public void NewQueueSasWithPolicy()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
TimeSpan sasLifeTime = TimeSpan.FromMinutes(10);
QueuePermissions permission = new QueuePermissions();
string policyName = Utility.GenNameString("saspolicy");
permission.SharedAccessPolicies.Add(policyName, new SharedAccessQueuePolicy
{
SharedAccessExpiryTime = DateTime.Now.Add(sasLifeTime),
Permissions = SharedAccessQueuePermissions.Read,
});
queue.SetPermissions(permission);
string sasToken = CommandAgent.GetQueueSasFromCmd(queue.Name, policyName, string.Empty);
Test.Info("Sleep and wait for sas policy taking effect");
double lifeTime = 1;
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
ValidateSasToken(queue, "r", sasToken);
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void Should_warn_if_queue_doesnt_exist()
{
QueuePermissions.CheckQueue("NServiceBus.NonexistingQueueName");
Assert.That(logOutput.ToString(), Does.Contain("does not exist"));
Assert.That(logOutput.ToString(), Does.Contain("WARN"));
}
/// <summary>
/// Manage stored access policies specified on the queue
/// </summary>
/// <param name="cloudQueueClient"></param>
/// <returns></returns>
private static async Task QueueAclSample(CloudQueueClient cloudQueueClient)
{
// Create the queue name -- use a guid in the name so it's unique.
string queueName = "demotest-" + Guid.NewGuid();
// Create the queue with this name.
Console.WriteLine("Creating queue with name {0}", queueName);
CloudQueue queue = cloudQueueClient.GetQueueReference(queueName);
try
{
await queue.CreateIfNotExistsAsync();
Console.WriteLine(" Queue created successfully.");
}
catch (StorageException exStorage)
{
Common.WriteException(exStorage);
Console.WriteLine(
"Please make sure your storage account is specified correctly in the app.config - then restart the sample.");
Console.WriteLine("Press any key to exit");
Console.ReadLine();
throw;
}
catch (Exception ex)
{
Console.WriteLine(" Exception thrown creating queue.");
Common.WriteException(ex);
throw;
}
// Set queue permissions
SharedAccessQueuePolicy accessQueuePolicy = new SharedAccessQueuePolicy
{
SharedAccessStartTime = new DateTimeOffset(DateTime.Now),
SharedAccessExpiryTime = new DateTimeOffset(DateTime.Now.AddMinutes(10)),
Permissions = SharedAccessQueuePermissions.Update
};
QueuePermissions permissions = new QueuePermissions();
permissions.SharedAccessPolicies.Add("key1", accessQueuePolicy);
Console.WriteLine("Set queue permissions");
await queue.SetPermissionsAsync(permissions);
// Get queue permissions
Console.WriteLine("Get queue permissions:");
permissions = await queue.GetPermissionsAsync();
foreach (var keyValue in permissions.SharedAccessPolicies)
{
Console.WriteLine(" {0}:", keyValue.Key);
Console.WriteLine(" permissions: {0}:", keyValue.Value.Permissions);
Console.WriteLine(" start time: {0}:", keyValue.Value.SharedAccessStartTime);
Console.WriteLine(" expiry time: {0}:", keyValue.Value.SharedAccessExpiryTime);
}
// Delete queue
Console.WriteLine("Deleting queue with name {0}", queueName);
queue.DeleteIfExists();
}
internal async Task <SharedAccessQueuePolicies> GetPoliciesAsync(IStorageQueueManagement localChannel, string queueName, string policyName)
{
CloudQueue queue = localChannel.GetQueueReference(queueName);
QueuePermissions queuePermissions = await localChannel.GetPermissionsAsync(queue).ConfigureAwait(false);
return(queuePermissions.SharedAccessPolicies);
}
/// <summary>
/// Validate the queue access policy
/// </summary>
/// <param name="policy">SharedAccessBlobPolicy object</param>
/// <param name="policyIdentifier">The policy identifier which need to be checked.</param>
public static bool ValidateQueueAccessPolicy(IStorageQueueManagement channel, string queueName,
SharedAccessQueuePolicy policy, string policyIdentifier)
{
if (string.IsNullOrEmpty(policyIdentifier))
{
return(true);
}
CloudQueue queue = channel.GetQueueReference(queueName);
QueueRequestOptions options = null;
OperationContext context = null;
QueuePermissions permission = channel.GetPermissions(queue, options, context);
SharedAccessQueuePolicy sharedAccessPolicy =
GetExistingPolicy <SharedAccessQueuePolicy>(permission.SharedAccessPolicies, policyIdentifier);
