private function SecurityReviewController::checkAdminPermissions in Acquia Connector 3.x
Same name and namespace in other branches
- 8.2 src/Controller/SecurityReviewController.php \Drupal\acquia_connector\Controller\SecurityReviewController::checkAdminPermissions()
- 8 src/Controller/SecurityReviewController.php \Drupal\acquia_connector\Controller\SecurityReviewController::checkAdminPermissions()
Look for admin permissions granted to untrusted roles.
File
- src/
Controller/ SecurityReviewController.php, line 460
Class
- SecurityReviewController
- Acquia Security Review page.
Namespace
Drupal\acquia_connector\ControllerCode
private function checkAdminPermissions() {
$result = TRUE;
$check_result_value = [];
$mapping_role = [
'anonymous' => 1,
'authenticated' => 2,
];
$untrusted_roles = $this
->untrustedRoles();
// Collect permissions marked as for trusted users only.
$all_permissions = \Drupal::service('user.permissions')
->getPermissions();
$all_keys = array_keys($all_permissions);
// Get permissions for untrusted roles.
$untrusted_permissions = user_role_permissions(array_keys($untrusted_roles));
foreach ($untrusted_permissions as $rid => $permissions) {
$intersect = array_intersect($all_keys, $permissions);
foreach ($intersect as $permission) {
if (!empty($all_permissions[$permission]['restrict access'])) {
$check_result_value[$mapping_role[$rid]][] = $permission;
}
}
}
if (!empty($check_result_value)) {
$result = FALSE;
}
return [
'result' => $result,
'value' => $check_result_value,
];
}