diff options
-rw-r--r-- | etc/inc/auth.inc | 27 | ||||
-rwxr-xr-x | usr/local/www/diag_authentication.php | 12 |
2 files changed, 36 insertions, 3 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 302e1fe..6a0d941 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1018,6 +1018,33 @@ function auth_get_authserver_list() { return $list; } +function getUserGroups($username, $authcfg) { + global $config; + + $allowed_groups = array(); + + switch($authcfg['type']) { + case 'ldap': + $allowed_groups = @ldap_get_groups($username, $authcfg); + break; + case 'radius': + break; + default: + $user = getUserEntry($username); + $allowed_groups = @local_user_get_groups($user, true); + break; + } + + $member_groups = array(); + if (is_array($config['system']['group'])) { + foreach ($config['system']['group'] as $group) + if (in_array($group['name'], $allowed_groups)) + $member_groups[] = $group['name']; + } + + return $member_groups; +} + function authenticate_user($username, $password, $authcfg = NULL) { if (!$authcfg) { diff --git a/usr/local/www/diag_authentication.php b/usr/local/www/diag_authentication.php index f579da9..82bb4eb 100755 --- a/usr/local/www/diag_authentication.php +++ b/usr/local/www/diag_authentication.php @@ -56,10 +56,16 @@ if ($_POST) { $input_errors[] = "A valid username and password must be specified."; if (!$input_errors) { - if (authenticate_user($_POST['username'], $_POST['password'], $authcfg)) - $savemsg = "User authenticated sucessfully."; - else + if (authenticate_user($_POST['username'], $_POST['password'], $authcfg)) { + $savemsg = "User: {$_POST['username']} authenticated sucessfully."; + $groups = getUserGroups($_POST['username'], $authcfg); + $savemsg .= "<br />This user is member of this groups: <br />"; + foreach ($groups as $group) + $savemsg .= "{$group} "; + } else { + var_dump($authcfg); $input_errors[] = "User did not authenticate succesfully."; + } } } $pgtitle = array("Diagnostics","Authentication"); |