public function index($check_id)
{
// Determine access type.
$ajax = Drupal::request()->query->get('js') == 1;
// Validate token.
$token = Drupal::request()->query->get('token');
if (Drupal::csrfToken()->validate($token, $check_id)) {
$check = Checklist::getCheckByIdentifier($check_id);
if ($check != NULL) {
if ($check->isSkipped()) {
$check->enable();
} else {
$check->skip();
}
}
// Output.
if ($ajax) {
return new JsonResponse(array('skipped' => $check->isSkipped(), 'toggle_text' => $check->isSkipped() ? 'Enable' : 'Skip', 'toggle_href' => Url::fromRoute('security_review.toggle', array('check_id' => $check->id()), array('query' => array('token' => Drupal::csrfToken()->get($check->id()), 'js' => 1)))));
} else {
// Set message.
if ($check->isSkipped()) {
drupal_set_message(t($check->getTitle() . ' check skipped.'));
} else {
drupal_set_message(t($check->getTitle() . ' check no longer skipped.'));
}
// Redirect back to Run & Review.
return $this->redirect('security_review');
}
}
// Go back to Run & Review if the access was wrong.
return $this->redirect('security_review');
}
/**
* Tests the search functions of Checklist:
* getCheck().
* getCheckByIdentifier().
*/
public function testCheckSearch()
{
foreach (Checklist::getChecks() as $check) {
// getCheck().
$found = Checklist::getCheck($check->getMachineNamespace(), $check->getMachineTitle());
$this->assertNotNull($found, 'Found a check.');
$this->assertEqual($check->id(), $found->id(), 'Found ' . $check->getTitle() . '.');
// getCheckByIdentifier().
$found = Checklist::getCheckByIdentifier($check->id());
$this->assertNotNull($found, 'Found a check.');
$this->assertEqual($check->id(), $found->id(), 'Found ' . $check->getTitle() . '.');
}
}
/**
* {@inheritdoc}
*/
public function submitForm(array &$form, FormStateInterface $form_state)
{
// Frequently used configuration items.
$check_settings = $this->config('security_review.checks');
// Save that the module has been configured.
SecurityReview::setConfigured(TRUE);
// Save the new untrusted roles.
$untrusted_roles = array_keys(array_filter($form_state->getValue('untrusted_roles')));
SecurityReview::setUntrustedRoles($untrusted_roles);
// Save the new logging setting.
$logging = $form_state->getValue('logging') == 1;
SecurityReview::setLogging($logging);
// Skip selected checks.
$skipped = array_keys(array_filter($form_state->getValue('skip')));
foreach (Checklist::getChecks() as $check) {
if (in_array($check->id(), $skipped)) {
$check->skip();
} else {
$check->enable();
}
}
// Save the check-specific settings.
if (isset($form['advanced']['check_specific'])) {
$checkSpecificValues = $form_state->getValue('check_specific');
foreach ($checkSpecificValues as $checkIdentifier => $values) {
// Get corresponding Check.
$check = Checklist::getCheckByIdentifier($checkIdentifier);
// Submit parameters.
$checkForm =& $form['advanced']['check_specific'][$checkIdentifier]['form'];
$checkFormValues = $checkSpecificValues[$checkIdentifier]['form'];
// Submit.
$check->settings()->submitForm($checkForm, $checkFormValues);
}
}
// Commit the settings.
$check_settings->save();
// Finish submitting the form.
parent::submitForm($form, $form_state);
}
