Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package orthanc-authorization for
openSUSE:Factory checked in at 2025-10-12 22:24:39
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/orthanc-authorization (Old)
and /work/SRC/openSUSE:Factory/.orthanc-authorization.new.18484 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "orthanc-authorization"
Sun Oct 12 22:24:39 2025 rev:8 rq:1310936 version:0.10.2
Changes:
--------
---
/work/SRC/openSUSE:Factory/orthanc-authorization/orthanc-authorization.changes
2025-09-11 14:47:07.619546241 +0200
+++
/work/SRC/openSUSE:Factory/.orthanc-authorization.new.18484/orthanc-authorization.changes
2025-10-12 22:29:46.599320109 +0200
@@ -1,0 +2,8 @@
+Sun Oct 12 14:19:00 UTC 2025 - Axel Braun <[email protected]>
+
+- version 0.10.2
+ * New default permissions to add/delete modalities through the Rest API
+
https://discourse.orthanc-server.org/t/managing-modalities-using-the-rest-api-and-keycloak/6137
+ * New standard configuration "stl"
+
+-------------------------------------------------------------------
Old:
----
OrthancAuthorization-0.10.1.tar.gz
New:
----
OrthancAuthorization-0.10.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ orthanc-authorization.spec ++++++
--- /var/tmp/diff_new_pack.bqE4xo/_old 2025-10-12 22:29:48.943418246 +0200
+++ /var/tmp/diff_new_pack.bqE4xo/_new 2025-10-12 22:29:48.983419921 +0200
@@ -21,7 +21,7 @@
Summary: Authorisation plugin for Orthanc
License: GPL-3.0-or-later
Group: Productivity/Graphics/Viewers
-Version: 0.10.1
+Version: 0.10.2
Release: 0
URL: http://orthanc-server.com
Source0:
https://orthanc.uclouvain.be/downloads/sources/%{name}/OrthancAuthorization-%{version}.tar.gz
++++++ OrthancAuthorization-0.10.1.tar.gz -> OrthancAuthorization-0.10.2.tar.gz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/OrthancAuthorization-0.10.1/.hg_archival.txt
new/OrthancAuthorization-0.10.2/.hg_archival.txt
--- old/OrthancAuthorization-0.10.1/.hg_archival.txt 2025-08-13
18:16:05.000000000 +0200
+++ new/OrthancAuthorization-0.10.2/.hg_archival.txt 2025-10-10
08:46:45.000000000 +0200
@@ -1,6 +1,6 @@
repo: decac5df19c4aa24efe56534b828a295397c80e4
-node: 117032bb73b26ac117f159e9f97dcbc2eb143089
-branch: 0.10.1
+node: 092ccae9c2170a9341f03c97cccd728b3816263f
+branch: 0.10.2
latesttag: null
-latesttagdistance: 229
-changessincelatesttag: 246
+latesttagdistance: 237
+changessincelatesttag: 256
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/OrthancAuthorization-0.10.1/CMakeLists.txt
new/OrthancAuthorization-0.10.2/CMakeLists.txt
--- old/OrthancAuthorization-0.10.1/CMakeLists.txt 2025-08-13
18:16:05.000000000 +0200
+++ new/OrthancAuthorization-0.10.2/CMakeLists.txt 2025-10-10
08:46:45.000000000 +0200
@@ -17,11 +17,11 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-cmake_minimum_required(VERSION 2.8)
+cmake_minimum_required(VERSION 2.8...4.0)
project(OrthancAuthorization)
-set(ORTHANC_PLUGIN_VERSION "0.10.1")
+set(ORTHANC_PLUGIN_VERSION "0.10.2")
if (ORTHANC_PLUGIN_VERSION STREQUAL "mainline")
set(ORTHANC_FRAMEWORK_VERSION "mainline")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/OrthancAuthorization-0.10.1/NEWS
