...
- StoreSCP
- Restrict storage operation according Study Append Permissions granted to roles of the user associated with the Storage SCU, if its AE Title is not listed in UnrestrictedAppendPermissionsToAETitles.
If the archive already contains objects of the same study as the received object belongs, storage will fail with Cxxx Error: Cannot understand, if no user identification is associated with the Storage Requestor or if the user has no permission to store additional object to an already existing study. - Error Status Error message
CE10 Missing user identification for appending existing Study - CE24 No permission to append existing Study
- Restrict storage operation according Study Append Permissions granted to roles of the user associated with the Storage SCU, if its AE Title is not listed in UnrestrictedAppendPermissionsToAETitles.
- WADO
Access according Study Read Permissions granted to roles of authentified user. Edit servlet Parameters to activate Read Permissions for access via WADO:
retrievetrue: restrict WADO retrieve of objects according Study Read permission of remote user. denied access if no remote user information is associated with the request false: no restriction. →Code Block xml xml <!--Enable/Disable StudyPermissionCheck for WADO
<init-param>retrieve true: --> <!-- restrict WADO retrieve of objects according Study Read permission of remote user. --> <!-- denied access if no remote user information is associated with the request false: no restriction. --> <init-param> <param-name>enableStudyPermissionCheck</param-name>
<param-value>false</param-value>
</init-param>
<!-- Disable StudyPermissionCheck for dedicated user(s). --> <!-- List of users (seperated by ',') for which Study Read permissions are not checked on WADO retrieve, --> <!-- even if enableStudyPermissionCheck=true. default: admin -->
<init-param>
<param-name>disableStudyPermissionCheckForUser</param-name>
<param-value>admin</param-value>
</init-param>
- AE Management
User ID and Password attribute are configurable for AET's which do not support user identification identification - WebInterface
- Configure the Web Interface for usage of study permissions:
- Enable Study Permission for WebInterface
Query, Edit and Delete restrictions are anabled by setting the following parameter in ../server/default/deploy/dcm4chee-web.war/WEB-INF/web.xml (has to be extracted for editing):Code Block xml xml <init-param>
<param<param-name>enableStudyPermissionCheck</param-name>
<param<param-value>false</param-value>
</init-param>
- It is als possible to disable StudyPermissionCheck for dedicated user(s) (seperated by ',') that should see all studies (e.g. to configure Study Permissions Roles.
Code Block xml xml <init-param>
<param
name> <param<param-name>disableStudyPermissionCheckForUser</param-
name> <param-value>admin</param-value>
</init-param>
- Grant/Revoke Study Permission
Users have to be assigned to one of the following roles to be able to grant/revoke study permissions:
GrantPrivileg – Users of this role are allowed to grant/revoke study sermissions for ALL studies in the archive
GrantOwnPrivileg – Users of this role are allowed to grant/revoke study permissions for those studies they have already got read permission - If user authentificationis managed by the PACS Database these roles have to be enabled in.../dcm4chee-web/dcm4chee-webroles-cfg.xml.
Code Block xml xml <role name="client1" type="StudyPermission" descr="Role for client 1 (Radiology)"/> <role name="client2" type="StudyPermission" descr="role for client 2 (Neurosurgery)"/>
- Enable Study Permission for WebInterface
- Configure the Web Interface for usage of study permissions:
...