Matomo crash when user has view rights

kaplun commented 6 years ago

With Matomo 3.7.0, if I create a user with only view rights and it try to access a site it crashes with:

A fatal error occurred
The following error just broke Matomo (v3.7.0):

An exception has been thrown during the rendering of a template ("Non puoi accedere a questa risorsa perché essa richiede un accesso 'write' per il sito web con id= 4.").
in /var/www/html/piwik/plugins/CoreHome/templates/getDefaultIndexView.twig line 7

Sorry for the Italian error :smile: The message more or less says: "You can't access this resource because it requires a write access for the web site with id=4".

+-----------------------------------+-------------------+---------------+
| Plugin                            | Core or optional? | Status        |
+-----------------------------------+-------------------+---------------+
| Diagnostics                       | Core              | Activated     |
| Overlay                           | Core              | Activated     |
| ExampleAPI                        | Core              | Not activated |
| RssWidget                         | Core              | Activated     |
| Feedback                          | Core              | Activated     |
| Login                             | Core              | Activated     |
| CoreConsole                       | Core              | Activated     |
| ScheduledReports                  | Core              | Activated     |
| UserCountryMap                    | Core              | Activated     |
| Live                              | Core              | Activated     |
| CustomVariables                   | Core              | Activated     |
| PrivacyManager                    | Core              | Activated     |
| ImageGraph                        | Core              | Activated     |
| Annotations                       | Core              | Activated     |
| MobileMessaging                   | Core              | Activated     |
| SegmentEditor                     | Core              | Activated     |
| VisitTime                         | Core              | Activated     |
| Insights                          | Core              | Activated     |
| Morpheus                          | Core              | Activated     |
| Contents                          | Core              | Activated     |
| BulkTracking                      | Core              | Activated     |
| Resolution                        | Core              | Activated     |
| DevicePlugins                     | Core              | Activated     |
| Heartbeat                         | Core              | Activated     |
| Marketplace                       | Core              | Activated     |
| ProfessionalServices              | Core              | Activated     |
| UserId                            | Core              | Activated     |
| CustomPiwikJs                     | Core              | Activated     |
| DBStats                           | Core              | Activated     |
| IntranetMeasurable                | Core              | Activated     |
| VisitorInterest                   | Core              | Activated     |
| CoreUpdater                       | Core              | Activated     |
| VisitFrequency                    | Core              | Activated     |
| Widgetize                         | Core              | Activated     |
| CoreAdminHome                     | Core              | Activated     |
| UsersManager                      | Core              | Activated     |
| SitesManager                      | Core              | Activated     |
| Installation                      | Core              | Activated     |
| Monolog                           | Core              | Activated     |
| Intl                              | Core              | Activated     |
| CorePluginsAdmin                  | Core              | Activated     |
| CoreHome                          | Core              | Activated     |
| VisitsSummary                     | Core              | Activated     |
| CoreVisualizations                | Core              | Activated     |
| Proxy                             | Core              | Activated     |
| API                               | Core              | Activated     |
| ExamplePlugin                     | Core              | Not activated |
| WebsiteMeasurable                 | Core              | Activated     |
| Transitions                       | Core              | Activated     |
| Goals                             | Core              | Activated     |
| GeoIp2                            | Core              | Activated     |
| LanguagesManager                  | Core              | Activated     |
| Events                            | Core              | Activated     |
| SEO                               | Core              | Activated     |
| UserCountry                       | Core              | Activated     |
| Ecommerce                         | Core              | Activated     |
| DevicesDetection                  | Core              | Activated     |
| UserLanguage                      | Core              | Activated     |
| Referrers                         | Core              | Activated     |
| MultiSites                        | Core              | Activated     |
| Dashboard                         | Core              | Activated     |
| Actions                           | Core              | Activated     |
| MultiChannelConversionAttribution | Optional          | Activated     |
| SentryLogger                      | Optional          | Activated     |
| ArchiveSite                       | Optional          | Activated     |
| CustomAlerts                      | Optional          | Activated     |
| AdminNotification                 | Optional          | Activated     |
| MarketingCampaignsReporting       | Optional          | Activated     |
| InvalidateReports                 | Optional          | Activated     |
| CustomDimensions                  | Optional          | Activated     |
| TreemapVisualization              | Optional          | Activated     |
| LogViewer                         | Optional          | Activated     |
| SecurityInfo                      | Optional          | Activated     |
| TasksTimetable                    | Optional          | Activated     |
| Funnels                           | Optional          | Activated     |
+-----------------------------------+-------------------+---------------+

This line is the culprit: https://github.com/matomo-org/matomo/blob/3.x-dev/plugins/CoreHome/templates/getDefaultIndexView.twig#L7

rramthun commented 6 years ago

I can confirm this finding on our installation. User has only view rights for all available sites on the installation. Users with more rights work correctly.

tsteur commented 6 years ago

Olny had a quick look, seems related to segment editor.

tsteur commented 6 years ago

Do you remember if during the update maybe some other plugins were updated as well?

Is there any chance that you temporarily edit your index.php in your Matomo installation and change around line 24 the following line from define('PIWIK_PRINT_ERROR_BACKTRACE', false); to define('PIWIK_PRINT_ERROR_BACKTRACE', true);? more information about the error might be shown then.

kaplun commented 6 years ago

Sure!

