Update compliance check for ecomm restricted / text

Author: caddoo

plugins/Ecommerce/Settings/EcommerceRestricted.php

@@ -12,6 +12,8 @@
 use Piwik\Piwik;
 use Piwik\Plugins\PrivacyManager\Settings\CompliancePolicyEnforcedSetting;
 use Piwik\Policy\CnilPolicy;
+use Piwik\Site;
+use Piwik\Url;
 
 class EcommerceRestricted extends CompliancePolicyEnforcedSetting
 {
@@ -22,7 +24,47 @@ public static function getTitle(): string
 
     public static function getComplianceRequirementNote(?int $idSite = null): string
     {
-        return Piwik::translate('Ecommerce_EcommercePolicySettingRequirementNote');
+        $idSites = self::getIdSitesToCheck($idSite);
+
+        if (!self::hasEcommerceEnabledSite($idSites)) {
+            return self::getCompliantMessage($idSite, $idSites);
+        }
+
+        if (self::getInstance($idSite)->getValue() === false) {
+            return Piwik::translate('Ecommerce_EcommercePolicySettingNonCompliantNote');
+        }
+
+        $manageUrl = 'index.php' . Url::getCurrentQueryStringWithParametersModified(self::getManageParams($idSite));
+
+        return Piwik::translate('Ecommerce_EcommercePolicySettingRequirementNote', ['<a href="' . $manageUrl . '">', '</a>']);
+    }
+
+    private static function getManageParams(?int $idSite): array
+    {
+        $params = [
+            'module' => 'SitesManager',
+            'action' => 'index',
+        ];
+
+        if ($idSite !== null) {
+            $params['idSite'] = $idSite;
+        }
+
+        return $params;
+    }
+
+    public static function isCompliant(string $policy, ?int $idSite = null): bool
+    {
+        $policyValues = static::getPolicyRequirements();
+        if (!array_key_exists($policy, $policyValues)) {
+            return true;
+        }
+
+        $currentValue = self::getInstance($idSite)->getValue();
+
+        $idSites = self::getIdSitesToCheck($idSite);
+
+        return $currentValue === $policyValues[$policy] || !self::hasEcommerceEnabledSite($idSites);
     }
 
     public static function getPolicyRequirements(): array
@@ -31,4 +73,35 @@ public static function getPolicyRequirements(): array
             CnilPolicy::class => true,
         ];
     }
+
+    private static function getIdSitesToCheck(?int $idSite): array
+    {
+        if ($idSite === null) {
+            return Site::getIdSitesFromIdSitesString('all');
+        }
+
+        $ids = Site::getIdSitesFromIdSitesString((string) $idSite);
+
+        return empty($ids) ? [$idSite] : $ids;
+    }
+
+    private static function hasEcommerceEnabledSite(array $idSites): bool
+    {
+        foreach ($idSites as $siteId) {
+            if (Site::isEcommerceEnabledFor((int) $siteId)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    private static function getCompliantMessage(?int $idSite, array $idSites): string
+    {
+        if ($idSite !== null && count($idSites) === 1) {
+            return Piwik::translate('Ecommerce_EcommercePolicySettingCompliantSingle');
+        }
+
+        return Piwik::translate('Ecommerce_EcommercePolicySettingCompliantAll');
+    }
 }

