Les articles publiés sur le site
-
How to verify signatures for Piwik release packages
19 novembre 2014, par Piwik Core Team — SecurityWe are proud to announce that Piwik project now cryptographically signs the Piwik releases using PGP following requests from several community members. In this post we will explain how you can verify the signatures of the Piwik release you downloaded, with instructions for Windows, Mac OS X and Linux.
What is a signature and why should I check it?
How do you know that the Piwik platform you have is really the one we made? Some software sites list sha1 hashes alongside the software on their website, so users can verify that they downloaded the file without any errors. These “checksums” help you answer the question “Did I download this file correctly from whoever sent it to me?” They do a good job at making sure you didn’t have any random errors in your download, but they don’t help you figure out whether you were downloading it from a compromised server. The better question to answer is: “Is this file that I just downloaded the file that Piwik intended me to get?”. Over the years several Piwik users have requested that we start signing our releases.
Where do I get the signatures and the keys that made them?
Each file on our release server builds.piwik.org is accompanied by a file with the same name as the package and the extension
.asc. These .asc files are GPG signatures. They allow you to verify the file you’ve downloaded is exactly the one that we intended you to get. For example,piwik-2.9.0.zipis accompanied bypiwik-2.9.0.zip.asc.Currently Matthieu Aubry is the release manager and signs the Piwik releases. His signature can be found here: builds.piwik.org/signature.asc
How to verify signatures on Windows
You need to have GnuPG installed before you can verify signatures. Download it from http://gpg4win.org/download.html.
Once it's installed, use GnuPG to import the key that signed your package. Since GnuPG for Windows is a command-line tool, you will need to use cmd.exe. Unless you edit your PATH environment variable, you will need to tell Windows the full path to the GnuPG program. If you installed GnuPG with the default values, the path should be something like this: C:\Program Files\Gnu\GnuPg\gpg.exe.
Import Piwik Release manager Matthieu's key (0x416F061063FEE659) by starting cmd.exe and typing:
"C:\Program Files\Gnu\GnuPg\gpg.exe" --keyserver keys.gnupg.net --recv-keys 814E346FA01A20DBB04B6807B5DBD5925590A237
After importing the key, you can verify that the fingerprint is correct:
"C:\Program Files\Gnu\GnuPg\gpg.exe" --fingerprint 814E346FA01A20DBB04B6807B5DBD5925590A237
You should see:
pub 4096R/5590A237 2013-07-24 Key fingerprint = 814E 346F A01A 20DB B04B 6807 B5DB D592 5590 A237 uid Matthieu Aubry <matt@piwik.org> uid Matthieu Aubry <matthieu.aubry@gmail.com> uid Matthieu Aubry <matt@piwik.pro> sub 4096R/43F0D330 2013-07-24To verify the signature of the package you downloaded, you will need to download the ".asc" file as well. Assuming you downloaded the package and its signature to your Desktop, run:
"C:\Program Files\Gnu\GnuPg\gpg.exe" --verify C:\Users\Alice\Desktop\piwik-2.9.0.zip.asc C:\Users\Alice\Desktop\piwik-2.9.0.zip
The output should say "Good signature":
gpg: Signature made Thu 13 Nov 2014 17:42:18 NZDT using RSA key ID 5590A237 gpg: Good signature from "Matthieu Aubry <matt@piwik.org>" gpg: aka "Matthieu Aubry <matthieu.aubry@gmail.com>" gpg: aka "Matthieu Aubry <matt@piwik.pro>"
Notice that there may be a warning in case you haven't assigned a trust index to this person. This means that GnuPG verified that the key made that signature, but it's up to you to decide if that key really belongs to the developer. The best method is to meet the developer in person and exchange key fingerprints.
Mac OS X and Linux
On Linux GnuPG is usually installed by default. On Mac OS X, you need to have GnuPG installed before you can verify signatures. You can install it from http://www.gpgtools.org/.