Here's the full backtrace:

An exception has been thrown during the rendering of a template ("Non puoi accedere a questa risorsa perché essa richiede un accesso 'write' per il sito web con id= 4.").
 on /var/www/html/piwik/plugins/CoreHome/templates/getDefaultIndexView.twig(7)
#0 /var/www/html/piwik/tmp/templates_c/64/64f54a54110b3eced1b1574a7a0126a53251456bd11a65bf4e93cdd5d46da5f2.php(97): Twig_Template->displayBlock('topcontrols', Array, Array)
#1 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(215): __TwigTemplate_a86448bf854561707cc6c1d984cf43c633b38e782c8818b6dba1f05a8033f5f2->block_root(Array, Array)
#2 /var/www/html/piwik/tmp/templates_c/9e/9ef72ab5e6d4d27a3b4a9b97f747f91bb9cc8df715cf46e1ec22140dfea0fc87.php(160): Twig_Template->displayBlock('root', Array, Array)
#3 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(215): __TwigTemplate_1b657c52c765feef11c524500f8cc3dbdbe14ceeac07f4426beb8ac4e28925c8->block_body(Array, Array)
#4 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(174): Twig_Template->displayBlock('body', Array, Array, false)
#5 /var/www/html/piwik/tmp/templates_c/64/64f54a54110b3eced1b1574a7a0126a53251456bd11a65bf4e93cdd5d46da5f2.php(73): Twig_Template->displayParentBlock('body', Array, Array)
#6 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(215): __TwigTemplate_a86448bf854561707cc6c1d984cf43c633b38e782c8818b6dba1f05a8033f5f2->block_body(Array, Array)
#7 /var/www/html/piwik/tmp/templates_c/9e/9ef72ab5e6d4d27a3b4a9b97f747f91bb9cc8df715cf46e1ec22140dfea0fc87.php(49): Twig_Template->displayBlock('body', Array, Array)
#8 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(432): __TwigTemplate_1b657c52c765feef11c524500f8cc3dbdbe14ceeac07f4426beb8ac4e28925c8->doDisplay(Array, Array)
#9 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(403): Twig_Template->displayWithErrorHandling(Array, Array)
#10 /var/www/html/piwik/tmp/templates_c/64/64f54a54110b3eced1b1574a7a0126a53251456bd11a65bf4e93cdd5d46da5f2.php(39): Twig_Template->display(Array, Array)
#11 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(432): __TwigTemplate_a86448bf854561707cc6c1d984cf43c633b38e782c8818b6dba1f05a8033f5f2->doDisplay(Array, Array)
#12 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(403): Twig_Template->displayWithErrorHandling(Array, Array)
#13 /var/www/html/piwik/tmp/templates_c/86/86a4cc80d9c78b68a5a41c9e762d73b2374bf3c94c30665d5973c7a8bc0b448c.php(28): Twig_Template->display(Array, Array)
#14 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(432): __TwigTemplate_35c90a13953cb3fd09f83ea1c406fa3cfd32d7b5b12ba0913841eb2224a12d9c->doDisplay(Array, Array)
#15 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(403): Twig_Template->displayWithErrorHandling(Array, Array)
#16 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Template.php(411): Twig_Template->display(Array)
#17 /var/www/html/piwik/vendor/twig/twig/lib/Twig/Environment.php(362): Twig_Template->render(Array)
#18 /var/www/html/piwik/core/View.php(307): Twig_Environment->render('@CoreHome/getDe...', Array)
#19 /var/www/html/piwik/core/View.php(291): Piwik\View->renderTwigTemplate()
#20 /var/www/html/piwik/plugins/CoreHome/Controller.php(198): Piwik\View->render()
#21 [internal function]: Piwik\Plugins\CoreHome\Controller->index()
#22 /var/www/html/piwik/core/FrontController.php(556): call_user_func_array(Array, Array)
#23 /var/www/html/piwik/core/FrontController.php(144): Piwik\FrontController->doDispatch('CoreHome', 'index', Array)
#24 /var/www/html/piwik/core/dispatch.php(34): Piwik\FrontController->dispatch()
#25 /var/www/html/piwik/index.php(27): require_once('/var/www/html/p...')
#26 {main}

tsteur commented 6 years ago

Cheers @kaplun was hoping it would help a bit more. I'm thinking it might be related to Custom Dimensions. Any chance to disable it temporarily and see if the issue resolves?

Making the assumption as I checked all usages of checkUserHasWriteAccess and compared it with the plugins that you have enabled.

kaplun commented 6 years ago

I am heavily using custom dimension. If I inactivate the plugin, will the DB be altered?

kumar-ebalnasral commented 6 years ago

Matomo 3.7.0 Can confirm this. This happens after CustomDimensionsPlugin update

tsteur commented 6 years ago

I have released a new version which hopefully fixes the issue.

tsteur commented 6 years ago

Let me know if this is not the case and I'm happy to reopen

kaplun commented 6 years ago

@tsteur :tada: Well done! It fixed the issue for me.

matomo-org / matomo

Matomo crash when user has view rights #13781