plugins/Ecommerce/lang/en.json

@@ -23,8 +23,11 @@
         "EcommerceOverviewSubcategoryHelp1": "The Ecommerce Overview section is the best place to get a high-level view of your online store’s performance. At a glance, you can see how many sales you’re making, how much revenue you are generating, and your website’s conversion rate.",
         "EcommerceOverviewSubcategoryHelp2": "Click on an individual metric within the sparkline chart to focus on it within the full-sized evolution graph.",
         "EcommerceOverviewSubcategoryHelp3": "Learn more in our Ecommerce guide here.",
-        "EcommercePolicySettingRequirementNote": "Ecommerce must be disabled",
+        "EcommercePolicySettingRequirementNote": "Ecommerce analytics is enabled, but specific segments are disabled (Order ID, Order revenue, Product price, Product name, Product SKU). If you prefer, you can completely disable Ecommerce tracking %1$shere%2$s.",
         "EcommercePolicySettingTitle": "Ecommerce Restricted",
+        "EcommercePolicySettingCompliantSingle": "Compliant because ecommerce isn't active for this measurable.",
+        "EcommercePolicySettingCompliantAll": "Compliant because ecommerce isn't active for any sites.",
+        "EcommercePolicySettingNonCompliantNote": "Non compliant because ecommerce analytics is enabled unrestricted.",
         "SalesSubcategoryHelp1": "This section contains an extensive collection of reports to help you analyse the different conditions that most commonly lead to sales, such as the traffic and campaign sources, user time and location and devices used to access them.",
         "SalesSubcategoryHelp2": "You can also learn exactly how revenue is associated with each dimension, such as specific traffic types or tracked campaigns.",
         "EcommerceLogSubcategoryHelp1": "The Ecommerce log provides granular session-level data so you can look at the full session for each user that either made a purchase or abandoned their cart. This can help you understand what users do before and after purchasing to reveal optimisation opportunities.",

plugins/Ecommerce/tests/Integration/EcommerceRestrictedTest.php

@@ -0,0 +1,88 @@
+<?php
+
+/**
+ * Matomo - free/libre analytics platform
+ *
+ * @link    https://matomo.org
+ * @license https://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ */
+
+namespace Piwik\Plugins\Ecommerce\tests\Integration;
+
+use Piwik\Policy\CnilPolicy;
+use Piwik\Plugins\Ecommerce\Settings\EcommerceRestricted;
+use Piwik\Tests\Framework\Fixture;
+use Piwik\Tests\Framework\TestCase\IntegrationTestCase;
+
+class EcommerceRestrictedTest extends IntegrationTestCase
+{
+    private $ecommerceSite;
+    private $nonEcommerceSite;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        Fixture::createSuperUser();
+        $this->ecommerceSite = Fixture::createWebsite('2024-01-01 00:00:00', $ecommerce = 1);
+        $this->nonEcommerceSite = Fixture::createWebsite('2024-01-02 00:00:00', $ecommerce = 0);
+    }
+
+    public function tearDown(): void
+    {
+        CnilPolicy::setActiveStatus(null, false);
+        parent::tearDown();
+    }
+
+    public function testReturnsCompliantMessageWhenEcommerceDisabled(): void
+    {
+        $note = EcommerceRestricted::getComplianceRequirementNote($this->nonEcommerceSite);
+
+        $this->assertEquals('Ecommerce_EcommercePolicySettingCompliantSingle', $note);
+    }
+
+    public function testReturnsNonCompliantMessageWhenPolicyNotEnforced(): void
+    {
+        CnilPolicy::setActiveStatus(null, false);
+        $note = EcommerceRestricted::getComplianceRequirementNote($this->ecommerceSite);
+
+        $this->assertEquals('Ecommerce_EcommercePolicySettingNonCompliantNote', $note);
+    }
+
+    public function testReturnsRequirementNoteWithLinkWhenPolicyEnforced(): void
+    {
+        CnilPolicy::setActiveStatus(null, true);
+        $_GET = [];
+
+        $note = EcommerceRestricted::getComplianceRequirementNote($this->ecommerceSite);
+
+        $this->assertEquals('Ecommerce_EcommercePolicySettingRequirementNote', $note);
+    }
+
+    public function testIsCompliantWhenEcommerceDisabled(): void
+    {
+        CnilPolicy::setActiveStatus(null, true);
+
+        $this->assertTrue(
+            EcommerceRestricted::isCompliant(CnilPolicy::class, $this->nonEcommerceSite)
+        );
+    }
+
+    public function testIsCompliantWhenEcommerceEnabledAndPolicyEnforced(): void
+    {
+        CnilPolicy::setActiveStatus(null, true);
+
+        $this->assertTrue(
+            EcommerceRestricted::isCompliant(CnilPolicy::class, $this->ecommerceSite)
+        );
+    }
+
+    public function testIsCompliantWhenEcommerceEnabledAndPolicyNotEnforced(): void
+    {
+        CnilPolicy::setActiveStatus(null, false);
+
+        $this->assertFalse(
+            EcommerceRestricted::isCompliant(CnilPolicy::class, $this->ecommerceSite)
+        );
+    }
+}

plugins/PrivacyManager/stylesheets/compliance.less

@@ -10,6 +10,7 @@
     line-height: 1.5rem;
     padding-left: 0.5rem;
     padding-right: 0.5rem;
+    white-space: nowrap;
 
