Mercurial > hg > orthanc-authorization

comparison Plugin/BaseAuthorizationService.h @ 71:30fb3ce960d9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
configurable user permissions
author Alain Mazy <am@osimis.io>
date Wed, 22 Feb 2023 13:13:38 +0100
parents
children aa73b10c2db9
comparison
equal deleted inserted replaced
70:786b202ef24e 71:30fb3ce960d9
1 /**
2 * Advanced authorization plugin for Orthanc
3 * Copyright (C) 2017-2023 Osimis S.A., Belgium
4 *
5 * This program is free software: you can redistribute it and/or
6 * modify it under the terms of the GNU Affero General Public License
7 * as published by the Free Software Foundation, either version 3 of
8 * the License, or (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Affero General Public License for more details.
14 *
15 * You should have received a copy of the GNU Affero General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 **/
18
19 #pragma once
20
21 #include "IAuthorizationService.h"
22
23
24 namespace OrthancPlugins
25 {
26 class CachedAuthorizationService;
27
28 class BaseAuthorizationService : public IAuthorizationService
29 {
30 friend CachedAuthorizationService;
31 protected:
32 virtual bool IsGrantedInternal(unsigned int& validity,
33 OrthancPluginHttpMethod method,
34 const AccessedResource& access,
35 const Token* token,
36 const std::string& tokenValue) = 0;
37
38 virtual bool GetUserProfileInternal(unsigned int& validity,
39 Json::Value& profile /* out */,
40 const Token* token,
41 const std::string& tokenValue) = 0;
42
43 virtual bool HasUserPermissionInternal(unsigned int& validity,
44 const std::string& permission,
45 const Token* token,
46 const std::string& tokenValue) = 0;
47
48 public:
49 virtual ~BaseAuthorizationService()
50 {
51 }
52
53 virtual bool IsGranted(unsigned int& validity,
54 OrthancPluginHttpMethod method,
55 const AccessedResource& access,
56 const Token& token,
57 const std::string& tokenValue)
58 {
59 return IsGrantedInternal(validity, method, access, &token, tokenValue);
60 }
61
62 virtual bool IsGrantedToAnonymousUser(unsigned int& validity,
63 OrthancPluginHttpMethod method,
64 const AccessedResource& access)
65 {
66 return IsGrantedInternal(validity, method, access, NULL, "");
67 }
68
69 virtual bool GetUserProfile(unsigned int& validity,
70 Json::Value& profile /* out */,
71 const Token& token,
72 const std::string& tokenValue)
73 {
74 return GetUserProfileInternal(validity, profile, &token, tokenValue);
75 }
76
77 virtual bool GetAnonymousUserProfile(unsigned int& validity /* out */,
78 Json::Value& profile /* out */)
79 {
80 return GetUserProfileInternal(validity, profile, NULL, "");
81 }
82
83 virtual bool HasUserPermission(unsigned int& validity /* out */,
84 const std::set<std::string>& anyOfPermissions,
85 const Token& token,
86 const std::string& tokenValue)
87 {
88 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it)
89 {
90 if (HasUserPermissionInternal(validity, *it, &token, tokenValue))
91 {
92 return true;
93 }
94 }
95 return false;
96 }
97
98 virtual bool HasAnonymousUserPermission(unsigned int& validity /* out */,
99 const std::set<std::string>& anyOfPermissions)
100 {
101 for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it)
102 {
103 if (HasUserPermissionInternal(validity, *it, NULL, ""))
104 {
105 return true;
106 }
107 }
108 return false;
109 }
110 };
111 }