StudyPermissions - How it really work?

787 views
Skip to first unread message

Tiago Vieira

unread,
Dec 1, 2013, 10:41:20 AM12/1/13
to dcm...@googlegroups.com
Hello,

I have searching for all the forums and discussions about studypermissions, but I cannot get this working automatically, I have setup everything to work with study permissions and if I set the permissions manually it works great on Dicom and Web, but I cannot add permissions since the studies are added to DCM4CHEE.


This is what I have made:
 

jmx-console->dcm4chee.archive->service=StudyPermission

UpdateOnSeriesStored= True

UpdateOnNewStudy=True

jmx-console->dcm4chee.archive->service=QueryRetrieveScp e Store_SCP

CallingAETitles: ANY?

UnrestrictedQueryPermissionsToAETitles=DCM4CHEE

UnrestrictedExportPermissionsToAETitles=DCM4CHEE

UnrestrictedReadPermissionsToAETitles=DCM4CHEE


On the AE Titles setup on the dcm4chee webconsole I have add the user and password corresponding and add that user a role.

After that I add the following code on the series-permission.xml

\dcm4chee\server\default\conf\dcm4chee-permission\series-permission.xml

--------------------------------------------------------------------------------------------------------------------

<xsl:variable name="retrievAET" select="attr[@tag='00080054']" />

<xsl:when test="$retrievAET='OSIRIX1'">

                <grant role="WebUser" action="Q,R,E,A,U,D" suid="{attr[@tag='0020000D']}"/>

        </xsl:when>

------------------------------------------------------------------------------------

But when I send some study from OSIRIX1 to DCM4CHEE nothing happen and no permission is added to the study...


So what I´m missing here? How can I add automatically permissions to all studies depending on the source ae title, or Institution name... I see too many examples but they dont work!! .. on my installation.

This is the log when the image is sent to DCM4CHEE:

[org.dcm4chex.archive.hl7.StudyPermissionService] Failed to update permissions on Series stored

java.io.FileNotFoundException: I:\dcm4chee\server\default\conf\dcm4chee-permission\series-permission.xsl

at org.dcm4chex.archive.util.FileUtils.toExistingFile(FileUtils.java:181)

at org.dcm4chex.archive.hl7.StudyPermissionService.xslt(StudyPermissionService.java:549)

at org.dcm4chex.archive.hl7.StudyPermissionService.onSeriesStored(StudyPermissionService.java:507)

at org.dcm4chex.archive.hl7.StudyPermissionService.access$100(StudyPermissionService.java:88)

at org.dcm4chex.archive.hl7.StudyPermissionService$2.handleNotification(StudyPermissionService.java:403)

at sun.reflect.GeneratedMethodAccessor5.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:597)

at org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153)

at $Proxy11.handleNotification(Unknown Source)

at org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127)

at org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:110)

at org.dcm4chex.archive.dcm.AbstractScpService.sendJMXNotification(AbstractScpService.java:856)

at org.dcm4chex.archive.dcm.storescp.StoreScpService.sendSeriesStoredNotification(StoreScpService.java:932)

at org.dcm4chex.archive.dcm.storescp.StoreScpService.checkPendingSeriesStored(StoreScpService.java:970)

at org.dcm4chex.archive.dcm.storescp.StoreScpService.access$300(StoreScpService.java:109)

at org.dcm4chex.archive.dcm.storescp.StoreScpService$3$1.run(StoreScpService.java:150)

at java.lang.Thread.run(Thread.java:662)

AND

[org.dcm4chex.archive.dcm.storescp.StoreScpService] No permission to append existing Study

org.dcm4che.net.DcmServiceException: No permission to append existing Study

at org.dcm4chex.archive.dcm.storescp.StoreScp.checkAppendPermission(StoreScp.java:910)

at org.dcm4chex.archive.dcm.storescp.StoreScp.doActualCStore(StoreScp.java:510)

at org.dcm4chex.archive.dcm.storescp.StoreScp.doCStore(StoreScp.java:471)

at org.dcm4che.net.DcmServiceBase.c_store(DcmServiceBase.java:116)

at org.dcm4cheri.net.ActiveAssociationImpl.run(ActiveAssociationImpl.java:230)

at org.dcm4cheri.util.LF_ThreadPool.join(LF_ThreadPool.java:174)

at org.dcm4cheri.net.ActiveAssociationImpl.run(ActiveAssociationImpl.java:164)

at org.dcm4cheri.server.DcmHandlerImpl.handle(DcmHandlerImpl.java:249)

at org.dcm4cheri.server.ServerImpl.run(ServerImpl.java:288)

at org.dcm4cheri.util.LF_ThreadPool.join(LF_ThreadPool.java:174)

at org.dcm4cheri.server.ServerImpl$1.run(ServerImpl.java:242)

at java.lang.Thread.run(Thread.java:662) 


Any contribution to understand what is wrong I would appreciate. 

