summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/etc/inc/auth.inc43
1 files changed, 10 insertions, 33 deletions
diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc
index d75874f..4835a00 100644
--- a/src/etc/inc/auth.inc
+++ b/src/etc/inc/auth.inc
@@ -318,53 +318,30 @@ function & getGroupEntryByGID($gid) {
}
function get_user_privileges(& $user) {
- global $config, $_SESSION;
+ global $config;
$authcfg = auth_get_authserver($config['system']['webgui']['authmode']);
- $allowed_groups = array();
+ $names = array();
$privs = $user['priv'];
if (!is_array($privs)) {
$privs = array();
}
- // cache auth results for a short time to ease load on auth services & logs
- if (isset($config['system']['webgui']['auth_refresh_time'])) {
- $recheck_time = $config['system']['webgui']['auth_refresh_time'];
- } else {
- $recheck_time = 30;
- }
-
if ($authcfg['type'] == "ldap") {
- if (isset($_SESSION["ldap_allowed_groups"]) &&
- (time() <= $_SESSION["auth_check_time"] + $recheck_time)) {
- $allowed_groups = $_SESSION["ldap_allowed_groups"];
- } else {
- $allowed_groups = @ldap_get_groups($user['name'], $authcfg);
- $_SESSION["ldap_allowed_groups"] = $allowed_groups;
- $_SESSION["auth_check_time"] = time();
- }
+ $names = @ldap_get_groups($user['name'], $authcfg);
} elseif ($authcfg['type'] == "radius") {
- if (isset($_SESSION["radius_allowed_groups"]) &&
- (time() <= $_SESSION["auth_check_time"] + $recheck_time)) {
- $allowed_groups = $_SESSION["radius_allowed_groups"];
- } else {
- $allowed_groups = @radius_get_groups($_SESSION['user_radius_attributes']);
- $_SESSION["radius_allowed_groups"] = $allowed_groups;
- $_SESSION["auth_check_time"] = time();
- }
+ $names = @radius_get_groups($_SESSION['user_radius_attributes']);
}
- if (empty($allowed_groups)) {
- $allowed_groups = local_user_get_groups($user, true);
+ if (empty($names)) {
+ $names = local_user_get_groups($user, true);
}
- if (is_array($allowed_groups)) {
- foreach ($allowed_groups as $name) {
- $group = getGroupEntry($name);
- if (is_array($group['priv'])) {
- $privs = array_merge($privs, $group['priv']);
- }
+ foreach ($names as $name) {
+ $group = getGroupEntry($name);
+ if (is_array($group['priv'])) {
+ $privs = array_merge($privs, $group['priv']);
}
}
OpenPOWER on IntegriCloud