function security_review_check_admin_permissions_help in Security Review 7
Same name and namespace in other branches
- 6 security_review.help.inc \security_review_check_admin_permissions_help()
File
- ./security_review.help.inc, line 223
- Main help definition.
Code
function security_review_check_admin_permissions_help($check = NULL, $skipped_message = NULL) {
$element['title'] = t('Admin and trusted Drupal permissions');
$element['descriptions'][] = t("Drupal's permission system is extensive and allows for varying degrees of control. Certain permissions would allow a user total control, or the ability to escalate their control, over your site and should only be granted to trusted users.");
$element['descriptions'][] = t('<a href="!link">Read more about trusted vs. untrusted roles and permissions on DrupalScout.com.</a>', array(
'!link' => url('http://drupalscout.com/knowledge-base/importance-user-roles-and-permissions-site-security'),
));
if (!empty($skipped_message)) {
$element['findings']['descriptions'][] = $skipped_message;
}
elseif ($check && $check['result'] == FALSE) {
$roles = user_roles();
$element['findings']['descriptions'][] = t('You have granted untrusted roles the following permissions that you should revoke.');
foreach ($check['value'] as $rid => $permissions) {
$permissions = implode(', ', $permissions);
$html = t('<a href="!link">@name</a> has %permissions', array(
'!link' => url('admin/people/permissions/' . $rid),
'@name' => $roles[$rid],
'%permissions' => $permissions,
));
$safe = t('@name has %permissions', array(
'@name' => $roles[$rid],
$permissions,
));
$element['findings']['items'][] = array(
'html' => $html,
'safe' => $safe,
'raw' => $roles[$rid] . ':' . $permissions,
);
}
}
return $element;
}
