/// <summary>
/// Get the service properties
/// </summary>
/// <param name="account">Cloud storage account</param>
/// <param name="type">Service type</param>
/// <param name="options">Request options</param>
/// <param name="operationContext">Operation context</param>
/// <returns>The service properties of the specified service type</returns>
public XSCLProtocol.ServiceProperties GetStorageServiceProperties(StorageServiceType type, IRequestOptions options, XSCL.OperationContext operationContext)
{
XSCL.CloudStorageAccount account = StorageContext.StorageAccount;
try
{
switch (type)
{
case StorageServiceType.Blob:
return(account.CreateCloudBlobClient().GetServicePropertiesAsync((BlobRequestOptions)options, operationContext).Result);
case StorageServiceType.Queue:
return(account.CreateCloudQueueClient().GetServicePropertiesAsync((QueueRequestOptions)options, operationContext).Result);
case StorageServiceType.File:
FileServiceProperties fileServiceProperties = account.CreateCloudFileClient().GetServicePropertiesAsync((FileRequestOptions)options, operationContext).Result;
XSCLProtocol.ServiceProperties sp = new XSCLProtocol.ServiceProperties();
sp.Clean();
sp.Cors = fileServiceProperties.Cors;
sp.HourMetrics = fileServiceProperties.HourMetrics;
sp.MinuteMetrics = fileServiceProperties.MinuteMetrics;
return(sp);
default:
throw new ArgumentException(Resources.InvalidStorageServiceType, "type");
}
}
catch (AggregateException e) when(e.InnerException is XSCL.StorageException)
{
throw e.InnerException;
}
}
public AzureSession(string connectionString, string shareName, string systemDir, int waitForLockMilliseconds = 5000, bool optimisticLocking = true,
bool enableCache = true, CacheEnum objectCachingDefaultPolicy = CacheEnum.Yes)
: base(systemDir, waitForLockMilliseconds, optimisticLocking, enableCache, objectCachingDefaultPolicy)
{
m_cloudStorageAccount = CloudStorageAccount.Parse(connectionString);
if (Path.IsPathRooted(systemDir) == false)
SystemDirectory = systemDir;
m_shareName = shareName;
m_cloudFileClient = m_cloudStorageAccount.CreateCloudFileClient();
m_cloudShare = m_cloudFileClient.GetShareReference(shareName);
if (m_cloudShare.Exists())
{
m_rootDir = m_cloudShare.GetRootDirectoryReference();
m_databaseDir = m_rootDir.GetDirectoryReference(systemDir);
m_databaseDir.CreateIfNotExists();
}
}
/// <summary>
/// Set service properties
/// </summary>
/// <param name="account">Cloud storage account</param>
/// <param name="type">Service type</param>
/// <param name="properties">Service properties</param>
/// <param name="options">Request options</param>
/// <param name="operationContext">Operation context</param>
public void SetStorageServiceProperties(StorageServiceType type, XSCLProtocol.ServiceProperties properties, IRequestOptions options, XSCL.OperationContext operationContext)
{
XSCL.CloudStorageAccount account = StorageContext.StorageAccount;
try
{
switch (type)
{
case StorageServiceType.Blob:
Task.Run(() => account.CreateCloudBlobClient().SetServicePropertiesAsync(properties, (BlobRequestOptions)options, operationContext)).Wait();
break;
case StorageServiceType.Queue:
Task.Run(() => account.CreateCloudQueueClient().SetServicePropertiesAsync(properties, (QueueRequestOptions)options, operationContext)).Wait();
break;
case StorageServiceType.File:
