# HG changeset patch # User Alain Mazy # Date 1719246523 -7200 # Node ID 3ac37a99a09317cb19d3f5165ce75679cc64cdbe # Parent 31a7e52b3da669535cec57269d4994ad979e14fa new tests for auth: uploader-a diff -r 31a7e52b3da6 -r 3ac37a99a093 NewTests/Authorization/auth_service.py --- a/NewTests/Authorization/auth_service.py Mon Jun 17 18:25:18 2024 +0200 +++ b/NewTests/Authorization/auth_service.py Mon Jun 24 18:28:43 2024 +0200 @@ -47,6 +47,13 @@ authorized_labels=["label_a"], validity=60 ) + elif user_profile_request.token_value == "token-uploader-a": # this use shall be able to upload anything but view only the labeled studies + p = UserProfileResponse( + name="uploader-a", + permissions=["view", "upload"], + authorized_labels=["label_a"], + validity=60 + ) return p diff -r 31a7e52b3da6 -r 3ac37a99a093 NewTests/Authorization/test_authorization.py --- a/NewTests/Authorization/test_authorization.py Mon Jun 17 18:25:18 2024 +0200 +++ b/NewTests/Authorization/test_authorization.py Mon Jun 24 18:28:43 2024 +0200 @@ -177,6 +177,10 @@ self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) + # user_a shall not be able to upload a study + self.assert_is_forbidden(lambda: o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm")) + self.assert_is_forbidden(lambda: o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"])) + # should not raise o.studies.get_tags(self.label_a_study_id) @@ -260,6 +264,32 @@ o.get_json(f"/plugins/dicom-web") + def test_uploader_a(self): + + o_admin = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-admin"}) + o = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-uploader-a"}) + + # # make sure we can access all these urls (they would throw if not) + system = o.get_system() + # time.sleep(10000) + + all_labels = o.get_all_labels() + self.assertEqual(1, len(all_labels)) + self.assertEqual("label_a", all_labels[0]) + + # make sure we can access only the label_a studies + self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id)) + self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id)) + + # uploader-a shall be able to upload a study + instances_ids = o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm") + o_admin.instances.delete(orthanc_ids=instances_ids) + + # uploader-a shall be able to upload a study through DICOMWeb too + o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"]) + o_admin.instances.delete(orthanc_ids=instances_ids) + + def test_resource_token(self): o = OrthancApiClient(self.o._root_url, headers={"resource-token-key": "token-a-study"})