From a1e36cf4798134aae0770fc34703e4787a4d9127 Mon Sep 17 00:00:00 2001
From: Fedik <getthesite@gmail.com>
Date: Sat, 2 Apr 2022 16:05:07 +0300
Subject: [PATCH 1/4] Allow to disable session metadata tracking for guests

---
 .../components/com_config/forms/application.xml   | 14 ++++++++++++++
 administrator/language/en-GB/com_config.ini       |  2 ++
 .../EventListener/MetadataManagerListener.php     | 15 +++++++++++++--
 3 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/administrator/components/com_config/forms/application.xml b/administrator/components/com_config/forms/application.xml
index e6cb17bc4b168..54061df926a10 100644
--- a/administrator/components/com_config/forms/application.xml
+++ b/administrator/components/com_config/forms/application.xml
@@ -951,6 +951,20 @@
 			<option value="1">JYES</option>
 		</field>
 
+		<field
+			name="session_metadata_guest"
+			type="radio"
+			layout="joomla.form.field.radio.switcher"
+			default="0"
+			label="COM_CONFIG_FIELD_SESSION_METADATA_GUEST_LABEL"
+			description="COM_CONFIG_FIELD_SESSION_METADATA_GUEST_DESC"
+			filter="boolean"
+			showon="session_metadata:1"
+		>
+			<option value="0">JNO</option>
+			<option value="1">JYES</option>
+		</field>
+
 	</fieldset>
 
 	<fieldset
diff --git a/administrator/language/en-GB/com_config.ini b/administrator/language/en-GB/com_config.ini
index 55e1413e7ed0a..8593d1894dd3a 100644
--- a/administrator/language/en-GB/com_config.ini
+++ b/administrator/language/en-GB/com_config.ini
@@ -167,6 +167,8 @@ COM_CONFIG_FIELD_SERVER_TIMEZONE_LABEL="Website Time Zone"
 COM_CONFIG_FIELD_SESSION_HANDLER_LABEL="Session Handler"
 COM_CONFIG_FIELD_SESSION_METADATA_DESC="If enabled, additional metadata about a user's session (including their username, user ID, and which application they are logged into) will be logged to the session database table.<br>If disabled, features dependent on this data will be unavailable."
 COM_CONFIG_FIELD_SESSION_METADATA_LABEL="Track Session Metadata"
+COM_CONFIG_FIELD_SESSION_METADATA_GUEST_DESC="If enabled, additional metadata about both registered and non registered user's session will be logged to the session database table. <br>If disabled, only data for registered user will be logged."
+COM_CONFIG_FIELD_SESSION_METADATA_GUEST_LABEL="Track Session Metadata for non registered Users"
 COM_CONFIG_FIELD_SESSION_TIME_LABEL="Session Lifetime (minutes)"
 COM_CONFIG_FIELD_SHARED_SESSION_DESC="When enabled, a user's session is shared between the frontend and administrator sections of the site. Note that changing this value will invalidate all existing sessions on the site. This is not available when the \"Force HTTPS\" option is set to \"Administrator Only\"."
 COM_CONFIG_FIELD_SHARED_SESSION_LABEL="Shared Sessions"
diff --git a/libraries/src/Session/EventListener/MetadataManagerListener.php b/libraries/src/Session/EventListener/MetadataManagerListener.php
index 59633cc8ff6f9..64c579fe76d0f 100644
--- a/libraries/src/Session/EventListener/MetadataManagerListener.php
+++ b/libraries/src/Session/EventListener/MetadataManagerListener.php
@@ -62,9 +62,20 @@ public function __construct(MetadataManager $metadataManager, Registry $config)
 	 */
 	public function onAfterSessionStart(SessionEvent $event)
 	{
-		if ($this->config->get('session_metadata', true) && $event->getSession()->has('user'))
+		// Whether to track Session Metadata
+		if (!$this->config->get('session_metadata', true) || !$event->getSession()->has('user'))
 		{
-			$this->metadataManager->createOrUpdateRecord($event->getSession(), $event->getSession()->get('user'));
+			return;
 		}
+
+		$user = $event->getSession()->get('user');
+
+		// Whether to track Session Metadata for Guest user
+		if (!$this->config->get('session_metadata_guest', false) && !$user->id)
+		{
+			return;
+		}
+
+		$this->metadataManager->createOrUpdateRecord($event->getSession(), $user);
 	}
 }

From b2d406e0a1c888ed480271077b86408d0a489a95 Mon Sep 17 00:00:00 2001
From: Fedir Zinchuk <getthesite@gmail.com>
Date: Sat, 2 Apr 2022 20:49:40 +0300
Subject: [PATCH 2/4] Apply suggestions from code review