Once it's installed, use GnuPG to import the key that signed your package. Matthieu Aubry signs the Piwik releases. Import his key (814E346FA01A20DBB04B6807B5DBD5925590A237) by starting the terminal (under "Applications") and typing:
gpg --keyserver keys.gnupg.net --recv-keys 814E346FA01A20DBB04B6807B5DBD5925590A237
After importing the key, you can verify that the fingerprint is correct:
gpg --fingerprint 814E346FA01A20DBB04B6807B5DBD5925590A237
You should see:
pub 4096R/5590A237 2013-07-24 Key fingerprint = 814E 346F A01A 20DB B04B 6807 B5DB D592 5590 A237 uid Matthieu Aubry <matt@piwik.org> uid Matthieu Aubry <matthieu.aubry@gmail.com> uid Matthieu Aubry <matt@piwik.pro> sub 4096R/43F0D330 2013-07-24To verify the signature of the package you downloaded, you will need to download the ".asc" file as well. Assuming you downloaded the package and its signature to your Desktop, run:
gpg --verify /Users/Alice/piwik-2.9.0.zip{.asc*,}The output should say "Good signature":
gpg: Signature made Thu 13 Nov 2014 17:42:18 NZDT using RSA key ID 5590A237 gpg: Good signature from "Matthieu Aubry <matt@piwik.org>" gpg: aka "Matthieu Aubry <matthieu.aubry@gmail.com>" gpg: aka "Matthieu Aubry <matt@piwik.pro>"
Notice that there may be a warning in case you haven't assigned a trust index to this person. This means that GnuPG verified that the key made that signature, but it's up to you to decide if that key really belongs to the developer. The best method is to meet the developer in person and exchange key fingerprints.
That's it! In this article you have learnt how you can verify that the Piwik package you have downloaded on your computer was the same as the one Piwik team has officially created. We hope this helps you use Piwik with more security.
Source: this article was copied and adapted from the great Tor Browser project website page How to verify signatures for Tor packages
-
How to write unit tests for your plugin – Introducing the Piwik Platform
17 novembre 2014, par Thomas Steur — DevelopmentThis is the next post of our blog series where we introduce the capabilities of the Piwik platform (our previous post was How to verify user permissions). This time you’ll learn how to write unit tests in Piwik. For this tutorial you will need to have basic knowledge of PHP, PHPUnit and the Piwik platform.
When is a test a unit test?
There are many different opinions on this and it can be sometimes hard to decide. At Piwik we consider a test as a unit test if only a single method or class is being tested and if a test does not have a dependency to the filesystem, web, config, database or to any other plugin.
If a test is slow it can be an indicator that it is not a unit test. “Slow” is of course a bit vague. We will cover how to write other type of tests, such as integration tests, in one of our next blog posts.
Getting started
In this post, we assume that you have already installed Piwik 2.9.0 or later via git, set up your development environment and created a plugin. If not, visit the Piwik Developer Zone where you’ll find the tutorial Setting up Piwik and other Guides that help you to develop a plugin.
Let’s create a unit test
We start by using the Piwik Console to create a new unit test:
./console generate:test --testtype unitThe command will ask you to enter the name of the plugin the created test should belong to. I will use the plugin name “Insights”. Next it will ask you for the name of the test. Here you usually enter the name of the class you want to test. I will use “Widgets” in this example. There should now be a file
plugins/Insights/tests/Unit/WidgetsTest.phpwhich contains already an example to get you started easily:/** * @group Insights * @group WidgetsTest * @group Plugins */ class WidgetsTest extends \PHPUnit_Framework_TestCase { public function testSimpleAddition() { $this->assertEquals(2, 1+1); } }We don’t want to cover how you should write your unit test. This is totally up to you. If you have no experience in writing unit tests yet, we recommend to read articles on the topic, or a book, or to watch videos or anything else that will help you learn best.
