1
|
1 /**
|
|
2 * Advanced authorization plugin for Orthanc
|
|
3 * Copyright (C) 2017 Osimis, Belgium
|
|
4 *
|
|
5 * This program is free software: you can redistribute it and/or
|
|
6 * modify it under the terms of the GNU Affero General Public License
|
|
7 * as published by the Free Software Foundation, either version 3 of
|
|
8 * the License, or (at your option) any later version.
|
|
9 *
|
|
10 * This program is distributed in the hope that it will be useful, but
|
|
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
13 * Affero General Public License for more details.
|
|
14 *
|
|
15 * You should have received a copy of the GNU Affero General Public License
|
|
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
17 **/
|
|
18
|
|
19 #include "DefaultAuthorizationParser.h"
|
|
20
|
|
21 #include "../Resources/Orthanc/Core/OrthancException.h"
|
|
22
|
|
23 namespace OrthancPlugins
|
|
24 {
|
|
25 DefaultAuthorizationParser::DefaultAuthorizationParser(OrthancPluginContext* context,
|
|
26 ICacheFactory& factory,
|
|
27 const std::string& dicomWebRoot) :
|
|
28 AuthorizationParserBase(context, factory),
|
|
29 resourcesPattern_("^/(patients|studies|series|instances)/([a-f0-9-]+)(|/.*)$"),
|
|
30 seriesPattern_("^/(web-viewer/series|web-viewer/is-stable-series|wsi/pyramids|wsi/tiles)/([a-f0-9-]+)(|/.*)$"),
|
|
31 instancesPattern_("^/web-viewer/instances/[a-z0-9]+-([a-f0-9-]+)_[0-9]+$")
|
|
32 {
|
|
33 std::string tmp = dicomWebRoot;
|
|
34 while (!tmp.empty() &&
|
|
35 tmp[tmp.size() - 1] == '/')
|
|
36 {
|
|
37 tmp = tmp.substr(0, tmp.size() - 1);
|
|
38 }
|
|
39
|
|
40 dicomWebStudies_ = boost::regex(
|
|
41 "^" + tmp + "/studies/([.0-9]+)(|/series)(|/)$");
|
|
42
|
|
43 dicomWebSeries_ = boost::regex(
|
|
44 "^" + tmp + "/studies/([.0-9]+)/series/([.0-9]+)(|/instances)(|/)$");
|
|
45
|
|
46 dicomWebInstances_ = boost::regex(
|
|
47 "^" + tmp + "/studies/([.0-9]+)/series/([.0-9]+)/instances/([.0-9]+)(|/|/frames/.*)$");
|
|
48 }
|
|
49
|
|
50
|
|
51 bool DefaultAuthorizationParser::Parse(AccessedResources& target,
|
|
52 const std::string& uri)
|
|
53 {
|
|
54 // The mutex below should not be necessary, but we prefer to
|
|
55 // ensure thread safety in boost::regex
|
|
56 boost::mutex::scoped_lock lock(mutex_);
|
|
57
|
|
58 boost::smatch what;
|
|
59
|
|
60 if (boost::regex_match(uri, what, resourcesPattern_))
|
|
61 {
|
|
62 AccessLevel level = StringToAccessLevel(what[1]);
|
|
63
|
|
64 switch (level)
|
|
65 {
|
|
66 case AccessLevel_Instance:
|
|
67 AddOrthancInstance(target, what[2]);
|
|
68 break;
|
|
69
|
|
70 case AccessLevel_Series:
|
|
71 AddOrthancSeries(target, what[2]);
|
|
72 break;
|
|
73
|
|
74 case AccessLevel_Study:
|
|
75 AddOrthancStudy(target, what[2]);
|
|
76 break;
|
|
77
|
|
78 case AccessLevel_Patient:
|
|
79 AddOrthancPatient(target, what[2]);
|
|
80 break;
|
|
81
|
|
82 default:
|
|
83 throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError);
|
|
84 }
|
|
85
|
|
86 return true;
|
|
87 }
|
|
88 else if (boost::regex_match(uri, what, seriesPattern_))
|
|
89 {
|
|
90 AddOrthancSeries(target, what[2]);
|
|
91 return true;
|
|
92 }
|
|
93 else if (boost::regex_match(uri, what, instancesPattern_))
|
|
94 {
|
|
95 AddOrthancInstance(target, what[1]);
|
|
96 return true;
|
|
97 }
|
|
98 else if (boost::regex_match(uri, what, dicomWebStudies_))
|
|
99 {
|
|
100 AddDicomStudy(target, what[1]);
|
|
101 return true;
|
|
102 }
|
|
103 else if (boost::regex_match(uri, what, dicomWebSeries_))
|
|
104 {
|
|
105 AddDicomSeries(target, what[1], what[2]);
|
|
106 return true;
|
|
107 }
|
|
108 else if (boost::regex_match(uri, what, dicomWebInstances_))
|
|
109 {
|
|
110 AddDicomInstance(target, what[1], what[2], what[3]);
|
|
111 return true;
|
|
112 }
|
|
113 else
|
|
114 {
|
|
115 // Unknown type of resource: Consider it as a system access
|
|
116
|
|
117 // Remove the trailing slashes if need be
|
|
118 std::string s = uri;
|
|
119 while (!s.empty() &&
|
|
120 s[s.length() - 1] == '/')
|
|
121 {
|
|
122 s = s.substr(0, s.length() - 1);
|
|
123 }
|
|
124
|
|
125 target.push_back(AccessedResource(AccessLevel_System, s, ""));
|
|
126 return true;
|
|
127 }
|
|
128 }
|
|
129 }
|