Mercurial > hg > orthanc-authorization
comparison Plugin/DefaultConfiguration.json @ 71:30fb3ce960d9
configurable user permissions
author | Alain Mazy <am@osimis.io> |
---|---|
date | Wed, 22 Feb 2023 13:13:38 +0100 |
parents | |
children | e381ba725669 |
comparison
equal
deleted
inserted
replaced
70:786b202ef24e | 71:30fb3ce960d9 |
---|---|
1 { | |
2 "Authorization" : { | |
3 // The URL of the auth webservice implementing resource level authorization (optional if not implementing resource based permissions) | |
4 // "WebService" : "http://change-me:8000/validate", | |
5 | |
6 // The URL of the auth webservice implementing resource level authorization (optional if not implementing user-permissions) | |
7 // "WebServiceUserProfileUrl" : "http://change-me:8000/user-profile", | |
8 | |
9 // The username and password to connect to the webservice (optional) | |
10 //"WebServiceUsername": "change-me", | |
11 //"WebServicePassword": "change-me", | |
12 | |
13 // An identifier added to the payload of each request to the auth webservice (optional) | |
14 //"WebServiceIdentifier": "change-me" | |
15 | |
16 // The name of the HTTP headers that may contain auth tokens | |
17 //"TokenHttpHeaders" : [], | |
18 | |
19 // the name of the GET arguments that may contain auth tokens | |
20 //"TokenGetArguments" : [], | |
21 | |
22 // A list of predefined configurations for well-known plugins | |
23 // "StandardConfigurations": [ // new in v 0.4.0 | |
24 // "osimis-web-viewer", | |
25 // "stone-webviewer", | |
26 // "orthanc-explorer-2" | |
27 // ], | |
28 | |
29 //"UncheckedResources" : [], | |
30 //"UncheckedFolders" : [], | |
31 //"CheckedLevel" : "studies", | |
32 //"UncheckedLevels" : [], | |
33 | |
34 // Definition of required "user-permissions". This can be fully customized. | |
35 // You may define other permissions yourself as long as they mathc the permissions | |
36 // provided in the user-profile route implemented by the auth-service. | |
37 // You may test your regex in https://regex101.com/ by selecting .NET (C#) and removing the leading ^ and trailing $ | |
38 // The default configuration is suitable for Orthanc-Explorer-2 (see TBD sample) | |
39 "Permissions" : [ | |
40 // elemental browsing in OE2 | |
41 ["post", "^/tools/find$", "all|view"], | |
42 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/(studies|series|instances)$", "all|view"], | |
43 ["get" , "^/instances/([a-f0-9-]+)/(tags|header)$", "all|view"], | |
44 ["get" , "^/statistics$", "all|view"], | |
45 | |
46 // monitor jobs you have created | |
47 ["get" , "^/jobs/([a-f0-9-]+)$", "all|send|modify|anonymize|q-r-remote-modalities"], | |
48 | |
49 // downloads: not functional yet, we need one-time-tokens | |
50 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/archive$", "all|download"], | |
51 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/media$", "all|download"], | |
52 | |
53 // interacting with peers/modalities/dicomweb | |
54 ["post", "^/(peers|modalities)/(.*)/store$", "all|send"], | |
55 ["get" , "^/(peers|modalities)$", "all|send|q-r-remote-modalities"], | |
56 ["post", "^/modalities/(.*)/echo$", "all|send|q-r-remote-modalities"], | |
57 ["post", "^/modalities/(.*)/query$", "all|q-r-remote-modalities"], | |
58 ["get", "^/queries/([a-f0-9-]+)/answers$", "all|q-r-remote-modalities"], | |
59 ["post", "^/modalities/(.*)/move$", "all|q-r-remote-modalities"], | |
60 ["get" , "^/DICOM_WEB_ROOT/(servers)/(.*)/stow$", "all|send"], | |
61 | |
62 // upload | |
63 ["post", "^/instances$", "all|upload"], | |
64 | |
65 // modifications/anonymization | |
66 ["post", "^/(patients|studies|series|instances)/([a-f0-9-]+)/modify(.*)$", "all|modify"], | |
67 ["post", "^/(patients|studies|series|instances)/([a-f0-9-]+)/anonymize(.*)$", "all|anonymize"] | |
68 | |
69 ] | |
70 } | |
71 } |