Mercurial > hg > orthanc-authorization
annotate Plugin/DefaultAuthorizationParser.cpp @ 139:7e53735eeacb
sync Orthanc
author | Alain Mazy <am@osimis.io> |
---|---|
date | Tue, 19 Dec 2023 11:52:51 +0100 |
parents | f448e8626f1a |
children | 20c638fa8b07 |
rev | line source |
---|---|
1 | 1 /** |
2 * Advanced authorization plugin for Orthanc | |
68 | 3 * Copyright (C) 2017-2023 Osimis S.A., Belgium |
1 | 4 * |
5 * This program is free software: you can redistribute it and/or | |
6 * modify it under the terms of the GNU Affero General Public License | |
7 * as published by the Free Software Foundation, either version 3 of | |
8 * the License, or (at your option) any later version. | |
9 * | |
10 * This program is distributed in the hope that it will be useful, but | |
11 * WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
13 * Affero General Public License for more details. | |
14 * | |
15 * You should have received a copy of the GNU Affero General Public License | |
16 * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
17 **/ | |
18 | |
19 #include "DefaultAuthorizationParser.h" | |
20 | |
32 | 21 #include <OrthancException.h> |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
22 #include <HttpServer/HttpToolbox.h> |
128
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
23 #include <Logging.h> |
1 | 24 |
25 namespace OrthancPlugins | |
26 { | |
29
bc0431cb6b8f
fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
28
diff
changeset
|
27 DefaultAuthorizationParser::DefaultAuthorizationParser(ICacheFactory& factory, |
1 | 28 const std::string& dicomWebRoot) : |
29
bc0431cb6b8f
fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
28
diff
changeset
|
29 AuthorizationParserBase(factory), |
1 | 30 resourcesPattern_("^/(patients|studies|series|instances)/([a-f0-9-]+)(|/.*)$"), |
31 seriesPattern_("^/(web-viewer/series|web-viewer/is-stable-series|wsi/pyramids|wsi/tiles)/([a-f0-9-]+)(|/.*)$"), | |
11 | 32 instancesPattern_("^/web-viewer/instances/[a-z0-9]+-([a-f0-9-]+)_[0-9]+$"), |
33 osimisViewerSeries_("^/osimis-viewer/series/([a-f0-9-]+)(|/.*)$"), | |
28
ae19947abf68
Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/)
am@osimis.io
parents:
22
diff
changeset
|
34 osimisViewerImages_("^/osimis-viewer/(images|custom-command)/([a-f0-9-]+)(|/.*)$"), |
115
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
35 osimisViewerStudies_("^/osimis-viewer/studies/([a-f0-9-]+)(|/.*)$"), |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
36 listOfResourcesPattern_("^/(patients|studies|series|instances)(|/)$"), |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
37 createBulkPattern_("^/tools/(create-archive|create-media|create-media-extended)(|/)$") |
1 | 38 { |
39 std::string tmp = dicomWebRoot; | |
40 while (!tmp.empty() && | |
41 tmp[tmp.size() - 1] == '/') | |
42 { | |
43 tmp = tmp.substr(0, tmp.size() - 1); | |
44 } | |
45 | |
46 dicomWebStudies_ = boost::regex( | |
116
89eddd4b2f6a
tested resource token for WADO-RS
Alain Mazy <am@osimis.io>
parents:
115
diff
changeset
|
47 "^" + tmp + "/studies/([.0-9]+)(|/series|/metadata)(|/)$"); |
1 | 48 |
49 dicomWebSeries_ = boost::regex( | |
80 | 50 "^" + tmp + "/studies/([.0-9]+)/series/([.0-9]+)(|/instances|/rendered|/metadata)(|/)$"); |
1 | 51 |
52 dicomWebInstances_ = boost::regex( | |
98
c82f0c7d2c6a
Fix parsing of dicom-web/studies/../series/../instances/../bulk/.. routes
Alain Mazy <am@osimis.io>
parents:
92
diff
changeset
|
53 "^" + tmp + "/studies/([.0-9]+)/series/([.0-9]+)/instances/([.0-9]+)(|/|/frames/.*|/rendered|/metadata|/bulk/.*)(|/)$"); |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
54 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
55 dicomWebQidoRsFind_ = boost::regex( |
80 | 56 "^" + tmp + "/(studies|series|instances)(|/)$"); |
1 | 57 } |
58 | |
115
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
59 bool DefaultAuthorizationParser::IsListOfResources(const std::string& uri) |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
60 { |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
61 if (boost::regex_match(uri, listOfResourcesPattern_)) |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
62 { |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
63 return true; |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
64 } |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
65 |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
66 return false; |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
67 } |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
68 |
0eed78c1e177
cache the UserProfile + updated http filter logic
Alain Mazy <am@osimis.io>
parents:
109
diff
changeset
|
69 |
1 | 70 |
71 bool DefaultAuthorizationParser::Parse(AccessedResources& target, | |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
72 const std::string& uri, |
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
73 const std::map<std::string, std::string>& getArguments) |
1 | 74 { |
75 // The mutex below should not be necessary, but we prefer to | |
76 // ensure thread safety in boost::regex | |
77 boost::mutex::scoped_lock lock(mutex_); | |
78 | |
79 boost::smatch what; | |
80 | |
81 if (boost::regex_match(uri, what, resourcesPattern_)) | |
82 { | |