if (policy.Permissions != SharedAccessQueuePermissions.None)
{
throw new ArgumentException(Resources.SignedPermissionsMustBeOmitted);
}
if (policy.SharedAccessExpiryTime.HasValue && sharedAccessPolicy.SharedAccessExpiryTime.HasValue)
{
throw new ArgumentException(Resources.SignedExpiryTimeMustBeOmitted);
}
return(!sharedAccessPolicy.SharedAccessExpiryTime.HasValue);
}
public void SetPermissionsAsync()
{
// Arrange
var queueName = "myqueue";
var mockQueue = GetMockQueue(queueName);
var mockQueueClient = GetMockQueueClient(mockQueue);
var mockBlobContainer = GetMockBlobContainer();
var mockBlobClient = GetMockBlobClient(mockBlobContainer);
var storageAccount = GetMockStorageAccount(mockBlobClient, mockQueueClient);
var permissions = new QueuePermissions();
mockQueue
.Setup(c => c.SetPermissionsAsync(It.IsAny <QueuePermissions>(), It.IsAny <QueueRequestOptions>(), It.IsAny <OperationContext>(), It.IsAny <CancellationToken>()))
.Returns(Task.FromResult(true))
.Verifiable();
// Act
var queueManager = new QueueManager(queueName, storageAccount.Object);
queueManager.SetPermissionsAsync(permissions).Wait();
// Assert
mockQueue.Verify();
mockQueueClient.Verify();
mockBlobContainer.Verify();
mockBlobClient.Verify();
}
internal string CreateAzureQueueStoredAccessPolicy(IStorageQueueManagement localChannel, string queueName, string policyName, DateTime?startTime, DateTime?expiryTime, string permission)
{
if (!NameUtil.IsValidStoredAccessPolicyName(policyName))
{
throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, Resources.InvalidAccessPolicyName, policyName));
}
//Get existing permissions
CloudQueue queue = Channel.GetQueueReference(queueName);
QueuePermissions queuePermissions = localChannel.GetPermissions(queue);
//Add new policy
if (queuePermissions.SharedAccessPolicies.Keys.Contains(policyName))
{
throw new ResourceAlreadyExistException(String.Format(CultureInfo.CurrentCulture, Resources.PolicyAlreadyExists, policyName));
}
SharedAccessQueuePolicy policy = new SharedAccessQueuePolicy();
AccessPolicyHelper.SetupAccessPolicy <SharedAccessQueuePolicy>(policy, startTime, expiryTime, permission);
queuePermissions.SharedAccessPolicies.Add(policyName, policy);
//Set permissions back to queue
localChannel.SetPermissions(queue, queuePermissions);
return(policyName);
}
public void UpdateMessageVisibilityTimeoutAsync()
{
// Arrange
var queueName = "myqueue";
var mockQueue = GetMockQueue(queueName);
var mockQueueClient = GetMockQueueClient(mockQueue);
var mockBlobContainer = GetMockBlobContainer();
var mockBlobClient = GetMockBlobClient(mockBlobContainer);
var storageAccount = GetMockStorageAccount(mockBlobClient, mockQueueClient);
var permissions = new QueuePermissions();
var message = new CloudMessage("Hello world");
var visibilityTimeout = TimeSpan.FromSeconds(2);
mockQueue
.Setup(c => c.UpdateMessageAsync(It.IsAny <CloudQueueMessage>(), It.IsAny <TimeSpan>(), MessageUpdateFields.Visibility, It.IsAny <QueueRequestOptions>(), It.IsAny <OperationContext>(), It.IsAny <CancellationToken>()))
.Returns(Task.FromResult(true))
.Verifiable();
// Act
var queueManager = new QueueManager(queueName, storageAccount.Object);
queueManager.UpdateMessageVisibilityTimeoutAsync(message, visibilityTimeout).Wait();
// Assert
mockQueue.Verify();
mockQueueClient.Verify();
mockBlobContainer.Verify();
mockBlobClient.Verify();
}
public void test_CreateTempQueue()
{
using (MQConnection con = connectToServer(address, null, null)) {
String queueName = String.Empty;
QueueHandle qh = new QueueHandle();
// Try and create a temporary queue
ErrorCode err = con.CreateTempQueue(out queueName, qh);
Console.WriteLine("queueName:" + queueName);
Assert.AreEqual(ErrorCode.EC_NOERROR, err, "Creating Queue");
// Get permissions for that queue
List <QueuePermissions> perms = new List <QueuePermissions>();
con.QueueEnumeratePermissions(queueName, perms);
for (int x = 0; x < perms.Count; ++x)
{
QueuePermissions perm = perms[x];
Console.WriteLine(perm.EntityName + ":" + perm.Read + ":" + perm.Write + ":" + perm.Destroy + ":" + perm.ChangeSecurity);
}
Assert.IsTrue(perms.Count > 0);
addAllUsers(con);
// Try and write to that queue with another user.
