mirror of
https://github.com/plausible/analytics.git
synced 2024-12-23 09:33:19 +03:00
Separate GA/SC scopes (#2372)
* Use separate scopes for GA/SC integrations * Update tests with google scope expectations
This commit is contained in:
parent
d29597ed37
commit
8e75f2fc07
@ -5,29 +5,22 @@ defmodule Plausible.Google.Api do
|
||||
|
||||
@type google_analytics_view() :: {view_name :: String.t(), view_id :: String.t()}
|
||||
|
||||
@scope URI.encode_www_form(
|
||||
"https://www.googleapis.com/auth/webmasters.readonly email https://www.googleapis.com/auth/analytics.readonly"
|
||||
@search_console_scope URI.encode_www_form(
|
||||
"email https://www.googleapis.com/auth/webmasters.readonly"
|
||||
)
|
||||
@import_scope URI.encode_www_form("email https://www.googleapis.com/auth/analytics.readonly")
|
||||
|
||||
@verified_permission_levels ["siteOwner", "siteFullUser", "siteRestrictedUser"]
|
||||
|
||||
def authorize_url(site_id, redirect_to) do
|
||||
if Application.get_env(:plausible, :environment) == "test" do
|
||||
""
|
||||
else
|
||||
"https://accounts.google.com/o/oauth2/v2/auth?client_id=#{client_id()}&redirect_uri=#{redirect_uri()}&prompt=consent&response_type=code&access_type=offline&scope=#{@scope}&state=" <>
|
||||
def search_console_authorize_url(site_id, redirect_to) do
|
||||
"https://accounts.google.com/o/oauth2/v2/auth?client_id=#{client_id()}&redirect_uri=#{redirect_uri()}&prompt=consent&response_type=code&access_type=offline&scope=#{@search_console_scope}&state=" <>
|
||||
Jason.encode!([site_id, redirect_to])
|
||||
end
|
||||
end
|
||||
|
||||
def import_authorize_url(site_id, redirect_to) do
|
||||
if Application.get_env(:plausible, :environment) == "test" do
|
||||
""
|
||||
else
|
||||
"https://accounts.google.com/o/oauth2/v2/auth?client_id=#{client_id()}&redirect_uri=#{redirect_uri()}&prompt=consent&response_type=code&access_type=offline&scope=#{@import_scope}&state=" <>
|
||||
Jason.encode!([site_id, redirect_to])
|
||||
end
|
||||
end
|
||||
|
||||
def fetch_verified_properties(auth) do
|
||||
with {:ok, access_token} <- maybe_refresh_token(auth),
|
||||
|
@ -96,7 +96,7 @@
|
||||
<div class="text-sm mt-2 text-gray-900 dark:text-gray-100">Your latest import has failed. You can try importing again by clicking the button below. If you try multiple times and the import keeps failing, please contact support.</div>
|
||||
<% end %>
|
||||
<div class="flex mt-2">
|
||||
<%= button(to: Plausible.Google.Api.authorize_url(@site.id, "import"), class: "inline-flex pr-4 items-center border border-gray-100 shadow rounded-md focus:outline-none focus:ring-1 focus:ring-offset-1 focus:ring-gray-200 mt-8 hover:bg-gray-50 dark:hover:bg-gray-700") do %>
|
||||
<%= button(to: Plausible.Google.Api.import_authorize_url(@site.id, "import"), class: "inline-flex pr-4 items-center border border-gray-100 shadow rounded-md focus:outline-none focus:ring-1 focus:ring-offset-1 focus:ring-gray-200 mt-8 hover:bg-gray-50 dark:hover:bg-gray-700") do %>
|
||||
<%= google_logo() %>
|
||||
<span style="font-family: Roboto, system-ui" class="text-sm font-medium text-gray-600 dark:text-gray-50">Continue with Google<span>
|
||||
<% end %>
|
||||
|
@ -57,7 +57,7 @@
|
||||
<% end %>
|
||||
<% end %>
|
||||
<% else %>
|
||||
<%= button("Continue with Google", to: Plausible.Google.Api.authorize_url(@site.id, "search-console"), class: "button mt-8") %>
|
||||
<%= button("Continue with Google", to: Plausible.Google.Api.search_console_authorize_url(@site.id, "search-console"), class: "button mt-8") %>
|
||||
|
||||
<div class="text-gray-700 dark:text-gray-300 mt-8">
|
||||
NB: You also need to set up your site on <%= link("Google Search Console", to: "https://search.google.com/search-console/about") %> for the integration to work. <%= link("Read the docs", to: "https://plausible.io/docs/google-search-console-integration", class: "text-indigo-500", rel: "noreferrer") %>
|
||||
|
@ -281,10 +281,17 @@ defmodule PlausibleWeb.SiteControllerTest do
|
||||
describe "GET /:website/settings/general" do
|
||||
setup [:create_user, :log_in, :create_site]
|
||||
|
||||
setup_patch_env(:google, client_id: "some", api_url: "https://www.googleapis.com")
|
||||
|
||||
test "shows settings form", %{conn: conn, site: site} do
|
||||
conn = get(conn, "/#{site.domain}/settings/general")
|
||||
resp = html_response(conn, 200)
|
||||
|
||||
assert html_response(conn, 200) =~ "General information"
|
||||
assert resp =~ "General information"
|
||||
assert resp =~ "Data Import from Google Analytics"
|
||||
assert resp =~ "https://accounts.google.com/o/oauth2/v2/auth?"
|
||||
assert resp =~ "analytics.readonly"
|
||||
refute resp =~ "webmasters.readonly"
|
||||
end
|
||||
end
|
||||
|
||||
@ -409,6 +416,17 @@ defmodule PlausibleWeb.SiteControllerTest do
|
||||
context
|
||||
end
|
||||
|
||||
test "displays Continue with Google link", %{conn: conn, user: user} do
|
||||
site = insert(:site, domain: "notconnectedyet.example.com", members: [user])
|
||||
|
||||
conn = get(conn, "/#{site.domain}/settings/search-console")
|
||||
resp = html_response(conn, 200)
|
||||
assert resp =~ "Continue with Google"
|
||||
assert resp =~ "https://accounts.google.com/o/oauth2/v2/auth?"
|
||||
assert resp =~ "webmasters.readonly"
|
||||
refute resp =~ "analytics.readonly"
|
||||
end
|
||||
|
||||
test "displays appropriate error in case of google account `google_auth_error`", %{
|
||||
conn: conn,
|
||||
site: site
|
||||
|
Loading…
Reference in New Issue
Block a user