2 files changed, 36 insertions, 3 deletions

diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 302e1fe..6a0d941 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -1018,6 +1018,33 @@ function auth_get_authserver_list() {
 	return $list;
 }
 
+function getUserGroups($username, $authcfg) {
+	global $config;
+
+	$allowed_groups = array();
+
+	switch($authcfg['type']) {
+        case 'ldap':
+		$allowed_groups = @ldap_get_groups($username, $authcfg);
+		break;
+	case 'radius':
+		break;
+	default:
+		$user = getUserEntry($username);
+		$allowed_groups = @local_user_get_groups($user, true);
+		break;
+	}
+
+	$member_groups = array();
+        if (is_array($config['system']['group'])) {
+                foreach ($config['system']['group'] as $group)
+                        if (in_array($group['name'], $allowed_groups))
+				$member_groups[] = $group['name'];
+	}
+
+	return $member_groups;
+}
+
 function authenticate_user($username, $password, $authcfg = NULL) {
 
 	if (!$authcfg) {
diff --git a/usr/local/www/diag_authentication.php b/usr/local/www/diag_authentication.php
index f579da9..82bb4eb 100755
--- a/usr/local/www/diag_authentication.php
+++ b/usr/local/www/diag_authentication.php
@@ -56,10 +56,16 @@ if ($_POST) {
 		$input_errors[] = "A valid username and password must be specified.";
 
 	if (!$input_errors) {
-		if (authenticate_user($_POST['username'], $_POST['password'], $authcfg))
-			$savemsg = "User authenticated sucessfully.";
-		else
+		if (authenticate_user($_POST['username'], $_POST['password'], $authcfg)) {
+			$savemsg = "User: {$_POST['username']} authenticated sucessfully.";
+			$groups = getUserGroups($_POST['username'], $authcfg);
+			$savemsg .= "<br />This user is member of this groups: <br />";
+			foreach ($groups as $group)
+				$savemsg .= "{$group} ";
+		} else {
+			var_dump($authcfg);
 			$input_errors[] = "User did not authenticate succesfully.";
+		}
 	}
 }
 $pgtitle = array("Diagnostics","Authentication");