've managed to run a flawless new git cloned installation from master branch, then at first run I've got a webpage saying to run composer install. |
Good, so I'll look at the original bug with HttpLoginAuth and core:archive at some point. |
Well, I've manually tested against the API call that produces error:
Getting the url using a browser (with my custom plugin enabled, Login disabled) the answer is:
While getting the url being in shell using wget, the answer is:
So using a browser does a flawless authentication but in console authentication fails because relies on 'view' privilege. Note: the token_auth belongs to 'admin' user |
I've installed and enabled LoginHttpAuth plugin, and then executed console core:archive. It's working for me. If you still have problem with 2.2.1-rc3 (or git) then please send me access to SSH to your piwik code files, as I would like to reproduce and fix it |
I've found you on bitbucket.org with exact username, related to piwik teams so I've added to a my private repository dedicated to this project. |
I will try take a look, but it will take some time... In the meantime, maybe you could look at the LoginLdap plugin source code, I've recently modified it to make the code as small as possible (LoginLdap will call functions from Login plugin, and LoginLdap controller extends from Login controller) Maybe if you use same concept it would work? |
Thank you very much for this hint. I've been inspired by your code and I've discovered token_auth weren't implemented in my plugin. Then I was relying on REMOTE_ADDR $_SERVER variable that isn't available being in console so I forced it to 0.0.0.0 when is unset (cli mode). So you can close this "support request" not really being a "bug report". |
Good news that your plugin now works! |
Well, I've overrided Login core plugin writing a custom authentication plugin following LoginHttpAuth plugin example, because of our Identity Manager.
Invoking "php console core:archive --url" command, we got the following error:
The italian text shortly says: "you haven't 'view' privilege on site id=1", but crontab ran as Super User (full log attached)
In the Login plugin's description cell (in plugins page) I can read: "Login Authentication plugin, _reading the credentials from the config/config.ini.php file for the initial Super User, and from the Database for the other users. Can be easily replaced to introduce a new Authentication mechanism (OpenID, htaccess, custom Auth, etc.)."_
Well, looks like my new authentication plugin can't read superuser credentials from the config.ini.php and looks for first superuser into db but when it's found, this user have any 'view' right on sites profiles because he's superuser status.
I've tried to investigate misc/cron/archive.sh source code and I found a notice saying to use archive.php instead.
Inside archive.php I've also found a notice saying: "this script is deprecated in favor of console command".
A full archive.log is attached to this message
Keywords: archive, cron, login, plugin
The text was updated successfully, but these errors were encountered: