Mercurial > hg > orthanc-authorization
annotate Plugin/BaseAuthorizationService.h @ 188:c4b908970ae4
updated copyright, as Orthanc Team now replaces Osimis
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Thu, 30 May 2024 21:59:01 +0200 |
parents | 9be1ee2b8fe1 |
children | de232f9b3a60 |
rev | line source |
---|---|
71 | 1 /** |
2 * Advanced authorization plugin for Orthanc | |
3 * Copyright (C) 2017-2023 Osimis S.A., Belgium | |
150 | 4 * Copyright (C) 2024-2024 Orthanc Team SRL, Belgium |
188
c4b908970ae4
updated copyright, as Orthanc Team now replaces Osimis
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
150
diff
changeset
|
5 * Copyright (C) 2021-2024 Sebastien Jodogne, ICTEAM UCLouvain, Belgium |
71 | 6 * |
7 * This program is free software: you can redistribute it and/or | |
8 * modify it under the terms of the GNU Affero General Public License | |
9 * as published by the Free Software Foundation, either version 3 of | |
10 * the License, or (at your option) any later version. | |
11 * | |
12 * This program is distributed in the hope that it will be useful, but | |
13 * WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 * Affero General Public License for more details. | |
16 * | |
17 * You should have received a copy of the GNU Affero General Public License | |
18 * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
19 **/ | |
20 | |
21 #pragma once | |
22 | |
23 #include "IAuthorizationService.h" | |
24 | |
25 | |
26 namespace OrthancPlugins | |
27 { | |
28 class CachedAuthorizationService; | |
29 | |
30 class BaseAuthorizationService : public IAuthorizationService | |
31 { | |
32 friend CachedAuthorizationService; | |
33 protected: | |
34 virtual bool IsGrantedInternal(unsigned int& validity, | |
35 OrthancPluginHttpMethod method, | |
36 const AccessedResource& access, | |
37 const Token* token, | |
38 const std::string& tokenValue) = 0; | |
39 | |
40 virtual bool GetUserProfileInternal(unsigned int& validity, | |
109 | 41 UserProfile& profile /* out */, |
71 | 42 const Token* token, |
43 const std::string& tokenValue) = 0; | |
44 | |
45 virtual bool HasUserPermissionInternal(unsigned int& validity, | |
46 const std::string& permission, | |
113 | 47 const UserProfile& profile) = 0; |
71 | 48 |
49 public: | |
50 virtual ~BaseAuthorizationService() | |
51 { | |
52 } | |
53 | |
54 virtual bool IsGranted(unsigned int& validity, | |
55 OrthancPluginHttpMethod method, | |
56 const AccessedResource& access, | |
57 const Token& token, | |
58 const std::string& tokenValue) | |
59 { | |
60 return IsGrantedInternal(validity, method, access, &token, tokenValue); | |
61 } | |
62 | |
63 virtual bool IsGrantedToAnonymousUser(unsigned int& validity, | |
64 OrthancPluginHttpMethod method, | |
65 const AccessedResource& access) | |
66 { | |
67 return IsGrantedInternal(validity, method, access, NULL, ""); | |
68 } | |
69 | |
70 virtual bool GetUserProfile(unsigned int& validity, | |
109 | 71 UserProfile& profile /* out */, |
71 | 72 const Token& token, |
73 const std::string& tokenValue) | |
74 { | |
75 return GetUserProfileInternal(validity, profile, &token, tokenValue); | |
76 } | |
77 | |
78 virtual bool GetAnonymousUserProfile(unsigned int& validity /* out */, | |
109 | 79 UserProfile& profile /* out */) |
71 | 80 { |
81 return GetUserProfileInternal(validity, profile, NULL, ""); | |
82 } | |
83 | |
84 virtual bool HasUserPermission(unsigned int& validity /* out */, | |
85 const std::set<std::string>& anyOfPermissions, | |
113 | 86 const UserProfile& profile) |
71 | 87 { |
74 | 88 if (anyOfPermissions.size() == 0) |
89 { | |
90 return true; | |
91 } | |
92 | |
71 | 93 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it) |
94 { | |
113 | 95 if (HasUserPermissionInternal(validity, *it, profile)) |
71 | 96 { |
97 return true; | |
98 } | |
99 } | |
100 return false; | |
101 } | |
102 | |
103 virtual bool HasAnonymousUserPermission(unsigned int& validity /* out */, | |
104 const std::set<std::string>& anyOfPermissions) | |
105 { | |
74 | 106 if (anyOfPermissions.size() == 0) |
107 { | |
108 return true; | |
109 } | |
110 | |
113 | 111 UserProfile anonymousUserProfile; |
112 anonymousUserProfile.tokenType = TokenType_None; | |
113 | |
71 | 114 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it) |
115 { | |
113 | 116 if (HasUserPermissionInternal(validity, *it, anonymousUserProfile)) |
71 | 117 { |
118 return true; | |
119 } | |
120 } | |
121 return false; | |
122 } | |
123 }; | |
124 } |