protected void SetContainerPermission(CloudBlobContainer container, BlobContainerPublicAccessType perimssion)
{
container.SetPermissionsAsync(new BlobContainerPermissions
{
PublicAccess = perimssion
});
}
/// <summary>
/// Checks for the existence of a specific storage container, if it doesn't exist it will create it.
/// </summary>
/// <param name="client">The <see cref="StorageManagementClient"/> that is performing the operation.</param>
/// <param name="accountName">The name of the storage account that we want to create the container in.</param>
/// <param name="containerName">The name of the container that we are about to create.</param>
/// <param name="publicAccess">The public access level for the container.</param>
/// <param name="permissions">The set of permissions that the ACL for this container must have.</param>
/// <returns>The async <see cref="Task"/> wrapper.</returns>
public static async Task CreateContainerIfNotExistsAsync(
this StorageManagementClient client,
string accountName,
string containerName,
BlobContainerPublicAccessType publicAccess,
SharedAccessBlobPermissions permissions)
{
Contract.Requires(client != null);
Contract.Requires(!string.IsNullOrWhiteSpace(accountName));
Contract.Requires(!string.IsNullOrWhiteSpace(containerName));
Contract.Requires(containerName.Length >= 3);
Contract.Requires(containerName.Length <= 63);
var key = (await client.StorageAccounts.GetKeysAsync(accountName)).PrimaryKey;
var storageAccount = CloudStorageAccount.Parse($"DefaultEndpointsProtocol=https;AccountName={accountName};AccountKey={key}");
var container = storageAccount.CreateCloudBlobClient().GetContainerReference(containerName);
await container.CreateIfNotExistsAsync();
await container.SetPermissionsAsync(new BlobContainerPermissions { PublicAccess = publicAccess });
FlexStreams.BuildEventsObserver.OnNext(new ProvisionEvent(AzureResource.StorageContainer, containerName));
var acl = container.GetSharedAccessSignature(new SharedAccessBlobPolicy { Permissions = permissions });
FlexStreams.BuildEventsObserver.OnNext(new StorageKeyEvent(accountName, containerName, acl));
}
/// <summary>
/// set the access level of specified container
/// </summary>
/// <param name="name">container name</param>
/// <param name="accessLevel">access level in ("off", "blob", "container")</param>
internal async Task SetContainerAcl(long taskId, IStorageBlobManagement localChannel, string name, BlobContainerPublicAccessType accessLevel)
{
if (!NameUtil.IsValidContainerName(name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, name));
}
BlobContainerPermissions permissions = new BlobContainerPermissions();
permissions.PublicAccess = accessLevel;
BlobRequestOptions requestOptions = RequestOptions;
AccessCondition accessCondition = null;
CloudBlobContainer container = localChannel.GetContainerReference(name);
if (!await localChannel.DoesContainerExistAsync(container, requestOptions, OperationContext, CmdletCancellationToken))
{
throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name));
}
await localChannel.SetContainerPermissionsAsync(container, permissions, accessCondition, requestOptions, OperationContext, CmdletCancellationToken);
if (PassThru)
{
WriteCloudContainerObject(taskId, localChannel, container, permissions);
}
}
/// <summary>
/// Returns a singleton instance of the <see cref="AzureFileSystem"/> class.
/// </summary>
/// <param name="containerName">The container name.</param>
/// <param name="rootUrl">The root url.</param>
/// <param name="connectionString">The connection string.</param>
/// <param name="maxDays">The maximum number of days to cache blob items for in the browser.</param>
/// <param name="useDefaultRoute">Whether to use the default "media" route in the url independent of the blob container.</param>
/// <param name="usePrivateContainer">Whether to use private blob access (no direct access) or public (direct access possible, default) access.</param>
/// <returns>The <see cref="AzureFileSystem"/></returns>
public static AzureFileSystem GetInstance(string containerName, string rootUrl, string connectionString, string maxDays, string useDefaultRoute, string usePrivateContainer)
{
lock (Locker)
{
AzureFileSystem fileSystem = FileSystems.SingleOrDefault(fs => fs.ContainerName == containerName && fs.rootHostUrl == rootUrl);
if (fileSystem == null)
{
int max;
if (!int.TryParse(maxDays, out max))
{
max = 365;
}
bool defaultRoute;
if (!bool.TryParse(useDefaultRoute, out defaultRoute))
{
defaultRoute = true;
}
bool privateContainer;
if (!bool.TryParse(usePrivateContainer, out privateContainer))
{
privateContainer = true;
}
BlobContainerPublicAccessType blobContainerPublicAccessType = privateContainer ? BlobContainerPublicAccessType.Off : BlobContainerPublicAccessType.Blob;
fileSystem = new AzureFileSystem(containerName, rootUrl, connectionString, max, defaultRoute, blobContainerPublicAccessType);
FileSystems.Add(fileSystem);
}
return(fileSystem);
}
}
/// <summary>
/// set the access level of specified container
/// </summary>
/// <param name="name">container name</param>
