Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Requests for settings fail for view-only users on dashboard

See original GitHub issue

Bug Description

In #4815, we added conditional logic to prevent source links for widgets from displaying because we don’t know if the user will be able to follow the deep link or not due to their lack of Google authentication. This issue addressed the visual aspect of the problem but there is now a residual technical problem related to the selectors used to generate the deep link.

The SourceLink itself no longer renders in view-only contexts but the URL given to it is selected in the parent. Since view-only users do not currently have access to module settings endpoints, the settings do not get preloaded and when requested on the client (triggered by a setting selector for some data needed in a service URL), it triggers a fetch request which again fails for the same reason it was not preloaded (lack of permissions).

Steps to reproduce

  1. Set up dashboard sharing and share Analytics with a non-admin role
  2. Log in as the non-admin user that was shared with
  3. Go to the Site Kit dashboard
  4. See console error for a request to Analytics settings that failed

Do not alter or remove anything below. The following sections will be managed by moderators only.

Acceptance criteria

  • The use of source links for dashboard widgets that use getService*URL selectors should be updated such that the selector is only invoked in a non-view-only context
    • This should ideally be done in a consistent way without requiring inline updates in each usage.
  • Module settings should not be requested in a view-only context (this should be addressed by the previous point but here for completeness)

Implementation Brief

  • Files to update:

    • assets/js/modules/adsense/components/dashboard/DashboardTopEarningPagesWidget.js
    • assets/js/modules/adsense/components/module/ModuleOverviewWidget/Footer.js
    • assets/js/modules/analytics/components/dashboard/DashboardOverallPageMetricsWidget.js
    • assets/js/modules/analytics/components/dashboard/DashboardAllTrafficWidget/index.js
    • assets/js/modules/analytics/components/module/ModulePopularPagesWidget/Footer.js
    • assets/js/modules/search-console/components/dashboard/DashboardPopularKeywordsWidget.js
    • assets/js/modules/search-console/components/dashboard/SearchFunnelWidget/Footer.js
    • Note Confirm that DataBlock.js and LayoutFooter.js contain the <SourceLink> but they or their parents do not currently make getService*URL requests.

  • Within the files to update above, identify the getService*URL selectors the result of which are eventually used within the <SourceLink> component. In those selectors, return null early if the useViewOnly hook is true. E.g. in ModuleOverviewWidget/Footer.js:

    const viewOnlyDashboard = useViewOnly();
const accountSiteURL = useSelect( ( select ) => {
  	if ( viewOnlyDashboard ) {
  		return null;
  	}
  	select( MODULES_ADSENSE ).getServiceReportURL(
  		generateDateRangeArgs( dateRangeDates )
  	);
  } );

  return (
  	<SourceLink
  		href={ accountSiteURL }
  		name={ _x( 'AdSense', 'Service name', 'google-site-kit' ) }
  		external
  	/>
  );

Test Coverage

  • Add tests similar to SourceLink.test.js for simpler components in the files to update list above. Simple components could be those which only render the <SourceLink> component with a single or couple of selectors. E.g. assets/js/modules/analytics/components/module/ModulePopularPagesWidget/Footer.js

QA Brief

  • Setup SiteKit using an admin so that all widgets on the dashboard are rendered. Verify the Source Links in the footer of each widget still links to the appropriate pages as before.
  • Share all modules with a non-admin user.
  • Login as the non-admin user and view the ‘View Only’ dashboard. Verify that no Source Links appear in any of the widgets as before. Verify that console errors (similar to the example below) for module settings requests have reduced (as per this comment, not all errors are resolved after implementing this issue). Google Site Kit API Error method:GET datapoint:settings type:modules identifier:analytics error:"Sorry, you are not allowed to do that."

Changelog entry

  • Prevent errors on the view-only dashboard from requesting module settings unnecessarily.

Issue Analytics

  • State:closed
  • Created a year ago
  • Comments:17

github_iconTop GitHub Comments

1reaction
techanvilcommented, Jul 1, 2022

@tofumatt @aaemnnosttv After replacing all getService*URL calls, I found at least two lines (linked below) which eventually end up make settings requests in a viewOnly context. Should I create a new issue to address these?

https://github.com/google/site-kit-wp/blob/6874c2e65ac45e4c1da65473a9a66669a8db3d6e/assets/js/modules/adsense/components/dashboard/DashboardTopEarningPagesWidget.js#L121

https://github.com/google/site-kit-wp/blob/1f37af065308315c8b8db350b08a5e46de7e8e10/assets/js/components/DashboardMainApp.js#L70

Thanks for raising those, @jimmymadon. I’ve created an issue for the getAdSenseLinked call: https://github.com/google/site-kit-wp/issues/5493. The getViewableModules one is no longer an issue, as the useSelect is now short circuited in view-only mode.

1reaction
techanvilcommented, Jun 30, 2022

Thanks @mohitwp, good spot. As Jimmy’s off the rest of this week I’ve picked this up and created a followup PR to fix it.

Read more comments on GitHub >

github_iconTop Results From Across the Web

[GA4] Access and data-restriction management - Analytics Help
This article covers access and data-restriction management for Google Analytics 4 and Universal Analytics. In both versions of Analytics, you manage access ...
Read more >
View and Edit Tab Settings in Permission Sets and Profiles
Tab settings specify whether a tab appears in the All Tabs page or is visible in a tab set.Required Editions and User Permissions...
Read more >
Users and roles - OpenSearch documentation
Set up a read-only user in OpenSearch Dashboards · Open OpenSearch Dashboards. · Choose Security, Roles. · Create a new role named read_only_index...
Read more >
Permissions - Tableau Help
Permissions determine how users can interact with content such as workbooks and ... For more information, see Permission settings for specific scenarios.
Read more >
Control access and visibility - GitLab Docs
Sign in to GitLab as a user with Administrator access level. · On the top bar, select Main menu > Admin. · On...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Add Error Handling to `ModuleRecoveryAlert` and show error message to the user.

Next page

Include a "request access" link to Analytics when a user encounters an "Insufficient Permissions" notice