# HG changeset patch # User Alain Mazy # Date 1668014223 -3600 # Node ID ad279c70c22dcc5ad3e1f951f8c07a95259bccee # Parent 55539d564f4fae9a009d7e4b71862473dfeb77f9 added a new configuration 'StandardConfigurations' diff -r 55539d564f4f -r ad279c70c22d NEWS --- a/NEWS Wed Nov 09 15:40:35 2022 +0100 +++ b/NEWS Wed Nov 09 18:17:03 2022 +0100 @@ -1,8 +1,14 @@ Pending changes in the mainline =============================== +* new configuration option "CheckedLevel" that is clearer than "UncheckedLevels". + "UncheckedLevels" remains for backward compatibility. + Allowed values: "patients", "studies", "series", "instances" +* new configuration option "StandardConfigurations" to replace multiple configurations. + Allowed values: "osimis-web-viewer", "stone-webviewer" * added support for QIDO-RS query arguments (e.g: /dicom-web/studies?0020000D=1.2.3&...) + 2022-09-26 - v 0.3.0 ==================== @@ -16,6 +22,7 @@ * Fix osimis-viewer route + 2020-12-10 - v 0.2.4 ==================== diff -r 55539d564f4f -r ad279c70c22d Plugin/Plugin.cpp --- a/Plugin/Plugin.cpp Wed Nov 09 15:40:35 2022 +0100 +++ b/Plugin/Plugin.cpp Wed Nov 09 18:17:03 2022 +0100 @@ -34,7 +34,7 @@ static std::unique_ptr authorizationService_; static std::set uncheckedResources_; static std::list uncheckedFolders_; -static std::list tokens_; +static std::set tokens_; static std::set uncheckedLevels_; @@ -107,7 +107,7 @@ // Loop over all the authorization tokens stored in the HTTP // headers, until finding one that is granted - for (std::list::const_iterator + for (std::set::const_iterator token = tokens_.begin(); token != tokens_.end(); ++token) { std::string value; @@ -303,7 +303,7 @@ for (std::list::const_iterator it = tmp.begin(); it != tmp.end(); ++it) { - tokens_.push_back(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, *it)); + tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, *it)); } configuration.LookupListOfStrings(tmp, "TokenGetArguments", true); @@ -312,7 +312,7 @@ for (std::list::const_iterator it = tmp.begin(); it != tmp.end(); ++it) { - tokens_.push_back(OrthancPlugins::Token(OrthancPlugins::TokenType_GetArgument, *it)); + tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_GetArgument, *it)); } #else if (!tmp.empty()) @@ -338,12 +338,72 @@ "\" for the authorization plugin"); } + std::set standardConfigurations; + if (configuration.LookupSetOfStrings(standardConfigurations, "StandardConfigurations", false)) + { + if (standardConfigurations.find("osimis-web-viewer") != standardConfigurations.end()) + { + uncheckedFolders_.push_back("/osimis-viewer/app/"); + uncheckedFolders_.push_back("/osimis-viewer/languages/"); + uncheckedResources_.insert("/osimis-viewer/config.js"); + + tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token")); + } + + if (standardConfigurations.find("stone-webviewer") != standardConfigurations.end()) + { + uncheckedFolders_.push_back("/stone-webviewer/"); + uncheckedResources_.insert("/system"); + + tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization")); + } + + } + + std::string checkedLevelString; + if (configuration.LookupStringValue(checkedLevelString, "CheckedLevel")) + { + OrthancPlugins::AccessLevel checkedLevel = OrthancPlugins::StringToAccessLevel(checkedLevelString); + if (checkedLevel == OrthancPlugins::AccessLevel_Instance) + { + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series); + } + else if (checkedLevel == OrthancPlugins::AccessLevel_Series) + { + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance); + } + else if (checkedLevel == OrthancPlugins::AccessLevel_Study) + { + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance); + } + else if (checkedLevel == OrthancPlugins::AccessLevel_Patient) + { + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series); + uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance); + } + } + if (configuration.LookupListOfStrings(tmp, "UncheckedLevels", false)) { - for (std::list::const_iterator - it = tmp.begin(); it != tmp.end(); ++it) + if (uncheckedLevels_.size() == 0) { - uncheckedLevels_.insert(OrthancPlugins::StringToAccessLevel(*it)); + for (std::list::const_iterator + it = tmp.begin(); it != tmp.end(); ++it) + { + uncheckedLevels_.insert(OrthancPlugins::StringToAccessLevel(*it)); + } + } + else + { + LOG(ERROR) << "Authorization plugin: you may only provide one of 'CheckedLevel' or 'UncheckedLevels' configurations"; + return -1; } } diff -r 55539d564f4f -r ad279c70c22d Plugin/Token.h --- a/Plugin/Token.h Wed Nov 09 15:40:35 2022 +0100 +++ b/Plugin/Token.h Wed Nov 09 18:17:03 2022 +0100 @@ -41,5 +41,18 @@ { return key_; } + + // required to use this class in std::set + bool operator< (const Token &right) const + { + if (type_ != right.type_) + { + return type_ < right.type_; + } + else + { + return key_ < right.key_ ; + } + } }; }