| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- version 0.9.4
* Fixed a security issue: the entries in the cache token->permissions were kept too long in the cache
allowing users to have access to generic routes even with an expired token.
These entries are now stored maximum for 10 seconds.
Note that the validity duration of the token->user-profile entries is determined by the auth-service;
typically 60 seconds.
* New default permissions to Q&R remote modalities
* The /tokens/decode route now returns 2 additionnal fields:
"ResourcesDicomIds" and "ResourcesOrthancIds".
This will only work if the authorization service returns a "resources" field to the /tokens/decode route.
* Maintenance: Use Orthanc SDK 1.12.4 by default to benefit from more detailed logging.
* Fix default permission for /dicom-web/servers/../stow
* When calling /dicom-web/studies with a resource token when no StudyInstanceUID
is specified in the query args, the plugin now adds a filter on StudyInstanceUID=X|Y where
X & Y are the StudyInstanceUIDs of the resource token.
This will only work if the authorization service returns a "resources" field to the /tokens/decode route.
This notably prevents OHIF to display errors when requesting
prior studies while still preserving the security since only the authorized resources are returned.
- Version 0.9.2
* When calling /dicom-web/studies with a resource token when no StudyInstanceUID
is specified in the query args, the plugin now returns an empty list of resources
instead of returning a 403. This notably prevents OHIF to display errors when requesting
prior studies while still preserving the security since no resources are returned.
* Added support for /dicom-web/studies/../thumbnail.
* static_build.patch removed (upstream)
- version 0.9.1
* static_build.patch added
* The plugin is now using the HttpClient from the Orthanc core instead of its
own HttpClient which should enable support for https since the plugin
is not built with SSL support.
* New default permission to upload to ^/DICOM_WEB_ROOT/studies/([.0-9]+)
(https://orthanc.uclouvain.be/bugs/show_bug.cgi?id=244)
- version 0.9.0
* The plugin now filters out all unauthorized labels from the "Labels" fields
in the responses of these API routes:
- /tools/find
- /studies/{id} & similar routes
- /studies/{id}/series & similar routes
- /series/{id}/study & similar routes
- /series/{id}/labels & similar routes
In the past, this was only done in /tools/labels
* Allow using the auth-plugin together with "AuthenticationEnabled": true.
https://discourse.orthanc-server.org/t/user-based-access-control-with-label-based-resource-access/5454
* Added a default permission for /auth/tokens/volview-viewer-publication
* New standard configuration "volview"
- version 0.8.2 * initial OBS build