Skip to content

O
OpnSense
Commit 1127338c authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) fix diag_authentication.php to fit the new reality and move getUserGroups in the process

parent c51ac453
Hide whitespace changes
Inline Side-by-side
Showing with 34 additions and 36 deletions
src/etc/inc/auth.inc
View file @ 1127338c
...@@ -239,8 +239,12 @@ function index_users() ...@@ -239,8 +239,12 @@ function index_users()
function &getUserEntry($name) function &getUserEntry($name)
{ {
global $config, $userindex; global $config, $userindex;
if (isset($userindex[$name])) $false = false;
if (isset($userindex[$name])) {
return $config['system']['user'][$userindex[$name]]; return $config['system']['user'][$userindex[$name]];
} else {
return $false;
}
} }
function &getUserEntryByUID($uid) function &getUserEntryByUID($uid)
...@@ -837,36 +841,6 @@ function auth_get_authserver_list() { ...@@ -837,36 +841,6 @@ function auth_get_authserver_list() {
return $list; return $list;
} }
function getUserGroups($username, $authcfg)
{
global $config;
$allowed_groups = array();
$member_groups = array();
switch ($authcfg['type']) {
case 'ldap':
$allowed_groups = @ldap_get_groups($username, $authcfg);
break;
case 'radius':
break;
default:
$user = getUserEntry($username);
$allowed_groups = @local_user_get_groups($user, true);
break;
}
if (isset($config['system']['group'])) {
foreach ($config['system']['group'] as $group) {
if (in_array($group['name'], $allowed_groups)) {
$member_groups[] = $group['name'];
}
}
}
return $member_groups;
}
function authenticate_user($username, $password, $authcfg = NULL, &$attributes = array()) { function authenticate_user($username, $password, $authcfg = NULL, &$attributes = array()) {
if (!$authcfg) { if (!$authcfg) {
......
src/www/diag_authentication.php
View file @ 1127338c
...@@ -30,18 +30,42 @@ require_once("guiconfig.inc"); ...@@ -30,18 +30,42 @@ require_once("guiconfig.inc");
require_once("PEAR.inc"); require_once("PEAR.inc");
require_once("radius.inc"); require_once("radius.inc");
if ($_POST) { function getUserGroups($username, $authcfg)
{
global $config;
$member_groups = array();
$user = getUserEntry($username);
if ($user !== false) {
$allowed_groups = local_user_get_groups($user, true);
if (isset($config['system']['group'])) {
foreach ($config['system']['group'] as $group) {
if (in_array($group['name'], $allowed_groups)) {
$member_groups[] = $group['name'];
}
}
}
}
return $member_groups;
}
$input_errors = array();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$pconfig = $_POST; $pconfig = $_POST;
unset($input_errors);
$authcfg = auth_get_authserver($_POST['authmode']); $authcfg = auth_get_authserver($_POST['authmode']);
if (!$authcfg) if (!$authcfg) {
$input_errors[] = $_POST['authmode'] . " " . gettext("is not a valid authentication server"); $input_errors[] = $_POST['authmode'] . " " . gettext("is not a valid authentication server");
}
if (empty($_POST['username']) || empty($_POST['password'])) if (empty($_POST['username']) || empty($_POST['password'])) {
$input_errors[] = gettext("A username and password must be specified."); $input_errors[] = gettext("A username and password must be specified.");
}
if (!$input_errors) { if (count($input_errors) == 0) {
if (authenticate_user($_POST['username'], $_POST['password'], $authcfg)) { if (authenticate_user($_POST['username'], $_POST['password'], $authcfg)) {
$savemsg = gettext("User") . ": " . $_POST['username'] . " " . gettext("authenticated successfully."); $savemsg = gettext("User") . ": " . $_POST['username'] . " " . gettext("authenticated successfully.");
$groups = getUserGroups($_POST['username'], $authcfg); $groups = getUserGroups($_POST['username'], $authcfg);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023