Mercurial > hg > orthanc-authorization
changeset 114:546aea509427
fix + Forbidden error code
| author | Alain Mazy <am@osimis.io> |
|---|---|
| date | Wed, 06 Sep 2023 17:02:41 +0200 |
| parents | 43154740ea2e |
| children | 0eed78c1e177 |
| files | Plugin/Plugin.cpp |
| diffstat | 1 files changed, 8 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/Plugin/Plugin.cpp Tue Sep 05 12:48:20 2023 +0200 +++ b/Plugin/Plugin.cpp Wed Sep 06 17:02:41 2023 +0200 @@ -485,12 +485,12 @@ } else if (query.isMember("Labels") || query.isMember("LabelsConstraint")) { - throw Orthanc::OrthancException(Orthanc::ErrorCode_Unauthorized, "Auth plugin: unable to transform tools/find query, both 'Labels' and 'LabelsConstraint' must be defined together if one of them is defined."); + throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to transform tools/find query, both 'Labels' and 'LabelsConstraint' must be defined together if one of them is defined."); } if (!HasAccessToSomeLabels(profile)) { - throw Orthanc::OrthancException(Orthanc::ErrorCode_Unauthorized, "Auth plugin: unable to call tools/find when the user does not have access to any labels."); + throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to call tools/find when the user does not have access to any labels."); } else if (profile.authorizedLabels.size() > 0) { @@ -502,6 +502,7 @@ { if (profile.authorizedLabels.size() > 0) { + query.removeMember("Labels"); Orthanc::SerializationToolbox::WriteSetOfStrings(query, profile.authorizedLabels, "Labels"); query["LabelsConstraint"] = "Any"; } @@ -512,7 +513,7 @@ { if (!Orthanc::Toolbox::IsSetInSet(labelsToFind, profile.authorizedLabels)) { - throw Orthanc::OrthancException(Orthanc::ErrorCode_Unauthorized, "Auth plugin: unable to transform tools/find query with 'All' labels constraint when the user does not have access to all listed labels."); + throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to transform tools/find query with 'All' labels constraint when the user does not have access to all listed labels."); } } } @@ -525,7 +526,7 @@ if (newLabelsToFind.size() == 0) { - throw Orthanc::OrthancException(Orthanc::ErrorCode_Unauthorized, "Auth plugin: unable to transform tools/find query with 'All' labels constraint when none of the labels to find is authorized for the user."); + throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to transform tools/find query with 'All' labels constraint when none of the labels to find is authorized for the user."); } query.removeMember("Labels"); @@ -536,7 +537,7 @@ { if (profile.authorizedLabels.size() > 0) { - throw Orthanc::OrthancException(Orthanc::ErrorCode_Unauthorized, "Auth plugin: unable to transform tools/find query with 'None' labels constraint when the user only has authorized_labels."); + throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: unable to transform tools/find query with 'None' labels constraint when the user only has authorized_labels."); } } } @@ -578,7 +579,7 @@ } else { - throw Orthanc::OrthancException(Orthanc::ErrorCode_Unauthorized, "Auth plugin: no user profile found, access to tools/find is forbidden."); + throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: no user profile found, access to tools/find is forbidden."); } } } @@ -627,7 +628,7 @@ } else { - throw Orthanc::OrthancException(Orthanc::ErrorCode_Unauthorized, "Auth plugin: no user profile found, access to tools/labels is forbidden."); + throw Orthanc::OrthancException(Orthanc::ErrorCode_ForbiddenAccess, "Auth plugin: no user profile found, access to tools/labels is forbidden."); } } }