Mercurial > hg > orthanc-tests
comparison NewTests/Authorization/test_authorization.py @ 659:3ac37a99a093
new tests for auth: uploader-a
| author | Alain Mazy <am@orthanc.team> |
|---|---|
| date | Mon, 24 Jun 2024 18:28:43 +0200 |
| parents | aa11ab24ff3c |
| children | 2f6686a3cd16 |
comparison
equal
deleted
inserted
replaced
| 658:31a7e52b3da6 | 659:3ac37a99a093 |
|---|---|
| 175 | 175 |
| 176 # make sure we can access only the label_a studies | 176 # make sure we can access only the label_a studies |
| 177 self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) | 177 self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) |
| 178 self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) | 178 self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) |
| 179 | 179 |
| 180 # user_a shall not be able to upload a study | |
| 181 self.assert_is_forbidden(lambda: o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm")) | |
| 182 self.assert_is_forbidden(lambda: o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"])) | |
| 183 | |
| 180 # should not raise | 184 # should not raise |
| 181 o.studies.get_tags(self.label_a_study_id) | 185 o.studies.get_tags(self.label_a_study_id) |
| 182 | 186 |
| 183 # make sure we can access series and instances of the label_a studies | 187 # make sure we can access series and instances of the label_a studies |
| 184 series_ids = o.studies.get_series_ids(self.label_a_study_id) | 188 series_ids = o.studies.get_series_ids(self.label_a_study_id) |
| 256 self.assert_is_forbidden(lambda: o.get_binary(f"dicom-web/studies/{self.label_b_study_dicom_id}/series/{self.label_b_series_dicom_id}/instances/{self.label_b_instance_dicom_id}")) | 260 self.assert_is_forbidden(lambda: o.get_binary(f"dicom-web/studies/{self.label_b_study_dicom_id}/series/{self.label_b_series_dicom_id}/instances/{self.label_b_instance_dicom_id}")) |
| 257 | 261 |
| 258 o.get_json(f"/system") | 262 o.get_json(f"/system") |
| 259 o.get_json(f"/plugins") | 263 o.get_json(f"/plugins") |
| 260 o.get_json(f"/plugins/dicom-web") | 264 o.get_json(f"/plugins/dicom-web") |
| 265 | |
| 266 | |
| 267 def test_uploader_a(self): | |
| 268 | |
| 269 o_admin = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-admin"}) | |
| 270 o = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-uploader-a"}) | |
| 271 | |
| 272 # # make sure we can access all these urls (they would throw if not) | |
| 273 system = o.get_system() | |
| 274 # time.sleep(10000) | |
| 275 | |
| 276 all_labels = o.get_all_labels() | |
| 277 self.assertEqual(1, len(all_labels)) | |
| 278 self.assertEqual("label_a", all_labels[0]) | |
| 279 | |
| 280 # make sure we can access only the label_a studies | |
| 281 self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) | |
| 282 self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) | |
| 283 | |
| 284 # uploader-a shall be able to upload a study | |
| 285 instances_ids = o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm") | |
| 286 o_admin.instances.delete(orthanc_ids=instances_ids) | |
| 287 | |
| 288 # uploader-a shall be able to upload a study through DICOMWeb too | |
| 289 o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"]) | |
| 290 o_admin.instances.delete(orthanc_ids=instances_ids) | |
| 261 | 291 |
| 262 | 292 |
| 263 def test_resource_token(self): | 293 def test_resource_token(self): |
| 264 | 294 |
| 265 o = OrthancApiClient(self.o._root_url, headers={"resource-token-key": "token-a-study"}) | 295 o = OrthancApiClient(self.o._root_url, headers={"resource-token-key": "token-a-study"}) |