@tsteur opened this Issue on January 31st 2015 Member

For example there is a request to disable the Marketplace for non-superusers here https://github.com/piwik/piwik/commit/2c66735a9a5449c7077fc2c6aaab45e88c001b88#commitcomment-9514371 and I recommended to write a plugin to do this as we want to keep core easy and simple. We are a platform mind you. The problem is, it is very hard to achieve for a plugin developer to disable such a feature. Basically you can only hide the menu entries for the Marketplace. The code for this would look like this in the plugin's Menu class:

public function configureAdminMenu(MenuAdmin $menu)
{
    if (!Piwik::hasUserSuperUserAccess()) {
        $menu->remove('CoreAdminHome_Administration', 'CorePluginsAdmin_Marketplace');
    }
}

A user could still view the Marketplace directly. To prevent this one has to listen to the Controller.CorePluginsAdmin.browsePlugins event etc. In the end it would still make requests to the Marketplace in the background though.

As a plugin developer you have to figure out that you can manipulate the "Menu" in Piwik in a custom plugin via PHP. It will be even harder to find out that you can $menu->remove() menu items as it is not documented in any guide apart from the [http://developer.piwik.org/api-reference/Piwik/Menu/MenuAdmin#remove](Class reference). Not having examples/docs for it is a different problem... Once one has figured this out, a plugin developer will notice that it doesn't work. Some developers will figure out they have to use the TranslationIDs to disable menu items but then they need to find the correct translation keys which can be a nightmare. At last one might notice we link in many places to the Marketplace: User/Admin Menu, within the Plugins Page etc. While it is possible to remove Menu items, it is not possible to remove links within other pages...
It will be even much much harder to figure out about events and that there is a Controller.$controller.$action event and what actions a developer actually has to block to prevent access to the Marketplace via URL.

Also asking plugin developers to remove Menu items to disable a feature/page is very fragile. Whenever we move an entry to another menu or section, add a new menu item for it or simply rename the TranslationID the developer's plugin will be broken. Same for controller actions... whenever we rename the action of a controller the Controller.$controller.$action event will be broken and people get access to that page again. Something like this is even hard to test for plugin developers and basically only possible to detect via screenshot tests which would be another nightmare.

Instead plugin developers should be able to disable features. In the case of Marketplace there is already a config setting enable_marketplace but one can't simply disable that setting temporarily during a request for non-super-users as there is a chance that it gets written to the config file for some random reasons etc. Most likely we should use global.php and the DIC for this.

Feature settings will also allow plugins to develop a more complex user management / user roles / etc. And we would be able to release a new major version that includes features that are not yet ready or that are beta.

If there are any objections etc please comment here.

It might be worth to go over some basic features/menu items and add feature settings to global.php or whatever. Would be nice if plugins could have their own config for this see #6609 . More importantly we should create feature settings for new features in the first place.

BTW: I think there should be an issue to make it easier and less fragile to remove Menu entries but I can't find it. Ideally developers don't have to remove Menu items in the first place...

@mattab commented on July 30th 2019 Member

Not sure if this is exactly what this issue is, but one quite frequent request is the ability to hide certain menus (and disable certain features/reports) for some of the users.

Many Matomo super users are setting up the platform to provide value to other people, and these other people may not be interested in some of the features (or less technical) and it would be very valuable to hide certain menus to certain people.

For example:

  • Hide tag manager menu for some users
  • Hide all left menu entries except Heatmap and Session Recording for some users
  • Hide "Session recording" from the menu for some users
  • etc.

This get requested maybe once a month on average or slightly less.

Powered by GitHub Issue Mirror