Running a test
To run a test we will use the command
tests:runwhich allows you to execute a test suite, a specific file or a group of tests.To verify whether the created test works we will run it as follows:
./console tests:run WidgetsTestThis will run all tests having the group
WidgetsTest. As other tests can use the same group you might want to pass the path to your test file instead:./console tests:run plugins/Insights/tests/Unit/Widgets.phpIf you want to run all tests within your plugin pass the name of your plugin as an argument:
./console tests:run insightsOf course you can also define multiple arguments:
./console tests:run insights WidgetsTestThis will execute all tests within the insights plugin having the group WidgetsTest. If you only want to run unit tests within your plugin you can do the following:
./console tests:run insights unitAdvanced features
Isn’t it easy to create a unit test? We never even created a file! You can accomplish even more if you want: You can generate other type of tests, you can run tests on Amazon’s AWS and more. Unfortunately, not everything is documented yet so we recommend to discover more features by executing the commands
./console list testsand./console help tests:run.If you have any feedback regarding our APIs or our guides in the Developer Zone feel free to send it to us.
-
How to write unit tests for your plugin – Introducing the Piwik Platform
17 novembre 2014, par Thomas Steur — DevelopmentThis is the next post of our blog series where we introduce the capabilities of the Piwik platform (our previous post was How to verify user permissions). This time you’ll learn how to write unit tests in Piwik. For this tutorial you will need to have basic knowledge of PHP, PHPUnit and the Piwik platform.
When is a test a unit test?
There are many different opinions on this and it can be sometimes hard to decide. At Piwik we consider a test as a unit test if only a single method or class is being tested and if a test does not have a dependency to the filesystem, web, config, database or to any other plugin.
If a test is slow it can be an indicator that it is not a unit test. “Slow” is of course a bit vague. We will cover how to write other type of tests, such as integration tests, in one of our next blog posts.
Getting started
In this post, we assume that you have already installed Piwik 2.9.0 or later via git, set up your development environment and created a plugin. If not, visit the Piwik Developer Zone where you’ll find the tutorial Setting up Piwik and other Guides that help you to develop a plugin.
Let’s create a unit test
We start by using the Piwik Console to create a new unit test:
./console generate:test --testtype unitThe command will ask you to enter the name of the plugin the created test should belong to. I will use the plugin name “Insights”. Next it will ask you for the name of the test. Here you usually enter the name of the class you want to test. I will use “Widgets” in this example. There should now be a file
plugins/Insights/tests/Unit/WidgetsTest.phpwhich contains already an example to get you started easily:/** * @group Insights * @group WidgetsTest * @group Plugins */ class WidgetsTest extends \PHPUnit_Framework_TestCase { public function testSimpleAddition() { $this->assertEquals(2, 1+1); } }We don’t want to cover how you should write your unit test. This is totally up to you. If you have no experience in writing unit tests yet, we recommend to read articles on the topic, or a book, or to watch videos or anything else that will help you learn best.
Running a test
To run a test we will use the command
tests:runwhich allows you to execute a test suite, a specific file or a group of tests.To verify whether the created test works we will run it as follows:
./console tests:run WidgetsTestThis will run all tests having the group
WidgetsTest. As other tests can use the same group you might want to pass the path to your test file instead:./console tests:run plugins/Insights/tests/Unit/Widgets.phpIf you want to run all tests within your plugin pass the name of your plugin as an argument:
./console tests:run insightsOf course you can also define multiple arguments:
./console tests:run insights WidgetsTestThis will execute all tests within the insights plugin having the group WidgetsTest. If you only want to run unit tests within your plugin you can do the following:
./console tests:run insights unitAdvanced features
Isn’t it easy to create a unit test? We never even created a file! You can accomplish even more if you want: You can generate other type of tests, you can run tests on Amazon’s AWS and more. Unfortunately, not everything is documented yet so we recommend to discover more features by executing the commands
./console list testsand./console help tests:run.If you have any feedback regarding our APIs or our guides in the Developer Zone feel free to send it to us.
-
How to verify user permissions – Introducing the Piwik Platform
9 novembre 2014, par Thomas Steur — DevelopmentThis is the next post of our blog series where we introduce the capabilities of the Piwik platform (our previous post was How to make your plugin multilingual). This time you’ll learn how to verify user permissions. For this tutorial you will need to have basic knowledge of PHP and the Piwik platform.
