Mercurial > hg > orthanc-authorization
annotate NEWS @ 150:9be1ee2b8fe1 0.7.0
0.7.0
author | Alain Mazy <am@osimis.io> |
---|---|
date | Fri, 16 Feb 2024 08:39:33 +0100 |
parents | 423531fb1200 |
children | 9f686ee4b158 |
rev | line source |
---|---|
150 | 1 2024-02-16 - v 0.7.0 |
2 ==================== | |
146
f294a3c6dbe6
Added 2 new default permissions for dicom-web (get and post on dicom-web/studies)
Alain Mazy <am@osimis.io>
parents:
142
diff
changeset
|
3 |
149
423531fb1200
SINGLE_RESOURCE_PATTERNS to facilitate api-key support
Alain Mazy <am@osimis.io>
parents:
148
diff
changeset
|
4 * Added new default permissions "SINGLE_RESOURCE_PATTERNS" and |
423531fb1200
SINGLE_RESOURCE_PATTERNS to facilitate api-key support
Alain Mazy <am@osimis.io>
parents:
148
diff
changeset
|
5 reorganized the permissions accordingly. |
423531fb1200
SINGLE_RESOURCE_PATTERNS to facilitate api-key support
Alain Mazy <am@osimis.io>
parents:
148
diff
changeset
|
6 This notably facilitate accessing a single resource with a user token. |
423531fb1200
SINGLE_RESOURCE_PATTERNS to facilitate api-key support
Alain Mazy <am@osimis.io>
parents:
148
diff
changeset
|
7 The plugins first check that the user has the right permissions to access the route |
423531fb1200
SINGLE_RESOURCE_PATTERNS to facilitate api-key support
Alain Mazy <am@osimis.io>
parents:
148
diff
changeset
|
8 and then, the plugins check if the study has one of the authorized_labels |
423531fb1200
SINGLE_RESOURCE_PATTERNS to facilitate api-key support
Alain Mazy <am@osimis.io>
parents:
148
diff
changeset
|
9 of the user. This notably improves user token handling outside of OE2 |
423531fb1200
SINGLE_RESOURCE_PATTERNS to facilitate api-key support
Alain Mazy <am@osimis.io>
parents:
148
diff
changeset
|
10 e.g when using api-key. |
146
f294a3c6dbe6
Added 2 new default permissions for dicom-web (get and post on dicom-web/studies)
Alain Mazy <am@osimis.io>
parents:
142
diff
changeset
|
11 |
f294a3c6dbe6
Added 2 new default permissions for dicom-web (get and post on dicom-web/studies)
Alain Mazy <am@osimis.io>
parents:
142
diff
changeset
|
12 |
142 | 13 2023-12-19 - v 0.6.2 |
140 | 14 ==================== |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
15 |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
16 * Now handling new GET /tools/create-archive and sibling routes. |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
17 |
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
18 |
140 | 19 2023-11-13 - v 0.6.1 |
20 ==================== | |
126
8b123c2adb69
now overriding /tools/find and /tools/labels only if the auth-service is providing user profile
Alain Mazy <am@osimis.io>
parents:
122
diff
changeset
|
21 |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
22 * Updated default "Permissions" configuration to take the "/merge" routes |
127
8591a0c1fa2a
updated default 'Permissions' configuration to take the '/merge' routes into account
Alain Mazy <am@osimis.io>
parents:
126
diff
changeset
|
23 into account. |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
24 * Now overriding /tools/find and /tools/labels only if the auth-service |
126
8b123c2adb69
now overriding /tools/find and /tools/labels only if the auth-service is providing user profile
Alain Mazy <am@osimis.io>
parents:
122
diff
changeset
|
25 is providing user profiles ("WebServiceUserProfileUrl" has been configured). |
8b123c2adb69
now overriding /tools/find and /tools/labels only if the auth-service is providing user profile
Alain Mazy <am@osimis.io>
parents:
122
diff
changeset
|
26 |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
27 |
140 | 28 2023-09-18 - v 0.6.0 |
29 ==================== | |
121 | 30 |
31 * Now handling permissions based on labels from a user profile: | |
32 - filter the results from tools/find to grant access only to the | |
33 authorized_labels from the user profile | |
34 - grants access to resources (studies) based on their labels and | |
35 the authorized_labels from the user profile. | |
36 - check the https://github.com/orthanc-team/orthanc-auth-service | |
37 sample project for more details | |
135
c14b49c6eb6b
migration to UCLouvain servers
