forked from orthanc-server/orthanc-setup-samples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
filter-http.lua
31 lines (23 loc) · 993 Bytes
/
filter-http.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
function IncomingHttpRequestFilter(method, uri, ip, username, httpHeaders)
if username == 'admin' then -- admin user can do anything
return true
elseif method == 'DELETE' and string.match(uri, '/patients/') then -- delete patient allowed only for certain users
local patientInfo = ParseJson(RestApiGet(uri))
PrintRecursive(patientInfo)
print('user ' .. username ..' is trying to delete PatientID: ' .. patientInfo["MainDicomTags"]["PatientID"])
-- todo: return true/false according to your criteria ...
return false
elseif method == 'DELETE' then -- forbid all other deletes
return false
else -- everything else is allowed
return true
end
end
-- disable the anonymize route only
function IncomingHttpRequestFilter(method, uri, ip, username, httpHeaders)
if method == 'POST' and string.match(uri, '/anonymize') then
return false
else -- everything else is allowed
return true
end
end