using (MQConnection con2 = connectToServer(simpleAddress, TEST_USERS[0], TEST_USERS[0])) {
QueueHandle qh2 = new QueueHandle();
ErrorCode rc = con2.OpenQueue(queueName, qh2);
Assert.IsTrue(rc == ErrorCode.EC_NOERROR, "Open Temp Queue rc:" + rc);
QueueMessage msg = new QueueMessage();
msg.Label = "Hello World";
Assert.IsTrue(ErrorCode.EC_NOERROR == con2.Enqueue(qh2, msg), "Enqueue to temp");
con2.CloseQueue(qh2);
}
}
}
public void Should_log_when_queue_is_remote()
{
var remoteQueue = $"{testQueueName}@remotemachine";
QueuePermissions.CheckQueue(remoteQueue);
Assert.That(logOutput.ToString(), Does.Contain($"{remoteQueue} is remote, the queue could not be verified."));
}
public void Should_log_if_queue_exists()
{
MessageQueue.Create(@".\private$\" + testQueueName, false);
QueuePermissions.CheckQueue(testQueueName);
Assert.That(logOutput.ToString(), Does.Contain("Verified that the queue"));
}
public async Task QueueSASTestAsync()
{
CloudQueueClient client = GenerateCloudQueueClient();
CloudQueue queue = client.GetQueueReference(GenerateNewQueueName());
await queue.CreateAsync();
string messageContent = Guid.NewGuid().ToString();
CloudQueueMessage message = new CloudQueueMessage(messageContent);
await queue.AddMessageAsync(message);
// Prepare SAS authentication with full permissions
string id = Guid.NewGuid().ToString();
DateTime start = DateTime.UtcNow;
DateTime expiry = start.AddMinutes(30);
QueuePermissions permissions = new QueuePermissions();
SharedAccessQueuePermissions queuePerm = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read | SharedAccessQueuePermissions.Update;
permissions.SharedAccessPolicies.Add(id, new SharedAccessQueuePolicy()
{
SharedAccessStartTime = start,
SharedAccessExpiryTime = expiry,
Permissions = queuePerm
});
await queue.SetPermissionsAsync(permissions);
await Task.Delay(30 * 1000);
string sasTokenFromId = queue.GetSharedAccessSignature(null, id);
StorageCredentials sasCredsFromId = new StorageCredentials(sasTokenFromId);
CloudStorageAccount sasAcc = new CloudStorageAccount(sasCredsFromId, null /* blobEndpoint */, new Uri(TestBase.TargetTenantConfig.QueueServiceEndpoint), null /* tableEndpoint */, null /* fileEndpoint */);
CloudQueueClient sasClient = sasAcc.CreateCloudQueueClient();
CloudQueue sasQueueFromSasUri = new CloudQueue(sasClient.Credentials.TransformUri(queue.Uri));
CloudQueueMessage receivedMessage = await sasQueueFromSasUri.PeekMessageAsync();
Assert.AreEqual(messageContent, receivedMessage.AsString);
CloudQueue sasQueueFromSasUri1 = new CloudQueue(new Uri(queue.Uri.ToString() + sasTokenFromId));
CloudQueueMessage receivedMessage1 = await sasQueueFromSasUri1.PeekMessageAsync();
Assert.AreEqual(messageContent, receivedMessage1.AsString);
CloudQueue sasQueueFromId = new CloudQueue(queue.Uri, sasCredsFromId);
CloudQueueMessage receivedMessage2 = await sasQueueFromId.PeekMessageAsync();
Assert.AreEqual(messageContent, receivedMessage2.AsString);
string sasTokenFromPolicy = queue.GetSharedAccessSignature(permissions.SharedAccessPolicies[id], null);
StorageCredentials sasCredsFromPolicy = new StorageCredentials(sasTokenFromPolicy);
CloudQueue sasQueueFromPolicy = new CloudQueue(queue.Uri, sasCredsFromPolicy);
CloudQueueMessage receivedMessage3 = await sasQueueFromPolicy.PeekMessageAsync();
Assert.AreEqual(messageContent, receivedMessage3.AsString);
await queue.DeleteAsync();
}
public static void CreateQueueBasedSchedulerJob(string cloudServiceName, string jobCollectionName, CertificateCloudCredentials credentials)
{
try
{
