Mercurial > hg > orthanc-authorization
annotate Plugin/IAuthorizationService.h @ 190:de232f9b3a60
cppcheck
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Wed, 05 Jun 2024 15:08:41 +0200 |
parents | c4b908970ae4 |
children | 85859ec3aa7e |
rev | line source |
---|---|
1 | 1 /** |
2 * Advanced authorization plugin for Orthanc | |
68 | 3 * Copyright (C) 2017-2023 Osimis S.A., Belgium |
150 | 4 * Copyright (C) 2024-2024 Orthanc Team SRL, Belgium |
188
c4b908970ae4
updated copyright, as Orthanc Team now replaces Osimis
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
150
diff
changeset
|
5 * Copyright (C) 2021-2024 Sebastien Jodogne, ICTEAM UCLouvain, Belgium |
1 | 6 * |
7 * This program is free software: you can redistribute it and/or | |
8 * modify it under the terms of the GNU Affero General Public License | |
9 * as published by the Free Software Foundation, either version 3 of | |
10 * the License, or (at your option) any later version. | |
11 * | |
12 * This program is distributed in the hope that it will be useful, but | |
13 * WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 * Affero General Public License for more details. | |
16 * | |
17 * You should have received a copy of the GNU Affero General Public License | |
18 * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
19 **/ | |
20 | |
21 #pragma once | |
22 | |
23 #include "AccessedResource.h" | |
24 #include "Token.h" | |
25 | |
26 #include <orthanc/OrthancCPlugin.h> | |
27 #include <boost/noncopyable.hpp> | |
69
af44dce56328
new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
28 #include <json/json.h> |
109 | 29 #include <set> |
1 | 30 |
31 namespace OrthancPlugins | |
32 { | |
33 // NOTE: This interface must be thread-safe | |
34 class IAuthorizationService : public boost::noncopyable | |
35 { | |
36 public: | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
37 struct OrthancResource |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
38 { |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
39 std::string dicomUid; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
40 std::string orthancId; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
41 std::string url; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
42 std::string level; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
43 }; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
44 |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
45 struct CreatedToken |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
46 { |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
47 std::string url; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
48 std::string token; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
49 }; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
50 |
74 | 51 struct DecodedToken |
52 { | |
53 std::string redirectUrl; | |
54 std::string errorCode; | |
55 std::string tokenType; | |
56 }; | |
57 | |
109 | 58 struct UserProfile |
59 { | |
60 std::string name; | |
61 std::set<std::string> permissions; | |
62 std::set<std::string> authorizedLabels; | |
113 | 63 |
64 // the source token key/value that identified the user | |
65 TokenType tokenType; | |
66 std::string tokenKey; | |
67 std::string tokenValue; | |
109 | 68 }; |
69 | |
1 | 70 virtual ~IAuthorizationService() |
71 { | |
72 } | |
73 | |
74 virtual bool IsGranted(unsigned int& validity /* out */, | |
75 OrthancPluginHttpMethod method, | |
76 const AccessedResource& access, | |
77 const Token& token, | |
78 const std::string& tokenValue) = 0; | |
79 | |
71 | 80 virtual bool IsGrantedToAnonymousUser(unsigned int& validity /* out */, |
81 OrthancPluginHttpMethod method, | |
82 const AccessedResource& access) = 0; | |
69
af44dce56328
new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
83 |
71 | 84 virtual bool GetUserProfile(unsigned int& validity /* out */, |
109 | 85 UserProfile& profile /* out */, |
69
af44dce56328
new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
86 const Token& token, |
af44dce56328
new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents:
68
diff
changeset
|
87 const std::string& tokenValue) = 0; |
71 | 88 |
89 virtual bool GetAnonymousUserProfile(unsigned int& validity /* out */, | |
109 | 90 UserProfile& profile /* out */) = 0; |
71 | 91 |
92 virtual bool HasUserPermission(unsigned int& validity /* out */, | |
93 const std::set<std::string>& anyOfPermissions, | |
113 | 94 const UserProfile& profile) = 0; |
71 | 95 |
96 virtual bool HasAnonymousUserPermission(unsigned int& validity /* out */, | |
97 const std::set<std::string>& anyOfPermissions) = 0; | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
98 |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
99 virtual bool CreateToken(CreatedToken& response, |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
100 const std::string& tokenType, |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
101 const std::string& id, |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
102 const std::vector<OrthancResource>& resources, |
73
512247750f0a
new ValidityDuration arg in create token API
Alain Mazy <am@osimis.io>
parents:
72
diff
changeset
|
103 const std::string& expirationDateString, |
512247750f0a
new ValidityDuration arg in create token API
Alain Mazy <am@osimis.io>
parents:
72
diff
changeset
|
104 const uint64_t& validityDuration) = 0; |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
105 |
74 | 106 virtual bool DecodeToken(DecodedToken& response, |
107 const std::string& tokenKey, | |
108 const std::string& tokenValue) = 0; | |
109 | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
110 virtual bool HasUserProfile() const = 0; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
111 virtual bool HasCreateToken() const = 0; |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
112 virtual bool HasTokenValidation() const = 0; |
1 | 113 }; |
114 } |