mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-13 20:42:22 +02:00
Code Issues Projects Releases Wiki Activity

MDL-67852 tool_dataprivacy: Fix security checks

Browse Source
This commit is contained in:
Alex Yeung 2023-06-22 19:08:07 +01:00
parent ef93325f27
commit 73f3bb23be
2 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/classes/check/access/defaultuserrole.php
View File

@ -76,18 +76,28 @@ class defaultuserrole extends check {
}
// Risky caps - usually very dangerous.
$sql = "SELECT COUNT(DISTINCT rc.contextid)
$sql = "SELECT rc.contextid, rc.capability
FROM {role_capabilities} rc
JOIN {capabilities} cap ON cap.name = rc.capability
WHERE " . $DB->sql_bitand('cap.riskbitmask', (RISK_XSS | RISK_CONFIG | RISK_DATALOSS)) . " <> 0
AND rc.permission = :capallow
AND rc.roleid = :roleid";
$riskycount = $DB->count_records_sql($sql, [
$riskyresults = $DB->get_records_sql($sql, [
'capallow' => CAP_ALLOW,
'roleid' => $defaultrole->id,
]);
// If automatic approval is disabled, then the requestdelete capability is not risky.
if (!get_config('tool_dataprivacy', 'automaticdatadeletionapproval')) {
$riskyresults = array_filter($riskyresults, function ($object) {
return $object->capability !== 'tool/dataprivacy:requestdelete';
});
}
// Count the number of unique contexts that have risky caps.
$riskycount = count(array_unique(array_column($riskyresults, 'contextid')));
// It may have either none or 'user' archetype - nothing else, or else it would break during upgrades badly.
if ($defaultrole->archetype === '' or $defaultrole->archetype === 'user') {
$legacyok = true;

3
report/security/lang/en/report_security.php
View File

@ -36,7 +36,8 @@ $string['check_cookiesecure_http'] = 'You must turn on https in order to use sec
$string['check_cookiesecure_name'] = 'Secure cookies';
$string['check_cookiesecure_ok'] = 'Secure cookies enabled.';
$string['check_defaultuserrole_details'] = '<p>All logged in users are given capabilities of the default user role. Please make sure no risky capabilities are allowed in this role.</p>
<p>The only supported legacy type for the default user role is <em>Authenticated user</em>. The course view capability must not be enabled.</p>';
<p>The only supported legacy type for the default user role is <em>Authenticated user</em>. The course view capability must not be enabled.</p>
<p>Please check if the automatic data deletion request approval(tool_dataprivacy | automaticdatadeletionapproval) option is enabled. Users can request deletions that could delete large amounts of data.</p>';
$string['check_defaultuserrole_error'] = 'The default user role "{$a}" is incorrectly defined!';
$string['check_defaultuserrole_name'] = 'Default role for all users';
$string['check_defaultuserrole_notset'] = 'Default role is not set.';