Mercurial > hg > orthanc-authorization
annotate Plugin/DefaultAuthorizationParser.cpp @ 148:20c638fa8b07
new permissions for QIDO-RS & WADO-RS
author | Alain Mazy <am@osimis.io> |
---|---|
date | Thu, 15 Feb 2024 12:04:28 +0100 |
parents | f448e8626f1a |
children | 423531fb1200 |
rev | line source |
---|---|
1 | 1 /** |
2 * Advanced authorization plugin for Orthanc | |
68 | 3 * Copyright (C) 2017-2023 Osimis S.A., Belgium |
1 | 4 * |
5 * This program is free software: you can redistribute it and/or | |
6 * modify it under the terms of the GNU Affero General Public License | |
7 * as published by the Free Software Foundation, either version 3 of | |
8 * the License, or (at your option) any later version. | |
9 * | |
10 * This program is distributed in the hope that it will be useful, but | |
11 * WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
13 * Affero General Public License for more details. | |
14 * | |
15 * You should have received a copy of the GNU Affero General Public License | |
16 * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
17 **/ | |
18 | |
19 #include "DefaultAuthorizationParser.h" | |
20 | |
32 | 21 #include <OrthancException.h> |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
22 #include <HttpServer/HttpToolbox.h> |
128
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
23 #include <Logging.h> |
1 | 24 |
25 namespace OrthancPlugins | |
26 { | |
29
bc0431cb6b8f
fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
28
diff
changeset
|
27 DefaultAuthorizationParser::DefaultAuthorizationParser(ICacheFactory& factory, |
1 | 28 const std::string& dicomWebRoot) : |
29
bc0431cb6b8f
fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
28
diff
changeset
|
29 AuthorizationParserBase(factory), |
1 | 30 resourcesPattern_("^/(patients|studies|series|instances)/([a-f0-9-]+)(|/.*)$"), |
31 seriesPattern_("^/(web-viewer/series|web-viewer/is-stable-series|wsi/pyramids|wsi/tiles)/([a-f0-9-]+)(|/.*)$"), | |
11 | 32 instancesPattern_("^/web-viewer/instances/[a-z0-9]+-([a-f0-9-]+)_[0-9]+$"), |
33 osimisViewerSeries_("^/osimis-viewer/series/([a-f0-9-]+)(|/.*)$"), | |
28
ae19947abf68
Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/)
am@osimis.io
parents:
22
diff
changeset
|
34 osimisViewerImages_("^/osimis-viewer/(images|custom-command)/([a-f0-9-]+)(|/.*)$"), |
115
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
35 osimisViewerStudies_("^/osimis-viewer/studies/([a-f0-9-]+)(|/.*)$"), |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
36 listOfResourcesPattern_("^/(patients|studies|series|instances)(|/)$"), |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
37 createBulkPattern_("^/tools/(create-archive|create-media|create-media-extended)(|/)$") |
1 | 38 { |
39 std::string tmp = dicomWebRoot; | |
40 while (!tmp.empty() && | |
41 tmp[tmp.size() - 1] == '/') | |
42 { | |
43 tmp = tmp.substr(0, tmp.size() - 1); | |
44 } | |
45 | |
148
20c638fa8b07
new permissions for QIDO-RS & WADO-RS
Alain Mazy <am@osimis.io>
parents:
138
diff
changeset
|
46 // note: if you add new DICOMWeb routes here, add them in the DefaultConfiguration.json too |
1 | 47 dicomWebStudies_ = boost::regex( |
116
89eddd4b2f6a
tested resource token for WADO-RS
Alain Mazy <am@osimis.io>
parents:
115
diff
changeset
|
48 "^" + tmp + "/studies/([.0-9]+)(|/series|/metadata)(|/)$"); |
1 | 49 |
50 dicomWebSeries_ = boost::regex( | |
80 | 51 "^" + tmp + "/studies/([.0-9]+)/series/([.0-9]+)(|/instances|/rendered|/metadata)(|/)$"); |
1 | 52 |
53 dicomWebInstances_ = boost::regex( | |
98
c82f0c7d2c6a
Fix parsing of dicom-web/studies/../series/../instances/../bulk/.. routes
Alain Mazy <am@osimis.io>
parents:
92
diff
changeset
|
54 "^" + tmp + "/studies/([.0-9]+)/series/([.0-9]+)/instances/([.0-9]+)(|/|/frames/.*|/rendered|/metadata|/bulk/.*)(|/)$"); |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
55 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
56 dicomWebQidoRsFind_ = boost::regex( |
80 | 57 "^" + tmp + "/(studies|series|instances)(|/)$"); |
1 | 58 } |
59 | |
115
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
60 bool DefaultAuthorizationParser::IsListOfResources(const std::string& uri) |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
61 { |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
62 if (boost::regex_match(uri, listOfResourcesPattern_)) |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
63 { |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
64 return true; |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
65 } |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
66 |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
67 return false; |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
68 } |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
69 |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
70 |
1 | 71 |
72 bool DefaultAuthorizationParser::Parse(AccessedResources& target, | |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
73 const std::string& uri, |
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
74 const std::map<std::string, std::string>& getArguments) |
1 | 75 { |
76 // The mutex below should not be necessary, but we prefer to | |
77 // ensure thread safety in boost::regex | |
78 boost::mutex::scoped_lock lock(mutex_); | |
79 | |
80 boost::smatch what; | |
81 | |
82 if (boost::regex_match(uri, what, resourcesPattern_)) | |
83 { | |
84 AccessLevel level = StringToAccessLevel(what[1]); | |
85 | |
86 switch (level) | |
87 { | |
88 case AccessLevel_Instance: | |
89 AddOrthancInstance(target, what[2]); | |
90 break; | |
91 | |
92 case AccessLevel_Series: | |
93 AddOrthancSeries(target, what[2]); | |
94 break; | |
95 | |
96 case AccessLevel_Study: | |
97 AddOrthancStudy(target, what[2]); | |
98 break; | |
99 | |
100 case AccessLevel_Patient: | |
101 AddOrthancPatient(target, what[2]); | |
102 break; | |
103 | |
104 default: | |
105 throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError); | |
106 } | |
107 | |
108 return true; | |
109 } | |
110 else if (boost::regex_match(uri, what, seriesPattern_)) | |
111 { | |
112 AddOrthancSeries(target, what[2]); | |
113 return true; | |
114 } | |
115 else if (boost::regex_match(uri, what, instancesPattern_)) | |
116 { | |
117 AddOrthancInstance(target, what[1]); | |
118 return true; | |
119 } | |
120 else if (boost::regex_match(uri, what, dicomWebStudies_)) | |
121 { | |
122 AddDicomStudy(target, what[1]); | |
123 return true; | |
124 } | |
125 else if (boost::regex_match(uri, what, dicomWebSeries_)) | |
126 { | |
127 AddDicomSeries(target, what[1], what[2]); | |
128 return true; | |
129 } | |
130 else if (boost::regex_match(uri, what, dicomWebInstances_)) | |
131 { | |
132 AddDicomInstance(target, what[1], what[2], what[3]); | |
133 return true; | |
134 } | |
11 | 135 else if (boost::regex_match(uri, what, osimisViewerSeries_)) |
136 { | |
137 AddOrthancSeries(target, what[1]); | |
138 return true; | |
139 } | |
140 else if (boost::regex_match(uri, what, osimisViewerStudies_)) | |
141 { | |
142 AddOrthancStudy(target, what[1]); | |
143 return true; | |
144 } | |
145 else if (boost::regex_match(uri, what, osimisViewerImages_)) | |
146 { | |
50 | 147 AddOrthancInstance(target, what[2]); |
11 | 148 return true; |
149 } | |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
150 else if (boost::regex_match(uri, what, createBulkPattern_)) |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
151 { |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
152 std::string resourcesIdsString = Orthanc::HttpToolbox::GetArgument(getArguments, "resources", ""); |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
153 std::set<std::string> resourcesIds; |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
