From 4f0639d91565909c53dadf0d243692574701cfcf Mon Sep 17 00:00:00 2001
From: David Manthey <david.manthey@kitware.com>
Date: Wed, 18 Oct 2023 16:23:14 -0400
Subject: [PATCH] Add scope to the dicomweb import endpoint access decorator.

---
 CHANGELOG.md                                                  | 2 ++
 sources/dicom/large_image_source_dicom/assetstore/__init__.py | 2 --
 sources/dicom/large_image_source_dicom/assetstore/rest.py     | 3 ++-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 38e501e28..805f9cab7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,11 +8,13 @@
 - Improve tifffile associated image detection ([#1333](../../pull/1333))
 - Guard against throwing a javascript warning ([#1337](../../pull/1337))
 - Test on Python 3.12 ([#1335](../../pull/1335))
+- Added filtering and limit options to the DICOMweb assetstore ([#1327](../../pull/1327))
 
 ### Changes
 - Prohibit bioformats and vips from reading mrxs directly ([#1328](../../pull/1328))
 - Handle Python 3.12 deprecating utcnow ([#1331](../../pull/1331))
 - Turn down logging about annotation ACLs ([#1332](../../pull/1332))
+- Add scope to the dicomweb import endpoint access decorator ([#1347](../../pull/1347))
 
 ## 1.25.0
 
diff --git a/sources/dicom/large_image_source_dicom/assetstore/__init__.py b/sources/dicom/large_image_source_dicom/assetstore/__init__.py
index 687d1af62..68482ba17 100644
--- a/sources/dicom/large_image_source_dicom/assetstore/__init__.py
+++ b/sources/dicom/large_image_source_dicom/assetstore/__init__.py
@@ -1,5 +1,4 @@
 from girder import events
-from girder.api import access
 from girder.api.v1.assetstore import Assetstore as AssetstoreResource
 from girder.constants import AssetstoreType
 from girder.models.assetstore import Assetstore
@@ -15,7 +14,6 @@
 ]
 
 
-@access.admin
 def createAssetstore(event):
     """
     When an assetstore is created, make sure it has a well-formed DICOMweb
diff --git a/sources/dicom/large_image_source_dicom/assetstore/rest.py b/sources/dicom/large_image_source_dicom/assetstore/rest.py
index 4d34e23cf..7994a212e 100644
--- a/sources/dicom/large_image_source_dicom/assetstore/rest.py
+++ b/sources/dicom/large_image_source_dicom/assetstore/rest.py
@@ -3,6 +3,7 @@
 from girder.api import access
 from girder.api.describe import Description, describeRoute
 from girder.api.rest import Resource, loadmodel
+from girder.constants import TokenScope
 from girder.exceptions import RestException
 from girder.utility import assetstore_utilities
 from girder.utility.model_importer import ModelImporter
@@ -74,7 +75,7 @@ def _importData(self, assetstore, params):
                 msg = 'No DICOM objects matching the search filters were found'
                 raise RestException(msg)
 
-    @access.admin
+    @access.admin(scope=TokenScope.DATA_WRITE)
     @loadmodel(model='assetstore')
     @describeRoute(
         Description('Import references to DICOM objects from a DICOMweb server')