ACL mediated `tools/bulk-content`: bulk content endpoint which filters results based on what the user has access to on the platform (!40) · Merge requests · Oak-Tree / Medical Imaging / Orthanc Sonador Cloud Plugin

Rob Oakes requested to merge roakes/acl.batch-content into roakes/nsync-hpop Sep 18, 2024

Implementation of the tools/bulk-content API within Orthanc that is able to filter results based on what access control policies the user has been associated with. (Both grants via a direct user policy or a grant provided a group are taken into account.)

Implementation notes:

Filtering via the /tools/batch-content endpoint works in similar fashion to the /tools/secure-find endpoint.
- If the user has a query permission for the server, then the query executes without filtering the resource by the ACL.
- Without a global permission, the resources visible to the user are only those to which they are associated by a policy.
The view instance (SecureCacheFetchBulkContentView) providing the endpoint override is a subclass of orthanc_sonador.web.bulk.CacheFetchBulkContentView
- The view provides a RapidLookup parameter which can be used to toggle whether the view uses the cache or native interface.
- Helper classes (SonadorResourceAclPolicyPatientQueryHelper, SonadorResourceAclPolicyStudyQueryHelper, SonadorResourceAclPolicySeriesQueryHelper) were created to help utilize the ACL query methods of the dcmquery module in a view needing to support multiple types of resources.

Project Tracking

OP#41

Edited Sep 21, 2024 by Rob Oakes

ACL mediated `tools/bulk-content`: bulk content endpoint which filters results based on what the user has access to on the platform

Project Tracking

Merge request reports