Mercurial > hg > orthanc-authorization
comparison Plugin/BaseAuthorizationService.h @ 71:30fb3ce960d9
configurable user permissions
author | Alain Mazy <am@osimis.io> |
---|---|
date | Wed, 22 Feb 2023 13:13:38 +0100 |
parents | |
children | aa73b10c2db9 |
comparison
equal
deleted
inserted
replaced
70:786b202ef24e | 71:30fb3ce960d9 |
---|---|
1 /** | |
2 * Advanced authorization plugin for Orthanc | |
3 * Copyright (C) 2017-2023 Osimis S.A., Belgium | |
4 * | |
5 * This program is free software: you can redistribute it and/or | |
6 * modify it under the terms of the GNU Affero General Public License | |
7 * as published by the Free Software Foundation, either version 3 of | |
8 * the License, or (at your option) any later version. | |
9 * | |
10 * This program is distributed in the hope that it will be useful, but | |
11 * WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
13 * Affero General Public License for more details. | |
14 * | |
15 * You should have received a copy of the GNU Affero General Public License | |
16 * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
17 **/ | |
18 | |
19 #pragma once | |
20 | |
21 #include "IAuthorizationService.h" | |
22 | |
23 | |
24 namespace OrthancPlugins | |
25 { | |
26 class CachedAuthorizationService; | |
27 | |
28 class BaseAuthorizationService : public IAuthorizationService | |
29 { | |
30 friend CachedAuthorizationService; | |
31 protected: | |
32 virtual bool IsGrantedInternal(unsigned int& validity, | |
33 OrthancPluginHttpMethod method, | |
34 const AccessedResource& access, | |
35 const Token* token, | |
36 const std::string& tokenValue) = 0; | |
37 | |
38 virtual bool GetUserProfileInternal(unsigned int& validity, | |
39 Json::Value& profile /* out */, | |
40 const Token* token, | |
41 const std::string& tokenValue) = 0; | |
42 | |
43 virtual bool HasUserPermissionInternal(unsigned int& validity, | |
44 const std::string& permission, | |
45 const Token* token, | |
46 const std::string& tokenValue) = 0; | |
47 | |
48 public: | |
49 virtual ~BaseAuthorizationService() | |
50 { | |
51 } | |
52 | |
53 virtual bool IsGranted(unsigned int& validity, | |
54 OrthancPluginHttpMethod method, | |
55 const AccessedResource& access, | |
56 const Token& token, | |
57 const std::string& tokenValue) | |
58 { | |
59 return IsGrantedInternal(validity, method, access, &token, tokenValue); | |
60 } | |
61 | |
62 virtual bool IsGrantedToAnonymousUser(unsigned int& validity, | |
63 OrthancPluginHttpMethod method, | |
64 const AccessedResource& access) | |
65 { | |
66 return IsGrantedInternal(validity, method, access, NULL, ""); | |
67 } | |
68 | |
69 virtual bool GetUserProfile(unsigned int& validity, | |
70 Json::Value& profile /* out */, | |
71 const Token& token, | |
72 const std::string& tokenValue) | |
73 { | |
74 return GetUserProfileInternal(validity, profile, &token, tokenValue); | |
75 } | |
76 | |
77 virtual bool GetAnonymousUserProfile(unsigned int& validity /* out */, | |
78 Json::Value& profile /* out */) | |
79 { | |
80 return GetUserProfileInternal(validity, profile, NULL, ""); | |
81 } | |
82 | |
83 virtual bool HasUserPermission(unsigned int& validity /* out */, | |
84 const std::set<std::string>& anyOfPermissions, | |
85 const Token& token, | |
86 const std::string& tokenValue) | |
87 { | |
88 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it) | |
89 { | |
90 if (HasUserPermissionInternal(validity, *it, &token, tokenValue)) | |
91 { | |
92 return true; | |
93 } | |
94 } | |
95 return false; | |
96 } | |
97 | |
98 virtual bool HasAnonymousUserPermission(unsigned int& validity /* out */, | |
99 const std::set<std::string>& anyOfPermissions) | |
100 { | |
101 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it) | |
102 { | |
103 if (HasUserPermissionInternal(validity, *it, NULL, "")) | |
104 { | |
105 return true; | |
106 } | |
107 } | |
108 return false; | |
109 } | |
110 }; | |
111 } |