function security_review_drush in Security Review 8
Same name and namespace in other branches
- 6 security_review.drush.inc \security_review_drush()
- 7 security_review.drush.inc \security_review_drush()
Runs a checklist and displays results.
1 string reference to 'security_review_drush'
- security_review_drush_command in ./
security_review.drush.inc - Implements hook_drush_command().
File
- ./
security_review.drush.inc, line 64 - Drush commands for Security Review module.
Code
function security_review_drush() {
/** @var \Drupal\security_review\SecurityReview $security_review */
$security_review = Drupal::service('security_review');
/** @var \Drupal\security_review\Checklist $checklist */
$checklist = Drupal::service('security_review.checklist');
$store = drush_get_option('store');
$log = drush_get_option('log');
$last_run = drush_get_option('lastrun');
$run_checks = drush_get_option_list('check');
$skip_checks = drush_get_option_list('skip');
$short_titles = drush_get_option('short');
$show_findings = drush_get_option('results');
// Set temporary logging.
$log = in_array($log, [
TRUE,
1,
'TRUE',
]);
$security_review
->setLogging($log, TRUE);
if (!empty($short_titles)) {
$short_titles = TRUE;
}
else {
$short_titles = FALSE;
}
$results = [];
if (!$last_run) {
// Do a normal security review run.
/** @var \Drupal\security_review\Check[] $checks */
$checks = [];
/** @var \Drupal\security_review\Check[] $to_skip */
$to_skip = [];
// Fill the $checks array.
if (!empty($run_checks)) {
// Get explicitly specified checks.
foreach ($run_checks as $check) {
$checks[] = _security_review_drush_get_check($check);
}
}
else {
// Get the whole checklist.
$checks = $checklist
->getChecks();
}
// Mark checks listed after --skip for removal.
if (!empty($skip_checks)) {
foreach ($skip_checks as $skip_check) {
$to_skip[] = _security_review_drush_get_check($skip_check);
}
}
// If storing, mark skipped checks for removal.
if ($store) {
foreach ($checks as $check) {
if ($check
->isSkipped()) {
$to_skip[] = $check;
}
}
}
// Remove the skipped checks from $checks.
foreach ($to_skip as $skip_check) {
foreach ($checks as $key => $check) {
if ($check
->id() == $skip_check
->id()) {
unset($checks[$key]);
}
}
}
// If $checks is empty at this point, return with an error.
if (empty($checks)) {
return drush_set_error('EMPTY_CHECKLIST', dt("No checks to run. Run 'drush help secrev' for option use or consult the drush section of API.txt for further help."));
}
// Run the checks.
$results = $checklist
->runChecks($checks, TRUE);
// Store the results.
if ($store) {
$checklist
->storeResults($results);
}
}
else {
// Show the latest stored results.
foreach ($checklist
->getChecks() as $check) {
$last_result = $check
->lastResult($show_findings);
if ($last_result instanceof CheckResult) {
$results[] = $last_result;
}
}
}
return _security_review_drush_format_results($results, $short_titles, $show_findings);
}