# HG changeset patch # User Alain Mazy # Date 1699885866 -3600 # Node ID 0205e9efaca82ca5bfd6f0250a8c65504c060f34 # Parent 8591a0c1fa2afaaf091c4cfda6c32933966267dc detect wildcards in query args like '/dicom-web/studies?PatientID=*' and consider these routes as system routes diff -r 8591a0c1fa2a -r 0205e9efaca8 Plugin/DefaultAuthorizationParser.cpp --- a/Plugin/DefaultAuthorizationParser.cpp Mon Nov 13 12:59:10 2023 +0100 +++ b/Plugin/DefaultAuthorizationParser.cpp Mon Nov 13 15:31:06 2023 +0100 @@ -20,6 +20,7 @@ #include #include +#include namespace OrthancPlugins { @@ -172,6 +173,30 @@ patientId = Orthanc::HttpToolbox::GetArgument(getArguments, "PatientID", ""); } + if (!sopInstanceUid.empty() && sopInstanceUid.find('*') != std::string::npos) + { + LOG(WARNING) << "Authorization plugin: unable to handle wildcards in SOPInstanceUID"; + sopInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access + } + + if (!seriesInstanceUid.empty() && seriesInstanceUid.find('*') != std::string::npos) + { + LOG(WARNING) << "Authorization plugin: unable to handle wildcards in SeriesInstanceUID"; + seriesInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access + } + + if (!studyInstanceUid.empty() && studyInstanceUid.find('*') != std::string::npos) + { + LOG(WARNING) << "Authorization plugin: unable to handle wildcards in StudyInstanceUID"; + studyInstanceUid = ""; // remove the constrain, it will be considered as a 'system' access + } + + if (!patientId.empty() && patientId.find('*') != std::string::npos) + { + LOG(WARNING) << "Authorization plugin: unable to handle wildcards in PatientID"; + patientId = ""; // remove the constrain, it will be considered as a 'system' access + } + if (!sopInstanceUid.empty() && !seriesInstanceUid.empty() && !studyInstanceUid.empty()) { AddDicomInstance(target, studyInstanceUid, seriesInstanceUid, sopInstanceUid);