# HG changeset patch # User Alain Mazy # Date 1750242559 -7200 # Node ID 940944c43bd7bc3fa7c9984e9eae78327e724428 # Parent 3a6194f51293397ef27ac794e1b11f90d7fffc91 fix: get user profile before anonymous profiles diff -r 3a6194f51293 -r 940944c43bd7 Plugin/Plugin.cpp --- a/Plugin/Plugin.cpp Thu Jun 12 16:12:29 2025 +0200 +++ b/Plugin/Plugin.cpp Wed Jun 18 12:29:19 2025 +0200 @@ -285,7 +285,7 @@ unsigned int validity; // ignored if (authorizationService_->HasUserPermission(validity, requiredPermissions, profile)) { - LOG(INFO) << msg << " -> granted"; + LOG(INFO) << msg << " -> granted to user '" << profile.name << "'"; hasUserRequiredPermissions = true; // check labels permissions @@ -544,17 +544,11 @@ } } - -bool GetUserProfileInternal(OrthancPlugins::IAuthorizationService::UserProfile& profile, const OrthancPluginHttpRequest* request) +bool GetUserProfileInternal_(OrthancPlugins::IAuthorizationService::UserProfile& profile, + const OrthancPlugins::AssociativeArray& headers, + const OrthancPlugins::AssociativeArray& getArguments, + bool ignoreEmptyValues) { - OrthancPlugins::AssociativeArray headers - (request->headersCount, request->headersKeys, request->headersValues, false); - - OrthancPlugins::AssociativeArray getArguments - (request->getCount, request->getKeys, request->getValues, true); - - // Loop over all the authorization tokens stored in the HTTP - // headers, until finding one that is granted for (std::set::const_iterator token = tokens_.begin(); token != tokens_.end(); ++token) { @@ -575,6 +569,11 @@ throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange); } + if (ignoreEmptyValues && value.empty()) + { + continue; + } + unsigned int validity; // not used if (authorizationService_->GetUserProfile(validity, tryProfile, *token, value)) { @@ -586,6 +585,26 @@ return false; } + +bool GetUserProfileInternal(OrthancPlugins::IAuthorizationService::UserProfile& profile, const OrthancPluginHttpRequest* request) +{ + OrthancPlugins::AssociativeArray headers + (request->headersCount, request->headersKeys, request->headersValues, false); + + OrthancPlugins::AssociativeArray getArguments + (request->getCount, request->getKeys, request->getValues, true); + + // Loop over all the authorization tokens stored in the HTTP + // headers, until finding one that is granted. + // But, first process only the tokens with a value to avoid getting identified as anonymous too fast ! + if (GetUserProfileInternal_(profile, headers, getArguments, true)) + { + return true; + } + + return GetUserProfileInternal_(profile, headers, getArguments, false); +} + void AdjustToolsFindQueryLabels(Json::Value& query, const OrthancPlugins::IAuthorizationService::UserProfile& profile) { std::set labelsToFind;