1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* Install, update and uninstall functions for the security_review module.
|
6 |
|
|
*
|
7 |
|
|
*/
|
8 |
|
|
|
9 |
|
|
/**
|
10 |
|
|
* Implements hook_enable().
|
11 |
|
|
*/
|
12 |
|
|
function security_review_enable() {
|
13 |
|
|
drupal_set_message(t('Security Review module enabled. You should first set the module access permissions at !link. Be sure to grant permissions to trusted users only as this module can show senstive site information.', array('!link' => l('admin/people/permissions', 'admin/people/permissions'))));
|
14 |
|
|
}
|
15 |
|
|
|
16 |
|
|
/**
|
17 |
|
|
* Implements hook_schema().
|
18 |
|
|
*/
|
19 |
|
|
function security_review_schema() {
|
20 |
|
|
$schema['security_review'] = array(
|
21 |
|
|
'fields' => array(
|
22 |
|
|
'namespace' => array(
|
23 |
|
|
'type' => 'varchar',
|
24 |
|
|
'length' => 160,
|
25 |
|
|
'not null' => TRUE,
|
26 |
|
|
'default' => '',
|
27 |
|
|
),
|
28 |
|
|
'reviewcheck' => array(
|
29 |
|
|
'type' => 'varchar',
|
30 |
|
|
'length' => 160,
|
31 |
|
|
'not null' => TRUE,
|
32 |
|
|
'default' => '',
|
33 |
|
|
),
|
34 |
|
|
'result' => array(
|
35 |
|
|
'type' => 'int',
|
36 |
|
|
'not null' => TRUE,
|
37 |
|
|
'default' => 0,
|
38 |
|
|
),
|
39 |
|
|
'lastrun' => array(
|
40 |
|
|
'type' => 'int',
|
41 |
|
|
'not null' => TRUE,
|
42 |
|
|
'default' => 0,
|
43 |
|
|
),
|
44 |
|
|
'skip' => array(
|
45 |
|
|
'type' => 'int',
|
46 |
|
|
'not null' => TRUE,
|
47 |
|
|
'default' => 0,
|
48 |
|
|
),
|
49 |
|
|
'skiptime' => array(
|
50 |
|
|
'type' => 'int',
|
51 |
|
|
'not null' => TRUE,
|
52 |
|
|
'default' => 0,
|
53 |
|
|
),
|
54 |
|
|
'skipuid' => array(
|
55 |
|
|
'type' => 'int',
|
56 |
|
|
'default' => NULL
|
57 |
|
|
),
|
58 |
|
|
),
|
59 |
|
|
'primary key' => array('namespace', 'reviewcheck'),
|
60 |
|
|
);
|
61 |
|
|
|
62 |
|
|
return $schema;
|
63 |
|
|
}
|
64 |
|
|
|
65 |
|
|
/**
|
66 |
|
|
* Implements hook_uninstall().
|
67 |
|
|
*/
|
68 |
|
|
function security_review_uninstall() {
|
69 |
|
|
variable_del('security_review_untrusted_roles');
|
70 |
|
|
variable_del('security_review_log');
|
71 |
|
|
variable_del('security_review_last_run');
|
72 |
|
|
}
|
73 |
|
|
|
74 |
|
|
/**
|
75 |
|
|
* Empty Security Review check result table for a fresh start on Drupal 7.
|
76 |
|
|
*/
|
77 |
|
|
function security_review_update_7000(&$sandbox) {
|
78 |
|
|
db_truncate('security_review')->execute();
|
79 |
|
|
return t('Security Review table truncated.');
|
80 |
|
|
}
|
81 |
|
|
|
82 |
|
|
/**
|
83 |
|
|
* Implements hook_requirements().
|
84 |
|
|
*/
|
85 |
|
|
function security_review_requirements($phase) {
|
86 |
|
|
|
87 |
|
|
$requirements = array();
|
88 |
|
|
|
89 |
|
|
switch ($phase) {
|
90 |
|
|
case 'runtime':
|
91 |
|
|
$failed_checks = FALSE;
|
92 |
|
|
$checks = security_review_get_stored_results();
|
93 |
|
|
foreach ($checks as $check) {
|
94 |
|
|
if ($check['result'] === FALSE && !$check['skip']) {
|
95 |
|
|
$failed_checks = TRUE;
|
96 |
|
|
break;
|
97 |
|
|
}
|
98 |
|
|
}
|
99 |
|
|
$url = url('admin/reports/security-review');
|
100 |
|
|
if (empty($checks)) {
|
101 |
|
|
$severity = REQUIREMENT_WARNING;
|
102 |
|
|
$value = t('The Security Review checklist has not been run. <a href="!url">Run the checklist</a>', array('!url' => $url));
|
103 |
|
|
}
|
104 |
|
|
elseif ($failed_checks) {
|
105 |
|
|
$severity = REQUIREMENT_WARNING;
|
106 |
|
|
$value = t('There are failed Security Review checks. <a href="!url">Review the checklist</a>', array('!url' => $url));
|
107 |
|
|
}
|
108 |
|
|
else {
|
109 |
|
|
$severity = REQUIREMENT_OK;
|
110 |
|
|
$value = t('Passing all non-ignored Security Review checks. <a href="!url">Review the checklist</a>', array('!url' => $url));
|
111 |
|
|
}
|
112 |
|
|
$requirements['security_review'] = array(
|
113 |
|
|
'title' => t('Security Review'),
|
114 |
|
|
'severity' => $severity,
|
115 |
|
|
'value' => $value,
|
116 |
|
|
);
|
117 |
|
|
break;
|
118 |
|
|
}
|
119 |
|
|
|
120 |
|
|
return $requirements;
|
121 |
|
|
} |