| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: orthanc-authorization | Distribution: SUSE Linux Enterprise 16 |
| Version: 0.9.4 | Vendor: openSUSE |
| Release: bp160.1.1 | Build date: Mon Jul 14 14:56:31 2025 |
| Group: Productivity/Graphics/Viewers | Build host: reproducible |
| Size: 549405 | Source RPM: orthanc-authorization-0.9.4-bp160.1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: http://orthanc-server.com | |
| Summary: Authorisation plugin for Orthanc | |
Plugin for authorization
GPL-3.0-or-later
* Mon Jul 14 2025 Axel Braun <axel.braun@gmx.de>
- version 0.9.4
* Fixed a security issue: the entries in the cache token->permissions were kept too long in the cache
allowing users to have access to generic routes even with an expired token.
These entries are now stored maximum for 10 seconds.
Note that the validity duration of the token->user-profile entries is determined by the auth-service;
typically 60 seconds.
* New default permissions to Q&R remote modalities
* The /tokens/decode route now returns 2 additionnal fields:
"ResourcesDicomIds" and "ResourcesOrthancIds".
This will only work if the authorization service returns a "resources" field to the /tokens/decode route.
* Maintenance: Use Orthanc SDK 1.12.4 by default to benefit from more detailed logging.
* Fix default permission for /dicom-web/servers/../stow
* When calling /dicom-web/studies with a resource token when no StudyInstanceUID
is specified in the query args, the plugin now adds a filter on StudyInstanceUID=X|Y where
X & Y are the StudyInstanceUIDs of the resource token.
This will only work if the authorization service returns a "resources" field to the /tokens/decode route.
This notably prevents OHIF to display errors when requesting
prior studies while still preserving the security since only the authorized resources are returned.
* Mon May 05 2025 Axel Braun <axel.braun@gmx.de>
- Version 0.9.2
* When calling /dicom-web/studies with a resource token when no StudyInstanceUID
is specified in the query args, the plugin now returns an empty list of resources
instead of returning a 403. This notably prevents OHIF to display errors when requesting
prior studies while still preserving the security since no resources are returned.
* Added support for /dicom-web/studies/../thumbnail.
* static_build.patch removed (upstream)
* Thu Apr 10 2025 Axel Braun <axel.braun@gmx.de>
- version 0.9.1
* static_build.patch added
* The plugin is now using the HttpClient from the Orthanc core instead of its
own HttpClient which should enable support for https since the plugin
is not built with SSL support.
* New default permission to upload to ^/DICOM_WEB_ROOT/studies/([.0-9]+)
(https://orthanc.uclouvain.be/bugs/show_bug.cgi?id=244)
* Thu Feb 27 2025 Axel Braun <axel.braun@gmx.de>
- version 0.9.0
* The plugin now filters out all unauthorized labels from the "Labels" fields
in the responses of these API routes:
- /tools/find
- /studies/{id} & similar routes
- /studies/{id}/series & similar routes
- /series/{id}/study & similar routes
- /series/{id}/labels & similar routes
In the past, this was only done in /tools/labels
* Allow using the auth-plugin together with "AuthenticationEnabled": true.
https://discourse.orthanc-server.org/t/user-based-access-control-with-label-based-resource-access/5454
* Added a default permission for /auth/tokens/volview-viewer-publication
* New standard configuration "volview"
* Fri Jan 24 2025 Axel Braun <axel.braun@gmx.de>
- version 0.8.2
* initial OBS build
/usr/lib64/share /usr/lib64/share/orthanc /usr/lib64/share/orthanc/plugins /usr/lib64/share/orthanc/plugins/libOrthancAuthorization.so.0.9.4 /usr/share/licenses/orthanc-authorization /usr/share/licenses/orthanc-authorization/COPYING /usr/share/orthanc /usr/share/orthanc/plugins /usr/share/orthanc/plugins/libOrthancAuthorization.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Jul 16 23:38:14 2025