Mercurial > hg > orthanc-authorization
comparison Plugin/Plugin.cpp @ 165:99bdc05012c0
fix wrong forbidden access to dicom-web resources for users with access to all labels
author | Alain Mazy <am@orthanc.team> |
---|---|
date | Mon, 29 Apr 2024 12:50:24 +0200 |
parents | 4f5c7acb626f |
children | 3c99bb6fd309 |
comparison
equal
deleted
inserted
replaced
163:4f5c7acb626f | 165:99bdc05012c0 |
---|---|
705 } | 705 } |
706 else if (queryLevel == Orthanc::ResourceType_Series || queryLevel == Orthanc::ResourceType_Instance) | 706 else if (queryLevel == Orthanc::ResourceType_Series || queryLevel == Orthanc::ResourceType_Instance) |
707 { | 707 { |
708 std::string studyInstanceUID; | 708 std::string studyInstanceUID; |
709 | 709 |
710 if (!HasAccessToAllLabels(profile) && !GetStudyInstanceUIDFromQuery(studyInstanceUID, query)) | 710 if (!HasAccessToAllLabels(profile)) // no need to adjust anything if the user has access to all labels |
711 { | 711 { |
712 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find at Series or Instance level when the user does not have access to ALL labels or when there is no StudyInstanceUID in the query."); | 712 if (!GetStudyInstanceUIDFromQuery(studyInstanceUID, query)) |
713 } | 713 { |
714 else | 714 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find at Series or Instance level when the user does not have access to ALL labels or when there is no StudyInstanceUID in the query."); |
715 { | 715 } |
716 | |
716 // since this is a series/instance find, make sure the user has access to the parent study | 717 // since this is a series/instance find, make sure the user has access to the parent study |
717 Json::Value studyOrthancIds; | 718 Json::Value studyOrthancIds; |
718 if (!OrthancPlugins::RestApiPost(studyOrthancIds, "/tools/lookup", studyInstanceUID, false)) | 719 if (!OrthancPlugins::RestApiPost(studyOrthancIds, "/tools/lookup", studyInstanceUID, false)) |
719 { | 720 { |
720 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find at Series or Instance level, unable to get the orthanc ID of StudyInstanceUID specified in the query."); | 721 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find at Series or Instance level, unable to get the orthanc ID of StudyInstanceUID specified in the query."); |