Mercurial > hg > orthanc-authorization
comparison Plugin/Plugin.cpp @ 58:ad279c70c22d
added a new configuration 'StandardConfigurations'
author | Alain Mazy <am@osimis.io> |
---|---|
date | Wed, 09 Nov 2022 18:17:03 +0100 |
parents | 55539d564f4f |
children | 222f0652025f |
comparison
equal
deleted
inserted
replaced
57:55539d564f4f | 58:ad279c70c22d |
---|---|
32 // Configuration of the authorization plugin | 32 // Configuration of the authorization plugin |
33 static std::unique_ptr<OrthancPlugins::IAuthorizationParser> authorizationParser_; | 33 static std::unique_ptr<OrthancPlugins::IAuthorizationParser> authorizationParser_; |
34 static std::unique_ptr<OrthancPlugins::IAuthorizationService> authorizationService_; | 34 static std::unique_ptr<OrthancPlugins::IAuthorizationService> authorizationService_; |
35 static std::set<std::string> uncheckedResources_; | 35 static std::set<std::string> uncheckedResources_; |
36 static std::list<std::string> uncheckedFolders_; | 36 static std::list<std::string> uncheckedFolders_; |
37 static std::list<OrthancPlugins::Token> tokens_; | 37 static std::set<OrthancPlugins::Token> tokens_; |
38 static std::set<OrthancPlugins::AccessLevel> uncheckedLevels_; | 38 static std::set<OrthancPlugins::AccessLevel> uncheckedLevels_; |
39 | 39 |
40 | 40 |
41 static int32_t FilterHttpRequests(OrthancPluginHttpMethod method, | 41 static int32_t FilterHttpRequests(OrthancPluginHttpMethod method, |
42 const char *uri, | 42 const char *uri, |
105 OrthancPlugins::AssociativeArray headers | 105 OrthancPlugins::AssociativeArray headers |
106 (headersCount, headersKeys, headersValues, false); | 106 (headersCount, headersKeys, headersValues, false); |
107 | 107 |
108 // Loop over all the authorization tokens stored in the HTTP | 108 // Loop over all the authorization tokens stored in the HTTP |
109 // headers, until finding one that is granted | 109 // headers, until finding one that is granted |
110 for (std::list<OrthancPlugins::Token>::const_iterator | 110 for (std::set<OrthancPlugins::Token>::const_iterator |
111 token = tokens_.begin(); token != tokens_.end(); ++token) | 111 token = tokens_.begin(); token != tokens_.end(); ++token) |
112 { | 112 { |
113 std::string value; | 113 std::string value; |
114 | 114 |
115 bool hasValue = false; | 115 bool hasValue = false; |
301 | 301 |
302 configuration.LookupListOfStrings(tmp, "TokenHttpHeaders", true); | 302 configuration.LookupListOfStrings(tmp, "TokenHttpHeaders", true); |
303 for (std::list<std::string>::const_iterator | 303 for (std::list<std::string>::const_iterator |
304 it = tmp.begin(); it != tmp.end(); ++it) | 304 it = tmp.begin(); it != tmp.end(); ++it) |
305 { | 305 { |
306 tokens_.push_back(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, *it)); | 306 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, *it)); |
307 } | 307 } |
308 | 308 |
309 configuration.LookupListOfStrings(tmp, "TokenGetArguments", true); | 309 configuration.LookupListOfStrings(tmp, "TokenGetArguments", true); |
310 | 310 |
311 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 3, 0) | 311 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 3, 0) |
312 for (std::list<std::string>::const_iterator | 312 for (std::list<std::string>::const_iterator |
313 it = tmp.begin(); it != tmp.end(); ++it) | 313 it = tmp.begin(); it != tmp.end(); ++it) |
314 { | 314 { |
315 tokens_.push_back(OrthancPlugins::Token(OrthancPlugins::TokenType_GetArgument, *it)); | 315 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_GetArgument, *it)); |
316 } | 316 } |
317 #else | 317 #else |
318 if (!tmp.empty()) | 318 if (!tmp.empty()) |
319 { | 319 { |
320 throw Orthanc::OrthancException( | 320 throw Orthanc::OrthancException( |