/// <param name="accessLevel">access level in ("off", "blob", "container")</param>
internal void SetContainerAcl(string name, BlobContainerPublicAccessType accessLevel)
{
if (!NameUtil.IsValidContainerName(name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, name));
}
BlobContainerPermissions permissions = new BlobContainerPermissions();
permissions.PublicAccess = accessLevel;
BlobRequestOptions requestOptions = RequestOptions;
AccessCondition accessCondition = null;
CloudBlobContainer container = Channel.GetContainerReference(name);
if (!Channel.DoesContainerExist(container, requestOptions, OperationContext))
{
throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name));
}
Channel.SetContainerPermissions(container, permissions, accessCondition, requestOptions, OperationContext);
AzureStorageContainer azureContainer = new AzureStorageContainer(container, permissions);
if (PassThru)
{
WriteObjectWithStorageContext(azureContainer);
}
}
/// <summary>
/// create a new azure container
/// </summary>
/// <param name="name">container name</param>
internal AzureStorageContainer CreateAzureContainer(string name, BlobContainerPublicAccessType accesslevel)
{
if (!NameUtil.IsValidContainerName(name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, name));
}
BlobRequestOptions requestOptions = RequestOptions;
AccessCondition accessCondition = null;
CloudBlobContainer container = Channel.GetContainerReference(name);
bool created = Channel.CreateContainerIfNotExists(container, requestOptions, OperationContext);
if (!created)
{
throw new ResourceAlreadyExistException(String.Format(Resources.ContainerAlreadyExists, name));
}
BlobContainerPermissions permissions = new BlobContainerPermissions();
permissions.PublicAccess = accessLevel;
if (accessLevel == BlobContainerPublicAccessType.Container || accessLevel == BlobContainerPublicAccessType.Blob)
{
Channel.SetContainerPermissions(container, permissions, accessCondition, requestOptions, OperationContext);
}
else
{
permissions = Channel.GetContainerPermissions(container, accessCondition, requestOptions, OperationContext);
}
AzureStorageContainer azureContainer = new AzureStorageContainer(container, permissions);
return azureContainer;
}
/// <summary>
/// create a new azure container
/// </summary>
/// <param name="name">container name</param>
internal AzureStorageContainer CreateAzureContainer(string name, BlobContainerPublicAccessType accesslevel)
{
if (!NameUtil.IsValidContainerName(name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, name));
}
BlobRequestOptions requestOptions = RequestOptions;
AccessCondition accessCondition = null;
CloudBlobContainer container = Channel.GetContainerReference(name);
bool created = Channel.CreateContainerIfNotExists(container, requestOptions, OperationContext);
if (!created)
{
throw new ResourceAlreadyExistException(String.Format(Resources.ContainerAlreadyExists, name));
}
BlobContainerPermissions permissions = new BlobContainerPermissions();
permissions.PublicAccess = accessLevel;
if (accessLevel == BlobContainerPublicAccessType.Container || accessLevel == BlobContainerPublicAccessType.Blob)
{
Channel.SetContainerPermissions(container, permissions, accessCondition, requestOptions, OperationContext);
}
else
{
permissions = Channel.GetContainerPermissions(container, accessCondition, requestOptions, OperationContext);
}
AzureStorageContainer azureContainer = new AzureStorageContainer(container, permissions);
return(azureContainer);
}
public CloudBlobManager(CloudBlobClient blobClient, string containerName, BlobContainerPublicAccessType containerAccess = BlobContainerPublicAccessType.Off)
{
BlobClient = blobClient;
var container = blobClient.GetContainerReference(containerName);
container.CreateIfNotExists();
Container = container;
SetPublicAccess(containerAccess);
}
public static async Task<SimpleHttpResponse> CreateContainer(string container, BlobContainerPublicAccessType access = BlobContainerPublicAccessType.Off, IEnumerable<CloudStorageAccount> excludeAccounts = null)
{
return await DoForAllContainersAsync(container,
HttpStatusCode.Created,
async containerObj => await containerObj.CreateAsync(access, null, null),
false,
excludeAccounts);
}
public void setPublicPermissions(CloudBlobContainer container, BlobContainerPublicAccessType Level)
{
container.SetPermissions(
new BlobContainerPermissions
{
PublicAccess = Level
});
}
private CloudBlobContainer GetContainer(string container, BlobContainerPublicAccessType accessType)
{
CloudBlobContainer cloudContainer = Client.GetContainerReference(container);
cloudContainer.CreateIfNotExistsAsync(accessType, null, null).GetAwaiter().GetResult();
return(cloudContainer);
}
public void Create(BlobContainerPublicAccessType accessType, BlobRequestOptions requestOptions = null, OperationContext operationContext = null)
{
BlobRequestOptions modifiedOptions = BlobRequestOptions.ApplyDefaults(requestOptions, BlobType.Unspecified, this.ServiceClient);
Executor.ExecuteSync(
this.CreateContainerImpl(modifiedOptions, accessType),
modifiedOptions.RetryPolicy,
operationContext);
}
/// <summary>
/// Sets permissions for the container.