var storageAccount =
new CloudStorageAccount(
new StorageCredentials(ConnectionStringConstants.STORAGEACCOUNTNAME,
ConnectionStringConstants.STORAGEKEYNAME), true);
var queueClient = storageAccount.CreateCloudQueueClient();
var queue = queueClient.GetQueueReference(ConnectionStringConstants.STORAGEQUEUENAME);
queue.CreateIfNotExists();
var perm = new QueuePermissions();
var policy = new SharedAccessQueuePolicy
{
SharedAccessExpiryTime = DateTime.MaxValue,
Permissions = SharedAccessQueuePermissions.Add
};
perm.SharedAccessPolicies.Add("jobcoll001policy", policy);
queue.SetPermissions(perm);
var sas = queue.GetSharedAccessSignature(new SharedAccessQueuePolicy(), "jobcoll001policy");
var schedulerClient = new SchedulerClient(cloudServiceName, jobCollectionName, credentials);
var result = schedulerClient.Jobs.Create(new JobCreateParameters()
{
Action = new JobAction()
{
Type = JobActionType.StorageQueue,
QueueMessage = new JobQueueMessage()
{
Message = "hello there!",
QueueName = ConnectionStringConstants.STORAGEQUEUENAME,
SasToken = sas,
StorageAccountName = ConnectionStringConstants.STORAGEACCOUNTNAME
}
},
StartTime = DateTime.UtcNow,
Recurrence = new JobRecurrence()
{
Frequency = JobRecurrenceFrequency.Minute,
Interval = 1,
Count = 5
}
});
Console.WriteLine("CreateQueueBasedSchedulerJob :\n" + result.RequestId);
Console.WriteLine("CreateQueueBasedSchedulerJob :\n" + result.StatusCode);
Console.ReadLine();
}
catch (Exception e)
{
Console.WriteLine("CreateQueueBasedSchedulerJob :\n" + e.Message);
}
}
public async Task QueueRegionalSASTestAsync()
{
CultureInfo currentCulture = Thread.CurrentThread.CurrentCulture;
Thread.CurrentThread.CurrentCulture = new CultureInfo("it-IT");
CloudQueueClient client = GenerateCloudQueueClient();
CloudQueue queue = client.GetQueueReference(GenerateNewQueueName());
try
{
await queue.CreateAsync();
string messageContent = Guid.NewGuid().ToString();
CloudQueueMessage message = new CloudQueueMessage(messageContent);
await queue.AddMessageAsync(message);
// Prepare SAS authentication with full permissions
string id = Guid.NewGuid().ToString();
DateTime start = DateTime.UtcNow;
DateTime expiry = start.AddMinutes(30);
QueuePermissions permissions = new QueuePermissions();
SharedAccessQueuePermissions queuePerm = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read | SharedAccessQueuePermissions.Update;
permissions.SharedAccessPolicies.Add(id, new SharedAccessQueuePolicy()
{
SharedAccessStartTime = start,
SharedAccessExpiryTime = expiry,
Permissions = queuePerm
});
await queue.SetPermissionsAsync(permissions);
await Task.Delay(30 * 1000);
string sasTokenFromId = queue.GetSharedAccessSignature(null, id);
StorageCredentials sasCredsFromId = new StorageCredentials(sasTokenFromId);
CloudQueue sasQueueFromId = new CloudQueue(queue.Uri, sasCredsFromId);
CloudQueueMessage receivedMessage1 = await sasQueueFromId.PeekMessageAsync();
Assert.AreEqual(messageContent, receivedMessage1.AsString);
string sasTokenFromPolicy = queue.GetSharedAccessSignature(permissions.SharedAccessPolicies[id], null);
StorageCredentials sasCredsFromPolicy = new StorageCredentials(sasTokenFromPolicy);
CloudQueue sasQueueFromPolicy = new CloudQueue(queue.Uri, sasCredsFromPolicy);
CloudQueueMessage receivedMessage2 = await sasQueueFromPolicy.PeekMessageAsync();
Assert.AreEqual(messageContent, receivedMessage2.AsString);
}
finally
{
Thread.CurrentThread.CurrentCulture = currentCulture;
queue.DeleteAsync().Wait();
}
}
/// <summary>
/// set queue permission
/// </summary>