if (null != properties.Logging)
{
throw new InvalidOperationException(Resources.FileNotSupportLogging);
}
FileServiceProperties fileServiceProperties = new FileServiceProperties();
fileServiceProperties.Cors = properties.Cors;
fileServiceProperties.HourMetrics = properties.HourMetrics;
fileServiceProperties.MinuteMetrics = properties.MinuteMetrics;
Task.Run(() => account.CreateCloudFileClient().SetServicePropertiesAsync(fileServiceProperties, (FileRequestOptions)options, operationContext)).Wait();
break;
default:
throw new ArgumentException(Resources.InvalidStorageServiceType, "type");
}
}
catch (AggregateException e) when(e.InnerException is XSCL.StorageException)
{
throw e.InnerException;
}
}
public void RunFileTest(SharedAccessAccountPolicy policy, Action<Action> testHandler, int? httpsPort)
{
CloudFileClient fileClient = GenerateCloudFileClient();
string shareName = "s" + Guid.NewGuid().ToString("N");
try
{
CloudStorageAccount account = new CloudStorageAccount(fileClient.Credentials, false);
string accountSASToken = account.GetSharedAccessSignature(policy);
StorageCredentials accountSAS = new StorageCredentials(accountSASToken);
StorageUri storageUri = fileClient.StorageUri;
if (httpsPort != null)
{
storageUri = new StorageUri(TransformSchemeAndPort(storageUri.PrimaryUri, "https", httpsPort.Value), TransformSchemeAndPort(storageUri.SecondaryUri, "https", httpsPort.Value));
}
CloudStorageAccount accountWithSAS = new CloudStorageAccount(accountSAS, null, null, null, storageUri);
CloudFileClient fileClientWithSAS = accountWithSAS.CreateCloudFileClient();
CloudFileShare shareWithSAS = fileClientWithSAS.GetShareReference(shareName);
CloudFileShare share = fileClient.GetShareReference(shareName);
share.Create();
string fileName = "file";
CloudFile file = share.GetRootDirectoryReference().GetFileReference(fileName);
CloudFile fileWithSAS = shareWithSAS.GetRootDirectoryReference().GetFileReference(fileName);
byte[] content = new byte[] { 0x1, 0x2, 0x3, 0x4 };
file.Create(content.Length);
using (Stream stream = new MemoryStream(content))
{
file.WriteRange(stream, 0);
}
testHandler(() =>
{
byte[] result = new byte[content.Length];
fileWithSAS.DownloadRangeToByteArray(result, 0, 0, content.Length);
for (int i = 0; i < content.Length; i++)
{
Assert.AreEqual(content[i], result[i]);
}
});
}
finally
{
fileClient.GetShareReference(shareName).DeleteIfExists();
}
}
public void RunPermissionsTestFiles(SharedAccessAccountPolicy policy)
{
CloudFileClient fileClient = GenerateCloudFileClient();
string shareName = "s" + Guid.NewGuid().ToString("N");
try
{
CloudStorageAccount account = new CloudStorageAccount(fileClient.Credentials, false);
string accountSASToken = account.GetSharedAccessSignature(policy);
StorageCredentials accountSAS = new StorageCredentials(accountSASToken);
CloudStorageAccount accountWithSAS = new CloudStorageAccount(accountSAS, null, null, null, fileClient.StorageUri);
CloudFileClient fileClientWithSAS = accountWithSAS.CreateCloudFileClient();
CloudFileShare shareWithSAS = fileClientWithSAS.GetShareReference(shareName);
CloudFileShare share = fileClient.GetShareReference(shareName);
// General pattern - If current perms support doing a thing with SAS, do the thing with SAS and validate with shared
// Otherwise, make sure SAS fails and then do the thing with shared key.
