From ebababe98c3aa9c78870edde735fa3351af8e16b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9cile=20Madjar?= <cecile.madjar@gmail.com>
Date: Tue, 25 Nov 2014 14:36:01 -0500
Subject: [PATCH 1/5] Add dicom_archive_permission_view_allsites to database
 schema, with associated patch.

---
 SQL/0000-00-00-schema.sql                 | 3 ++-
 SQL/2014-11-25-DicomArchivePermission.sql | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 SQL/2014-11-25-DicomArchivePermission.sql

diff --git a/SQL/0000-00-00-schema.sql b/SQL/0000-00-00-schema.sql
index 2c2a91b187b..24e82c8798f 100644
--- a/SQL/0000-00-00-schema.sql
+++ b/SQL/0000-00-00-schema.sql
@@ -977,7 +977,8 @@ INSERT INTO `permissions` VALUES
     (23,'edit_final_radiological_review','Can edit final radiological reviews','2'),
     (24,'view_final_radiological_review','Can see final radiological reviews','2'),
     (25,'imaging_browser_view_site','View own-site Imaging Browser pages','2'),
-    (26,'imaging_browser_view_allsites', 'View all-sites Imaging Browser pages', '2');
+    (26,'imaging_browser_view_allsites', 'View all-sites Imaging Browser pages', '2'),
+    (27,'dicom_archive_view_allsites', 'Across all sites view Dicom Archive module and pages', '2');
 
 /*!40000 ALTER TABLE `permissions` ENABLE KEYS */;
 UNLOCK TABLES;
diff --git a/SQL/2014-11-25-DicomArchivePermission.sql b/SQL/2014-11-25-DicomArchivePermission.sql
new file mode 100644
index 00000000000..7ad617410c3
--- /dev/null
+++ b/SQL/2014-11-25-DicomArchivePermission.sql
@@ -0,0 +1 @@
+INSERT INTO permissions (code, description, categoryID) VALUES ("dicom_archive_viewallsites", "Across all sites view Dicom Archive module and pages", 2);

From 7e1b9e4b33bea48fd18531abee4d762334d7a17d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9cile=20Madjar?= <cecile.madjar@gmail.com>
Date: Tue, 25 Nov 2014 14:38:17 -0500
Subject: [PATCH 2/5] Replaced view_final_radiological_review by
 dicom_archive_view_allsites permission.

---
 .../dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc b/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc
index b219e6259d9..90c4219341f 100644
--- a/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc
+++ b/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc
@@ -41,7 +41,7 @@ class NDB_Menu_Filter_Dicom_Archive extends NDB_Menu_Filter
         if (Utility::isErrorX($user)) {
             return PEAR::raiseError("User Error: " .$user->getMessage());
         }
-        return $user->hasPermission('view_final_radiological_review');
+        return $user->hasPermission('dicom_archive_view_allsites');
     }
     
     /**

From ae58711560c0e7d21c9e524a213fcf291e9fd3a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9cile=20Madjar?= <cecile.madjar@gmail.com>
Date: Tue, 25 Nov 2014 14:39:25 -0500
Subject: [PATCH 3/5] Fixed permission name in the patch.

---
 SQL/2014-11-25-DicomArchivePermission.sql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SQL/2014-11-25-DicomArchivePermission.sql b/SQL/2014-11-25-DicomArchivePermission.sql
index 7ad617410c3..7ec23195f0d 100644
--- a/SQL/2014-11-25-DicomArchivePermission.sql
+++ b/SQL/2014-11-25-DicomArchivePermission.sql
@@ -1 +1 @@
-INSERT INTO permissions (code, description, categoryID) VALUES ("dicom_archive_viewallsites", "Across all sites view Dicom Archive module and pages", 2);
+INSERT INTO permissions (code, description, categoryID) VALUES ("dicom_archive_view_allsites", "Across all sites view Dicom Archive module and pages", 2);

From 6adfd66869d0e7b539af7241ffe843e7a9dacfaa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9cile=20Madjar?= <cecile.madjar@gmail.com>
Date: Tue, 25 Nov 2014 16:31:23 -0500
Subject: [PATCH 4/5] User cannot have access to Dicom Archive using links from
 other modules, such as imaging browser.

---
 .../php/NDB_Form_dicom_archive.class.inc        | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc b/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc
index 97d1df5722a..71cedf99095 100644
--- a/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc
+++ b/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc
@@ -33,6 +33,21 @@ class NDB_Form_Dicom_Archive extends NDB_Form
      * Keeps array of protocols from mri_protocol
      */
     var $protocols;
+
+    /**
+     * Determine whether the user has permission to view this page
+     *
+     * @return bool whether the user has access
+     */
+    function _hasAccess()
+    {
+        $user =& User::singleton();
+        if (Utility::isErrorX($user)) {
+            return PEAR::raiseError("User Error: " .$user->getMessage());
+        }
+        return $user->hasPermission('dicom_archive_view_allsites');
+    }
+
     /**
     * Sets up main parameters
     *
@@ -46,7 +61,7 @@ class NDB_Form_Dicom_Archive extends NDB_Form
             die();
         }
 
-        if (!empty($_REQUEST['tarchiveID'])) {
+        if ((!empty($_REQUEST['tarchiveID'])) && ($this->_hasAccess())) {
             $tarchiveID = $_REQUEST['tarchiveID'];
             $this->tpl_data['archive'] = $this->_getTarchiveData(
                 $tarchiveID, 'tarchive'

From ca21d72cfd92ae03dfa0c8bf499f34b8a46fefdc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9cile=20Madjar?= <cecile.madjar@gmail.com>
Date: Fri, 28 Nov 2014 11:31:23 -0500
Subject: [PATCH 5/5] Removed PEAR error checking and & in front of singleton

---
 modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc   | 5 +----
 .../php/NDB_Menu_Filter_dicom_archive.class.inc              | 5 +----
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc b/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc
index 71cedf99095..34407796b0e 100644
--- a/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc
+++ b/modules/dicom_archive/php/NDB_Form_dicom_archive.class.inc
@@ -41,10 +41,7 @@ class NDB_Form_Dicom_Archive extends NDB_Form
      */
     function _hasAccess()
     {
-        $user =& User::singleton();
-        if (Utility::isErrorX($user)) {
-            return PEAR::raiseError("User Error: " .$user->getMessage());
-        }
+        $user = User::singleton();
         return $user->hasPermission('dicom_archive_view_allsites');
     }
 
diff --git a/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc b/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc
index 90c4219341f..2a00441ad21 100644
--- a/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc
+++ b/modules/dicom_archive/php/NDB_Menu_Filter_dicom_archive.class.inc
@@ -37,10 +37,7 @@ class NDB_Menu_Filter_Dicom_Archive extends NDB_Menu_Filter
      */
     function _hasAccess()
     {
-        $user =& User::singleton();
-        if (Utility::isErrorX($user)) {
-            return PEAR::raiseError("User Error: " .$user->getMessage());
-        }
+        $user = User::singleton();
         return $user->hasPermission('dicom_archive_view_allsites');
     }