/// <param name="queue"></param>
/// <param name="queuePermissions"></param>
/// <param name="requestOptions"></param>
/// <param name="operationContext"></param>
public void SetPermissions(CloudQueue queue, QueuePermissions queuePermissions, QueueRequestOptions requestOptions, OperationContext operationContext)
{
try
{
Task.Run(() => queue.SetPermissionsAsync(queuePermissions, requestOptions, operationContext)).Wait();
}
catch (AggregateException e) when(e.InnerException is StorageException)
{
throw e.InnerException;
}
}
public void Should_warn_if_queue_has_public_access(MessageQueueAccessRights rights, WellKnownSidType sidType)
{
var groupName = new SecurityIdentifier(sidType, null).Translate(typeof(NTAccount)).ToString();
using (var queue = MessageQueue.Create(@".\private$\" + testQueueName, false))
{
queue.SetPermissions(groupName, rights);
}
QueuePermissions.CheckQueue(testQueueName);
Assert.That(logOutput.ToString(), Does.Contain("Consider setting appropriate permissions"));
}
public void QueueSetACLCancellation()
{
CloudQueue queue = DefaultQueueClient.GetQueueReference(GenerateNewQueueName());
QueuePermissions permissions = new QueuePermissions();
permissions.SharedAccessPolicies.Add(Guid.NewGuid().ToString(), new SharedAccessQueuePolicy()
{
SharedAccessStartTime = DateTimeOffset.Now - TimeSpan.FromHours(1),
SharedAccessExpiryTime = DateTimeOffset.Now + TimeSpan.FromHours(1),
Permissions = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read | SharedAccessQueuePermissions.Update
});
TestHelper.ExecuteAPMMethodWithCancellation(4000,
new[] { DelayBehaviors.DelayAllRequestsIf(4000 * 3, XStoreSelectors.QueueTraffic().IfHostNameContains(DefaultQueueClient.Credentials.AccountName)) },
(options, opContext, callback, state) => queue.BeginSetPermissions(permissions, (QueueRequestOptions)options, opContext, callback, state),
queue.EndSetPermissions);
}
public void QueueSASTest()
{
CloudQueue queue = DefaultQueueClient.GetQueueReference(GenerateNewQueueName());
try
{
queue.Create();
string messageContent = Guid.NewGuid().ToString();
CloudQueueMessage message = new CloudQueueMessage(messageContent);
queue.AddMessage(message);
// Prepare SAS authentication with full permissions
string id = Guid.NewGuid().ToString();
DateTime start = DateTime.UtcNow;
DateTime expiry = start.AddMinutes(30);
QueuePermissions permissions = new QueuePermissions();
SharedAccessQueuePermissions queuePerm = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read | SharedAccessQueuePermissions.Update;
permissions.SharedAccessPolicies.Add(id, new SharedAccessQueuePolicy()
{
SharedAccessStartTime = start,
SharedAccessExpiryTime = expiry,
Permissions = queuePerm
});
queue.SetPermissions(permissions);
Thread.Sleep(30 * 1000);
string sasTokenFromId = queue.GetSharedAccessSignature(null, id);
StorageCredentials sasCredsFromId = new StorageCredentials(sasTokenFromId);
CloudQueue sasQueueFromId = new CloudQueue(queue.Uri, sasCredsFromId);
CloudQueueMessage receivedMessage1 = sasQueueFromId.PeekMessage();
Assert.AreEqual(messageContent, receivedMessage1.AsString);
string sasTokenFromPolicy = queue.GetSharedAccessSignature(permissions.SharedAccessPolicies[id], null);
StorageCredentials sasCredsFromPolicy = new StorageCredentials(sasTokenFromPolicy);
CloudQueue sasQueueFromPolicy = new CloudQueue(queue.Uri, sasCredsFromPolicy);
CloudQueueMessage receivedMessage2 = sasQueueFromPolicy.PeekMessage();
Assert.AreEqual(messageContent, receivedMessage2.AsString);
}
finally
{
queue.DeleteIfExists();
}
}
