function acquia_spi_security_review_check_admin_permissions in Acquia Connector 7.2
Same name and namespace in other branches
- 6.2 acquia_spi/security_review.inc \acquia_spi_security_review_check_admin_permissions()
- 7.3 acquia_spi/security_review.inc \acquia_spi_security_review_check_admin_permissions()
Look for admin permissions granted to untrusted roles.
1 string reference to 'acquia_spi_security_review_check_admin_permissions'
- _acquia_spi_security_review_security_checks in acquia_spi/
security_review.inc - Checks for acquia_spi_security_review_get_checks().
File
- acquia_spi/
security_review.inc, line 413 - Stand-alone security checks and review system.
Code
function acquia_spi_security_review_check_admin_permissions() {
$result = TRUE;
$check_result_value = array();
$untrusted_roles = acquia_spi_security_review_untrusted_roles();
// Collect permissions marked as for trusted users only.
$all_permissions = module_invoke_all('permission');
$all_keys = array_keys($all_permissions);
// Get permissions for untrusted roles.
$untrusted_permissions = user_role_permissions($untrusted_roles);
foreach ($untrusted_permissions as $rid => $permissions) {
$intersect = array_intersect($all_keys, array_keys($permissions));
foreach ($intersect as $permission) {
if (!empty($all_permissions[$permission]['restrict access'])) {
$check_result_value[$rid][] = $permission;
}
}
}
if (!empty($check_result_value)) {
$result = FALSE;
}
return array(
'result' => $result,
'value' => $check_result_value,
);
}