When should a plugin verify permissions?
Usually you want to do this before executing any action – such as deleting or fetching data – and before rendering any sensitive information that should not be accessible by everyone. For instance in an API method or Controller action. You sometimes also need to verify permissions before registering menu items or widgets.
How does Piwik’s user management work?
It is quite simple as it only differentiates between a few roles: View permission, Admin permission and Super User permission. If you manage multiple websites with Piwik a user can be assigned to different roles as a user might have no permission for some websites but view or admin permission for another set of websites.
Worth mentioning is that roles inherit from each other. This means the role admin automatically includes the role view and a super user automatically covers the view and admin role.
Getting started
In this post, we assume that you have already set up your development environment and created a plugin. If not, visit the Piwik Developer Zone where you’ll find the tutorial Setting up Piwik and other Guides that help you to develop a plugin.
Verifying user permissions
To protect your data the platform offers many convenient methods in the \Piwik\Piwik class. There you will find methods that either start with
check,isorhas. While methods that start withcheckthrow an exception in case a condition is not met, the other methods return a booleantrueorfalse.Use methods that throw an exception if you want to stop any further execution in case a user does not have an appropriate role. The platform will catch the exception and display an error message or ask the user to log in.
public function deleteAllMessages() { // delete messages only if user has super user access, otherwise show an error message Piwik::checkUserSuperUserAccess(); $this->getModel()->deleteAllMessages(); }Use methods that return a boolean for instance when registering menu items or widgets.
public function configureAdminMenu(MenuAdmin $menu) { if (Piwik::hasUserSuperUserAccess()) { $menu->addPlatformItem('Plugins', $this->urlForDefaultAction()); } }It is important to be aware that just because the menu item won’t be displayed in the UI a user can still open the registered URL manually. Therefore you have to check for permissions in the actual controller action as well.
View permission
A user having a view permission should be only able to view reports but not make any changes apart from his personal settings. The methods that end with
UserHasSomeViewAccessmake sure a user has at least view permission for one website whereas the methods*UserHasViewAccess($idSites = array(1,2,3))check whether a user has view access for all of the given websites.Piwik::checkUserHasSomeViewAccess(); Piwik::checkUserHasViewAccess($idSites = array(1,2,3));As a plugin developer you would usually use the latter example to verify the permissions for specific websites. Use the first example in case you develop something like an “All Websites Dashboard” where you only want to make sure the user has a view permission for at least one website.
Admin permission
A user having an admin permission cannot only view reports but also change website related settings. The methods to check for this role are similar to the ones before, just swap the term
ViewwithAdmin.Piwik::checkUserHasSomeAdminAccess(); Piwik::checkUserHasAdminAccess($idSites = array(1,2,3));Super user permission
A user having the super user permission is allowed to access all of the data stored in Piwik and change any settings. To check if a user has this role use one of the methods that end with
UserSuperUserAccess.Piwik::checkUserHasSuperUserAccess();As a plugin developer you would check for this permission for instance in places where your plugin shows an activity log over all users or where it offers the possibility to change any system wide settings.
Getting information about the currently logged in user
Sometimes you might want to know which user is currently logged in. This can be useful if you want to persist user related information in the database or if you want to send an email to the currently logged in user. You can easily get this information by calling the following methods:
$login = Piwik::getCurrentUserLogin() $email = Piwik::getCurrentUserEmail()Advanced features
Of course there is more that you can do. For instance you can verify whether a user is an anonymous user or whether a user has a specific role. You can also perform any operation in the context of a super user even if the current user does not have this role. Would you like to know more about those features? Check out the Piwik class reference, the Security guide and the Manage Users user guide.
If you have any feedback regarding our APIs or our guides in the Developer Zone feel free to send it to us.