336 Orthanc::ErrorCode_BadFileFormat, | 336 Orthanc::ErrorCode_BadFileFormat, |
337 "Missing mandatory option \"" + std::string(WEB_SERVICE) + | 337 "Missing mandatory option \"" + std::string(WEB_SERVICE) + |
338 "\" for the authorization plugin"); | 338 "\" for the authorization plugin"); |
339 } | 339 } |
340 | 340 |
341 std::set<std::string> standardConfigurations; | |
342 if (configuration.LookupSetOfStrings(standardConfigurations, "StandardConfigurations", false)) | |
343 { | |
344 if (standardConfigurations.find("osimis-web-viewer") != standardConfigurations.end()) | |
345 { | |
346 uncheckedFolders_.push_back("/osimis-viewer/app/"); | |
347 uncheckedFolders_.push_back("/osimis-viewer/languages/"); | |
348 uncheckedResources_.insert("/osimis-viewer/config.js"); | |
349 | |
350 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token")); | |
351 } | |
352 | |
353 if (standardConfigurations.find("stone-webviewer") != standardConfigurations.end()) | |
354 { | |
355 uncheckedFolders_.push_back("/stone-webviewer/"); | |
356 uncheckedResources_.insert("/system"); | |
357 | |
358 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization")); | |
359 } | |
360 | |
361 } | |
362 | |
363 std::string checkedLevelString; | |
364 if (configuration.LookupStringValue(checkedLevelString, "CheckedLevel")) | |
365 { | |
366 OrthancPlugins::AccessLevel checkedLevel = OrthancPlugins::StringToAccessLevel(checkedLevelString); | |
367 if (checkedLevel == OrthancPlugins::AccessLevel_Instance) | |
368 { | |
369 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient); | |
370 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study); | |
371 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series); | |
372 } | |
373 else if (checkedLevel == OrthancPlugins::AccessLevel_Series) | |
374 { | |
375 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient); | |
376 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study); | |
377 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance); | |
378 } | |
379 else if (checkedLevel == OrthancPlugins::AccessLevel_Study) | |
380 { | |
381 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient); | |
382 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series); | |
383 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance); | |
384 } | |
385 else if (checkedLevel == OrthancPlugins::AccessLevel_Patient) | |
386 { | |
387 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study); | |
388 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series); | |
389 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance); | |
390 } | |
391 } | |
392 | |
341 if (configuration.LookupListOfStrings(tmp, "UncheckedLevels", false)) | 393 if (configuration.LookupListOfStrings(tmp, "UncheckedLevels", false)) |
342 { | 394 { |
343 for (std::list<std::string>::const_iterator | 395 if (uncheckedLevels_.size() == 0) |
344 it = tmp.begin(); it != tmp.end(); ++it) | 396 { |
345 { | 397 for (std::list<std::string>::const_iterator |
346 uncheckedLevels_.insert(OrthancPlugins::StringToAccessLevel(*it)); | 398 it = tmp.begin(); it != tmp.end(); ++it) |
399 { | |
400 uncheckedLevels_.insert(OrthancPlugins::StringToAccessLevel(*it)); | |
401 } | |
402 } | |
403 else | |
404 { | |
405 LOG(ERROR) << "Authorization plugin: you may only provide one of 'CheckedLevel' or 'UncheckedLevels' configurations"; | |
406 return -1; | |
347 } | 407 } |
348 } | 408 } |
349 | 409 |
350 std::unique_ptr<OrthancPlugins::AuthorizationWebService> webService(new OrthancPlugins::AuthorizationWebService(url)); | 410 std::unique_ptr<OrthancPlugins::AuthorizationWebService> webService(new OrthancPlugins::AuthorizationWebService(url)); |
351 | 411 |