Direct access to DICOM files from a different account with secondary group being orthanc group so read only

Google Groups archive
1

Would it be bad on a Linux system if a process belonging to a different user having orthanc as a secondary group and hence guaranteed read-only via unix filesystem protections accessed orhanc user DICOM files directly?

I could see this being useful in a local processing scenario to avoid data duplication or copy delays. One could create a different directory hierarchy say by by patientID or studyID populated with logical link or even hard links for the files themselves. Who know maybe orthanc itself could keep that tree up to date via some trigger mechanism allowing the execution of some user supplied code.

Regards

N.

2

You can certainly hack Orthanc in many ways to fine-tune it to your very specific situation, but please have a look at this:
https://book.orthanc-server.com/faq/orthanc-storage.html#direct-access

You could try and implement a custom storage area. Check out function “OrthancPluginRegisterStorageArea()” in the Orthanc plugin SDK:
https://sdk.orthanc-server.com/

https://book.orthanc-server.com/developers/creating-plugins.html

You could also create symbolic links in the Lua callback “OnStoredInstance()” or using SDK function “OrthancPluginRegisterOnStoredInstanceCallback()”. Indeed, as both of these functions receive the “instanceId” information, the “/instances/{instanceId}” route can then be queried to retrieve the ID of the DICOM file in the storage area (it is contained in the “FileUuid” field).

Here is a working Lua script that uses the “LuaFileSystem” module (“apt-get install lua-filesystem” in Ubuntu), assuming a direct access to the Orthanc storage area:

require ‘lfs’

SOURCE = ‘/home/jodogne/OrthancStorage’
TARGET = ‘/tmp/orthanc’

function OnStoredInstance(instanceId, tags, metadata, origin)
local instance = ParseJson(RestApiGet(‘/instances/’ … instanceId))
local file = instance[“FileUuid”]
local source = SOURCE … ‘/’ … file:sub(0, 2) … ‘/’ … file:sub(3, 4) … ‘/’ … file

local path = TARGET
lfs.mkdir(path)
path = path … ‘/’ … tags[‘StudyInstanceUID’]
lfs.mkdir(path)
path = path … ‘/’ … tags[‘SeriesInstanceUID’]
lfs.mkdir(path)
path = path … ‘/’ … tags[‘SOPInstanceUID’] … ‘.dcm’
lfs.link(source, path, true)
end

Again, using such a script is discouraged, as it will fail as soon as a custom storage area plugin is used, or if Orthanc compression is enabled!

HTH,
Sébastien-