83 AccessLevel level = StringToAccessLevel(what[1]); | |
84 | |
85 switch (level) | |
86 { | |
87 case AccessLevel_Instance: | |
88 AddOrthancInstance(target, what[2]); | |
89 break; | |
90 | |
91 case AccessLevel_Series: | |
92 AddOrthancSeries(target, what[2]); | |
93 break; | |
94 | |
95 case AccessLevel_Study: | |
96 AddOrthancStudy(target, what[2]); | |
97 break; | |
98 | |
99 case AccessLevel_Patient: | |
100 AddOrthancPatient(target, what[2]); | |
101 break; | |
102 | |
103 default: | |
104 throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError); | |
105 } | |
106 | |
107 return true; | |
108 } | |
109 else if (boost::regex_match(uri, what, seriesPattern_)) | |
110 { | |
111 AddOrthancSeries(target, what[2]); | |
112 return true; | |
113 } | |
114 else if (boost::regex_match(uri, what, instancesPattern_)) | |
115 { | |
116 AddOrthancInstance(target, what[1]); | |
117 return true; | |
118 } | |
119 else if (boost::regex_match(uri, what, dicomWebStudies_)) | |
120 { | |
121 AddDicomStudy(target, what[1]); | |
122 return true; | |
123 } | |
124 else if (boost::regex_match(uri, what, dicomWebSeries_)) | |
125 { | |
126 AddDicomSeries(target, what[1], what[2]); | |
127 return true; | |
128 } | |
129 else if (boost::regex_match(uri, what, dicomWebInstances_)) | |
130 { | |
131 AddDicomInstance(target, what[1], what[2], what[3]); | |
132 return true; | |
133 } | |
11 | 134 else if (boost::regex_match(uri, what, osimisViewerSeries_)) |
135 { | |
136 AddOrthancSeries(target, what[1]); | |
137 return true; | |
138 } | |
139 else if (boost::regex_match(uri, what, osimisViewerStudies_)) | |
140 { | |
141 AddOrthancStudy(target, what[1]); | |
142 return true; | |
143 } | |
144 else if (boost::regex_match(uri, what, osimisViewerImages_)) | |
145 { | |
50 | 146 AddOrthancInstance(target, what[2]); |
11 | 147 return true; |
148 } | |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
149 else if (boost::regex_match(uri, what, createBulkPattern_)) |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
150 { |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
151 std::string resourcesIdsString = Orthanc::HttpToolbox::GetArgument(getArguments, "resources", ""); |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
152 std::set<std::string> resourcesIds; |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
153 Orthanc::Toolbox::SplitString(resourcesIds, resourcesIdsString, ','); |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
154 |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
155 for (std::set<std::string>::const_iterator it = resourcesIds.begin(); it != resourcesIds.end(); ++it) |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
156 { |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
157 AddOrthancUnknownResource(target, *it); |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
158 } |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
159 |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
160 return true; |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
128
diff
changeset
|
161 } |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
162 else if (boost::regex_match(uri, what, dicomWebQidoRsFind_)) |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
163 { |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
164 std::string studyInstanceUid, seriesInstanceUid, sopInstanceUid, patientId; |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
165 |
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
166 studyInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "0020000D", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
167 if (studyInstanceUid.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
168 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
169 studyInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "StudyInstanceUID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
170 } |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
171 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
172 seriesInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "0020000E", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
173 if (seriesInstanceUid.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
174 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
175 seriesInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "SeriesInstanceUID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
176 } |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
177 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
178 sopInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "00080018", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
179 if (sopInstanceUid.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
180 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
181 sopInstanceUid = Orthanc::HttpToolbox::GetArgument(getArguments, "SOPInstanceUID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
182 } |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
183 |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
184 patientId = Orthanc::HttpToolbox::GetArgument(getArguments, "00100010", ""); |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