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
129
diff
changeset
|
38 * Added integration tests in the https://orthanc.uclouvain.be/hg/orthanc-tests/ |
121 | 39 repository. |
40 | |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
41 |
104 | 42 2023-06-21 - v 0.5.3 |
43 ==================== | |
44 | |
102
18d3f7bd18db
new standard configuration 'ohif'
Alain Mazy <am@osimis.io>
parents:
100
diff
changeset
|
45 * New standard configuration "ohif" |
100
760fd9ad7007
new default permissions for labels
Alain Mazy <am@osimis.io>
parents:
98
diff
changeset
|
46 * new default permissions for labels |
98
c82f0c7d2c6a
Fix parsing of dicom-web/studies/../series/../instances/../bulk/.. routes
Alain Mazy <am@osimis.io>
parents:
96
diff
changeset
|
47 * Fix parsing of dicom-web/studies/../series/../instances/../bulk/.. routes |
c82f0c7d2c6a
Fix parsing of dicom-web/studies/../series/../instances/../bulk/.. routes
Alain Mazy <am@osimis.io>
parents:
96
diff
changeset
|
48 |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
49 |
96 | 50 2023-05-15 - v 0.5.2 |
51 ==================== | |
95
dff72e397f90
fix standard configuration 'orthanc-explorer-2' for TokenGetArguments
Alain Mazy <am@osimis.io>
parents:
93
diff
changeset
|
52 |
dff72e397f90
fix standard configuration 'orthanc-explorer-2' for TokenGetArguments
Alain Mazy <am@osimis.io>
parents:
93
diff
changeset
|
53 * Fix standard configuration "orthanc-explorer-2": consider the "token" |
dff72e397f90
fix standard configuration 'orthanc-explorer-2' for TokenGetArguments
Alain Mazy <am@osimis.io>
parents:
93
diff
changeset
|
54 Get arguments |
dff72e397f90
fix standard configuration 'orthanc-explorer-2' for TokenGetArguments
Alain Mazy <am@osimis.io>
parents:
93
diff
changeset
|
55 |
138
f448e8626f1a
Now handling new GET /tools/create-archive and sibling routes
Alain Mazy <am@osimis.io>
parents:
137
diff
changeset
|
56 |
93 | 57 2023-04-15 - v 0.5.1 |
58 ==================== | |
89 | 59 |
90
bb4c32b25c5d
Added a default permission for /changes
Alain Mazy <am@osimis.io>
parents:
89
diff
changeset
|
60 * Added a default permission for /toolk/bulk-delete |
bb4c32b25c5d
Added a default permission for /changes
Alain Mazy <am@osimis.io>
parents:
89
diff
changeset
|
61 * Added a default permission for /changes |
91
50b18e7a254d
Added a default permission for /auth/tokens/ohif-viewer-publication
Alain Mazy <am@osimis.io>
parents:
90
diff
changeset
|
62 * Added a default permission for /auth/tokens/ohif-viewer-publication |
92
8dc22bc353de
QIDO-RS now supports named tags in get arguments
Alain Mazy <am@osimis.io>
parents:
91
diff
changeset
|
63 * QIDO-RS now supports named tags in get arguments |
89 | 64 |
65 | |
84 | 66 2023-03-17 - v 0.5.0 |
67 ==================== | |
68 | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
69 * BREAKING-CHANGE: the API between the authorization plugin and the |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
70 WebService has slightly changed. Check the samples in the README (TODO). |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
71 - "identifier" has been renamed into "server-id" |
71 | 72 * new user-permission based authorization model. This is enabled if you |
73 define the new "WebServiceUserProfileUrl" configuration. | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
74 * new "orthanc-explorer-2" StandardConfigurations |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
75 * new GET "auth/user/profile" Rest API route to retrieve user permissions |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
76 * new PUT "auth/tokens/{token-type}" Rest API route to create tokens |
74 | 77 * new POST "auth/tokens/decode" Rest API route to decode tokens |
84 | 78 * these 3 new routes required an updated auth-web-service. |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
79 * SECURITY FIX: in prior versions, it was possible to browse remote |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
80 dicom-web servers without being authenticated. (The API routes |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
81 /dicom-web/servers/.../studies were unprotected). The local |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