internal string SetAzureQueueStoredAccessPolicy(IStorageQueueManagement localChannel, string queueName, string policyName, DateTime?startTime, DateTime?expiryTime, string permission, bool noStartTime, bool noExpiryTime)
{
//Get existing permissions
CloudQueue queue = Channel.GetQueueReference(queueName);
QueuePermissions queuePermissions = localChannel.GetPermissions(queue);
//Set the policy with new value
if (!queuePermissions.SharedAccessPolicies.Keys.Contains(policyName))
{
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.PolicyNotFound, policyName));
}
SharedAccessQueuePolicy policy = queuePermissions.SharedAccessPolicies[policyName];
AccessPolicyHelper.SetupAccessPolicy <SharedAccessQueuePolicy>(policy, startTime, expiryTime, permission, noStartTime, noExpiryTime);
queuePermissions.SharedAccessPolicies[policyName] = policy;
//Set permission back to queue
WriteObject(AccessPolicyHelper.ConstructPolicyOutputPSObject <SharedAccessQueuePolicy>(queuePermissions.SharedAccessPolicies, policyName));
localChannel.SetPermissions(queue, queuePermissions);
return(policyName);
}
public async Task CloudQueueGetSetPermissionsAsync()
{
CloudQueueClient client = GenerateCloudQueueClient();
CloudQueue queue = client.GetQueueReference(GenerateNewQueueName());
await queue.CreateAsync();
QueuePermissions emptyPermission = await queue.GetPermissionsAsync();
Assert.AreEqual(emptyPermission.SharedAccessPolicies.Count, 0);
string id = Guid.NewGuid().ToString();
DateTime start = DateTime.UtcNow;
DateTime expiry = start.AddMinutes(30);
QueuePermissions permissions = new QueuePermissions();
SharedAccessQueuePermissions queuePerm = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read | SharedAccessQueuePermissions.Update;
permissions.SharedAccessPolicies.Add(id, new SharedAccessQueuePolicy()
{
SharedAccessStartTime = start,
SharedAccessExpiryTime = expiry,
Permissions = queuePerm
});
await queue.SetPermissionsAsync(permissions);
await Task.Delay(30 * 1000);
await queue.FetchAttributesAsync();
CloudQueue queueToRetrieve = client.GetQueueReference(queue.Name);
QueuePermissions permissionsToRetrieve = await queueToRetrieve.GetPermissionsAsync();
Assert.AreEqual(permissions.SharedAccessPolicies.Count, permissionsToRetrieve.SharedAccessPolicies.Count);
//Assert.AreEqual(start, permissionsToRetrieve.SharedAccessPolicies[id].SharedAccessStartTime.Value.UtcDateTime);
//Assert.AreEqual(expiry, permissionsToRetrieve.SharedAccessPolicies[id].SharedAccessExpiryTime.Value.UtcDateTime);
Assert.AreEqual(permissions.SharedAccessPolicies[id].Permissions, permissionsToRetrieve.SharedAccessPolicies[id].Permissions);
await queue.DeleteAsync();
}
public string GetProcessSasForQueues()
{
var storageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));
var client = storageAccount.CreateCloudQueueClient();
var queue = client.GetQueueReference("messagequeue");
queue.CreateIfNotExists();
QueuePermissions qp = new QueuePermissions();
qp.SharedAccessPolicies.Add("process", new SharedAccessQueuePolicy {
Permissions = SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read, SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(15)
});
queue.SetPermissions(qp);
var token = queue.GetSharedAccessSignature(
new SharedAccessQueuePolicy(),
"process");
this.serviceQueueSasExpiryTime = DateTime.UtcNow.AddMinutes(15);
return(token);
}
public void Should_not_warn_if_queue_has_public_access_set_to_deny(MessageQueueAccessRights accessRights)
{
// Set up a queue with the specified access for everyone/anonymous explicitly set to DENY.
