Mercurial > hg > orthanc

diff OrthancServer/Sources/main.cpp @ 4182:1c9c2c41c015

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
When checking DICOM allowed methods, if there are multiple modalities with the same AET, differentiate them from the calling IP
author Alain Mazy <alain@mazy.be>
date Wed, 09 Sep 2020 14:46:59 +0200
parents 1ec3e1e18f50
children 9ce5c89328f5
line wrap: on
line diff
--- a/OrthancServer/Sources/main.cpp	Mon Sep 07 15:08:52 2020 +0200
+++ b/OrthancServer/Sources/main.cpp	Wed Sep 09 14:46:59 2020 +0200
@@ -323,10 +323,28 @@
     {
       OrthancConfiguration::ReaderLock lock;
 
-      RemoteModalityParameters modality;
-      if (lock.GetConfiguration().LookupDicomModalityUsingAETitle(modality, remoteAet))
+      std::list<RemoteModalityParameters> modalities;
+      if (lock.GetConfiguration().LookupDicomModalitiesUsingAETitle(modalities, remoteAet))
       {
-        return modality.IsRequestAllowed(type);
+        if (modalities.size() == 1) // don't check the IP if there's only one modality with this AET
+        {
+          return modalities.front().IsRequestAllowed(type);
+        }
+        else // if there are multiple modalities with the same AET, check the one matching this IP
+        {
+          for (std::list<RemoteModalityParameters>::const_iterator it = modalities.begin(); it != modalities.end(); ++it)
+          {
+            if (it->GetHost() == remoteIp)
+            {
+              return it->IsRequestAllowed(type);
+            }
+          }
+
+          LOG(WARNING) << "Unable to check DICOM authorization for AET " << remoteAet
+                       << " on IP " << remoteIp << ", " << modalities.size()
+                       << " modalites found with this AET but none of them matching the IP";
+        }
+        return false;
       }
       else
       {