new/OrthancAuthorization-0.10.2/NEWS
--- old/OrthancAuthorization-0.10.1/NEWS 2025-08-13 18:16:05.000000000
+0200
+++ new/OrthancAuthorization-0.10.2/NEWS 2025-10-10 08:46:45.000000000
+0200
@@ -1,3 +1,11 @@
+2025-10-10 - v 0.10.2
+=====================
+
+* New default permissions to add/delete modalities through the Rest API
+
https://discourse.orthanc-server.org/t/managing-modalities-using-the-rest-api-and-keycloak/6137
+* New standard configuration "stl"
+
+
2025-08-13 - v 0.10.1
=====================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/OrthancAuthorization-0.10.1/Plugin/DefaultConfiguration.json
new/OrthancAuthorization-0.10.2/Plugin/DefaultConfiguration.json
--- old/OrthancAuthorization-0.10.1/Plugin/DefaultConfiguration.json
2025-08-13 18:16:05.000000000 +0200
+++ new/OrthancAuthorization-0.10.2/Plugin/DefaultConfiguration.json
2025-10-10 08:46:45.000000000 +0200
@@ -44,7 +44,8 @@
// "stone-webviewer",
// "orthanc-explorer-2",
// "ohif",
- // "volview"
+ // "volview",
+ // "stl"
// ],
//"UncheckedResources" : [],
@@ -94,8 +95,9 @@
["get" , "^/jobs/([a-f0-9-]+)$",
"all|send|modify|anonymize|q-r-remote-modalities"],
// interacting with peers/modalities/dicomweb
- ["post", "^/(peers|modalities)/(.*)/store$", "all|send"],
+ ["post", "^/(peers|modalities)/(.*)/(store|store-straight)$",
"all|send"],
["get" , "^/(peers|modalities)$",
"all|send|q-r-remote-modalities"],
+ ["get" , "^/(peers|modalities)/(.*)/configuration$",
"all|send|q-r-remote-modalities"],
["post", "^/modalities/(.*)/echo$",
"all|send|q-r-remote-modalities"],
["post", "^/modalities/(.*)/query$", "all|q-r-remote-modalities"],
["get", "^/queries/([a-f0-9-]+)/answers$",
"all|q-r-remote-modalities"],
@@ -131,7 +133,17 @@
["get", "^/auth/settings/permissions$", "admin-permissions"],
// audit-logs
- ["get", "^/auth/audit-logs$", "admin-permissions|audit-logs"]
+ ["get", "^/auth/audit-logs$", "admin-permissions|audit-logs"],
+
+ // add-delete modalities through the Rest API
+ ["put", "^/modalities/(.*)$", "admin-permissions"],
+ ["delete", "^/modalities/(.*)$", "admin-permissions"]
]
+
+ // If you just need to add a few permissions, while preserving the
default ones,
+ // You may just not specify any "Permissions" field and add a few
entries in the ExtraPermissions
+ // "ExtraPermissions" : [
+ // ["post", "^/my-plugin/do-something$", "all|upload"]
+ // ]
}
}
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/OrthancAuthorization-0.10.1/Plugin/Plugin.cpp
new/OrthancAuthorization-0.10.2/Plugin/Plugin.cpp
--- old/OrthancAuthorization-0.10.1/Plugin/Plugin.cpp 2025-08-13
18:16:05.000000000 +0200
+++ new/OrthancAuthorization-0.10.2/Plugin/Plugin.cpp 2025-10-10
08:46:45.000000000 +0200
@@ -2357,6 +2357,13 @@
tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader,
"Authorization"));
}
+ if (standardConfigurations.find("stl") !=
standardConfigurations.end())
+ {
+ uncheckedFolders_.push_back("/stl/");
+
+
tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader,
"Authorization"));
+ }
+
}
std::string checkedLevelString;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/OrthancAuthorization-0.10.1/Resources/Orthanc/CMake/AutoGeneratedCode.cmake
