Fix hardcoded Login module references #8807
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This does following:
I. Fixes hardcoded use of the Login plugin name:
For
plugins/Login/Login.php
, this prevents the "Login plugin not active" exception page appearances. Those can be reproduced using following simple test (just an example):a. Install and activate another Login module (tested with LoginEncrypted - the core Login plugin will be automatically deactivated)
b. Add another user and set it to be super user as well
c. Log out and log back in as the newly created super user
d. Delete the newly created super-user (i.e. oneself)
==> Instead of the login page, a "Login plugin not active" exception page appears
For
plugins/Login/Controller.php
, this corrects the displayed link to the login page. To reproduce (just an example):a. Send an ajax request with no access; or: patch in a new Exception somewhere (e.g. at the beginning of
plugins/Login/Login.php->login()
and load the login page) showing the return ofplugins/Login/Controller.php->ajaxNoAccess()
II. Fixes an inconsistency in obtaining the name of the currently active Login module in
core/Plugin/Controller.php
. It should, like any other module, usePiwik::getLoginPluginName()
instead of replicating it by accessingStaticContainer::get('Piwik\Auth')->getName()
directly. This was done to prevent possible future issues in case thatPiwik::getLoginPluginName()
changes.P.S.: Note to the point (I) above: Please note that checking, within the Login plugin code, which Login module is currently active is nothing new. Because the core Login module code is called also when the plugin is disabled, it already needs to find it out, as it does e.g. in https://github.com/piwik/piwik/blob/2.15.0-b7/plugins/Login/Login.php#L74 (using a released version as example, just so that the line number does not change in future).