Best Regards,

Tiago Vieira 

Tiago Vieira

unread,
Dec 1, 2013, 5:34:37 PM12/1/13
to dcm...@googlegroups.com
Ok I found the solution on the forum:

<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
  <xsl:output method="xml"/>
  <xsl:param name="calling" select="'SAMPLE_MOD'"/>
  <xsl:template match="dataset">
  <xsl:variable name="reqservice" select="string(attr[@tag='00321033'])"/>
    <permissions>
     <xsl:choose>
      <xsl:when test="$calling='HOSPITAL1'">
           <grant role= "HOSP1" action="Q,E,U,D,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:when>
       <xsl:when test="$calling='HOSPITAL2'">
           <grant role= "HOSP2" action="Q,E,U,D,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:when>
        <xsl:otherwise>
         <grant role= "UNKNOWN" action="Q,E,U,D,R,A" suid="{attr[@tag='0020000D']}"/>
        </xsl:otherwise>
      </xsl:choose>
    </permissions>
  </xsl:template>
</xsl:stylesheet>

 Know when the studies are sent from the ae title is setup the permissions correctly, but the images already added before dont apply the series-permissions, why?

I check the option "UpdateOnSeriesStored= True".

Any help?

Thanks
Tiago

Fabrizzio Salazar

unread,
Jan 17, 2014, 1:33:21 PM1/17/14
to dcm...@googlegroups.com
do you make it work??

Regards
Fs

Tiago Vieira

unread,
Jan 19, 2014, 4:02:20 PM1/19/14
to dcm...@googlegroups.com
Hello,

Yes I have the permissions working, I setup the series-permission.xml file to give permissions based on the Institution Name and Ae title, and after that I had setup the username and password on the ae title configuration on the web3 interface.

Then based on the username each ae title only see the studies they have permissions.

Best regards,

Tiago

Sexta-feira, 17 de Janeiro de 2014 18:33:21 UTC, Fabrizzio Salazar escreveu:
do you make it work?

Fabrizzio Salazar

unread,
Jan 20, 2014, 9:58:45 AM1/20/14
to dcm...@googlegroups.com
i have already work this config in one of my implementations, but the problem is with the stored studies before the permissions modification, what is the function for UpdateOnSeriesStored= True?

Regards
Fabrizzio

Tiago Vieira

unread,
Jan 20, 2014, 10:06:13 AM1/20/14
to dcm...@googlegroups.com
Hello,

I set that option to "true" but the permissions are not applied to the studies already stored, I have to import them again...

If you can find some solution to apply the studies already store let me know.

Tiago.

sandro moser

unread,
Apr 27, 2014, 7:17:34 PM4/27/14
to dcm...@googlegroups.com, tiag...@gmail.com
Hello Tiago,

I am with the same issue here, however I really cant make it work even following yr examples here...

We have a DCM4CHEE PACS server that receives XA images from 5 differente Osirix Pacs from differente hospitals.

We want that each Osirix Pacs client only may Query/Retrieve their relative studies. (as they are all archived in the same DCM4CHEE Server.).

Please help me....

Keith Schneider

unread,
Sep 16, 2015, 7:19:07 PM9/16/15
to dcm4che, tiag...@gmail.com
Hi, did you ever find any solution to this, other than blocking OsiriX and only allowing web access?

keith

Ralf Hoffmann

unread,
Sep 17, 2015, 5:04:35 PM9/17/15
to dcm4che, tiag...@gmail.com
To add Study permissions on old studies, have a look into the database:

study_permission

ColumnDescription
pkThe primary key
study_iuidDICOM Study Instance UID (0020,000D).
actionAllowed Actions 
rolesRoles granted Access 

Just add the needed values to existing studies.
Reply all
Reply to author
Forward
0 new messages