public function SecurityReviewCommands::securityReview in Security Review 8
Run the Security Review checklist.
@command security:review @option store Write results to the database @option log Log results of each check to watchdog, defaults to off @option lastrun Do not run the checklist, just print last results @option check Comma-separated list of specified checks to run. See README.txt for list of options @option skip Comma-separated list of specified checks not to run. This takes precedence over --check @option short Short result messages instead of full description (e.g. 'Text formats') @option results Show the incorrect settings for failed checks. @usage secrev Run the checklist and output the results @usage secrev --store Run the checklist, store, and output the results @usage secrev --lastrun Output the stored results from the last run of the checklist @aliases secrev, security-review @format table @pipe-format csv @fields-default message, status @field-labels message: Message status: Status
Return value
\Consolidation\OutputFormatters\StructuredData\RowsOfFields Row of results.
File
- src/
Commands/ SecurityReviewCommands.php, line 80
Class
- SecurityReviewCommands
- Class SecurityReviewCommands.
Namespace
Drupal\security_review\CommandsCode
public function securityReview($options = [
'store' => FALSE,
'log' => FALSE,
'lastrun' => FALSE,
'check' => NULL,
'skip' => NULL,
'short' => FALSE,
'results' => FALSE,
]) {
$store = $options['store'];
$log = $options['log'];
$last_run = $options['lastrun'];
$run_checks = $options['check'];
$skip_checks = $options['skip'];
$short_titles = $options['short'];
$show_findings = $options['results'];
// Set temporary logging.
$log = in_array($log, [
TRUE,
1,
'TRUE',
]);
$this->securityReviewService
->setLogging($log, TRUE);
if (!empty($short_titles)) {
$short_titles = TRUE;
}
else {
$short_titles = FALSE;
}
$results = [];
if (!$last_run) {
// Do a normal security review run.
/** @var \Drupal\security_review\Check[] $checks */
$checks = [];
/** @var \Drupal\security_review\Check[] $to_skip */
$to_skip = [];
// Fill the $checks array.
if (!empty($run_checks)) {
// Get explicitly specified checks.
foreach (explode(',', $run_checks) as $check) {
$checks[] = $this
->getCheck($check);
}
}
else {
// Get the whole checklist.
$checks = $this->checklistService
->getChecks();
}
// Mark checks listed after --skip for removal.
if (!empty($skip_checks)) {
foreach (explode(',', $skip_checks) as $skip_check) {
$to_skip[] = $this
->getCheck($skip_check);
}
}
// If storing, mark skipped checks for removal.
if ($store) {
foreach ($checks as $check) {
if ($check
->isSkipped()) {
$to_skip[] = $check;
}
}
}
// Remove the skipped checks from $checks.
foreach ($to_skip as $skip_check) {
foreach ($checks as $key => $check) {
if ($check
->id() == $skip_check
->id()) {
unset($checks[$key]);
}
}
}
// If $checks is empty at this point, return with an error.
if (empty($checks)) {
throw new \Exception(dt("No checks to run. Run 'drush help secrev' for option use or consult the drush section of API.txt for further help."));
}
// Run the checks.
$results = $this->checklistService
->runChecks($checks, TRUE);
// Store the results.
if ($store) {
$this->checklistService
->storeResults($results);
}
}
else {
// Show the latest stored results.
foreach ($this->checklistService
->getChecks() as $check) {
$last_result = $check
->lastResult($show_findings);
if ($last_result instanceof CheckResult) {
$results[] = $last_result;
}
}
}
return new RowsOfFields($this
->formatResults($results, $short_titles, $show_findings));
}