From f30cf2077e026fb5536b110ace8be95eae209b0e Mon Sep 17 00:00:00 2001
From: mattab <matthieu.aubry@gmail.com>
Date: Sat, 29 Mar 2014 18:10:52 +1300
Subject: [PATCH] Fixes #4924: in Tracker mode, do not check for permission
 when getting/setting plugin settings.

---
 core/Config.php          |  2 +-
 core/Db.php              |  2 +-
 core/FrontController.php |  2 +-
 core/Plugin/Settings.php |  6 ++++++
 core/Profiler.php        |  2 +-
 core/SettingsServer.php  | 12 ++++++++++++
 core/Tracker.php         |  2 +-
 tests/PHPUnit/UI         |  2 +-
 8 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/core/Config.php b/core/Config.php
index 3dc081d80e..726a13d56f 100644
--- a/core/Config.php
+++ b/core/Config.php
@@ -296,7 +296,7 @@ class Config extends Singleton
     public function init()
     {
         $this->initialized = true;
-        $reportError = !empty($GLOBALS['PIWIK_TRACKER_MODE']);
+        $reportError = SettingsServer::isTrackerApiRequest();
 
         // read defaults from global.ini.php
         if (!is_readable($this->pathGlobal) && $reportError) {
diff --git a/core/Db.php b/core/Db.php
index 4b4ec86cd6..f099d01409 100644
--- a/core/Db.php
+++ b/core/Db.php
@@ -42,7 +42,7 @@ class Db
      */
     public static function get()
     {
-        if (!empty($GLOBALS['PIWIK_TRACKER_MODE'])) {
+        if (SettingsServer::isTrackerApiRequest()) {
             return Tracker::getDatabase();
         }
 
diff --git a/core/FrontController.php b/core/FrontController.php
index 53227f886a..0efcfa1a99 100644
--- a/core/FrontController.php
+++ b/core/FrontController.php
@@ -168,7 +168,7 @@ class FrontController extends Singleton
     {
         try {
             if (class_exists('Piwik\\Profiler')
-                && empty($GLOBALS['PIWIK_TRACKER_MODE'])) {
+                && !SettingsServer::isTrackerApiRequest()) {
                 // in tracker mode Piwik\Tracker\Db\Pdo\Mysql does currently not implement profiling
                 Profiler::displayDbProfileReport();
                 Profiler::printQueryCount();
diff --git a/core/Plugin/Settings.php b/core/Plugin/Settings.php
index 1200d9eb6a..20a5a30599 100644
--- a/core/Plugin/Settings.php
+++ b/core/Plugin/Settings.php
@@ -12,6 +12,7 @@ use Piwik\Option;
 use Piwik\Piwik;
 use Piwik\Settings\Setting;
 use Piwik\Settings\StorageInterface;
+use Piwik\SettingsServer;
 
 /**
  * Base class of all plugin settings providers. Plugins that define their own configuration settings
@@ -325,6 +326,11 @@ abstract class Settings implements StorageInterface
      */
     private function checkHasEnoughPermission(Setting $setting)
     {
+        // When the request is a Tracker request, allow plugins to read/write settings
+        if(SettingsServer::isTrackerApiRequest()) {
+            return;
+        }
+
         if (!$setting->canBeDisplayedForCurrentUser()) {
             $errorMsg = Piwik::translate('CoreAdminHome_PluginSettingChangeNotAllowed', array($setting->getName(), $this->pluginName));
             throw new \Exception($errorMsg);
diff --git a/core/Profiler.php b/core/Profiler.php
index 122e61f4b4..ae9c5e8b76 100644
--- a/core/Profiler.php
+++ b/core/Profiler.php
@@ -186,7 +186,7 @@ class Profiler
      */
     public static function setupProfilerXHProf($mainRun = false)
     {
-        if(!empty($GLOBALS['PIWIK_TRACKER_MODE'])) {
+        if(SettingsServer::isTrackerApiRequest()) {
             // do not profile Tracker
             return;
         }
diff --git a/core/SettingsServer.php b/core/SettingsServer.php
index d1d5142ec7..7223d3e304 100644
--- a/core/SettingsServer.php
+++ b/core/SettingsServer.php
@@ -31,6 +31,18 @@ class SettingsServer
                 && Piwik::hasUserSuperUserAccess();
     }
 
+
+    /**
+     * Returns true if the current request is a Tracker request.
+     *
+     * @return bool true if the current request is a Tracking API Request (ie. piwik.php)
+     */
+    public static function isTrackerApiRequest()
+    {
+        return !empty($GLOBALS['PIWIK_TRACKER_MODE']);
+    }
+
+
     /**
      * Returns `true` if running on Microsoft IIS 7 (or above), `false` if otherwise.
      *
diff --git a/core/Tracker.php b/core/Tracker.php
index c67d2e91f1..05deb9a2aa 100644
--- a/core/Tracker.php
+++ b/core/Tracker.php
@@ -369,7 +369,7 @@ class Tracker
      */
     static public function initCorePiwikInTrackerMode()
     {
-        if (!empty($GLOBALS['PIWIK_TRACKER_MODE'])
+        if (SettingsServer::isTrackerApiRequest()
             && self::$initTrackerMode === false
         ) {
             self::$initTrackerMode = true;
diff --git a/tests/PHPUnit/UI b/tests/PHPUnit/UI
index 2608eccd78..8c75aba42a 160000
--- a/tests/PHPUnit/UI
+++ b/tests/PHPUnit/UI
@@ -1 +1 @@
-Subproject commit 2608eccd787346f6b12ae57db89039bf769286d5
+Subproject commit 8c75aba42a588d30c9d9b8537a5297ac646d7274
-- 
GitLab