new/OrthancAuthorization-0.10.2/Resources/Orthanc/CMake/AutoGeneratedCode.cmake
---
old/OrthancAuthorization-0.10.1/Resources/Orthanc/CMake/AutoGeneratedCode.cmake
2025-08-13 18:16:05.000000000 +0200
+++
new/OrthancAuthorization-0.10.2/Resources/Orthanc/CMake/AutoGeneratedCode.cmake
2025-10-10 08:46:45.000000000 +0200
@@ -20,7 +20,7 @@
# <http://www.gnu.org/licenses/>.
-set(EMBED_RESOURCES_PYTHON "${CMAKE_CURRENT_LIST_DIR}/../EmbedResources.py"
+set(EMBED_RESOURCES_PYTHON "${CMAKE_CURRENT_LIST_DIR}/EmbedResources.py"
CACHE INTERNAL "Path to the EmbedResources.py script from Orthanc")
set(AUTOGENERATED_DIR "${CMAKE_CURRENT_BINARY_DIR}/AUTOGENERATED")
set(AUTOGENERATED_SOURCES)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/OrthancAuthorization-0.10.1/Resources/Orthanc/CMake/DownloadOrthancFramework.cmake
new/OrthancAuthorization-0.10.2/Resources/Orthanc/CMake/DownloadOrthancFramework.cmake
---
old/OrthancAuthorization-0.10.1/Resources/Orthanc/CMake/DownloadOrthancFramework.cmake
2025-08-13 18:16:05.000000000 +0200
+++
new/OrthancAuthorization-0.10.2/Resources/Orthanc/CMake/DownloadOrthancFramework.cmake
2025-10-10 08:46:45.000000000 +0200
@@ -207,6 +207,14 @@
# DICOMweb 1.15 (framework pre-1.12.2)
set(ORTHANC_FRAMEWORK_PRE_RELEASE ON)
set(ORTHANC_FRAMEWORK_MD5 "ebe8bdf388319f1c9536b2b680451848")
+ elseif (ORTHANC_FRAMEWORK_VERSION STREQUAL "36cd91a53403")
+ # Advanced storage 0.2.0 (framework pre-1.12.10)
+ set(ORTHANC_FRAMEWORK_PRE_RELEASE ON)
+ set(ORTHANC_FRAMEWORK_MD5 "911105f18a154b5e106985d8fcfcb620")
+ elseif (ORTHANC_FRAMEWORK_VERSION STREQUAL "9eb77f159b9d")
+ # Advanced storage 0.2.2 (framework pre-1.12.10)
+ set(ORTHANC_FRAMEWORK_PRE_RELEASE ON)
+ set(ORTHANC_FRAMEWORK_MD5 "bd5ba2cec329010b912209345acbdeaf")
endif()
endif()
endif()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/OrthancAuthorization-0.10.1/Resources/Orthanc/Plugins/OrthancPluginCppWrapper.cpp
new/OrthancAuthorization-0.10.2/Resources/Orthanc/Plugins/OrthancPluginCppWrapper.cpp
---
old/OrthancAuthorization-0.10.1/Resources/Orthanc/Plugins/OrthancPluginCppWrapper.cpp
2025-08-13 18:16:05.000000000 +0200
+++
new/OrthancAuthorization-0.10.2/Resources/Orthanc/Plugins/OrthancPluginCppWrapper.cpp
2025-10-10 08:46:45.000000000 +0200
@@ -23,6 +23,7 @@
#include "OrthancPluginCppWrapper.h"
+#include <cassert>
#include <boost/algorithm/string/predicate.hpp>
#include <boost/move/unique_ptr.hpp>
#include <boost/thread.hpp>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/OrthancAuthorization-0.10.1/Resources/SyncOrthancFolder.py
new/OrthancAuthorization-0.10.2/Resources/SyncOrthancFolder.py
--- old/OrthancAuthorization-0.10.1/Resources/SyncOrthancFolder.py
2025-08-13 18:16:05.000000000 +0200
+++ new/OrthancAuthorization-0.10.2/Resources/SyncOrthancFolder.py
2025-10-10 08:46:45.000000000 +0200
@@ -20,7 +20,7 @@
('OrthancFramework/Resources/CMake/DownloadOrthancFramework.cmake',
'CMake'),
('OrthancFramework/Resources/CMake/DownloadPackage.cmake', 'CMake'),
('OrthancFramework/Resources/CMake/GoogleTestConfiguration.cmake',
'CMake'),
- ('OrthancFramework/Resources/EmbedResources.py', 'CMake'),
+ ('OrthancFramework/Resources/CMake/EmbedResources.py', 'CMake'),
('OrthancFramework/Resources/Toolchains/LinuxStandardBaseToolchain.cmake',
'Toolchains'),
('OrthancFramework/Resources/Toolchains/MinGW-W64-Toolchain32.cmake',
'Toolchains'),
('OrthancFramework/Resources/Toolchains/MinGW-W64-Toolchain64.cmake',
'Toolchains'),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/OrthancAuthorization-0.10.1/UnitTestsSources/UnitTestsMain.cpp
new/OrthancAuthorization-0.10.2/UnitTestsSources/UnitTestsMain.cpp
--- old/OrthancAuthorization-0.10.1/UnitTestsSources/UnitTestsMain.cpp
