New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do not force api session usage for widgetized views #16875
Conversation
@@ -49,7 +49,8 @@ var hasBlockedContent = false; | |||
function withTokenInUrl() | |||
{ | |||
postParams['token_auth'] = piwik.token_auth; | |||
postParams['force_api_session'] = '1'; | |||
// When viewing a widgetized report there won't be any session that can be used, so don't force session usage | |||
postParams['force_api_session'] = (piwik.broadcast.getValueFromUrl('module') !== 'Widgetize') ? 1 : 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sgiehl wouldn't we need to look if force_api_session
is present in the original URL or not or something? Like it would mean you can't use the widgetized api with the session API token. Not sure if we do use this somewhere or not in the UI or somewhere?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Guess makes sense to check that. will change that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tsteur updated the code so it respects if force_api_session was already set. I'm not able to test the changes right now. Feel free to do that if needed otherwise I'll do that tomorrow
Worked for me generally. However, the visitor map UI tests are now failing. And when I'm on the widgetized page then I always get an error "failed to login" I'll push a fix for this and will quickly look into visitor map issue. Generally I think there might be still an issue though in general if someone was to embed any non widget action using a regular token auth? |
I'm expecting the tests to pass and will likely merge to have it fixed for widgets. I'll add a comment to the original issue to next check it what happens when embedding other actions directly if there is any issue (such as Goals.manageGoals) or the entire UI etc |
Description:
refs #16867
Review