You are here

Home » API reference » Security Review 6 » security_review.module

function security_review_settings in Security Review 6

Same name and namespace in other branches
  1. 7 security_review.pages.inc \security_review_settings()

Module settings form.

1 string reference to 'security_review_settings'
security_review_menu in ./security_review.module
Implementation of hook_menu().

File

./security_review.module, line 477
Site security review and reporting Drupal module.

Code

function security_review_settings() {
  $checklist = module_invoke_all('security_checks');
  $roles = user_roles();
  foreach ($roles as $rid => $role) {
    $options[$rid] = check_plain($role);
  }
  $message = '';
  $defaults = security_review_default_untrusted_roles();
  if (in_array(DRUPAL_AUTHENTICATED_RID, $defaults)) {
    $message = 'You have allowed anonymous users to create accounts without approval so the authenticated role defaults to untrusted.';
  }
  $form['security_review_untrusted_roles'] = array(
    '#type' => 'checkboxes',
    '#title' => t('Untrusted roles'),
    '#description' => t('Mark which roles are not trusted. The anonymous role defaults to untrusted. @message Read more about the idea behind trusted and untrusted roles on <a href="!url">DrupalScout.com</a>. Most Security Review checks look for resources usable by untrusted roles.', array(
      '@message' => $message,
      '!url' => url('http://drupalscout.com/knowledge-base/importance-user-roles-and-permissions-site-security'),
    )),
    '#options' => $options,
    '#default_value' => variable_get('security_review_untrusted_roles', $defaults),
  );
  $form['security_review_adv'] = array(
    '#type' => 'fieldset',
    '#title' => t('Advanced'),
    '#collapsible' => TRUE,
    '#collapsed' => FALSE,
  );
  $form['security_review_adv']['security_review_log'] = array(
    '#type' => 'checkbox',
    '#title' => t('Log checklist results and skips'),
    '#description' => t('The result of each check and skip can be logged to watchdog for tracking.'),
    '#default_value' => variable_get('security_review_log', TRUE),
  );
  $options = $values = array();
  $skipped = security_review_skipped_checks();
  foreach ($checklist as $module => $checks) {
    foreach ($checks as $check_name => $check) {

      // Determine if check is being skipped.
      if (!empty($skipped) && array_key_exists($check_name, $skipped[$module])) {
        $values[] = $check_name;
        $label = t('!name <em>skipped by UID !uid on !date</em>', array(
          '!name' => $check['title'],
          '!uid' => $skipped[$module][$check_name]['skipuid'],
          '!date' => format_date($skipped[$module][$check_name]['skiptime']),
        ));
      }
      else {
        $label = $check['title'];
      }
      $options[$check_name] = $label;
    }
  }
  $form['security_review_adv']['security_review_skip'] = array(
    '#type' => 'checkboxes',
    '#title' => t('Checks to skip'),
    '#description' => t('Skip running certain checks. This can also be set on the <em>Run & review</em> page. It is recommended that you do not skip any checks unless you know the result is wrong or the process times out while running.'),
    '#options' => $options,
    '#default_value' => $values,
  );

  // Add a submit handler to set the skipped checks.
  $form['#submit'][] = '_security_review_settings_submit';
  return system_settings_form($form);
}