public function index($check_id) { // Determine access type. $ajax = Drupal::request()->query->get('js') == 1; // Validate token. $token = Drupal::request()->query->get('token'); if (Drupal::csrfToken()->validate($token, $check_id)) { $check = Checklist::getCheckByIdentifier($check_id); if ($check != NULL) { if ($check->isSkipped()) { $check->enable(); } else { $check->skip(); } } // Output. if ($ajax) { return new JsonResponse(array('skipped' => $check->isSkipped(), 'toggle_text' => $check->isSkipped() ? 'Enable' : 'Skip', 'toggle_href' => Url::fromRoute('security_review.toggle', array('check_id' => $check->id()), array('query' => array('token' => Drupal::csrfToken()->get($check->id()), 'js' => 1))))); } else { // Set message. if ($check->isSkipped()) { drupal_set_message(t($check->getTitle() . ' check skipped.')); } else { drupal_set_message(t($check->getTitle() . ' check no longer skipped.')); } // Redirect back to Run & Review. return $this->redirect('security_review'); } } // Go back to Run & Review if the access was wrong. return $this->redirect('security_review'); }
/** * Tests the search functions of Checklist: * getCheck(). * getCheckByIdentifier(). */ public function testCheckSearch() { foreach (Checklist::getChecks() as $check) { // getCheck(). $found = Checklist::getCheck($check->getMachineNamespace(), $check->getMachineTitle()); $this->assertNotNull($found, 'Found a check.'); $this->assertEqual($check->id(), $found->id(), 'Found ' . $check->getTitle() . '.'); // getCheckByIdentifier(). $found = Checklist::getCheckByIdentifier($check->id()); $this->assertNotNull($found, 'Found a check.'); $this->assertEqual($check->id(), $found->id(), 'Found ' . $check->getTitle() . '.'); } }
/** * {@inheritdoc} */ public function submitForm(array &$form, FormStateInterface $form_state) { // Frequently used configuration items. $check_settings = $this->config('security_review.checks'); // Save that the module has been configured. SecurityReview::setConfigured(TRUE); // Save the new untrusted roles. $untrusted_roles = array_keys(array_filter($form_state->getValue('untrusted_roles'))); SecurityReview::setUntrustedRoles($untrusted_roles); // Save the new logging setting. $logging = $form_state->getValue('logging') == 1; SecurityReview::setLogging($logging); // Skip selected checks. $skipped = array_keys(array_filter($form_state->getValue('skip'))); foreach (Checklist::getChecks() as $check) { if (in_array($check->id(), $skipped)) { $check->skip(); } else { $check->enable(); } } // Save the check-specific settings. if (isset($form['advanced']['check_specific'])) { $checkSpecificValues = $form_state->getValue('check_specific'); foreach ($checkSpecificValues as $checkIdentifier => $values) { // Get corresponding Check. $check = Checklist::getCheckByIdentifier($checkIdentifier); // Submit parameters. $checkForm =& $form['advanced']['check_specific'][$checkIdentifier]['form']; $checkFormValues = $checkSpecificValues[$checkIdentifier]['form']; // Submit. $check->settings()->submitForm($checkForm, $checkFormValues); } } // Commit the settings. $check_settings->save(); // Finish submitting the form. parent::submitForm($form, $form_state); }