2025-08-13 18:16:05.000000000 +0200
+++ new/OrthancAuthorization-0.10.2/UnitTestsSources/UnitTestsMain.cpp
2025-10-10 08:46:45.000000000 +0200
@@ -30,6 +30,10 @@
#include "../Plugin/MemoryCache.h"
#include "../Plugin/PermissionParser.h"
#include "../Plugin/ResourceHierarchyCache.h"
+#include "../Resources/Orthanc/Plugins/OrthancPluginCppWrapper.h"
+#include <Logging.h>
+#include <EmbeddedResources.h>
+
extern void AdjustToolsFindQueryLabels(Json::Value& query, const
OrthancPlugins::IAuthorizationService::UserProfile& profile);
@@ -586,108 +590,71 @@
}
}
-// TEST(ToolsFindLabels, AdjustQueryForUserWithForbiddenLabelsRestrictions)
-// {
-// // user who has forbidden access to "b" and "c"
-// OrthancPlugins::IAuthorizationService::UserProfile profile;
-// profile.forbiddenLabels.insert("b");
-// profile.forbiddenLabels.insert("c");
-
-// { // no labels before transformation -> "b", "c" label after (with a
'None' constraint)
-// Json::Value query;
-// query["Query"] = Json::objectValue;
-// query["Query"]["PatientID"] = "*";
-
-// AdjustToolsFindQueryLabels(query, profile);
-
-// ASSERT_EQ(2u, query["Labels"].size());
-// ASSERT_TRUE(IsInJsonArray("b", query["Labels"]));
-// ASSERT_TRUE(IsInJsonArray("c", query["Labels"]));
-// ASSERT_EQ("None", query["LabelsConstraint"].asString());
-// }
-
-// { // missing LabelsConstraint -> throw
-// Json::Value query;
-// query["Query"] = Json::objectValue;
-// query["Query"]["PatientID"] = "*";
-// query["Labels"] = Json::arrayValue;
-// query["Labels"].append("a");
-
-// ASSERT_THROW(AdjustToolsFindQueryLabels(query, profile),
Orthanc::OrthancException);
-// }
-
-// { // 'All' label constraint can not be modified for user with forbidden
labels
-// Json::Value query;
-// query["Query"] = Json::objectValue;
-// query["Query"]["PatientID"] = "*";
-// query["Labels"] = Json::arrayValue;
-// query["Labels"].append("b");
-// query["Labels"].append("c");
-// query["LabelsConstraint"] = "All";
-
-// ASSERT_THROW(AdjustToolsFindQueryLabels(query, profile),
Orthanc::OrthancException);
-// }
-
-// { // 'Any' label constraint can not be modified for user with forbidden
labels
-// Json::Value query;
-// query["Query"] = Json::objectValue;
-// query["Query"]["PatientID"] = "*";
-// query["Labels"] = Json::arrayValue;
-// query["Labels"].append("b");
-// query["Labels"].append("c");
-// query["LabelsConstraint"] = "Any";
-
-// ASSERT_THROW(AdjustToolsFindQueryLabels(query, profile),
Orthanc::OrthancException);
-// }
-
-// { // 'Any' label constraint can not be modified for user with forbidden
labels
-// Json::Value query;
-// query["Query"] = Json::objectValue;
-// query["Query"]["PatientID"] = "*";
-// query["Labels"] = Json::arrayValue;
-// query["Labels"].append("a");
-// query["LabelsConstraint"] = "Any";
-
-// ASSERT_THROW(AdjustToolsFindQueryLabels(query, profile),
Orthanc::OrthancException);
-// }
-
-
-// { // 'None' label constraint are modified to always contain at least all
forbidden_labels of the user
-// Json::Value query;
-// query["Query"] = Json::objectValue;
-// query["Query"]["PatientID"] = "*";
-// query["Labels"] = Json::arrayValue;
-// query["Labels"].append("b");
-// query["LabelsConstraint"] = "None";
-
-// AdjustToolsFindQueryLabels(query, profile);
-// ASSERT_EQ(2u, query["Labels"].size());
-// ASSERT_TRUE(IsInJsonArray("b", query["Labels"]));
-// ASSERT_TRUE(IsInJsonArray("c", query["Labels"]));
-// ASSERT_EQ("None", query["LabelsConstraint"].asString());
-// }
-
-// { // 'None' label constraint are modified to always contain at least all
forbidden_labels of the user
-// Json::Value query;
-// query["Query"] = Json::objectValue;
