# HG changeset patch
# User Alain Mazy <am@orthanc.team>
# Date 1751376543 -7200
# Node ID a56513c56d0db48ee87a6203853ca57dfb8b44ac
# Parent  940944c43bd7bc3fa7c9984e9eae78327e724428
added support for groups in UserProfile

diff -r 940944c43bd7 -r a56513c56d0d NEWS
--- a/NEWS	Wed Jun 18 12:29:19 2025 +0200
+++ b/NEWS	Tue Jul 01 15:29:03 2025 +0200
@@ -11,6 +11,8 @@
   are provided):  The plugin will now request the auth-service to
   get an anonymous user profile even if there are no auth-tokens in the
   HTTP request.
+* The User profile can now contain a "groups" field if the auth-service
+  provides it.
 
 
 2025-06-11 - v 0.9.3
diff -r 940944c43bd7 -r a56513c56d0d Plugin/AuthorizationWebService.cpp
--- a/Plugin/AuthorizationWebService.cpp	Wed Jun 18 12:29:19 2025 +0200
+++ b/Plugin/AuthorizationWebService.cpp	Tue Jul 01 15:29:03 2025 +0200
@@ -34,6 +34,8 @@
   static const char* PERMISSIONS = "permissions";
   static const char* AUTHORIZED_LABELS = "authorized-labels";
   static const char* USER_NAME = "name";
+  static const char* GROUPS = "groups";
+
   
 
   bool AuthorizationWebService::IsGrantedInternal(unsigned int& validity,
@@ -341,6 +343,7 @@
     jsonProfile[USER_NAME] = profile.name;
     Orthanc::SerializationToolbox::WriteSetOfStrings(jsonProfile, profile.authorizedLabels, AUTHORIZED_LABELS);
     Orthanc::SerializationToolbox::WriteSetOfStrings(jsonProfile, profile.permissions, PERMISSIONS);
+    Orthanc::SerializationToolbox::WriteSetOfStrings(jsonProfile, profile.groups, GROUPS);
   }
     
   void AuthorizationWebService::FromJson(UserProfile& profile, const Json::Value& jsonProfile)
@@ -368,6 +371,14 @@
     {
       profile.authorizedLabels.insert(jsonProfile[AUTHORIZED_LABELS][i].asString());
     }
+
+    if (jsonProfile.isMember(GROUPS) && jsonProfile[GROUPS].isArray())
+    {
+      for (Json::ArrayIndex i = 0; i < jsonProfile[GROUPS].size(); ++i)
+      {
+        profile.groups.insert(jsonProfile[GROUPS][i].asString());
+      }
+    }
   }
 
 
diff -r 940944c43bd7 -r a56513c56d0d Plugin/IAuthorizationService.h
--- a/Plugin/IAuthorizationService.h	Wed Jun 18 12:29:19 2025 +0200
+++ b/Plugin/IAuthorizationService.h	Tue Jul 01 15:29:03 2025 +0200
@@ -63,6 +63,7 @@
       std::string name;
       std::set<std::string> permissions;
       std::set<std::string> authorizedLabels;
+      std::set<std::string> groups;
 
       // the source token key/value that identified the user
       TokenType   tokenType;
diff -r 940944c43bd7 -r a56513c56d0d Plugin/Plugin.cpp
--- a/Plugin/Plugin.cpp	Wed Jun 18 12:29:19 2025 +0200
+++ b/Plugin/Plugin.cpp	Tue Jul 01 15:29:03 2025 +0200
@@ -1247,6 +1247,8 @@
       Json::Value jsonProfile;
       jsonProfile["name"] = profile.name;
       jsonProfile["permissions"] = Json::arrayValue;
+      jsonProfile["groups"] = Json::arrayValue;
+      
       for (std::set<std::string>::const_iterator it = profile.permissions.begin(); it != profile.permissions.end(); ++it)
       {
         jsonProfile["permissions"].append(*it);
@@ -1255,6 +1257,10 @@
       {
         jsonProfile["authorized-labels"].append(*it);
       }
+      for (std::set<std::string>::const_iterator it = profile.groups.begin(); it != profile.groups.end(); ++it)
+      {
+        jsonProfile["groups"].append(*it);
+      }
 
       OrthancPlugins::AnswerJson(jsonProfile, output);
     }