You are here

Home » API reference » Security Review 8 » ChecklistController.php

class ChecklistController in Security Review 8

The class of the 'Run & Review' page's controller.

Hierarchy

Expanded class hierarchy of ChecklistController

File

src/Controller/ChecklistController.php, line 17

Namespace

Drupal\security_review\Controller
View source 
class ChecklistController extends ControllerBase {

  /**
   * The CSRF Token generator.
   *
   * @var \Drupal\Core\Access\CsrfTokenGenerator $csrfToken
   */
  protected $csrfToken;

  /**
   * The security_review.checklist service.
   *
   * @var \Drupal\security_review\Checklist
   */
  protected $checklist;

  /**
   * The security_review service.
   *
   * @var \Drupal\security_review\SecurityReview
   */
  protected $securityReview;

  /**
   * The messenger service.
   *
   * @var \Drupal\Core\Messenger\MessengerInterface
   */
  protected $messenger;

  /**
   * Constructs a ChecklistController.
   *
   * @param \Drupal\Core\Access\CsrfTokenGenerator $csrf_token_generator
   *   The CSRF Token generator.
   * @param \Drupal\security_review\SecurityReview $security_review
   *   The security_review service.
   * @param \Drupal\security_review\Checklist $checklist
   *   The security_review.checklist service.
   * @param \Drupal\Core\Messenger\MessengerInterface $messenger
   *   The messenger service.
   */
  public function __construct(CsrfTokenGenerator $csrf_token_generator, SecurityReview $security_review, Checklist $checklist, MessengerInterface $messenger) {
    $this->csrfToken = $csrf_token_generator;
    $this->checklist = $checklist;
    $this->securityReview = $security_review;
    $this->messenger = $messenger;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static($container
      ->get('csrf_token'), $container
      ->get('security_review'), $container
      ->get('security_review.checklist'), $container
      ->get('messenger'));
  }

  /**
   * Creates the Run & Review page.
   *
   * @return array
   *   The 'Run & Review' page's render array.
   */
  public function index() {
    $run_form = [];

    // If the user has the required permissions, show the RunForm.
    if ($this
      ->currentUser()
      ->hasPermission('run security checks')) {

      // Get the Run form.
      $run_form = $this
        ->formBuilder()
        ->getForm('Drupal\\security_review\\Form\\RunForm');

      // Close the Run form if there are results.
      if ($this->securityReview
        ->getLastRun() > 0) {
        $run_form['run_form']['#open'] = FALSE;
      }
    }

    // Print the results if any.
    if ($this->securityReview
      ->getLastRun() <= 0) {

      // If they haven't configured the site, prompt them to do so.
      if (!$this->securityReview
        ->isConfigured()) {
        $this->messenger
          ->addWarning($this
          ->t('It appears this is your first time using the Security Review checklist. Before running the checklist please review the settings page at <a href=":url">admin/reports/security-review/settings</a> to set which roles are untrusted.', [
          ':url' => Url::fromRoute('security_review.settings')
            ->toString(),
        ]), 'warning');
      }
    }
    return [
      $run_form,
      $this
        ->results(),
    ];
  }

  /**
   * Creates the results' table.
   *
   * @return array
   *   The render array for the result table.
   */
  public function results() {

    // If there are no results return.
    if ($this->securityReview
      ->getLastRun() <= 0) {
      return [];
    }
    $checks = [];
    foreach ($this->checklist
      ->getChecks() as $check) {

      // Initialize with defaults.
      $check_info = [
        'message' => $this
          ->t('The check "@name" hasn\'t been run yet.', [
          '@name' => $check
            ->getTitle(),
        ]),
        'skipped' => $check
          ->isSkipped(),
      ];

      // Get last result.
      $last_result = $check
        ->lastResult();
      if ($last_result != NULL) {
        if (!$last_result
          ->isVisible()) {
          continue;
        }
        $check_info['result'] = $last_result
          ->result();
        $check_info['message'] = $last_result
          ->resultMessage();
      }

      // Determine help link.
      $check_info['help_link'] = Link::createFromRoute('Details', 'security_review.help', [
        'namespace' => $check
          ->getMachineNamespace(),
        'title' => $check
          ->getMachineTitle(),
      ]);

