Cannot get Study Permissions (Role Based Access Control) working

127 views
Skip to first unread message

Sergiy Stepanyuk

unread,
Jan 20, 2017, 9:59:05 AM1/20/17
to dcm4che
Hi guys,
I need your help about StudyPermissions based on series-permission.xsl file.

I've installed dcm4chee 2.17.1 (where dcm4chee-web3 is already included) on the CenOS. I've used instructions https://dcm4che.atlassian.net/wiki/display/WEA/Installing+Weasis+in+DCM4CHEE for the installation. It seems, that DCM4CHEE server works good. 
Next step, I had a task to configure Study Permissions.For this purpose, I've followed https://dcm4che.atlassian.net/wiki/pages/viewpage.action?pageId=2556087
Two test roles and corresponding users (doc1, doc2) were created using web interface (please see tha attached screenshot "Testing Roles and Users.png"). I've tried to configure the permissions on the base of Institution Name and Modality, for example, but no effects in general. I assume that this series-permission.xsl file is not applied in general.
Here is an example of series-permission.xsl file:

<!-- Sample configuration for grant/revoke Study Permissions on Series Stored event -->
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
  <xsl:output method="xml"/>
  <xsl:param name="calling" select="'SAMPLE_MOD'"/>
  <xsl:template match="/dataset">
    <permissions>
        <xsl:variable name="studyUID" select="attr[@tag='0020000D']" />
        <xsl:variable name="seriesMOD" select="attr[@tag='00080060']" />
        <xsl:variable name="patIssuer" select="attr[@tag='00100021']" />
       <xsl:choose>
<!--
        Configuration for CT stored in client2 - Neurosurgery
-->
        <xsl:when test="$seriesMOD='OT'">
                <!-- grant Query, Read and Append permission on Study to client2 in special case -->
                <grant role="HollyWoodRole" action="Q,E,U,D,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:when>
<!--
        Configuration for CT stored in client1 - Radiology (having ISSUER set to DCM4CHEE)
-->
       <xsl:when test="$seriesMOD='MR'">
                <!-- grant Query, Read and Append permission on Study to client2 in special case -->
                <grant role="HighFieldRole" action="Q,E,U,D,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:when>
<!--
        all other Modalities stored client1 - Radiology (having ISSUER set to DCM4CHEE)
-->
        <xsl:otherwise>
                <!-- grant Query, Read and Append permission on Study to client1 per default -->
                <grant role="HighFieldRole" action="Q,E,U,D,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:otherwise>
      </xsl:choose>
</permissions>
  </xsl:template>
</xsl:stylesheet>

Please help me here if someone has any ideas.

Thank you,
Sergiy Stepanyuk
Testing Roles and Users.png

oscar acuña

unread,
Feb 6, 2017, 8:59:15 PM2/6/17
to dcm4che
Could you solve it? I have the same problem =/
Reply all
Reply to author
Forward
0 new messages