Kheops UI shows error when uploading a folder containing .dcm files

[RajaMuneerBaigal]

Hi Greetings,
I tried to locally install the kheops as well as on the prod server following the documentation provided here on this URL:
https://docs.kheops.online/docs/installation

I tried downloading the versions v1.1.1, v1.1 and v1.0.8. In all of them I am facing a same issue which is in kheops UI when I try to upload the whole folder containing dcmchi images. For some folders it works and for others it is showing me errors which you can see from the images below.
please do let me know if I am missing out on anything or is this the issue in the code because when I tried version 0.9.5 it works fine in that version.

Here is my docker-compose.yml:

services:
  keycloak:
    image: quay.io/keycloak/keycloak:16.1.1
    container_name: keycloak
    command: ["-b", "0.0.0.0"]
    ports:
      - "8080:8080"
    environment:
      KEYCLOAK_USER: admin
      KEYCLOAK_PASSWORD_FILE: /run/secrets/keycloak_admin_password
      KEYCLOAK_IMPORT: /tmp/kheops-realm.json
      KEYCLOAK_FRONTEND_URL: http://127.0.0.1:8080/auth
    volumes:
      - keycloak-standalone-data:/opt/jboss/keycloak/standalone/data
      - ./realm/kheops-realm.json:/tmp/kheops-realm.json:cached
      - ./themes/kheops:/opt/jboss/keycloak/themes/kheops:cached
    secrets:
      - keycloak_admin_password
    networks:
      - keycloak_network

  ldap:
    container_name: ldap
    image: dcm4che/slapd-dcm4chee:2.6.0-25.1
    env_file: docker-compose.env
    networks:
      - pacs_network

  pacs-postgres:
    container_name: pacspostgres
    image: dcm4che/postgres-dcm4chee:13.5-25
    logging:
      driver: json-file
      options:
        max-size: "10m"
    environment:
      POSTGRES_DB: kheops_pacs
      POSTGRES_USER: kheops_pacs
      POSTGRES_PASSWORD_FILE: /run/secrets/kheops_pacsdb_pass
    env_file: docker-compose.env
    volumes:
      - dcm4chee-db-data:/var/lib/postgresql/data
    secrets:
      - kheops_pacsdb_pass
    networks:
      - pacs_network

  pacs-arc:
    container_name: pacsarc
    image: dcm4che/dcm4chee-arc-psql:5.25.1
    env_file: docker-compose.env
    environment:
      POSTGRES_DB: kheops_pacs
      POSTGRES_USER: kheops_pacs
      POSTGRES_PASSWORD_FILE: /run/secrets/kheops_pacsdb_pass
      STORAGE_DIR: /storage/fs1
      POSTGRES_HOST: pacspostgres
      WILDFLY_CHOWN: /storage /opt/wildfly/standalone
      WILDFLY_WAIT_FOR: ldap:389 pacspostgres:5432
      JAVA_OPTS: -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true
    secrets:
      - kheops_pacsdb_pass
    depends_on:
      - ldap
      - pacs-postgres
    volumes:
      - dcm4chee-arc-wildfly:/opt/wildfly/standalone
      - dcm4chee-arc-storage:/storage
    networks:
      - pacs_network

  kheops-postgres:
    container_name: kheopspostgres
    image: postgres:12.9-alpine
    volumes:
      - kheops-db-data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: kheops
      POSTGRES_USER: kheopsuser
      POSTGRES_PASSWORD_FILE: /run/secrets/kheops_authdb_pass
    secrets:
      - kheops_authdb_pass
    networks:
      - kheops_network