// Things to do:
// Create the share (Create / Write perms, Container RT)
// List shares with prefix (List perms, Service RT)
// Create a new file (Create / Write, Object RT)
// Add a range to the file (Write, Object RT)
// Read the data from the file (Read, Object RT)
// Overwrite a file (Write, Object RT)
// Delete the file (Delete perms, Object RT)
if ((((policy.Permissions & SharedAccessAccountPermissions.Create) == SharedAccessAccountPermissions.Create) || ((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write)) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Container) == SharedAccessAccountResourceTypes.Container))
{
shareWithSAS.Create();
}
else
{
TestHelper.ExpectedException<StorageException>(() => shareWithSAS.Create(), "Creating a share with SAS should fail without Create or Write and Container-level perms.");
share.Create();
}
Assert.IsTrue(share.Exists());
if (((policy.Permissions & SharedAccessAccountPermissions.List) == SharedAccessAccountPermissions.List) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Service) == SharedAccessAccountResourceTypes.Service))
{
Assert.AreEqual(shareName, fileClientWithSAS.ListShares(shareName).First().Name);
}
else
{
TestHelper.ExpectedException<StorageException>(() => fileClientWithSAS.ListShares(shareName).First(), "Listing shared with SAS should fail without List and Service-level perms.");
}
string filename = "fileName";
CloudFile fileWithSAS = shareWithSAS.GetRootDirectoryReference().GetFileReference(filename);
CloudFile file = share.GetRootDirectoryReference().GetFileReference(filename);
byte[] content = new byte[] { 0x1, 0x2, 0x3, 0x4 };
if ((((policy.Permissions & SharedAccessAccountPermissions.Create) == SharedAccessAccountPermissions.Create) || ((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write)) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
fileWithSAS.Create(content.Length);
}
else
{
TestHelper.ExpectedException<StorageException>(() => fileWithSAS.Create(content.Length), "Creating a file with SAS should fail without Create or Write and Object-level perms.");
file.Create(content.Length);
}
Assert.IsTrue(file.Exists());
using (Stream stream = new MemoryStream(content))
{
if (((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
fileWithSAS.WriteRange(stream, 0);
}
else
{
TestHelper.ExpectedException<StorageException>(() => fileWithSAS.WriteRange(stream, 0), "Writing a range to a file with SAS should fail without Write and Object-level perms.");
stream.Seek(0, SeekOrigin.Begin);
file.WriteRange(stream, 0);
}
}
byte[] result = new byte[content.Length];
file.DownloadRangeToByteArray(result, 0, 0, content.Length);
for (int i = 0; i < content.Length; i++)
{
Assert.AreEqual(content[i], result[i]);
}
if (((policy.Permissions & SharedAccessAccountPermissions.Read) == SharedAccessAccountPermissions.Read) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
result = new byte[content.Length];
fileWithSAS.DownloadRangeToByteArray(result, 0, 0, content.Length);
for (int i = 0; i < content.Length; i++)
{
Assert.AreEqual(content[i], result[i]);
}
}
else
{
TestHelper.ExpectedException<StorageException>(() => fileWithSAS.DownloadRangeToByteArray(result, 0, 0, content.Length), "Reading a file with SAS should fail without Read and Object-level perms.");
}
if (((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
fileWithSAS.Create(2);
}
else
{
