Mercurial > hg > orthanc

diff OrthancServer/main.cpp @ 409:63f707278fc8 lua-scripting

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lua filtering of incoming http requests
author Sebastien Jodogne <s.jodogne@gmail.com>
date Fri, 03 May 2013 12:23:02 +0200
parents 2d269089078f
children 53d79c963e4a
line wrap: on
line diff
--- a/OrthancServer/main.cpp	Thu May 02 16:51:40 2013 +0200
+++ b/OrthancServer/main.cpp	Fri May 03 12:23:02 2013 +0200
@@ -148,6 +148,66 @@
 };
 
 
+class MyIncomingHttpRequestFilter : public IIncomingHttpRequestFilter
+{
+private:
+  ServerContext& context_;
+
+public:
+  MyIncomingHttpRequestFilter(ServerContext& context) : context_(context)
+  {
+  }
+
+  virtual bool IsAllowed(Orthanc_HttpMethod method,
+                         const char* uri,
+                         const char* ip,
+                         const char* username) const
+  {
+    static const char* HTTP_FILTER = "IncomingHttpRequestFilter";
+
+    // Test if the instance must be filtered out
+    if (context_.GetLuaContext().IsExistingFunction(HTTP_FILTER))
+    {
+      LuaFunctionCall call(context_.GetLuaContext(), HTTP_FILTER);
+
+      switch (method)
+      {
+        case Orthanc_HttpMethod_Get:
+          call.PushString("GET");
+          break;
+
+        case Orthanc_HttpMethod_Put:
+          call.PushString("PUT");
+          break;
+
+        case Orthanc_HttpMethod_Post:
+          call.PushString("POST");
+          break;
+
+        case Orthanc_HttpMethod_Delete:
+          call.PushString("DELETE");
+          break;
+
+        default:
+          return true;
+      }
+
+      call.PushString(uri);
+      call.PushString(ip);
+      call.PushString(username);
+
+      if (!call.ExecutePredicate())
+      {
+        LOG(INFO) << "An incoming HTTP request has been discarded by the filter";
+        return false;
+      }
+    }
+
+    return true;
+  }
+};
+
+
 void PrintHelp(char* path)
 {
   std::cout 
@@ -321,9 +381,11 @@
       dicomServer.SetApplicationEntityTitle(GetGlobalStringParameter("DicomAet", "ORTHANC"));
 
       // HTTP server
+      MyIncomingHttpRequestFilter httpFilter(context);
       MongooseServer httpServer;
       httpServer.SetPortNumber(GetGlobalIntegerParameter("HttpPort", 8042));
       httpServer.SetRemoteAccessAllowed(GetGlobalBoolParameter("RemoteAccessAllowed", false));
+      httpServer.SetIncomingHttpRequestFilter(httpFilter);
 
       httpServer.SetAuthenticationEnabled(GetGlobalBoolParameter("AuthenticationEnabled", false));
       SetupRegisteredUsers(httpServer);