-// query["Query"]["PatientID"] = "*";
-// query["Labels"] = Json::arrayValue;
-// query["Labels"].append("d");
-// query["LabelsConstraint"] = "None";
-
-// AdjustToolsFindQueryLabels(query, profile);
-// ASSERT_EQ(3u, query["Labels"].size());
-// ASSERT_TRUE(IsInJsonArray("b", query["Labels"]));
-// ASSERT_TRUE(IsInJsonArray("c", query["Labels"]));
-// ASSERT_TRUE(IsInJsonArray("d", query["Labels"]));
-// ASSERT_EQ("None", query["LabelsConstraint"].asString());
-// }
-// }
+void TestPermissions(PermissionParser& permParser, const std::string& uri,
OrthancPluginHttpMethod method, const std::string& expectedPermissions)
+{
+ LOG(WARNING) << "testing permission on '" << uri << "'";
+ std::set<std::string> permissions;
+ std::vector<std::string> expectedPermissions_;
+ Orthanc::Toolbox::SplitString(expectedPermissions_, expectedPermissions,
'|');
+ std::string matchedPattern;
+
+ ASSERT_TRUE(permParser.Parse(permissions, matchedPattern, method, uri));
+ ASSERT_EQ(expectedPermissions_.size(), permissions.size());
+
+ for (size_t i = 0; i < expectedPermissions_.size(); ++i)
+ {
+ ASSERT_TRUE(permissions.find(expectedPermissions_[i]) !=
permissions.end());
+ }
+}
+
+TEST(PermissionParser, Basic)
+{
+ MemoryCache::Factory factory(10);
+ DefaultAuthorizationParser authorizationParser(factory, "/dicom-web/");
+
+ std::string defaultConfigurationFileContent;
+ Orthanc::EmbeddedResources::GetFileResource(defaultConfigurationFileContent,
Orthanc::EmbeddedResources::DEFAULT_CONFIGURATION);
+ Json::Value pluginJsonDefaultConfiguration;
+ OrthancPlugins::ReadJsonWithoutComments(pluginJsonDefaultConfiguration,
defaultConfigurationFileContent);
+
+ PermissionParser permParser("/dicom-web/", "/ui/");
+
+
permParser.Add(pluginJsonDefaultConfiguration["Authorization"]["Permissions"],
&authorizationParser);
+
+
+
+ { // test modalities
+
+ TestPermissions(permParser, "/modalities", OrthancPluginHttpMethod_Get,
"all|send|q-r-remote-modalities"); // list modalities
+ TestPermissions(permParser, "/modalities/alias",
OrthancPluginHttpMethod_Put, "admin-permissions"); // add modalities
+ TestPermissions(permParser, "/modalities/alias",
OrthancPluginHttpMethod_Delete, "admin-permissions"); // delete modalities
+ TestPermissions(permParser, "/modalities/alias/move",
OrthancPluginHttpMethod_Post, "all|q-r-remote-modalities"); // trigger a
c-move on distant modality
+ TestPermissions(permParser, "/modalities/alias/store",
OrthancPluginHttpMethod_Post, "all|send"); // trigger a c-move on distant
modality
+ TestPermissions(permParser, "/modalities/alias/store-straight",
OrthancPluginHttpMethod_Post, "all|send"); // trigger a c-move on distant
modality
+ TestPermissions(permParser, "/modalities/alias/echo",
OrthancPluginHttpMethod_Post, "all|send|q-r-remote-modalities"); // echo
+ TestPermissions(permParser, "/modalities/alias/configuration",
OrthancPluginHttpMethod_Get, "all|send|q-r-remote-modalities"); // see
configuration
+
+ }
+
+ // ["post", "^/modalities/(.*)/echo$",
"all|send|q-r-remote-modalities"],
+ // ["post", "^/modalities/(.*)/query$",
"all|q-r-remote-modalities"],
+ // ["get", "^/queries/([a-f0-9-]+)/answers$",
"all|q-r-remote-modalities"],
+ // ["get", "^/queries/([a-f0-9-]+)/answers/([0-9]+)/content$",
"all|q-r-remote-modalities"],
+ // ["post", "^/queries/([a-f0-9-]+)/answers/([0-9]+)/retrieve$",
"all|q-r-remote-modalities"],
+ // ["post", "^/modalities/(.*)/move$",
"all|q-r-remote-modalities"],
+
+}
}
int main(int argc, char **argv)
{
+ Orthanc::Logging::Initialize();
+
::testing::InitGoogleTest(&argc, argv);
- return RUN_ALL_TESTS();
+ int result = RUN_ALL_TESTS();
+
+ Orthanc::Logging::Finalize();
+
+ return result;
}
