# HG changeset patch
# User Alain Mazy <am@osimis.io>
# Date 1694514292 -7200
# Node ID 6fa53f624e1c35985d271a351be152ffda7f8989
# Parent 968042b7df4c2b6bcea9cda59c23ca10ee73c6c9
fix studyInstanceUid parsing
diff -r 968042b7df4c -r 6fa53f624e1c Plugin/Plugin.cpp
--- a/Plugin/Plugin.cpp Tue Sep 12 11:46:53 2023 +0200
+++ b/Plugin/Plugin.cpp Tue Sep 12 12:24:52 2023 +0200
@@ -588,6 +588,38 @@
}
}
+bool GetStudyInstanceUIDFromQuery(std::string& studyInstanceUID, const Json::Value& body)
+{
+
+ if (!body.isMember("Query"))
+ {
+ return false;
+ }
+
+ if (body["Query"].isMember("StudyInstanceUID"))
+ {
+ studyInstanceUID = body["Query"]["StudyInstanceUID"].asString();
+ }
+ else if (body["Query"].isMember("0020,000d"))
+ {
+ studyInstanceUID = body["Query"]["0020,000d"].asString();
+ }
+ else if (body["Query"].isMember("0020,000D"))
+ {
+ studyInstanceUID = body["Query"]["0020,000D"].asString();
+ }
+ else if (body["Query"].isMember("0020000D"))
+ {
+ studyInstanceUID = body["Query"]["0020000D"].asString();
+ }
+ else
+ {
+ return false;
+ }
+
+ return true;
+}
+
void ToolsFind(OrthancPluginRestOutput* output,
const char* /*url*/,
const OrthancPluginHttpRequest* request)
@@ -614,38 +646,25 @@
{
if (!HasAccessToSomeLabels(profile))
{
+ std::string studyInstanceUID;
+
// If anonymous user profile, it might be a resource token e.g accessing /dicom-web/studies/.../metadata
// -> extract the StudyInstanceUID from the query and send the token for validation to the auth-service
// If there is no StudyInstanceUID, then, return a 403 because we don't know what resource it relates to
- if (!body.isMember("Query") || !(body["Query"].isMember("StudyInstanceUID") || body["Query"].isMember("0020,000d") || body["Query"].isMember("0020,000D")))
+ if (!GetStudyInstanceUIDFromQuery(studyInstanceUID, body))
{
throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find when the user does not have access to any labels and if there is no StudyInstanceUID in the query.");
}
- std::vector<TokenAndValue> authTokens; // the tokens that are set in this request
- GetAuthTokens(authTokens, request->headersCount, request->headersKeys, request->headersValues, request->getCount, request->getKeys, request->getValues);
-
-
- std::string studyInstanceUID;
- if (body["Query"].isMember("StudyInstanceUID"))
- {
- studyInstanceUID = body["Query"]["StudyInstanceUID"].asString();
- }
- else if (body["Query"].isMember("0020,000d"))
- {
- studyInstanceUID = body["Query"]["0020,000d"].asString();
- }
- else if (body["Query"].isMember("0020,000D"))
- {
- studyInstanceUID = body["Query"]["0020,000D"].asString();
- }
-
Json::Value studyOrhtancIds;
if (!OrthancPlugins::RestApiPost(studyOrhtancIds, "/tools/lookup", studyInstanceUID, false) || studyOrhtancIds.size() != 1)
{
throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: when using tools/find with a resource token, unable to get the orthanc ID of StudyInstanceUID specified in the query.");
}
+ std::vector<TokenAndValue> authTokens; // the tokens that are set in this request
+ GetAuthTokens(authTokens, request->headersCount, request->headersKeys, request->headersValues, request->getCount, request->getKeys, request->getValues);
+
std::set<std::string> labels;
OrthancPlugins::AccessedResource accessedResource(Orthanc::ResourceType_Study, studyOrhtancIds[0]["ID"].asString(), studyInstanceUID, labels);
if (!IsResourceAccessGranted(authTokens, request->method, accessedResource))