Disable raw data access for sites with visitor logs/profiles disabled

plugins/PrivacyManager/API.php

@@ -13,6 +13,7 @@
 use Piwik\Container\StaticContainer;
 use Piwik\Piwik;
 use Piwik\Config as PiwikConfig;
+use Piwik\Plugin\SettingsProvider;
 use Piwik\Plugins\PrivacyManager\Model\DataSubjects;
 use Piwik\Plugins\PrivacyManager\Dao\LogDataAnonymizer;
 use Piwik\Plugins\PrivacyManager\Model\LogDataAnonymizations;
@@ -122,12 +123,52 @@ public function findDataSubjects($idSite, $segment)
             'countryFlag',
         ];
 
+        $GDPRColumnsToKeep = [
+            'lastActionDateTime',
+            'idVisit',
+            'idSite',
+            'siteName',
+        ];
+
+        $settings = new SettingsProvider(\Piwik\Plugin\Manager::getInstance());
+
+        /*
+        * for each site, determine if visitor logs or visitor profiles have
+        * been disabled.
+        */
+        $siteIds = Site::getIdSitesFromIdSitesString($idSite);
+        $siteIdsWithVisitorLogsDisabled = [];
+        if (!is_array($siteIds)) {
+            $siteIds = [intval($siteIds)];
+        }
+        foreach ($siteIds as $id) {
+            $measurableSettings = $settings->getAllMeasurableSettings($id, null);
+            $isVisitorLogDisabled = $measurableSettings["Live"]->getSetting('disable_visitor_log')->getValue();
+            $isVisitorProfileDisabled = $measurableSettings["Live"]->getSetting('disable_visitor_profile')->getValue();
+
+            if ($isVisitorLogDisabled || $isVisitorProfileDisabled) {
+                $siteIdsWithVisitorLogsDisabled[] = $id;
+            }
+        }
+
         foreach ($result->getColumns() as $column) {
             if (!in_array($column, $columnsToKeep)) {
                 $result->deleteColumn($column);
             }
         }
 
+        if (count($siteIdsWithVisitorLogsDisabled) > 0) {
+            foreach ($result->getRowsWithoutSummaryRow() as $row) {
+                if (in_array($row->getColumn('idSite'), $siteIdsWithVisitorLogsDisabled)) {
+                    foreach (array_keys($row->getColumns()) as $column) {
+                        if (!in_array($column, $GDPRColumnsToKeep)) {
+                            $row->deleteColumn($column);
+                        }
+                    }
+                }
+            }
+        }
+
         // Note: Datatable PostProcessor is disabled for this method in PrivacyManager::shouldDisablePostProcessing
         return $result;
     }

plugins/PrivacyManager/vue/src/ManageGdpr/ManageGdpr.vue

@@ -194,6 +194,7 @@
                 class="visitorLogTooltip"
                 title="View visitor profile"
                 @click="showProfile(dataSubject.visitorId, dataSubject.idSite)"
+                v-show="dataSubject.visitorId"
               >
                 <img src="plugins/Live/images/visitorProfileLaunch.png" style="margin-right:3.5px"/>
                 <span>{{ translate('Live_ViewVisitorProfile') }}</span>