DEV-1993: Add drush policy to make drush sync command safer. (#48)

* DEV-1993: Alter drush sync command with safe defaults.

* Update PolicyCommands.php

Co-authored-by: Wolfgang Ziegler <[email protected]>

drush/Commands/PolicyCommands.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace Drush\Commands;
+
+use Consolidation\AnnotatedCommand\CommandData;
+
+/**
+ * Edit this file to reflect your organization's needs.
+ */
+class PolicyCommands extends DrushCommands {
+
+  /**
+   * Prevent catastrophic braino. Note that this file has to be local to the
+   * machine that initiates the sql:sync command.
+   *
+   * @hook validate sql:sync
+   *
+   * @throws \Exception
+   */
+  public function sqlSyncValidate(CommandData $commandData) {
+    if ($commandData->input()->getArgument('target') == '@live') {
+      throw new \Exception(dt('Per !file, you may never overwrite the production database.', ['!file' => __FILE__]));
+    }
+  }
+
+  /**
+   * Limit rsync operations to production site.
+   *
+   * @hook validate core:rsync
+   *
+   * @throws \Exception
+   */
+  public function rsyncValidate(CommandData $commandData) {
+    if (preg_match("/^@live/", $commandData->input()->getArgument('target'))) {
+      throw new \Exception(dt('Per !file, you may never rsync to the production site.', ['!file' => __FILE__]));
+    }
+  }
+}