It be great if these feature could be disabled. Currently, the workaround is to disable the entire plugin. However, this also disables real time reports. Also on the cloud it is currently not possible to disable plugins so a user cannot disable these features yet (which may be needed to avoid tracking consent in some countries).
It would be important in this case, if it could be done on a per website basis, so that you can disable it for most websites but still enable it for some websites (where for example consent was collected). This is common use case when for example people may track many websites and apps. Some of the sites and the apps would gather consent, or may be eg. behind a login where terms and conditions were agreed to and may require tracking, etc.
@mattab we might create a separate issue for this later depending on how it'll be developed.
or may be eg. behind a login where terms and conditions were agreed to and may require tracking, etc.
just btw for GDPR that won't be enough to mention this in terms but if someone isn't affected by GDPR that might do
@sgiehl I quickly reopen this issue as I think we would also need to disable eg the
Live.getLastVisitsDetails() API. The method might still need to be working though when using eg getSuggestedSegmentValues. In the API Request class there should be a way to check what the root API method is although if we were to rely on this then the method could probably still be called through bulk requests (if we did like
Request::getRootApiRequestMethod() === 'Live.getLastVisitsDetails'). Not sure how this could be done.I suppose we could allow the Live API method to be called when the root api method is the getSuggestedValues API method.
We should also block
When the setting is disabled, it would also disable the real time reports. Sorry forgot to mention this. That's because it shows basically the same/similar data as the visitor log.
Also I'm getting these warnings in the UI
In the settings could we add also disable real time? I was thinking ideally it could be actually only one setting that disables it all but can also keep visitor profile and visit log separated. Maybe the visitor log would also disable real time so we don't need a third setting.
We'd need to add a description to the settings, and mention that when changing it here it applies to all sites. We could also mention that disabling these features may be required in some countries to avoid needing to ask for consent (eg in France) @mattab maybe you know more about this.
I wonder if we could also add a note somewhere in the privacy settings with a link to the
Live settings. There's not really a good place but could maybe add a line break and a new sentence to the intro mentioning that visitor profiles and visit logs can be disabled too
I know we could usually just tell people to disable the
Live plugin but that's not possible on the Cloud currently and sometimes they might be required to disable these features.
@tsteur I've created a PR to improve the last implementation and block some more api request.
Do you maybe have a backtrace for the warning? I'm not able to reproduce that.
@sgiehl created https://github.com/matomo-org/matomo/pull/16599/files . Was unrelated to this PR