function security_review_drush in Security Review 7
Same name and namespace in other branches
- 8 security_review.drush.inc \security_review_drush()
- 6 security_review.drush.inc \security_review_drush()
Run checklist and display results command.
1 string reference to 'security_review_drush'
- security_review_drush_command in ./
security_review.drush.inc - Implementation of hook_drush_command().
File
- ./
security_review.drush.inc, line 71 - Drush commands for Security Review module.
Code
function security_review_drush() {
if (!function_exists('security_review_get_checklist')) {
return drush_set_error('REQUIREMENTS_ERROR', 'File security_review.inc is required to run the checklist.');
}
// Retrieve the checklist.
$checklist = security_review_get_checklist();
$store = drush_get_option('store');
$log = drush_get_option('log');
$lastrun = drush_get_option('lastrun');
if (!function_exists('security_review_menu')) {
// Checklist is being executed when module is disabled . Deny these
// features.
$store = $log = $lastrun = FALSE;
}
$specific_checks = drush_get_option_list('check');
$skip = drush_get_option('skip');
$short_titles = drush_get_option('short');
if (!empty($short_titles)) {
$short_titles = TRUE;
}
else {
$short_titles = FALSE;
}
// Show failed check results only if security_review.help.inc exists.
$show_results = drush_get_option('results');
if ($show_results && file_exists(__DIR__ . '/security_review.help.inc')) {
include_once __DIR__ . '/security_review.help.inc';
}
else {
$show_results = FALSE;
}
$output = array();
if (!$lastrun) {
if (!empty($specific_checks)) {
// Get specified checks.
$specific_checklist = array();
foreach ($specific_checks as $check_name) {
if (empty($check_name)) {
continue;
// Can happen if user puts space after comma.
}
if (strpos($check_name, ':') !== FALSE) {
list($module, $check_name) = explode(':', $check_name);
}
else {
$module = 'security_review';
}
if (isset($checklist[$module][$check_name])) {
$specific_checklist[$module][$check_name] = $checklist[$module][$check_name];
}
}
if ($skip) {
// Run all checks except specified checks.
foreach ($specific_checklist as $module => $checks) {
foreach (array_keys($checks) as $check_name) {
unset($checklist[$module][$check_name]);
}
}
}
else {
// Run only specified checks.
$checklist = $specific_checklist;
}
}
else {
// Unset file_perms of security_review because drush is running as a
// different user.
unset($checklist['security_review']['file_perms']);
}
// Remove checks that are being skipped if storing.
if ($store) {
$skipped = security_review_skipped_checks();
if (!empty($skipped)) {
foreach ($skipped as $module => $checks) {
foreach ($checks as $check_name => $check) {
unset($checklist[$module][$check_name]);
}
if (empty($checklist[$module])) {
unset($checklist[$module]);
}
}
}
}
if (empty($checklist)) {
return drush_set_error('EMPTY_CHECKLIST', dt("No checks to run. Run 'drush help secrev' for option use or consult the drush section of README.txt for further help."));
}
// Run the checklist.
$checklist_results = security_review_run($checklist, $log ? TRUE : NULL);
if ($store) {
security_review_store_results($checklist_results);
}
// Compile results.
foreach ($checklist_results as $module => $checks) {
foreach ($checks as $check_name => $check) {
if ($result = _security_review_drush_format_result($check, $short_titles, $show_results)) {
$output[$module . '-' . $check_name] = $result;
}
}
}
}
elseif ($lastrun) {
// Retrieve results from last run of the checklist.
$results = security_review_get_stored_results();
// Compile results.
if (!empty($results)) {
foreach ($results as $result) {
if (isset($checklist[$result['namespace']][$result['reviewcheck']])) {
$check = array_merge($result, $checklist[$result['namespace']][$result['reviewcheck']]);
if ($result = _security_review_drush_format_result($check, $short_titles, $show_results)) {
$output[$check['namespace'] . '-' . $check['reviewcheck']] = $result;
}
}
}
}
}
return $output;
}