function acquia_spi_security_review_check_admin_permissions in Acquia Connector 7.3

Same name and namespace in other branches

6.2 acquia_spi/security_review.inc \acquia_spi_security_review_check_admin_permissions()
7.2 acquia_spi/security_review.inc \acquia_spi_security_review_check_admin_permissions()

Look for admin permissions granted to untrusted roles.

1 string reference to 'acquia_spi_security_review_check_admin_permissions'

_acquia_spi_security_review_security_checks in acquia_spi/security_review.inc: Checks for acquia_spi_security_review_get_checks().

File

acquia_spi/security_review.inc, line 443: Stand-alone security checks and review system.

Code

function acquia_spi_security_review_check_admin_permissions() {
  $result = TRUE;
  $check_result_value = array();
  $untrusted_roles = acquia_spi_security_review_untrusted_roles();

  // Collect permissions marked as for trusted users only.
  $all_permissions = module_invoke_all('permission');
  $all_keys = array_keys($all_permissions);

  // Get permissions for untrusted roles.
  $untrusted_permissions = user_role_permissions($untrusted_roles);
  foreach ($untrusted_permissions as $rid => $permissions) {
    $intersect = array_intersect($all_keys, array_keys($permissions));
    foreach ($intersect as $permission) {
      if (!empty($all_permissions[$permission]['restrict access'])) {
        $check_result_value[$rid][] = $permission;
      }
    }
  }
  if (!empty($check_result_value)) {
    $result = FALSE;
  }
  return array(
    'result' => $result,
    'value' => $check_result_value,
  );
}

You are here

function acquia_spi_security_review_check_admin_permissions in Acquia Connector 7.3

File

Code

API Navigation