     &.compliant {
       color: #5D9E52;

plugins/PrivacyManager/tests/System/expected/test___PrivacyManager.getComplianceStatus.xml

@@ -3,11 +3,6 @@
 	<complianceModeEnforced>0</complianceModeEnforced>
 	<complianceConfigControlled>0</complianceConfigControlled>
 	<complianceRequirements>
-		<row>
-			<name>Ecommerce</name>
-			<value>non_compliant</value>
-			<notes>Ecommerce must be disabled</notes>
-		</row>
 		<row>
 			<name>Device model detection disabled</name>
 			<value>non_compliant</value>
@@ -18,6 +13,11 @@
 			<value>non_compliant</value>
 			<notes>Only major OS and browser versions are stored.</notes>
 		</row>
+		<row>
+			<name>Ecommerce Restricted</name>
+			<value>non_compliant</value>
+			<notes>Non compliant because ecommerce analytics is enabled unrestricted.</notes>
+		</row>
 		<row>
 			<name>Turn off visits log and visitor profiles</name>
 			<value>non_compliant</value>
@@ -65,7 +65,7 @@
 		</row>
 		<row>
 			<name>Third party cookies</name>
-			<value>compliant</value>
+			<value>non_compliant</value>
 			<notes>Third party cookies must be disabled</notes>
 		</row>
 		<row>

plugins/PrivacyManager/tests/System/expected/test_configControlledDisabled__PrivacyManager.getComplianceStatus.xml

@@ -3,11 +3,6 @@
 	<complianceModeEnforced>0</complianceModeEnforced>
 	<complianceConfigControlled>1</complianceConfigControlled>
 	<complianceRequirements>
-		<row>
-			<name>Ecommerce</name>
-			<value>non_compliant</value>
-			<notes>Ecommerce must be disabled</notes>
-		</row>
 		<row>
 			<name>Device model detection disabled</name>
 			<value>non_compliant</value>
@@ -18,6 +13,11 @@
 			<value>non_compliant</value>
 			<notes>Only major OS and browser versions are stored.</notes>
 		</row>
+		<row>
+			<name>Ecommerce Restricted</name>
+			<value>non_compliant</value>
+			<notes>Non compliant because ecommerce analytics is enabled unrestricted.</notes>
+		</row>
 		<row>
 			<name>Turn off visits log and visitor profiles</name>
 			<value>non_compliant</value>
@@ -65,7 +65,7 @@
 		</row>
 		<row>
 			<name>Third party cookies</name>
-			<value>compliant</value>
+			<value>non_compliant</value>
 			<notes>Third party cookies must be disabled</notes>
 		</row>
 		<row>

plugins/PrivacyManager/tests/System/expected/test_configControlledEnabled__PrivacyManager.getComplianceStatus.xml

@@ -3,11 +3,6 @@
 	<complianceModeEnforced>1</complianceModeEnforced>
 	<complianceConfigControlled>1</complianceConfigControlled>
 	<complianceRequirements>
-		<row>
-			<name>Ecommerce</name>
-			<value>compliant</value>
-			<notes>Ecommerce must be disabled</notes>
-		</row>
 		<row>
 			<name>Device model detection disabled</name>
 			<value>compliant</value>
@@ -18,6 +13,11 @@
 			<value>compliant</value>
 			<notes>Only major OS and browser versions are stored.</notes>
 		</row>
+		<row>
+			<name>Ecommerce Restricted</name>
+			<value>compliant</value>
+			<notes>Ecommerce analytics is enabled, but specific segments are disabled (Order ID, Order revenue, Product price, Product name, Product SKU). If you prefer, you can completely disable Ecommerce tracking &lt;a href=&quot;index.php?module=SitesManager&amp;action=index&amp;idSite=1&quot;&gt;here&lt;/a&gt;.</notes>
+		</row>
 		<row>
 			<name>Turn off visits log and visitor profiles</name>
 			<value>compliant</value>