var everyoneGroupName = new SecurityIdentifier(WellKnownSidType.WorldSid, null).Translate(typeof(NTAccount)).ToString();
var anonymousGroupName = new SecurityIdentifier(WellKnownSidType.AnonymousSid, null).Translate(typeof(NTAccount)).ToString();
using (var queue = MessageQueue.Create(@".\private$\" + testQueueName, false))
{
queue.SetPermissions(everyoneGroupName, accessRights, AccessControlEntryType.Deny);
queue.SetPermissions(anonymousGroupName, accessRights, AccessControlEntryType.Deny);
}
QueuePermissions.CheckQueue(testQueueName);
Assert.IsFalse(logOutput.ToString().Contains("Consider setting appropriate permissions"));
// Resetting the queue permission to delete the queue to enable the cleanup of the unit test
var path = @".\private$\" + testQueueName;
using (var queueToModify = new MessageQueue(path))
{
queueToModify.SetPermissions(everyoneGroupName, MessageQueueAccessRights.DeleteQueue, AccessControlEntryType.Allow);
}
}
public void CloudQueueGetSetPermissions()
{
CloudQueue queue = DefaultQueueClient.GetQueueReference(GenerateNewQueueName());
try
{
queue.Create();
QueuePermissions emptyPermission = queue.GetPermissions();
Assert.AreEqual(emptyPermission.SharedAccessPolicies.Count, 0);
string id = Guid.NewGuid().ToString();
DateTime start = DateTime.UtcNow;
DateTime expiry = start.AddMinutes(30);
QueuePermissions permissions = new QueuePermissions();
SharedAccessQueuePermissions queuePerm = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read | SharedAccessQueuePermissions.Update;
permissions.SharedAccessPolicies.Add(id, new SharedAccessQueuePolicy()
{
SharedAccessStartTime = start,
SharedAccessExpiryTime = expiry,
Permissions = queuePerm
});
queue.SetPermissions(permissions);
Thread.Sleep(30 * 1000);
CloudQueue queueToRetrieve = DefaultQueueClient.GetQueueReference(queue.Name);
QueuePermissions permissionsToRetrieve = queueToRetrieve.GetPermissions();
Assert.AreEqual(permissions.SharedAccessPolicies.Count, permissionsToRetrieve.SharedAccessPolicies.Count);
//Assert.AreEqual(start, permissionsToRetrieve.SharedAccessPolicies[id].SharedAccessStartTime.Value.UtcDateTime);
//Assert.AreEqual(expiry, permissionsToRetrieve.SharedAccessPolicies[id].SharedAccessExpiryTime.Value.UtcDateTime);
Assert.AreEqual(permissions.SharedAccessPolicies[id].Permissions, permissionsToRetrieve.SharedAccessPolicies[id].Permissions);
}
finally
{
queue.DeleteIfExists();
}
}
internal bool RemoveAzureQueueStoredAccessPolicy(IStorageQueueManagement localChannel, string queueName, string policyName)
{
bool success = false;
string result = string.Empty;
//Get existing permissions
CloudQueue queue = Channel.GetQueueReference(queueName);
QueuePermissions queuePermissions = localChannel.GetPermissions(queue);
//remove the specified policy
if (!queuePermissions.SharedAccessPolicies.Keys.Contains(policyName))
{
throw new ResourceNotFoundException(String.Format(CultureInfo.CurrentCulture, Resources.PolicyNotFound, policyName));
}
if (ShouldProcess(policyName, "Remove policy"))
{
queuePermissions.SharedAccessPolicies.Remove(policyName);
localChannel.SetPermissions(queue, queuePermissions);
success = true;
}
return(success);
}
public Task SetPermissionsAsync(QueuePermissions permissions, QueueRequestOptions options = null, OperationContext operationContext = null, CancellationToken cancellationToken = default(CancellationToken))
{
return(_queue.SetPermissionsAsync(permissions, options, operationContext, cancellationToken));
}
public ICreateMessageOption <T> Permissions(Action <QueuePermissions> value)
{
QueuePermissions = new QueuePermissions();