-
How to verify user permissions – Introducing the Piwik Platform
9 novembre 2014, par Thomas Steur — DevelopmentThis is the next post of our blog series where we introduce the capabilities of the Piwik platform (our previous post was How to make your plugin multilingual). This time you’ll learn how to verify user permissions. For this tutorial you will need to have basic knowledge of PHP and the Piwik platform.
When should a plugin verify permissions?
Usually you want to do this before executing any action – such as deleting or fetching data – and before rendering any sensitive information that should not be accessible by everyone. For instance in an API method or Controller action. You sometimes also need to verify permissions before registering menu items or widgets.
How does Piwik’s user management work?
It is quite simple as it only differentiates between a few roles: View permission, Admin permission and Super User permission. If you manage multiple websites with Piwik a user can be assigned to different roles as a user might have no permission for some websites but view or admin permission for another set of websites.
Worth mentioning is that roles inherit from each other. This means the role admin automatically includes the role view and a super user automatically covers the view and admin role.
Getting started
In this post, we assume that you have already set up your development environment and created a plugin. If not, visit the Piwik Developer Zone where you’ll find the tutorial Setting up Piwik and other Guides that help you to develop a plugin.
Verifying user permissions
To protect your data the platform offers many convenient methods in the \Piwik\Piwik class. There you will find methods that either start with
check,isorhas. While methods that start withcheckthrow an exception in case a condition is not met, the other methods return a booleantrueorfalse.Use methods that throw an exception if you want to stop any further execution in case a user does not have an appropriate role. The platform will catch the exception and display an error message or ask the user to log in.
public function deleteAllMessages() { // delete messages only if user has super user access, otherwise show an error message Piwik::checkUserSuperUserAccess(); $this->getModel()->deleteAllMessages(); }Use methods that return a boolean for instance when registering menu items or widgets.
public function configureAdminMenu(MenuAdmin $menu) { if (Piwik::hasUserSuperUserAccess()) { $menu->addPlatformItem('Plugins', $this->urlForDefaultAction()); } }It is important to be aware that just because the menu item won’t be displayed in the UI a user can still open the registered URL manually. Therefore you have to check for permissions in the actual controller action as well.
View permission
A user having a view permission should be only able to view reports but not make any changes apart from his personal settings. The methods that end with
UserHasSomeViewAccessmake sure a user has at least view permission for one website whereas the methods*UserHasViewAccess($idSites = array(1,2,3))check whether a user has view access for all of the given websites.Piwik::checkUserHasSomeViewAccess(); Piwik::checkUserHasViewAccess($idSites = array(1,2,3));As a plugin developer you would usually use the latter example to verify the permissions for specific websites. Use the first example in case you develop something like an “All Websites Dashboard” where you only want to make sure the user has a view permission for at least one website.
Admin permission
A user having an admin permission cannot only view reports but also change website related settings. The methods to check for this role are similar to the ones before, just swap the term
ViewwithAdmin.Piwik::checkUserHasSomeAdminAccess(); Piwik::checkUserHasAdminAccess($idSites = array(1,2,3));Super user permission
A user having the super user permission is allowed to access all of the data stored in Piwik and change any settings. To check if a user has this role use one of the methods that end with
UserSuperUserAccess.Piwik::checkUserHasSuperUserAccess();As a plugin developer you would check for this permission for instance in places where your plugin shows an activity log over all users or where it offers the possibility to change any system wide settings.
Getting information about the currently logged in user
Sometimes you might want to know which user is currently logged in. This can be useful if you want to persist user related information in the database or if you want to send an email to the currently logged in user. You can easily get this information by calling the following methods:
$login = Piwik::getCurrentUserLogin() $email = Piwik::getCurrentUserEmail()Advanced features
Of course there is more that you can do. For instance you can verify whether a user is an anonymous user or whether a user has a specific role. You can also perform any operation in the context of a super user even if the current user does not have this role. Would you like to know more about those features? Check out the Piwik class reference, the Security guide and the Manage Users user guide.
If you have any feedback regarding our APIs or our guides in the Developer Zone feel free to send it to us.
