You are here

private function SecurityReviewController::securityReviewSecurityChecks in Acquia Connector 8

Same name and namespace in other branches
  1. 8.2 src/Controller/SecurityReviewController.php \Drupal\acquia_connector\Controller\SecurityReviewController::securityReviewSecurityChecks()
  2. 3.x src/Controller/SecurityReviewController.php \Drupal\acquia_connector\Controller\SecurityReviewController::securityReviewSecurityChecks()

Checks for acquia_spi_security_review_get_checks().

Return value

array Result.

1 call to SecurityReviewController::securityReviewSecurityChecks()
SecurityReviewController::securityReviewGetChecks in src/Controller/SecurityReviewController.php
Helper function allows for collection of this file's security checks.

File

src/Controller/SecurityReviewController.php, line 189

Class

SecurityReviewController
Acquia Security Review page.

Namespace

Drupal\acquia_connector\Controller

Code

private function securityReviewSecurityChecks() {
  $checks['input_formats'] = [
    'title' => $this
      ->t('Text formats'),
    'callback' => 'checkInputFormats',
    'success' => $this
      ->t('Untrusted users are not allowed to input dangerous HTML tags.'),
    'failure' => $this
      ->t('Untrusted users are allowed to input dangerous HTML tags.'),
  ];
  $checks['upload_extensions'] = [
    'title' => $this
      ->t('Allowed upload extensions'),
    'callback' => 'checkUploadExtensions',
    'success' => $this
      ->t('Only safe extensions are allowed for uploaded files and images.'),
    'failure' => $this
      ->t('Unsafe file extensions are allowed in uploads.'),
  ];
  $checks['admin_permissions'] = [
    'title' => $this
      ->t('Drupal permissions'),
    'callback' => 'checkAdminPermissions',
    'success' => $this
      ->t('Untrusted roles do not have administrative or trusted Drupal permissions.'),
    'failure' => $this
      ->t('Untrusted roles have been granted administrative or trusted Drupal permissions.'),
  ];

  // Check dependent on PHP filter being enabled.
  if ($this
    ->moduleHandler()
    ->moduleExists('php')) {
    $checks['untrusted_php'] = [
      'title' => $this
        ->t('PHP access'),
      'callback' => 'checkPhpFilter',
      'success' => $this
        ->t('Untrusted users do not have access to use the PHP input format.'),
      'failure' => $this
        ->t('Untrusted users have access to use the PHP input format.'),
    ];
  }
  $checks['executable_php'] = [
    'title' => $this
      ->t('Executable PHP'),
    'callback' => 'checkExecutablePhp',
    'success' => $this
      ->t('PHP files in the Drupal files directory cannot be executed.'),
    'failure' => $this
      ->t('PHP files in the Drupal files directory can be executed.'),
  ];
  $checks['temporary_files'] = [
    'title' => $this
      ->t('Temporary files'),
    'callback' => 'checkTemporaryFiles',
    'success' => $this
      ->t('No sensitive temporary files were found.'),
    'failure' => $this
      ->t('Sensitive temporary files were found on your files system.'),
  ];
  if ($this
    ->moduleHandler()
    ->moduleExists('views')) {
    $checks['views_access'] = [
      'title' => $this
        ->t('Views access'),
      'callback' => 'checkViewsAccess',
      'success' => $this
        ->t('Views are access controlled.'),
      'failure' => $this
        ->t('There are Views that do not provide any access checks.'),
    ];
  }
  return [
    'security_review' => $checks,
  ];
}