value(QueuePermissions);
return(this);
}
public override Task SetPermissionsAsync(QueuePermissions permissions, QueueRequestOptions options, OperationContext operationContext, CancellationToken cancellationToken)
{
throw new NotImplementedException();
// return base.SetPermissionsAsync(permissions, options, operationContext, cancellationToken);
}
/// <summary>
/// set queue permission
/// </summary>
/// <param name="queue"></param>
/// <param name="queuePermissions"></param>
/// <param name="requestOptions"></param>
/// <param name="operationContext"></param>
public void SetPermissions(CloudQueue queue, QueuePermissions queuePermissions, QueueRequestOptions requestOptions, OperationContext operationContext)
{
queue.SetPermissions(queuePermissions, requestOptions, operationContext);
}
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
var storageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));
var cloudTableClient = storageAccount.CreateCloudTableClient();
var table = cloudTableClient.GetTableReference("Photos");
table.CreateIfNotExists();
var cloudBlobClient = storageAccount.CreateCloudBlobClient();
var container = cloudBlobClient.GetContainerReference(CloudConfigurationManager.GetSetting("ContainerName"));
if (container.CreateIfNotExists())
{
container.SetPermissions(new BlobContainerPermissions {
PublicAccess = BlobContainerPublicAccessType.Blob
});
}
var cloudQueueClient = storageAccount.CreateCloudQueueClient();
var queue = cloudQueueClient.GetQueueReference("messagequeue");
queue.CreateIfNotExists();
TablePermissions tp = new TablePermissions();
tp.SharedAccessPolicies.Add("readonly", new SharedAccessTablePolicy {
Permissions = SharedAccessTablePermissions.Query, SharedAccessExpiryTime = System.DateTime.UtcNow.AddMinutes(15)
});
tp.SharedAccessPolicies.Add("edit", new SharedAccessTablePolicy {
Permissions = SharedAccessTablePermissions.Query | SharedAccessTablePermissions.Add | SharedAccessTablePermissions.Update, SharedAccessExpiryTime = System.DateTime.UtcNow.AddMinutes(15)
});
tp.SharedAccessPolicies.Add("admin", new SharedAccessTablePolicy {
Permissions = SharedAccessTablePermissions.Query | SharedAccessTablePermissions.Add | SharedAccessTablePermissions.Update | SharedAccessTablePermissions.Delete, SharedAccessExpiryTime = System.DateTime.UtcNow.AddMinutes(15)
});
tp.SharedAccessPolicies.Add("none", new SharedAccessTablePolicy {
Permissions = SharedAccessTablePermissions.None, SharedAccessExpiryTime = System.DateTime.UtcNow.AddMinutes(15)
});
table.SetPermissions(tp);
BlobContainerPermissions bp = new BlobContainerPermissions();
bp.SharedAccessPolicies.Add("read", new SharedAccessBlobPolicy {
Permissions = SharedAccessBlobPermissions.Read, SharedAccessExpiryTime = System.DateTime.UtcNow.AddMinutes(60)
});
container.SetPermissions(bp);
QueuePermissions qp = new QueuePermissions();
qp.SharedAccessPolicies.Add("add", new SharedAccessQueuePolicy {
Permissions = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.Read, SharedAccessExpiryTime = System.DateTime.UtcNow.AddMinutes(15)
});
qp.SharedAccessPolicies.Add("process", new SharedAccessQueuePolicy {
Permissions = SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read, SharedAccessExpiryTime = System.DateTime.UtcNow.AddMinutes(15)
});
queue.SetPermissions(qp);
queue.Metadata.Add("Resize", "true");
queue.SetMetadata();
}
public void SetPermissions(CloudQueue queue, QueuePermissions queuePermissions, QueueRequestOptions requestOptions, OperationContext operationContext)
{
throw new NotImplementedException();
}
