drupal_verify_install_file example

/** * Tests the default behavior to restrict directory permissions is enforced. * * Checks both the current sites directory and settings.php. */
  public function testSitesDirectoryHardening() {
    $site_path = $this->kernel->getSitePath();
    $settings_file = $this->settingsFile($site_path);

    // First, we check based on what the initial install has set.     $this->assertTrue(drupal_verify_install_file($site_path, FILE_NOT_WRITABLE, 'dir')new FormattableMarkup('Verified permissions for @file.', ['@file' => $site_path]));

    // We intentionally don't check for settings.local.php as that file is     // not created by Drupal.     $this->assertTrue(drupal_verify_install_file($settings_file, FILE_EXIST | FILE_READABLE | FILE_NOT_WRITABLE)new FormattableMarkup('Verified permissions for @file.', ['@file' => $settings_file]));

    $this->makeWritable($site_path);
    $this->checkSystemRequirements();

    $this->assertTrue(drupal_verify_install_file($site_path, FILE_NOT_WRITABLE, 'dir')new FormattableMarkup('Verified permissions for @file after manual permissions change.', ['@file' => $site_path]));
    $this->assertTrue(drupal_verify_install_file($settings_file, FILE_EXIST | FILE_READABLE | FILE_NOT_WRITABLE)new FormattableMarkup('Verified permissions for @file after manual permissions change.', ['@file' => $settings_file]));
  }

  
// Warn about settings.php permissions risk     $settings_dir = $this->sitePath;
    $settings_file = $settings_dir . '/settings.php';
    // Check that $_POST is empty so we only show this message when the form is     // first displayed, not on the next page after it is submitted. (We do not     // want to repeat it multiple times because it is a general warning that is     // not related to the rest of the installation process; it would also be     // especially out of place on the last page of the installer, where it would     // distract from the message that the Drupal installation has completed     // successfully.)     $post_params = $this->getRequest()->request->all();
    if (empty($post_params) && (Settings::get('skip_permissions_hardening') || !drupal_verify_install_file($this->root . '/' . $settings_file, FILE_EXIST | FILE_READABLE | FILE_NOT_WRITABLE) || !drupal_verify_install_file($this->root . '/' . $settings_dir, FILE_NOT_WRITABLE, 'dir'))) {
      $this->messenger()->addWarning($this->t('All necessary changes to %dir and %file have been made, so you should remove write permissions to them now in order to avoid security risks. If you are unsure how to do so, consult the <a href=":handbook_url">online handbook</a>.', ['%dir' => $settings_dir, '%file' => $settings_file, ':handbook_url' => 'https://www.drupal.org/server-permissions']));
    }

    $form['#attached']['library'][] = 'system/drupal.system';
    // Add JavaScript time zone detection.     $form['#attached']['library'][] = 'core/drupal.timezone';
    // We add these strings as settings because JavaScript translation does not     // work during installation.     $form['#attached']['drupalSettings']['copyFieldValue']['edit-site-mail'] = ['edit-account-mail'];

    $form['site_information'] = [
      
Home | Imprint | This part of the site doesn't use cookies.