71
|
1 {
|
|
2 "Authorization" : {
|
|
3 // The URL of the auth webservice implementing resource level authorization (optional if not implementing resource based permissions)
|
|
4 // "WebService" : "http://change-me:8000/validate",
|
|
5
|
|
6 // The URL of the auth webservice implementing resource level authorization (optional if not implementing user-permissions)
|
|
7 // "WebServiceUserProfileUrl" : "http://change-me:8000/user-profile",
|
|
8
|
|
9 // The username and password to connect to the webservice (optional)
|
|
10 //"WebServiceUsername": "change-me",
|
|
11 //"WebServicePassword": "change-me",
|
|
12
|
|
13 // An identifier added to the payload of each request to the auth webservice (optional)
|
|
14 //"WebServiceIdentifier": "change-me"
|
|
15
|
|
16 // The name of the HTTP headers that may contain auth tokens
|
|
17 //"TokenHttpHeaders" : [],
|
|
18
|
|
19 // the name of the GET arguments that may contain auth tokens
|
|
20 //"TokenGetArguments" : [],
|
|
21
|
|
22 // A list of predefined configurations for well-known plugins
|
|
23 // "StandardConfigurations": [ // new in v 0.4.0
|
|
24 // "osimis-web-viewer",
|
|
25 // "stone-webviewer",
|
|
26 // "orthanc-explorer-2"
|
|
27 // ],
|
|
28
|
|
29 //"UncheckedResources" : [],
|
|
30 //"UncheckedFolders" : [],
|
|
31 //"CheckedLevel" : "studies",
|
|
32 //"UncheckedLevels" : [],
|
|
33
|
|
34 // Definition of required "user-permissions". This can be fully customized.
|
|
35 // You may define other permissions yourself as long as they mathc the permissions
|
|
36 // provided in the user-profile route implemented by the auth-service.
|
|
37 // You may test your regex in https://regex101.com/ by selecting .NET (C#) and removing the leading ^ and trailing $
|
|
38 // The default configuration is suitable for Orthanc-Explorer-2 (see TBD sample)
|
|
39 "Permissions" : [
|
|
40 // elemental browsing in OE2
|
|
41 ["post", "^/tools/find$", "all|view"],
|
|
42 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/(studies|series|instances)$", "all|view"],
|
|
43 ["get" , "^/instances/([a-f0-9-]+)/(tags|header)$", "all|view"],
|
|
44 ["get" , "^/statistics$", "all|view"],
|
|
45
|
|
46 // monitor jobs you have created
|
|
47 ["get" , "^/jobs/([a-f0-9-]+)$", "all|send|modify|anonymize|q-r-remote-modalities"],
|
|
48
|
|
49 // downloads: not functional yet, we need one-time-tokens
|
|
50 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/archive$", "all|download"],
|
|
51 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/media$", "all|download"],
|
|
52
|
|
53 // interacting with peers/modalities/dicomweb
|
|
54 ["post", "^/(peers|modalities)/(.*)/store$", "all|send"],
|
|
55 ["get" , "^/(peers|modalities)$", "all|send|q-r-remote-modalities"],
|
|
56 ["post", "^/modalities/(.*)/echo$", "all|send|q-r-remote-modalities"],
|
|
57 ["post", "^/modalities/(.*)/query$", "all|q-r-remote-modalities"],
|
|
58 ["get", "^/queries/([a-f0-9-]+)/answers$", "all|q-r-remote-modalities"],
|
|
59 ["post", "^/modalities/(.*)/move$", "all|q-r-remote-modalities"],
|
|
60 ["get" , "^/DICOM_WEB_ROOT/(servers)/(.*)/stow$", "all|send"],
|
|
61
|
|
62 // upload
|
|
63 ["post", "^/instances$", "all|upload"],
|
|
64
|
|
65 // modifications/anonymization
|
|
66 ["post", "^/(patients|studies|series|instances)/([a-f0-9-]+)/modify(.*)$", "all|modify"],
|
|
67 ["post", "^/(patients|studies|series|instances)/([a-f0-9-]+)/anonymize(.*)$", "all|anonymize"]
|
|
68
|
|
69 ]
|
|
70 }
|
|
71 } |