154 Orthanc::Toolbox::SplitString(resourcesIds, resourcesIdsString, ','); |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
155 |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
156 for (std::set<std::string>::const_iterator it = resourcesIds.begin(); it != resourcesIds.end(); ++it) |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
157 { |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
158 AddOrthancUnknownResource(target, *it); |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
159 } |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
160 |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
161 return true; |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
162 } |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
163 else if (boost::regex_match(uri, what, dicomWebQidoRsFind_)) |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
164 { |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
165 std::string studyInstanceUid, seriesInstanceUid, sopInstanceUid, patientId; |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
166 |
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
167 studyInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "0020000D", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
168 if (studyInstanceUid.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
169 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
170 studyInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "StudyInstanceUID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
171 } |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
172 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
173 seriesInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "0020000E", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
174 if (seriesInstanceUid.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
175 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
176 seriesInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "SeriesInstanceUID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
177 } |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
178 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
179 sopInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "00080018", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
180 if (sopInstanceUid.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
181 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
182 sopInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "SOPInstanceUID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
183 } |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
184 |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
185 patientId = Orthanc::HttpToolbox::GetArgument(getArguments, "00100010", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
186 if (patientId.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
187 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
188 patientId = Orthanc::HttpToolbox::GetArgument(getArguments, "PatientID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
189 } |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
190 |
128
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
191 if (!sopInstanceUid.empty() && sopInstanceUid.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
192 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
193 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in SOPInstanceUID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
194 sopInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
195 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
196 |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
197 if (!seriesInstanceUid.empty() && seriesInstanceUid.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
198 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
199 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in SeriesInstanceUID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
200 seriesInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
201 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
202 |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
203 if (!studyInstanceUid.empty() && studyInstanceUid.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
204 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
205 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in StudyInstanceUID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
206 studyInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
207 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
208 |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
209 if (!patientId.empty() && patientId.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
210 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
211 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in PatientID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
212 patientId = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
213 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
214 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
215 if (!sopInstanceUid.empty() && !seriesInstanceUid.empty() && !studyInstanceUid.empty()) |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
216 { |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
217 AddDicomInstance(target, studyInstanceUid, seriesInstanceUid, sopInstanceUid); |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
218 return true; |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
219 } |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
220 else if (!seriesInstanceUid.empty() && !studyInstanceUid.empty()) |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
221 { |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
222 AddDicomSeries(target, studyInstanceUid, seriesInstanceUid); |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
223 return true; |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
224 } |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
225 else if (!studyInstanceUid.empty()) |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
226 { |
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
227 AddDicomStudy(target, studyInstanceUid); |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
228 return true; |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
229 } |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
230 else if (!patientId.empty()) |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
231 { |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
232 AddDicomPatient(target, patientId); |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
233 return true; |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
234 } |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
235 } |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
236 |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
237 // Unknown type of resource: Consider it as a system access |
1 | 238 |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
239 // Remove the trailing slashes if need be |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
240 std::string s = uri; |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
241 while (!s.empty() && |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
242 s[s.length() - 1] == '/') |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
243 { |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
244 s = s.substr(0, s.length() - 1); |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
245 } |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
246 |
109 | 247 std::set<std::string> labels; |
248 | |
249 target.push_back(AccessedResource(AccessLevel_System, s, "", labels)); | |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
250 return true; |
1 | 251 } |
252 } |