  kheops-authorization:
    container_name: kheopsauthorization
    image: osirixfoundation/kheops-authorization:v1.0.8
    env_file: docker-compose.env
    environment:
      KHEOPS_OIDC_PROVIDER: http://keycloak:8080/auth/realms/kheops
      CATALINA_OPTS: -Duser.timezone=UTC
    depends_on:
      - kheops-postgres
    secrets:
      - kheops_auth_hmasecret
      - kheops_authdb_pass
      - kheops_client_dicomwebproxysecret
      - kheops_client_zippersecret
      - kheops_auth_admin_password
    networks:
      - kheops_network
      - keycloak_network
  kheops-zipper:
    container_name: kheopszipper
    image: osirixfoundation/kheops-zipper:v1.0.8
    env_file: docker-compose.env
    secrets:
      - kheops_client_zippersecret
    networks:
      - kheops_network

  kheops-ui:
    container_name: kheopsui
    image: osirixfoundation/kheops-ui:v1.0.8
    env_file: docker-compose.env
    networks:
      - frontend_network

  kheops-dicomweb-proxy:
    container_name: kheopsdicomwebproxy
    image: osirixfoundation/kheops-dicomweb-proxy:v1.0.8
    env_file: docker-compose.env
    secrets:
      - kheops_auth_hmasecret_post
      - kheops_client_dicomwebproxysecret
    networks:
      - kheops_network

  kheops-reverse-proxy:
    image: osirixfoundation/kheops-reverse-proxy:v1.0.8-insecure
    container_name: kheopsreverseproxy
    env_file: docker-compose.env
    ports:
      - "80:8042"
    depends_on:
      - kheops-authorization
      - kheops-dicomweb-proxy
      - kheops-ui
      - kheops-zipper
    networks:
      - kheops_network
      - frontend_network

  pacs-authorization-proxy:
    container_name: pacsauthorizationproxy
    env_file: docker-compose.env
    image: osirixfoundation/pacs-authorization-proxy:v1.0.8
    depends_on:
      - pacs-arc
    secrets:
      - kheops_auth_hmasecret
      - kheops_auth_hmasecret_post
    networks:
      - pacs_network
      - kheops_network



secrets:
  keycloak_admin_password:
    file: secrets/keycloak_admin_password
  kheops_authdb_pass:
    file: secrets/kheops_authdb_pass
  kheops_pacsdb_pass:
    file: secrets/kheops_pacsdb_pass
  kheops_auth_hmasecret:
    file: secrets/kheops_auth_hmasecret
  kheops_auth_hmasecret_post:
    file: secrets/kheops_auth_hmasecret_post
  kheops_client_dicomwebproxysecret:
    file: secrets/kheops_client_dicomwebproxysecret
  kheops_client_zippersecret:
    file: secrets/kheops_client_zippersecret
  kheops_auth_admin_password:
    file: secrets/kheops_auth_admin_password


volumes:
  keycloak-standalone-data:
  dcm4chee-db-data:
  dcm4chee-arc-wildfly:
  dcm4chee-arc-storage:
  kheops-db-data:

networks:
  kheops_network:
    driver: bridge
  pacs_network:
    driver: bridge
  frontend_network:
    driver: bridge
  keycloak_network:
    driver: bridge

The docker-compose.env is same as default as I am testing this on local

Here are the error screenshots from v1.1.1, v1.1,v1.0.8

[spalte]

Hello,

Sorry for the late reply. I believe the error you are showing is caused by study level tags not matching between instances. Having study level attributes be identical is a requirement in the DICOM standard and accepting tags that do not match causes a security concern in KHEOPS. Since the granularity of access rights happens at the series level. It would be possible for a user with only knowledge of a StudyUID, but no knowledge of the patient name, for example, to upload a dummy series with empty attributes, and then re-download this same series with filled in values for the unknown attributes. In KHEOPS v1.1.1 it is possible to turn off this validation using the KHEOPS_AUTHORIZATION_DISABLE_VERIFICATION env var.

See Release Notes
Thank @roger-schaer for this pull request

Let me know if this works or if you have any further issues.

[RajaMuneerBaigal]

@spalte Thank you for the response but where do I need to set it in which file. In docker-compose.env or in any service in docker-compose file as environment variable?

[RajaMuneerBaigal]

Thank you it works perfectly now.