Mercurial > hg > orthanc-authorization
annotate Plugin/BaseAuthorizationService.h @ 201:8c79c3b026ce default tip
back to mainline
author | Alain Mazy <am@orthanc.team> |
---|---|
date | Wed, 03 Jul 2024 09:00:01 +0200 |
parents | de232f9b3a60 |
children |
rev | line source |
---|---|
71 | 1 /** |
2 * Advanced authorization plugin for Orthanc | |
3 * Copyright (C) 2017-2023 Osimis S.A., Belgium | |
150 | 4 * Copyright (C) 2024-2024 Orthanc Team SRL, Belgium |
188
c4b908970ae4
updated copyright, as Orthanc Team now replaces Osimis
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
150
diff
changeset
|
5 * Copyright (C) 2021-2024 Sebastien Jodogne, ICTEAM UCLouvain, Belgium |
71 | 6 * |
7 * This program is free software: you can redistribute it and/or | |
8 * modify it under the terms of the GNU Affero General Public License | |
9 * as published by the Free Software Foundation, either version 3 of | |
10 * the License, or (at your option) any later version. | |
11 * | |
12 * This program is distributed in the hope that it will be useful, but | |
13 * WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 * Affero General Public License for more details. | |
16 * | |
17 * You should have received a copy of the GNU Affero General Public License | |
18 * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
19 **/ | |
20 | |
21 #pragma once | |
22 | |
23 #include "IAuthorizationService.h" | |
24 | |
190 | 25 #include <Compatibility.h> |
26 | |
71 | 27 |
28 namespace OrthancPlugins | |
29 { | |
30 class CachedAuthorizationService; | |
31 | |
32 class BaseAuthorizationService : public IAuthorizationService | |
33 { | |
34 friend CachedAuthorizationService; | |
35 protected: | |
36 virtual bool IsGrantedInternal(unsigned int& validity, | |
37 OrthancPluginHttpMethod method, | |
38 const AccessedResource& access, | |
39 const Token* token, | |
40 const std::string& tokenValue) = 0; | |
41 | |
42 virtual bool GetUserProfileInternal(unsigned int& validity, | |
109 | 43 UserProfile& profile /* out */, |
71 | 44 const Token* token, |
45 const std::string& tokenValue) = 0; | |
46 | |
47 virtual bool HasUserPermissionInternal(unsigned int& validity, | |
48 const std::string& permission, | |
113 | 49 const UserProfile& profile) = 0; |
71 | 50 |
51 public: | |
52 virtual ~BaseAuthorizationService() | |
53 { | |
54 } | |
55 | |
56 virtual bool IsGranted(unsigned int& validity, | |
57 OrthancPluginHttpMethod method, | |
58 const AccessedResource& access, | |
59 const Token& token, | |
190 | 60 const std::string& tokenValue) ORTHANC_OVERRIDE |
71 | 61 { |
62 return IsGrantedInternal(validity, method, access, &token, tokenValue); | |
63 } | |
64 | |
65 virtual bool IsGrantedToAnonymousUser(unsigned int& validity, | |
66 OrthancPluginHttpMethod method, | |
190 | 67 const AccessedResource& access) ORTHANC_OVERRIDE |
71 | 68 { |
69 return IsGrantedInternal(validity, method, access, NULL, ""); | |
70 } | |
71 | |
72 virtual bool GetUserProfile(unsigned int& validity, | |
109 | 73 UserProfile& profile /* out */, |
71 | 74 const Token& token, |
190 | 75 const std::string& tokenValue) ORTHANC_OVERRIDE |
71 | 76 { |
77 return GetUserProfileInternal(validity, profile, &token, tokenValue); | |
78 } | |
79 | |
80 virtual bool GetAnonymousUserProfile(unsigned int& validity /* out */, | |
190 | 81 UserProfile& profile /* out */) ORTHANC_OVERRIDE |
71 | 82 { |
83 return GetUserProfileInternal(validity, profile, NULL, ""); | |
84 } | |
85 | |
86 virtual bool HasUserPermission(unsigned int& validity /* out */, | |
87 const std::set<std::string>& anyOfPermissions, | |
190 | 88 const UserProfile& profile) ORTHANC_OVERRIDE |
71 | 89 { |
74 | 90 if (anyOfPermissions.size() == 0) |
91 { | |
92 return true; | |
93 } | |
94 | |
71 | 95 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it) |
96 { | |
113 | 97 if (HasUserPermissionInternal(validity, *it, profile)) |
71 | 98 { |
99 return true; | |
100 } | |
101 } | |
102 return false; | |
103 } | |
104 | |
105 virtual bool HasAnonymousUserPermission(unsigned int& validity /* out */, | |
190 | 106 const std::set<std::string>& anyOfPermissions) ORTHANC_OVERRIDE |
71 | 107 { |
74 | 108 if (anyOfPermissions.size() == 0) |
109 { | |
110 return true; | |
111 } | |
112 | |
113 | 113 UserProfile anonymousUserProfile; |
114 anonymousUserProfile.tokenType = TokenType_None; | |
115 | |
71 | 116 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it) |
117 { | |
113 | 118 if (HasUserPermissionInternal(validity, *it, anonymousUserProfile)) |
71 | 119 { |
120 return true; | |
121 } | |
122 } | |
123 return false; | |
124 } | |
125 }; | |
126 } |