Mercurial > hg > orthanc-tests
comparison NewTests/Authorization/test_authorization.py @ 659:3ac37a99a093
new tests for auth: uploader-a
author | Alain Mazy <am@orthanc.team> |
---|---|
date | Mon, 24 Jun 2024 18:28:43 +0200 |
parents | aa11ab24ff3c |
children | 2f6686a3cd16 |
comparison
equal
deleted
inserted
replaced
658:31a7e52b3da6 | 659:3ac37a99a093 |
---|---|
175 | 175 |
176 # make sure we can access only the label_a studies | 176 # make sure we can access only the label_a studies |
177 self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) | 177 self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) |
178 self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) | 178 self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) |
179 | 179 |
180 # user_a shall not be able to upload a study | |
181 self.assert_is_forbidden(lambda: o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm")) | |
182 self.assert_is_forbidden(lambda: o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"])) | |
183 | |
180 # should not raise | 184 # should not raise |
181 o.studies.get_tags(self.label_a_study_id) | 185 o.studies.get_tags(self.label_a_study_id) |
182 | 186 |
183 # make sure we can access series and instances of the label_a studies | 187 # make sure we can access series and instances of the label_a studies |
184 series_ids = o.studies.get_series_ids(self.label_a_study_id) | 188 series_ids = o.studies.get_series_ids(self.label_a_study_id) |
256 self.assert_is_forbidden(lambda: o.get_binary(f"dicom-web/studies/{self.label_b_study_dicom_id}/series/{self.label_b_series_dicom_id}/instances/{self.label_b_instance_dicom_id}")) | 260 self.assert_is_forbidden(lambda: o.get_binary(f"dicom-web/studies/{self.label_b_study_dicom_id}/series/{self.label_b_series_dicom_id}/instances/{self.label_b_instance_dicom_id}")) |
257 | 261 |
258 o.get_json(f"/system") | 262 o.get_json(f"/system") |
259 o.get_json(f"/plugins") | 263 o.get_json(f"/plugins") |
260 o.get_json(f"/plugins/dicom-web") | 264 o.get_json(f"/plugins/dicom-web") |
265 | |
266 | |
267 def test_uploader_a(self): | |
268 | |
269 o_admin = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-admin"}) | |
270 o = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-uploader-a"}) | |
271 | |
272 # # make sure we can access all these urls (they would throw if not) | |
273 system = o.get_system() | |
274 # time.sleep(10000) | |
275 | |
276 all_labels = o.get_all_labels() | |
277 self.assertEqual(1, len(all_labels)) | |
278 self.assertEqual("label_a", all_labels[0]) | |
279 | |
280 # make sure we can access only the label_a studies | |
281 self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) | |
282 self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) | |
283 | |
284 # uploader-a shall be able to upload a study | |
285 instances_ids = o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm") | |
286 o_admin.instances.delete(orthanc_ids=instances_ids) | |
287 | |
288 # uploader-a shall be able to upload a study through DICOMWeb too | |
289 o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"]) | |
290 o_admin.instances.delete(orthanc_ids=instances_ids) | |
261 | 291 |
262 | 292 |
263 def test_resource_token(self): | 293 def test_resource_token(self): |
264 | 294 |
265 o = OrthancApiClient(self.o._root_url, headers={"resource-token-key": "token-a-study"}) | 295 o = OrthancApiClient(self.o._root_url, headers={"resource-token-key": "token-a-study"}) |