diff --git a/core/Access.php b/core/Access.php
index 30df370219672f98864cbabe412aa29cf4c1d0d4..5039447e690396e98a729e28fb1572e2934de719 100644
--- a/core/Access.php
+++ b/core/Access.php
@@ -193,9 +193,9 @@ class Access
public static function getSqlAccessSite($select)
{
return "SELECT " . $select . "
- FROM " . Common::prefixTable('access') . " as t1
- JOIN " . Common::prefixTable('site') . " as t2 USING (idsite) " .
- " WHERE login = ?";
+ FROM " . Common::prefixTable('access') . " as t1
+ JOIN " . Common::prefixTable('site') . " as t2 USING (idsite) " .
+ " WHERE login = ?";
}
/**
@@ -285,7 +285,7 @@ class Access
return $this->token_auth;
}
- static public function getAnyUserHavingSuperUserAccess()
+ protected function getAnySuperUserAccessLogin()
{
try {
$superUsers = APIUsersManager::getInstance()->getUsersHavingSuperUserAccess();
@@ -293,24 +293,20 @@ class Access
return;
}
- $firstSuperUser = array_shift($superUsers);
-
- return $firstSuperUser;
- }
+ if (empty($superUsers)) {
+ return;
+ }
- public function getAnySuperUserAccessLogin()
- {
- $anySuperUser = $this->getAnyUserHavingSuperUserAccess();
+ $firstSuperUser = array_shift($superUsers);
- if (empty($anySuperUser)) {
+ if (empty($firstSuperUser)) {
return;
}
- return $anySuperUser['login'];
+ return $firstSuperUser['login'];
}
/**
- * @see Access::getAnySuperUserAccessLogin()
* @deprecated deprecated since version 2.0.4
*/
public function getSuperUserLogin()
diff --git a/plugins/UsersManager/API.php b/plugins/UsersManager/API.php
index ee38b2f5e12eeb283163ab0a38d14ffa3fef9b30..e07b168169112add97fdbaac1bec4d44576b4b4d 100644
--- a/plugins/UsersManager/API.php
+++ b/plugins/UsersManager/API.php
@@ -140,12 +140,14 @@ class API extends \Piwik\Plugin\API
}
$users = $this->model->getUsers($logins);
+
// Non Super user can only access login & alias
if (!Piwik::hasUserSuperUserAccess()) {
foreach ($users as &$user) {
$user = array('login' => $user['login'], 'alias' => $user['alias']);
}
}
+
return $users;
}
@@ -476,9 +478,10 @@ class API extends \Piwik\Plugin\API
*/
public function userExists($userLogin)
{
- if($userLogin == 'anonymous') {
+ if ($userLogin == 'anonymous') {
return true;
}
+
Piwik::checkUserIsNotAnonymous();
Piwik::checkUserHasSomeViewAccess();
diff --git a/plugins/UsersManager/Model.php b/plugins/UsersManager/Model.php
index 408278bb100ada2505bb0abf2f47bcdd397c7485..589a5934adf63caa57e84e631989beb72c88c56a 100644
--- a/plugins/UsersManager/Model.php
+++ b/plugins/UsersManager/Model.php
@@ -181,12 +181,13 @@ class Model
public function addUser($userLogin, $passwordTransformed, $email, $alias, $tokenAuth, $dateRegistered)
{
$user = array(
- 'login' => $userLogin,
- 'password' => $passwordTransformed,
- 'alias' => $alias,
- 'email' => $email,
- 'token_auth' => $tokenAuth,
- 'date_registered' => $dateRegistered
+ 'login' => $userLogin,
+ 'password' => $passwordTransformed,
+ 'alias' => $alias,
+ 'email' => $email,
+ 'token_auth' => $tokenAuth,
+ 'date_registered' => $dateRegistered,
+ 'superuser_access' => 0
);
$this->db->insert(Common::prefixTable("user"), $user);
diff --git a/tests/PHPUnit/FakeAccess.php b/tests/PHPUnit/FakeAccess.php
index c37459dc07a4b776a3df522b8568da5d79502cb6..74220d644baf71de1e942fa3f30a3f765a192258 100644
--- a/tests/PHPUnit/FakeAccess.php
+++ b/tests/PHPUnit/FakeAccess.php
@@ -183,25 +183,11 @@ class FakeAccess
return $result;
}
- static public function getAnyUserHavingSuperUserAccess()
- {
- return array(
- 'login' => self::$superUserLogin,
- 'email' => 'hello@piwik.org'
- );
- }
-
- public function getAnySuperUserAccessLogin()
- {
- return self::$superUserLogin;
- }
-
/**
- * @see FakeAccess::getAnySuperUserAccessLogin()
* @deprecated deprecated since version 2.0.4
*/
public function getSuperUserLogin()
{
- return $this->getAnySuperUserAccessLogin();
+ return self::$superUserLogin;
}
}