TestHelper.ExpectedException<StorageException>(() => fileWithSAS.Create(2), "Overwriting a file with SAS should fail without Write and Object-level perms.");
file.Create(2);
}
result = new byte[content.Length];
file.DownloadRangeToByteArray(result, 0, 0, content.Length);
for (int i = 0; i < content.Length; i++)
{
Assert.AreEqual(0, result[i]);
}
if (((policy.Permissions & SharedAccessAccountPermissions.Delete) == SharedAccessAccountPermissions.Delete) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
fileWithSAS.Delete();
}
else
{
TestHelper.ExpectedException<StorageException>(() => fileWithSAS.Delete(), "Deleting a file with SAS should fail without Delete and Object-level perms.");
file.Delete();
}
Assert.IsFalse(file.Exists());
}
finally
{
fileClient.GetShareReference(shareName).DeleteIfExists();
}
}
private IPAddress GetMyFileIPAddressFromService()
{
CloudFileClient fileClient = GenerateCloudFileClient();
string shareName = "c" + Guid.NewGuid().ToString("N");
CloudFileShare share = fileClient.GetShareReference(shareName);
try
{
share.Create();
string fileName = "file";
share.GetRootDirectoryReference().CreateIfNotExists();
CloudFile file = share.GetRootDirectoryReference().GetFileReference(fileName);
file.Create(1024);
byte[] data = new byte[] { 0x1, 0x2, 0x3, 0x4 };
file.UploadFromByteArray(data, 0, 4);
SharedAccessAccountPolicy policy = GetPolicyWithFullPermissions();
IPAddress invalidIP = IPAddress.Parse("255.255.255.255");
policy.IPAddressOrRange = new IPAddressOrRange(invalidIP.ToString());
CloudStorageAccount account = new CloudStorageAccount(fileClient.Credentials, false);
string accountSASToken = account.GetSharedAccessSignature(policy);
StorageCredentials accountSAS = new StorageCredentials(accountSASToken);
CloudStorageAccount accountWithSAS = new CloudStorageAccount(accountSAS, null, null, null, fileClient.StorageUri);
CloudFileClient fileClientWithSAS = accountWithSAS.CreateCloudFileClient();
CloudFileShare shareWithSAS = fileClientWithSAS.GetShareReference(shareName);
CloudFile fileWithSAS = shareWithSAS.GetRootDirectoryReference().GetFileReference(fileName);
byte[] target = new byte[4];
IPAddress actualIP = null;
bool exceptionThrown = false;
try
{
fileWithSAS.DownloadRangeToByteArray(target, 0, 0, 4);
}
catch (StorageException e)
{
string[] parts = e.RequestInformation.HttpStatusMessage.Split(' ');
actualIP = IPAddress.Parse(parts[parts.Length - 1].Trim('.'));
exceptionThrown = true;
Assert.IsNotNull(actualIP);
}
Assert.IsTrue(exceptionThrown);
return actualIP;
}
finally
{
share.DeleteIfExists();
}
}
public async Task RunPermissionsTestFiles(SharedAccessAccountPolicy policy)
{
CloudFileClient fileClient = GenerateCloudFileClient();
string shareName = "s" + Guid.NewGuid().ToString("N");
try
{
CloudStorageAccount account = new CloudStorageAccount(fileClient.Credentials, false);
string accountSASToken = account.GetSharedAccessSignature(policy);
StorageCredentials accountSAS = new StorageCredentials(accountSASToken);
CloudStorageAccount accountWithSAS = new CloudStorageAccount(accountSAS, null, null, null, fileClient.StorageUri);
CloudFileClient fileClientWithSAS = accountWithSAS.CreateCloudFileClient();
CloudFileShare shareWithSAS = fileClientWithSAS.GetShareReference(shareName);
CloudFileShare share = fileClient.GetShareReference(shareName);
// General pattern - If current perms support doing a thing with SAS, do the thing with SAS and validate with shared
// Otherwise, make sure SAS fails and then do the thing with shared key.