185 if (patientId.empty()) |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
186 { |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
187 patientId = Orthanc::HttpToolbox::GetArgument(getArguments, "PatientID", ""); |
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
80
diff
changeset
|
188 } |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
189 |
128
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
190 if (!sopInstanceUid.empty() && sopInstanceUid.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
191 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
192 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in SOPInstanceUID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
193 sopInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
194 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
195 |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
196 if (!seriesInstanceUid.empty() && seriesInstanceUid.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
197 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
198 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in SeriesInstanceUID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
199 seriesInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
200 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
201 |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
202 if (!studyInstanceUid.empty() && studyInstanceUid.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
203 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
204 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in StudyInstanceUID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
205 studyInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
206 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
207 |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
208 if (!patientId.empty() && patientId.find('*') != std::string::npos) |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
209 { |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
210 LOG(WARNING) << "Authorization plugin: unable to handle wildcards in PatientID"; |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
211 patientId = ""; // remove the constrain, it will be considered as a 'system' access |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
212 } |
0205e9efaca8
detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes
Alain Mazy <am@osimis.io>
parents:
116
diff
changeset
|
213 |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
214 if (!sopInstanceUid.empty() && !seriesInstanceUid.empty() && !studyInstanceUid.empty()) |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
215 { |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
216 AddDicomInstance(target, studyInstanceUid, seriesInstanceUid, sopInstanceUid); |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
217 return true; |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
218 } |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
219 else if (!seriesInstanceUid.empty() && !studyInstanceUid.empty()) |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
220 { |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
221 AddDicomSeries(target, studyInstanceUid, seriesInstanceUid); |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
222 return true; |
57
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
223 } |
55539d564f4f
added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
224 else if (!studyInstanceUid.empty()) |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
225 { |
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
226 AddDicomStudy(target, studyInstanceUid); |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
227 return true; |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
228 } |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
229 else if (!patientId.empty()) |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
230 { |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
231 AddDicomPatient(target, patientId); |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
232 return true; |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
233 } |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
50
diff
changeset
|
234 } |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
235 |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
236 // Unknown type of resource: Consider it as a system access |
1 | 237 |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
238 // Remove the trailing slashes if need be |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
239 std::string s = uri; |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
240 while (!s.empty() && |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
241 s[s.length() - 1] == '/') |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
242 { |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
243 s = s.substr(0, s.length() - 1); |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
244 } |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
245 |
109 | 246 std::set<std::string> labels; |
247 | |
248 target.push_back(AccessedResource(AccessLevel_System, s, "", labels)); | |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
249 return true; |
1 | 250 } |
251 } |