Mercurial > hg > orthanc-authorization

comparison Plugin/Plugin.cpp @ 162:db1a5d1634e0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix typo
author Alain Mazy <am@orthanc.team>
date Thu, 25 Apr 2024 15:26:35 +0200
parents 43b77aa34468
children 4f5c7acb626f
comparison
equal deleted inserted replaced
161:598c0049ed12 162:db1a5d1634e0
712 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find at Series or Instance level when the user does not have access to ALL labels or when there is no StudyInstanceUID in the query."); 712 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find at Series or Instance level when the user does not have access to ALL labels or when there is no StudyInstanceUID in the query.");
713 } 713 }
714 else 714 else
715 { 715 {
716 // since this is a series/instance find, make sure the user has access to the parent study 716 // since this is a series/instance find, make sure the user has access to the parent study
717 Json::Value studyOrhtancIds; 717 Json::Value studyOrthancIds;
718 if (!OrthancPlugins::RestApiPost(studyOrhtancIds, "/tools/lookup", studyInstanceUID, false) || studyOrhtancIds.size() != 1) 718 if (!OrthancPlugins::RestApiPost(studyOrthancIds, "/tools/lookup", studyInstanceUID, false) || studyOrthancIds.size() != 1)
719 { 719 {
720 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find at Series or Instance level, unable to get the orthanc ID of StudyInstanceUID specified in the query."); 720 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find at Series or Instance level, unable to get the orthanc ID of StudyInstanceUID specified in the query.");
721 } 721 }
722 722
723 bool granted = false; 723 bool granted = false;
746 if (!GetStudyInstanceUIDFromQuery(studyInstanceUID, query)) 746 if (!GetStudyInstanceUIDFromQuery(studyInstanceUID, query))
747 { 747 {
748 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find when the user does not have access to any labels and if there is no StudyInstanceUID in the query."); 748 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find when the user does not have access to any labels and if there is no StudyInstanceUID in the query.");
749 } 749 }
750 750
751 Json::Value studyOrhtancIds; 751 Json::Value studyOrthancIds;
752 if (!OrthancPlugins::RestApiPost(studyOrhtancIds, "/tools/lookup", studyInstanceUID, false) || studyOrhtancIds.size() != 1) 752 if (!OrthancPlugins::RestApiPost(studyOrthancIds, "/tools/lookup", studyInstanceUID, false) || studyOrthancIds.size() != 1)
753 { 753 {
754 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find with a resource token, unable to get the orthanc ID of StudyInstanceUID specified in the query."); 754 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find with a resource token, unable to get the orthanc ID of StudyInstanceUID specified in the query.");
755 } 755 }
756 756
757 std::vector<TokenAndValue> authTokens; // the tokens that are set in this request 757 std::vector<TokenAndValue> authTokens; // the tokens that are set in this request
758 GetAuthTokens(authTokens, request->headersCount, request->headersKeys, request->headersValues, request->getCount, request->getKeys, request->getValues); 758 GetAuthTokens(authTokens, request->headersCount, request->headersKeys, request->headersValues, request->getCount, request->getKeys, request->getValues);
759 759
760 std::set<std::string> labels; 760 std::set<std::string> labels;
761 OrthancPlugins::AccessedResource accessedResource(Orthanc::ResourceType_Study, studyOrhtancIds[0]["ID"].asString(), studyInstanceUID, labels); 761 OrthancPlugins::AccessedResource accessedResource(Orthanc::ResourceType_Study, studyOrthancIds[0]["ID"].asString(), studyInstanceUID, labels);
762 if (!IsResourceAccessGranted(authTokens, request->method, accessedResource)) 762 if (!IsResourceAccessGranted(authTokens, request->method, accessedResource))
763 { 763 {
764 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find with a resource token, the resource must grant access to the StudyInstanceUID specified in the query."); 764 throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find with a resource token, the resource must grant access to the StudyInstanceUID specified in the query.");
765 } 765 }
766 766