      // Add toggle button.
      $toggle_text = $check
        ->isSkipped() ? 'Enable' : 'Skip';
      $check_info['toggle_link'] = Link::createFromRoute($toggle_text, 'security_review.toggle', [
        'check_id' => $check
          ->id(),
      ], [
        'query' => [
          'token' => $this->csrfToken
            ->get($check
            ->id()),
        ],
      ]);

      // Add to array of completed checks.
      $checks[] = $check_info;
    }
    return [
      '#theme' => 'run_and_review',
      '#date' => $this->securityReview
        ->getLastRun(),
      '#checks' => $checks,
      '#attached' => [
        'library' => [
          'security_review/run_and_review',
        ],
      ],
    ];
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ChecklistController::$checklist protected property The security_review.checklist service.
ChecklistController::$csrfToken protected property The CSRF Token generator.
ChecklistController::$messenger protected property The messenger service. Overrides MessengerTrait::$messenger
ChecklistController::$securityReview protected property The security_review service.
ChecklistController::create public static function Instantiates a new instance of this class. Overrides ControllerBase::create
ChecklistController::index public function Creates the Run & Review page.
ChecklistController::results public function Creates the results' table.
ChecklistController::__construct public function Constructs a ChecklistController.
ControllerBase::$configFactory protected property The configuration factory.
ControllerBase::$currentUser protected property The current user service. 1
ControllerBase::$entityFormBuilder protected property The entity form builder.
ControllerBase::$entityManager protected property The entity manager.
ControllerBase::$entityTypeManager protected property The entity type manager.
ControllerBase::$formBuilder protected property The form builder. 2
ControllerBase::$keyValue protected property The key-value storage. 1
ControllerBase::$languageManager protected property The language manager. 1
ControllerBase::$moduleHandler protected property The module handler. 2
ControllerBase::$stateService protected property The state service.
ControllerBase::cache protected function Returns the requested cache bin.
ControllerBase::config protected function Retrieves a configuration object.
ControllerBase::container private function Returns the service container.
ControllerBase::currentUser protected function Returns the current user. 1
ControllerBase::entityFormBuilder protected function Retrieves the entity form builder.
ControllerBase::entityManager Deprecated protected function Retrieves the entity manager service.
ControllerBase::entityTypeManager protected function Retrieves the entity type manager.
ControllerBase::formBuilder protected function Returns the form builder service. 2
ControllerBase::keyValue protected function Returns a key/value storage collection. 1
ControllerBase::languageManager protected function Returns the language manager service. 1
ControllerBase::moduleHandler protected function Returns the module handler. 2
ControllerBase::redirect protected function Returns a redirect response object for the specified route. Overrides UrlGeneratorTrait::redirect
ControllerBase::state protected function Returns the state storage service.
LinkGeneratorTrait::$linkGenerator protected property The link generator. 1
LinkGeneratorTrait::getLinkGenerator Deprecated protected function Returns the link generator.
LinkGeneratorTrait::l Deprecated protected function Renders a link to a route given a route name and its parameters.
LinkGeneratorTrait::setLinkGenerator Deprecated public function Sets the link generator service.
LoggerChannelTrait::$loggerFactory protected property The logger channel factory service.
LoggerChannelTrait::getLogger protected function Gets the logger for a specific channel.
LoggerChannelTrait::setLoggerFactory public function Injects the logger channel factory.
MessengerTrait::messenger public function Gets the messenger. 29
MessengerTrait::setMessenger public function Sets the messenger.
RedirectDestinationTrait::$redirectDestination protected property The redirect destination service. 1
RedirectDestinationTrait::getDestinationArray protected function Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url.
RedirectDestinationTrait::getRedirectDestination protected function Returns the redirect destination service.
RedirectDestinationTrait::setRedirectDestination public function Sets the redirect destination service.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
UrlGeneratorTrait::$urlGenerator protected property The url generator.
UrlGeneratorTrait::getUrlGenerator Deprecated protected function Returns the URL generator service.
UrlGeneratorTrait::setUrlGenerator Deprecated public function Sets the URL generator service.
UrlGeneratorTrait::url Deprecated protected function Generates a URL or path for a specific route based on the given parameters.