public async Task DataLakeSasBuilder_AgentObjectId()
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
string directoryName = GetNewDirectoryName();
string unknownGuid = Recording.Random.NewGuid().ToString();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
// Arrange
DataLakeDirectoryClient directory = test.FileSystem.GetRootDirectoryClient();
Response <UserDelegationKey> userDelegationKey = await oauthService.GetUserDelegationKeyAsync(
startsOn : null,
expiresOn : Recording.UtcNow.AddHours(1));
// Give UnknownGuid rights
IList <PathAccessControlItem> accessControlList = new List <PathAccessControlItem>()
{
new PathAccessControlItem(
AccessControlType.User,
RolePermissions.Read | RolePermissions.Write | RolePermissions.Execute,
false,
unknownGuid)
};
await directory.SetAccessControlListAsync(accessControlList);
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name,
AgentObjectId = unknownGuid
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
DataLakeUriBuilder dataLakeUriBuilder = new DataLakeUriBuilder(test.FileSystem.Uri)
{
Sas = dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, test.FileSystem.AccountName)
};
DataLakeDirectoryClient sasDirectoryClient = new DataLakeDirectoryClient(dataLakeUriBuilder.ToUri(), GetOptions());
// Act
DataLakeFileClient file = await sasDirectoryClient.CreateFileAsync(GetNewFileName());
}
// If recursive is false, remove the ACL from a directory. None of the sub-directory or sub-path ACLs are updated
// If recursive is true, remove ACLs from the directory and all sub-directories and sub-paths
// When removing ACLs recursively, the ACLs on all sub-directories and sub-paths are replaced with this directory's ACL
static async Task RemoveACLsForDirectory(DataLakeDirectoryClient directoryClient, AppSettings settings, bool recursive = false)
{
PathAccessControl directoryAccessControl =
await directoryClient.GetAccessControlAsync();
List <PathAccessControlItem> accessControlList = RemoveACLs(directoryAccessControl.AccessControlList, settings);
if (recursive)
{
await directoryClient.SetAccessControlRecursiveAsync(accessControlList);
}
else
{
await directoryClient.SetAccessControlListAsync(accessControlList);
}
}
// If recursive is false, apply ACLs to a directory. None of the sub-directory or sub-path ACLs are updated
// If recursive is true, apply ACLs to the directory and all sub-directories and sub-paths
// When applying ACL recursively, the ACLs on all sub-directories and sub-paths are replaced with this directory's ACL
static async Task ApplyACLsForDirectory(DataLakeDirectoryClient directoryClient, RolePermissions newACLs, AppSettings settings, bool recursive = false)
{
PathAccessControl directoryAccessControl =
await directoryClient.GetAccessControlAsync();
List <PathAccessControlItem> accessControlList = UpdateACLs(directoryAccessControl.AccessControlList, newACLs, settings);
if (recursive)
{
await directoryClient.SetAccessControlRecursiveAsync(accessControlList);
}
else
{
await directoryClient.SetAccessControlListAsync(accessControlList);
}
}
