Skip to content

Commit

Permalink
feat: add check for active webProfiler and kernelDebug state
Browse files Browse the repository at this point in the history
  • Loading branch information
tinect committed Jan 8, 2025
1 parent 69065bb commit 3f623de
Showing 1 changed file with 70 additions and 0 deletions.
70 changes: 70 additions & 0 deletions src/Components/Health/Checker/HealthChecker/DebugChecker.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
<?php

Check warning on line 1 in src/Components/Health/Checker/HealthChecker/DebugChecker.php

View workflow job for this annotation

GitHub Actions / cs / Check Style

Found violation(s) of type: trailing_comma_in_multiline

Check warning on line 1 in src/Components/Health/Checker/HealthChecker/DebugChecker.php

View workflow job for this annotation

GitHub Actions / cs / Check Style

Found violation(s) of type: braces_position

Check warning on line 1 in src/Components/Health/Checker/HealthChecker/DebugChecker.php

View workflow job for this annotation

GitHub Actions / cs / Check Style

Found violation(s) of type: single_line_empty_body

declare(strict_types=1);

namespace Frosh\Tools\Components\Health\Checker\HealthChecker;

use Frosh\Tools\Components\Health\Checker\CheckerInterface;
use Frosh\Tools\Components\Health\HealthCollection;
use Frosh\Tools\Components\Health\SettingsResult;
use Symfony\Bundle\WebProfilerBundle\WebProfilerBundle;
use Symfony\Component\DependencyInjection\Attribute\Autowire;

class DebugChecker implements HealthCheckerInterface, CheckerInterface
{
public function __construct(
/** @var array<string, string> $kernelBundles */
#[Autowire(param: 'kernel.bundles')]
private readonly array $kernelBundles,
#[Autowire(param: 'kernel.debug')]
private readonly bool $kernelDebug,
) {}

public function collect(HealthCollection $collection): void
{
$this->checkWebProfiler($collection);
$this->checkKernelDebug($collection);
}

private function checkWebProfiler(HealthCollection $collection): void
{
if (\in_array(WebProfilerBundle::class, $this->kernelBundles, true)) {
$collection->add(SettingsResult::error(
'webprofiler',
'WebProfilerBundle is active which leaks sensitive information',
'active',
'not active'
));

return;
}

$collection->add(SettingsResult::ok(
'webprofiler',
'WebProfilerBundle is not active',
'not active',
'not active'
));
}

private function checkKernelDebug(HealthCollection $collection): void
{
if ($this->kernelDebug) {
$collection->add(SettingsResult::error(
'kerneldebug',
'Kernel debug is active',
'active',
'not active'
));

return;
}

$collection->add(SettingsResult::ok(
'kerneldebug',
'Kernel debug is not active',
'not active',
'not active'
));
}
}

0 comments on commit 3f623de

Please sign in to comment.