Mercurial > hg > orthanc-tests
diff NewTests/Authorization/test_authorization.py @ 659:3ac37a99a093
new tests for auth: uploader-a
| author | Alain Mazy <am@orthanc.team> |
|---|---|
| date | Mon, 24 Jun 2024 18:28:43 +0200 |
| parents | aa11ab24ff3c |
| children | 2f6686a3cd16 |
line wrap: on
line diff
--- a/NewTests/Authorization/test_authorization.py Mon Jun 17 18:25:18 2024 +0200 +++ b/NewTests/Authorization/test_authorization.py Mon Jun 24 18:28:43 2024 +0200 @@ -177,6 +177,10 @@ self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) + # user_a shall not be able to upload a study + self.assert_is_forbidden(lambda: o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm")) + self.assert_is_forbidden(lambda: o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"])) + # should not raise o.studies.get_tags(self.label_a_study_id) @@ -260,6 +264,32 @@ o.get_json(f"/plugins/dicom-web") + def test_uploader_a(self): + + o_admin = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-admin"}) + o = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-uploader-a"}) + + # # make sure we can access all these urls (they would throw if not) + system = o.get_system() + # time.sleep(10000) + + all_labels = o.get_all_labels() + self.assertEqual(1, len(all_labels)) + self.assertEqual("label_a", all_labels[0]) + + # make sure we can access only the label_a studies + self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) + self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) + + # uploader-a shall be able to upload a study + instances_ids = o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm") + o_admin.instances.delete(orthanc_ids=instances_ids) + + # uploader-a shall be able to upload a study through DICOMWeb too + o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"]) + o_admin.instances.delete(orthanc_ids=instances_ids) + + def test_resource_token(self): o = OrthancApiClient(self.o._root_url, headers={"resource-token-key": "token-a-study"})