You are here

Home » API reference » Security Review 7 » security_review.inc

function security_review_untrusted_permissions in Security Review 7

Helper function collects the permissions untrusted roles have.

File

./security_review.inc, line 873
Stand-alone security checks and review system.

Code

function security_review_untrusted_permissions() {
  static $permissions;
  if (empty($permissions)) {
    $permissions = array();

    // Collect list of untrusted roles' permissions.
    $untrusted_roles = security_review_untrusted_roles();
    foreach ($untrusted_roles as $rid) {
      $perms = array();
      $results = db_query('SELECT r.rid, p.permission FROM {role} r LEFT JOIN {role_permission} p ON r.rid = p.rid WHERE r.rid = :rid', array(
        ':rid' => $rid,
      ))
        ->fetchArray();
      if ($results !== FALSE) {
        $perms = explode(',', str_replace(', ', ',', $results['permission']));
        $permissions[$rid] = $perms;
      }
    }
  }
  return $permissions;
}