82 dicom-web server was correctly protected. |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
83 |
65 | 84 |
63 | 85 2022-11-16 - v 0.4.1 |
62
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
86 ==================== |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
87 |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
88 * fix: get argument values were transformed to lower case |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
89 * the "osimis-web-viewer" StandardConfigurations now take into account |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
90 the token get argument used when downloading a study from the UI |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
91 |
60 | 92 2022-11-10 - v 0.4.0 |
93 ==================== | |
53 | 94 |
58
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
95 * new configuration option "CheckedLevel" that is clearer than "UncheckedLevels". |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
96 "UncheckedLevels" remains for backward compatibility. |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
97 Allowed values: "patients", "studies", "series", "instances" |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
98 * new configuration option "StandardConfigurations" to replace multiple configurations. |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
99 Allowed values: "osimis-web-viewer", "stone-webviewer" |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
54
diff
changeset
|
100 * added support for QIDO-RS query arguments (e.g: /dicom-web/studies?0020000D=1.2.3&...) |
59
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
101 * possible BREAKING_CHANGE: if "TokenHttpHeaders" is set to "Authorization" and if |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
102 "WebServiceUsername" is defined, the "Authorization" header of the HTTP request |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
103 sent to the auth-service will contain the basic auth info from WebServiceUsername and |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
104 WebServicePassword. You should get the "Authorization" value from the token-value field |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
105 of the payload sent to the auth-service. |
58
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
106 |
54
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
107 2022-09-26 - v 0.3.0 |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
108 ==================== |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
109 |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
110 * Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
111 * The WebServiceIdentifier is now included in the payload sent to the WebService as the |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
112 "identifier" field. |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
113 |
53 | 114 |
52 | 115 2022-05-13 - v 0.2.5 |
116 ==================== | |
1 | 117 |
50 | 118 * Fix osimis-viewer route |
43 | 119 |
58
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
120 |
43 | 121 2020-12-10 - v 0.2.4 |
122 ==================== | |
123 | |
28
ae19947abf68
Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/)
am@osimis.io
parents:
25
diff
changeset
|
124 * Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/) |
38 | 125 * Support of dynamic linking against the system-wide Orthanc framework library |
28
ae19947abf68
Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/)
am@osimis.io
parents:
25
diff
changeset
|
126 |
43 | 127 |
25 | 128 2018-08-13 - v 0.2.3 |
129 ==================== | |
130 | |
24 | 131 * Compatibility with Linux Standard Base |
132 * Now using the Orthanc framework | |
1 | 133 |
43 | 134 |
25 | 135 2018-07-19 - v 0.2.2 |
136 ==================== | |
137 | |
138 * Added automated build | |
139 | |
43 | 140 |
16 | 141 2018-03-09 - v 0.2.1 |
142 ==================== | |
143 | |
144 * Upgraded sdk to 1.3.1 | |
145 | |
43 | 146 |
12 | 147 2018-03-08 - v 0.2.0 |
148 ==================== | |
149 | |
150 * Added support for Osimis Web Viewer | |
151 | |
1 | 152 |
153 2017-03-22 | |
154 ========== | |
155 | |
156 * Initial release |