Co-authored-by: Brian Teeman <brian@teeman.net>
---
 administrator/components/com_config/forms/application.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/administrator/components/com_config/forms/application.xml b/administrator/components/com_config/forms/application.xml
index 54061df926a10..b5b50028018b2 100644
--- a/administrator/components/com_config/forms/application.xml
+++ b/administrator/components/com_config/forms/application.xml
@@ -954,13 +954,13 @@
 		<field
 			name="session_metadata_guest"
 			type="radio"
-			layout="joomla.form.field.radio.switcher"
-			default="0"
 			label="COM_CONFIG_FIELD_SESSION_METADATA_GUEST_LABEL"
 			description="COM_CONFIG_FIELD_SESSION_METADATA_GUEST_DESC"
+			layout="joomla.form.field.radio.switcher"
+			default="0"
 			filter="boolean"
 			showon="session_metadata:1"
-		>
+			>
 			<option value="0">JNO</option>
 			<option value="1">JYES</option>
 		</field>

From 99e7bb90c40260c8d6109a089c53c907051232ae Mon Sep 17 00:00:00 2001
From: Fedik <getthesite@gmail.com>
Date: Fri, 29 Apr 2022 12:28:45 +0300
Subject: [PATCH 3/4] Set metadata_for_guest enabled by default

---
 administrator/components/com_config/forms/application.xml     | 4 ++--
 .../src/Session/EventListener/MetadataManagerListener.php     | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/administrator/components/com_config/forms/application.xml b/administrator/components/com_config/forms/application.xml
index b9a0eb33c49a1..62aea1a9bdfc4 100644
--- a/administrator/components/com_config/forms/application.xml
+++ b/administrator/components/com_config/forms/application.xml
@@ -953,12 +953,12 @@
 		</field>
 
 		<field
-			name="session_metadata_guest"
+			name="session_metadata_for_guest"
 			type="radio"
 			label="COM_CONFIG_FIELD_SESSION_METADATA_GUEST_LABEL"
 			description="COM_CONFIG_FIELD_SESSION_METADATA_GUEST_DESC"
 			layout="joomla.form.field.radio.switcher"
-			default="0"
+			default="1"
 			filter="boolean"
 			showon="session_metadata:1"
 			>
diff --git a/libraries/src/Session/EventListener/MetadataManagerListener.php b/libraries/src/Session/EventListener/MetadataManagerListener.php
index 64c579fe76d0f..81b414bf5c249 100644
--- a/libraries/src/Session/EventListener/MetadataManagerListener.php
+++ b/libraries/src/Session/EventListener/MetadataManagerListener.php
@@ -71,7 +71,7 @@ public function onAfterSessionStart(SessionEvent $event)
 		$user = $event->getSession()->get('user');
 
 		// Whether to track Session Metadata for Guest user
-		if (!$this->config->get('session_metadata_guest', false) && !$user->id)
+		if (!$this->config->get('session_metadata_for_guest', true) && !$user->id)
 		{
 			return;
 		}

From c5c77043d2d4edfa5c448b118ef206c9f79ffbfe Mon Sep 17 00:00:00 2001
From: Fedik <getthesite@gmail.com>
Date: Wed, 4 May 2022 18:42:05 +0300
Subject: [PATCH 4/4] Better label

---
 administrator/language/en-GB/com_config.ini | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/administrator/language/en-GB/com_config.ini b/administrator/language/en-GB/com_config.ini
index 8593d1894dd3a..9cf76faf5aa1f 100644
--- a/administrator/language/en-GB/com_config.ini
+++ b/administrator/language/en-GB/com_config.ini
@@ -168,7 +168,7 @@ COM_CONFIG_FIELD_SESSION_HANDLER_LABEL="Session Handler"
 COM_CONFIG_FIELD_SESSION_METADATA_DESC="If enabled, additional metadata about a user's session (including their username, user ID, and which application they are logged into) will be logged to the session database table.<br>If disabled, features dependent on this data will be unavailable."
 COM_CONFIG_FIELD_SESSION_METADATA_LABEL="Track Session Metadata"
 COM_CONFIG_FIELD_SESSION_METADATA_GUEST_DESC="If enabled, additional metadata about both registered and non registered user's session will be logged to the session database table. <br>If disabled, only data for registered user will be logged."
-COM_CONFIG_FIELD_SESSION_METADATA_GUEST_LABEL="Track Session Metadata for non registered Users"
+COM_CONFIG_FIELD_SESSION_METADATA_GUEST_LABEL="Track Guest Session Metadata"
 COM_CONFIG_FIELD_SESSION_TIME_LABEL="Session Lifetime (minutes)"
 COM_CONFIG_FIELD_SHARED_SESSION_DESC="When enabled, a user's session is shared between the frontend and administrator sections of the site. Note that changing this value will invalidate all existing sessions on the site. This is not available when the \"Force HTTPS\" option is set to \"Administrator Only\"."
 COM_CONFIG_FIELD_SHARED_SESSION_LABEL="Shared Sessions"