mirror
/
analytics
mirror of https://github.com/plausible/analytics.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix shared link site role (#5186) 

* Fallback to :public with data-current-user-role

* Add tests
This commit is contained in:
Artur Pata 2025-03-12 15:30:23 +02:00 committed by GitHub
parent c7ed5971da
commit dbca97f02e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 33 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
assets/js/dashboard.tsx
View File

@ -61,10 +61,14 @@ if (container && container.dataset) {
container.dataset.loggedIn === 'true' container.dataset.loggedIn === 'true'
? { ? {
loggedIn: true, loggedIn: true,
role: container.dataset.currentUserRole! as Role, id: parseInt(container.dataset.currentUserId!, 10),
id: parseInt(container.dataset.currentUserId!, 10) role: container.dataset.currentUserRole as Role
}
: {
loggedIn: false,
id: null,
role: container.dataset.currentUserRole as Role
} }
: { loggedIn: false, role: null, id: null }
} }
> >
<RouterProvider router={router} /> <RouterProvider router={router} />

8
assets/js/dashboard/user-context.tsx
View File

@ -11,14 +11,14 @@ export enum Role {
} }
const userContextDefaultValue = { const userContextDefaultValue = {
loggedIn: false,
id: null, id: null,
role: null, role: Role.public
loggedIn: false
} as } as
| { loggedIn: false; id: null; role: null } | { loggedIn: false; id: null; role: Role }
| { loggedIn: true; id: number; role: Role } | { loggedIn: true; id: number; role: Role }
type UserContextValue = typeof userContextDefaultValue export type UserContextValue = typeof userContextDefaultValue
const UserContext = createContext<UserContextValue>(userContextDefaultValue) const UserContext = createContext<UserContextValue>(userContextDefaultValue)

4
lib/plausible_web/templates/stats/stats.html.heex
View File

@ -42,7 +42,9 @@
data-embedded={to_string(@conn.assigns[:embedded])} data-embedded={to_string(@conn.assigns[:embedded])}
data-background={@conn.assigns[:background]} data-background={@conn.assigns[:background]}
data-is-dbip={to_string(@is_dbip)} data-is-dbip={to_string(@is_dbip)}
data-current-user-role={@conn.assigns[:site_role]} data-current-user-role={
if site_role = @conn.assigns[:site_role], do: site_role, else: :public
}
data-current-user-id={ data-current-user-id={
if user = @conn.assigns[:current_user], do: user.id, else: Jason.encode!(nil) if user = @conn.assigns[:current_user], do: user.id, else: Jason.encode!(nil)
} }

23
test/plausible_web/controllers/stats_controller_test.exs
View File

@ -26,6 +26,8 @@ defmodule PlausibleWeb.StatsControllerTest do
assert text_of_attr(resp, @react_container, "data-funnels-available") == "true" assert text_of_attr(resp, @react_container, "data-funnels-available") == "true"
assert text_of_attr(resp, @react_container, "data-has-props") == "false" assert text_of_attr(resp, @react_container, "data-has-props") == "false"
assert text_of_attr(resp, @react_container, "data-logged-in") == "false" assert text_of_attr(resp, @react_container, "data-logged-in") == "false"
assert text_of_attr(resp, @react_container, "data-current-user-role") == "public"
assert text_of_attr(resp, @react_container, "data-current-user-id") == "null"
assert text_of_attr(resp, @react_container, "data-embedded") == "" assert text_of_attr(resp, @react_container, "data-embedded") == ""
[{"div", attrs, _}] = find(resp, @react_container) [{"div", attrs, _}] = find(resp, @react_container)
@ -116,11 +118,13 @@ defmodule PlausibleWeb.StatsControllerTest do
describe "GET /:domain - as a logged in user" do describe "GET /:domain - as a logged in user" do
setup [:create_user, :log_in, :create_site] setup [:create_user, :log_in, :create_site]
test "can view stats of a website I've created", %{conn: conn, site: site} do test "can view stats of a website I've created", %{conn: conn, site: site, user: user} do
populate_stats(site, [build(:pageview)]) populate_stats(site, [build(:pageview)])
conn = get(conn, "/" <> site.domain) conn = get(conn, "/" <> site.domain)
resp = html_response(conn, 200) resp = html_response(conn, 200)
assert text_of_attr(resp, @react_container, "data-logged-in") == "true" assert text_of_attr(resp, @react_container, "data-logged-in") == "true"
assert text_of_attr(resp, @react_container, "data-current-user-role") == "owner"
assert text_of_attr(resp, @react_container, "data-current-user-id") == "#{user.id}"
end end
test "can view stats of a website I've created, enforcing pageviews check skip", %{ test "can view stats of a website I've created, enforcing pageviews check skip", %{
@ -156,12 +160,16 @@ defmodule PlausibleWeb.StatsControllerTest do
@describetag :ee_only @describetag :ee_only
setup [:create_user, :make_user_super_admin, :log_in] setup [:create_user, :make_user_super_admin, :log_in]
test "can view a private dashboard with stats", %{conn: conn} do test "can view a private dashboard with stats", %{conn: conn, user: user} do
site = new_site() site = new_site()
populate_stats(site, [build(:pageview)]) populate_stats(site, [build(:pageview)])
conn = get(conn, "/" <> site.domain) conn = get(conn, "/" <> site.domain)
assert html_response(conn, 200) =~ "stats-react-container" resp = html_response(conn, 200)
assert resp =~ "stats-react-container"
assert text_of_attr(resp, @react_container, "data-logged-in") == "true"
assert text_of_attr(resp, @react_container, "data-current-user-role") == "super_admin"
assert text_of_attr(resp, @react_container, "data-current-user-id") == "#{user.id}"
end end
test "can enter verification when site is without stats", %{conn: conn} do test "can enter verification when site is without stats", %{conn: conn} do
@ -1036,7 +1044,11 @@ defmodule PlausibleWeb.StatsControllerTest do
link = insert(:shared_link, site: site) link = insert(:shared_link, site: site)
conn = get(conn, "/share/test-site.com/?auth=#{link.slug}") conn = get(conn, "/share/test-site.com/?auth=#{link.slug}")
assert html_response(conn, 200) =~ "stats-react-container" resp = html_response(conn, 200)
assert resp =~ "stats-react-container"
assert text_of_attr(resp, @react_container, "data-logged-in") == "false"
assert text_of_attr(resp, @react_container, "data-current-user-id") == "null"
assert text_of_attr(resp, @react_container, "data-current-user-role") == "public"
end end
test "returns page with X-Frame-Options disabled so it can be embedded in an iframe", %{ test "returns page with X-Frame-Options disabled so it can be embedded in an iframe", %{
@ -1060,6 +1072,9 @@ defmodule PlausibleWeb.StatsControllerTest do
conn = get(conn, "/share/test-site.com/?auth=#{link.slug}&embed=true") conn = get(conn, "/share/test-site.com/?auth=#{link.slug}&embed=true")
resp = html_response(conn, 200) resp = html_response(conn, 200)
assert text_of_attr(resp, @react_container, "data-embedded") == "true" assert text_of_attr(resp, @react_container, "data-embedded") == "true"
assert text_of_attr(resp, @react_container, "data-logged-in") == "false"
assert text_of_attr(resp, @react_container, "data-current-user-id") == "null"
assert text_of_attr(resp, @react_container, "data-current-user-role") == "public"
assert Plug.Conn.get_resp_header(conn, "x-frame-options") == [] assert Plug.Conn.get_resp_header(conn, "x-frame-options") == []
[{"div", attrs, _}] = find(resp, @react_container) [{"div", attrs, _}] = find(resp, @react_container)