changeset 659:3ac37a99a093

new tests for auth: uploader-a
author Alain Mazy <am@orthanc.team>
date Mon, 24 Jun 2024 18:28:43 +0200
parents 31a7e52b3da6
children 2f6686a3cd16
files NewTests/Authorization/auth_service.py NewTests/Authorization/test_authorization.py
diffstat 2 files changed, 37 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/NewTests/Authorization/auth_service.py	Mon Jun 17 18:25:18 2024 +0200
+++ b/NewTests/Authorization/auth_service.py	Mon Jun 24 18:28:43 2024 +0200
@@ -47,6 +47,13 @@
                 authorized_labels=["label_a"],
                 validity=60
             )
+        elif user_profile_request.token_value == "token-uploader-a":  # this use shall be able to upload anything but view only the labeled studies
+            p = UserProfileResponse(
+                name="uploader-a",
+                permissions=["view", "upload"],
+                authorized_labels=["label_a"],
+                validity=60
+            )
 
     return p        
 
--- a/NewTests/Authorization/test_authorization.py	Mon Jun 17 18:25:18 2024 +0200
+++ b/NewTests/Authorization/test_authorization.py	Mon Jun 24 18:28:43 2024 +0200
@@ -177,6 +177,10 @@
         self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id))
         self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id))
 
+        # user_a shall not be able to upload a study
+        self.assert_is_forbidden(lambda: o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm"))
+        self.assert_is_forbidden(lambda: o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"]))
+
         # should not raise
         o.studies.get_tags(self.label_a_study_id)
 
@@ -260,6 +264,32 @@
             o.get_json(f"/plugins/dicom-web")
 
 
+    def test_uploader_a(self):
+        
+        o_admin = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-admin"})
+        o = OrthancApiClient(self.o._root_url, headers={"user-token-key": "token-uploader-a"})
+
+        # # make sure we can access all these urls (they would throw if not)
+        system = o.get_system()
+        # time.sleep(10000)
+
+        all_labels = o.get_all_labels()
+        self.assertEqual(1, len(all_labels))
+        self.assertEqual("label_a", all_labels[0])
+
+        # make sure we can access only the label_a studies
+        self.assert_is_forbidden(lambda: o.studies.get_tags(self.label_b_study_id))
+        self.assert_is_forbidden(lambda: o.studies.get_tags(self.no_label_study_id))
+
+        # uploader-a shall be able to upload a study
+        instances_ids = o.upload_file(here / "../../Database/Beaufix/IM-0001-0001.dcm")
+        o_admin.instances.delete(orthanc_ids=instances_ids)
+
+        # uploader-a shall be able to upload a study through DICOMWeb too
+        o.upload_files_dicom_web(paths = [here / "../../Database/Beaufix/IM-0001-0001.dcm"])
+        o_admin.instances.delete(orthanc_ids=instances_ids)
+
+
     def test_resource_token(self):
 
         o = OrthancApiClient(self.o._root_url, headers={"resource-token-key": "token-a-study"})