// Things to do:
// Create the share (Create / Write perms, Container RT)
// List shares with prefix (List perms, Service RT)
// Create a new file (Create / Write, Object RT)
// Add a range to the file (Write, Object RT)
// Read the data from the file (Read, Object RT)
// Overwrite a file (Write, Object RT)
// Delete the file (Delete perms, Object RT)
if ((((policy.Permissions & SharedAccessAccountPermissions.Create) == SharedAccessAccountPermissions.Create) || ((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write)) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Container) == SharedAccessAccountResourceTypes.Container))
{
await shareWithSAS.CreateAsync();
}
else
{
await TestHelper.ExpectedExceptionAsync <StorageException>(async() => await shareWithSAS.CreateAsync(), "Creating a share with SAS should fail without Create or Write and Container-level perms.");
await share.CreateAsync();
}
Assert.IsTrue(await share.ExistsAsync());
if (((policy.Permissions & SharedAccessAccountPermissions.List) == SharedAccessAccountPermissions.List) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Service) == SharedAccessAccountResourceTypes.Service))
{
Assert.AreEqual(shareName, (await fileClientWithSAS.ListSharesSegmentedAsync(shareName, null)).Results.First().Name);
}
else
{
await TestHelper.ExpectedExceptionAsync <StorageException>(async() => (await fileClientWithSAS.ListSharesSegmentedAsync(shareName, null)).Results.First(), "Listing shared with SAS should fail without List and Service-level perms.");
}
string filename = "fileName";
CloudFile fileWithSAS = shareWithSAS.GetRootDirectoryReference().GetFileReference(filename);
CloudFile file = share.GetRootDirectoryReference().GetFileReference(filename);
//Try creating credentials using SAS Uri directly
CloudFile fileWithSASUri = new CloudFile(new Uri(share.Uri + accountSASToken));
byte[] content = new byte[] { 0x1, 0x2, 0x3, 0x4 };
if ((((policy.Permissions & SharedAccessAccountPermissions.Create) == SharedAccessAccountPermissions.Create) || ((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write)) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
await fileWithSAS.CreateAsync(content.Length);
}
else
{
await TestHelper.ExpectedExceptionAsync <StorageException>(async() => await fileWithSAS.CreateAsync(content.Length), "Creating a file with SAS should fail without Create or Write and Object-level perms.");
await file.CreateAsync(content.Length);
}
Assert.IsTrue(await file.ExistsAsync());
using (MemoryStream stream = new MemoryStream(content))
{
if (((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
await fileWithSAS.WriteRangeAsync(stream, 0, null);
}
else
{
await TestHelper.ExpectedExceptionAsync <StorageException>(async() => await fileWithSAS.WriteRangeAsync(stream, 0, null), "Writing a range to a file with SAS should fail without Write and Object-level perms.");
stream.Seek(0, SeekOrigin.Begin);
await file.WriteRangeAsync(stream, 0, null);
}
}
byte[] result = new byte[content.Length];
await file.DownloadRangeToByteArrayAsync(result, 0, 0, content.Length);
for (int i = 0; i < content.Length; i++)
{
Assert.AreEqual(content[i], result[i]);
}
if (((policy.Permissions & SharedAccessAccountPermissions.Read) == SharedAccessAccountPermissions.Read) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
result = new byte[content.Length];
await fileWithSAS.DownloadRangeToByteArrayAsync(result, 0, 0, content.Length);
for (int i = 0; i < content.Length; i++)
{
Assert.AreEqual(content[i], result[i]);
}
}
else
{
await TestHelper.ExpectedExceptionAsync <StorageException>(async() => await fileWithSAS.DownloadRangeToByteArrayAsync(result, 0, 0, content.Length), "Reading a file with SAS should fail without Read and Object-level perms.");
}
if (((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
await fileWithSAS.CreateAsync(2);
}
else
{
await TestHelper.ExpectedExceptionAsync <StorageException>(async() => await fileWithSAS.CreateAsync(2), "Overwriting a file with SAS should fail without Write and Object-level perms.");
await file.CreateAsync(2);
}
result = new byte[content.Length];
await file.DownloadRangeToByteArrayAsync(result, 0, 0, content.Length);
for (int i = 0; i < content.Length; i++)
{
Assert.AreEqual(0, result[i]);
}
if (((policy.Permissions & SharedAccessAccountPermissions.Delete) == SharedAccessAccountPermissions.Delete) &&
((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object))
{
await fileWithSAS.DeleteAsync();
}
else
{
await TestHelper.ExpectedExceptionAsync <StorageException>(async() => await fileWithSAS.DeleteAsync(), "Deleting a file with SAS should fail without Delete and Object-level perms.");
await file.DeleteAsync();
}
Assert.IsFalse(await file.ExistsAsync());
}
finally
{
fileClient.GetShareReference(shareName).DeleteIfExistsAsync().Wait();
}
}
