Example #1
0
 /**
  * Creates the results' table.
  *
  * @return array
  *   The render array for the result table.
  */
 public function results()
 {
     // If there are no results return.
     if (SecurityReview::getLastRun() <= 0) {
         return array();
     }
     $checks = array();
     foreach (Checklist::getChecks() as $check) {
         // Initialize with defaults.
         $checkInfo = array('result' => CheckResult::SKIPPED, 'message' => 'The check hasn\'t been run yet.', 'skipped' => $check->isSkipped());
         // Get last result.
         $lastResult = $check->lastResult();
         if ($lastResult != NULL) {
             $checkInfo['result'] = $lastResult->result();
             $checkInfo['message'] = $lastResult->resultMessage();
         }
         // Determine help link.
         $checkInfo['help_link'] = Drupal::l('Details', Url::fromRoute('security_review.help', array('namespace' => $check->getMachineNamespace(), 'title' => $check->getMachineTitle())));
         // Add toggle button.
         $toggle_text = $check->isSkipped() ? 'Enable' : 'Skip';
         $checkInfo['toggle_link'] = Drupal::l($toggle_text, Url::fromRoute('security_review.toggle', array('check_id' => $check->id()), array('query' => array('token' => Drupal::csrfToken()->get($check->id())))));
         // Add to array of completed checks.
         $checks[] = $checkInfo;
     }
     return array('#theme' => 'run_and_review', '#date' => SecurityReview::getLastRun(), '#checks' => $checks, '#attached' => array('library' => array('security_review/run_and_review')));
 }
Example #2
0
 /**
  * Tests the 'last_run' setting.
  */
 public function testConfigLastRun()
 {
     $this->assertEqual(0, SecurityReview::getLastRun(), 'last_run is 0 by default.');
     $time = time();
     SecurityReview::setLastRun($time);
     $this->assertEqual($time, SecurityReview::getLastRun(), 'last_run set to now.');
 }
Example #3
0
 /**
  * Skips all checks then runs the checklist. No checks should be ran.
  */
 public function testSkippedRun()
 {
     foreach ($this->checks as $check) {
         $check->skip();
     }
     SecurityReview::runChecklist();
     foreach ($this->checks as $check) {
         $this->assertEqual(0, $check->lastRun(), $check->getTitle() . ' has not been run.');
     }
 }
Example #4
0
 /**
  * Returns the IDs of untrusted roles.
  *
  * If the module hasn't been configured yet, it returns the default untrusted
  * roles.
  *
  * @return array
  *   Untrusted roles' IDs.
  */
 public static function untrustedRoles()
 {
     // If the module hasn't been manually configured yet, return the untrusted
     // roles depending on Drupal's actual configuration.
     if (!SecurityReview::isConfigured()) {
         return static::defaultUntrustedRoles();
     }
     // Else return the stored untrusted roles.
     return SecurityReview::getUntrustedRoles();
 }
Example #5
0
 /**
  * Logs a check result.
  *
  * @param \Drupal\security_review\CheckResult $result
  *   The result to log.
  */
 public static function logCheckResult(CheckResult $result = NULL)
 {
     if (SecurityReview::isLogging()) {
         if ($result == NULL) {
             $check = $result->check();
             $context = array('!reviewcheck' => $check->getTitle(), '!namespace' => $check->getNamespace());
             SecurityReview::log($check, '!reviewcheck of !namespace produced a null result', $context, RfcLogLevel::CRITICAL);
             return;
         }
         $check = $result->check();
         $level = RfcLogLevel::NOTICE;
         $message = '!name check invalid result';
         switch ($result->result()) {
             case CheckResult::SUCCESS:
                 $level = RfcLogLevel::INFO;
                 $message = '!name check success';
                 break;
             case CheckResult::FAIL:
                 $level = RfcLogLevel::ERROR;
                 $message = '!name check failure';
                 break;
             case CheckResult::WARN:
                 $level = RfcLogLevel::WARNING;
                 $message = '!name check warning';
                 break;
             case CheckResult::INFO:
                 $level = RfcLogLevel::INFO;
                 $message = '!name check info';
                 break;
         }
         $context = array('!name' => $check->getTitle());
         static::log($check, $message, $context, $level);
     }
 }
Example #6
0
 /**
  * Stores a result in the state system.
  *
  * @param \Drupal\security_review\CheckResult $result
  *   The result to store.
  */
 public function storeResult(CheckResult $result = NULL)
 {
     if ($result == NULL) {
         $context = array('!reviewcheck' => $this->getTitle(), '!namespace' => $this->getNamespace());
         SecurityReview::log($this, 'Unable to store check !reviewcheck for !namespace', $context, RfcLogLevel::CRITICAL);
         return;
     }
     $findings = $this->storesFindings() ? $result->findings() : array();
     Drupal::state()->setMultiple(array($this->statePrefix . 'last_result.result' => $result->result(), $this->statePrefix . 'last_result.time' => $result->time(), $this->statePrefix . 'last_result.findings' => $findings));
 }
Example #7
0
 /**
  * {@inheritdoc}
  */
 public function submitForm(array &$form, FormStateInterface $form_state)
 {
     SecurityReview::runChecklist();
 }
Example #8
0
 /**
  * {@inheritdoc}
  */
 public function submitForm(array &$form, FormStateInterface $form_state)
 {
     // Frequently used configuration items.
     $check_settings = $this->config('security_review.checks');
     // Save that the module has been configured.
     SecurityReview::setConfigured(TRUE);
     // Save the new untrusted roles.
     $untrusted_roles = array_keys(array_filter($form_state->getValue('untrusted_roles')));
     SecurityReview::setUntrustedRoles($untrusted_roles);
     // Save the new logging setting.
     $logging = $form_state->getValue('logging') == 1;
     SecurityReview::setLogging($logging);
     // Skip selected checks.
     $skipped = array_keys(array_filter($form_state->getValue('skip')));
     foreach (Checklist::getChecks() as $check) {
         if (in_array($check->id(), $skipped)) {
             $check->skip();
         } else {
             $check->enable();
         }
     }
     // Save the check-specific settings.
     if (isset($form['advanced']['check_specific'])) {
         $checkSpecificValues = $form_state->getValue('check_specific');
         foreach ($checkSpecificValues as $checkIdentifier => $values) {
             // Get corresponding Check.
             $check = Checklist::getCheckByIdentifier($checkIdentifier);
             // Submit parameters.
             $checkForm =& $form['advanced']['check_specific'][$checkIdentifier]['form'];
             $checkFormValues = $checkSpecificValues[$checkIdentifier]['form'];
             // Submit.
             $check->settings()->submitForm($checkForm, $checkFormValues);
         }
     }
     // Commit the settings.
     $check_settings->save();
     // Finish submitting the form.
     parent::submitForm($form, $form_state);
 }
Example #9
0
 /**
  * @param \Drupal\security_review\Check[] $checks
  *   The array of Checks to run.
  *
  * @return \Drupal\security_review\CheckResult[]
  *   The array of CheckResults generated.
  */
 public static function runChecks(array $checks)
 {
     $results = array();
     foreach ($checks as $check) {
         $result = $check->run();
         SecurityReview::logCheckResult($result);
         $results[] = $result;
     }
     return $results;
 }