/// </summary>
/// <param name="accessType">The public access setting for the container.</param>
/// <returns>BlobContainer instance.</returns>
public BlobContainer SetAccessPermission(BlobContainerPublicAccessType accessType)
{
var permissions = this._cloudBlobContainer.GetPermissions();
permissions.PublicAccess = accessType;
this._cloudBlobContainer.SetPermissions(permissions);
return(this);
}
public CloudBlobContainer CreateContainer(string containerName, BlobContainerPublicAccessType permission)
{
CloudBlobContainer container = CreateContainer(containerName);
BlobContainerPermissions containerPermission = new BlobContainerPermissions();
containerPermission.PublicAccess = permission;
container.SetPermissions(containerPermission);
return(container);
}
internal static async Task DeleteItem(CloudBlobClient blobClient, string fullUrl,
BlobContainerPublicAccessType targetPermition = BlobContainerPublicAccessType.Blob)
{
var cloudBlockBlob = new CloudBlockBlob(new Uri(fullUrl), blobClient.Credentials);
await CheckBlobPermition(cloudBlockBlob, targetPermition);
await cloudBlockBlob.DeleteIfExistsAsync();
}
public void CreateContainerForAlreadyExistsContainerTest()
{
AddTestContainers();
string name = "text";
BlobContainerPublicAccessType accesslevel = BlobContainerPublicAccessType.Off;
AssertThrows <ResourceAlreadyExistException>(() => command.CreateAzureContainer(name, accesslevel),
String.Format(Resources.ContainerAlreadyExists, name));
}
public IAsyncAction CreateAsync(BlobContainerPublicAccessType accessType, BlobRequestOptions options, OperationContext operationContext)
{
BlobRequestOptions modifiedOptions = BlobRequestOptions.ApplyDefaults(options, BlobType.Unspecified, this.ServiceClient);
return AsyncInfo.Run(async (token) => await Executor.ExecuteAsyncNullReturn(
this.CreateContainerImpl(modifiedOptions, accessType),
modifiedOptions.RetryPolicy,
operationContext,
token));
}
public static async Task <bool> CreateIfNotExistsAsync(
this CloudBlobContainer container,
BlobContainerPublicAccessType publicAccessType,
CancellationToken cancellationToken)
=> await container.CreateIfNotExistsAsync(
publicAccessType,
new BlobRequestOptions(),
new OperationContext(),
cancellationToken);
/// <summary>
/// Set container access control to container|blob|private
/// </summary>
/// <param name="accessLevel">Set access level to container|blob|private</param>
/// <returns>Return true on success, false if not found, throw exception on error</returns>
protected async Task SetContainerAclAsync(BlobContainerPublicAccessType accessLevel)
{
ThrowWhenCloudBlobContainerDoesNotExist();
var permissions = new BlobContainerPermissions
{
PublicAccess = accessLevel
};
await Container.SetPermissionsAsync(permissions);
}
internal static async Task UploadAsyncByAbsoluteUrl(CloudBlobClient blobClient, MemoryStream source,
string fullUrl, BlobContainerPublicAccessType targetPermition = BlobContainerPublicAccessType.Blob)
{
var cloudBlockBlob = new CloudBlockBlob(new Uri(fullUrl), blobClient.Credentials);
await CheckBlobPermition(cloudBlockBlob, targetPermition);
await cloudBlockBlob.UploadFromStreamAsync(source);
}
private CloudBlobContainer CreateContainer(string containerName, BlobContainerPublicAccessType accessType)
{
var container = GetContainer(containerName);
container.CreateIfNotExists();
container.SetPermissions(new BlobContainerPermissions {
PublicAccess = accessType
});
return(container);
}
/// <summary>
/// This is the default constructor.
/// </summary>
/// <param name="credentials">The azure storage credentails.</param>
/// <param name="serviceName">The service name to log under.</param>
/// <param name="defaultTimeout">The default timeout for each message.</param>
/// <param name="accessType">The blog storage access type. By default this is set to private.</param>
/// <param name="options">The blod request options.</param>
/// <param name="context">The options context.</param>
/// <param name="encryption">Encryption to be used when logging dead letters</param>
public DeadLetterLoggerMessageHandler(StorageCredentials credentials, string serviceName
, TimeSpan?defaultTimeout = null
, BlobContainerPublicAccessType accessType = BlobContainerPublicAccessType.Off
, BlobRequestOptions options = null
, OperationContext context = null
, IServiceHandlerEncryption encryption = null)
{
mStorage = new StorageServiceBase(credentials, "DeadLetter", accessType, options, context, defaultTimeout: defaultTimeout, encryption: encryption);
mServiceName = serviceName;
}
public bool CreateContainer(string containerName, BlobContainerPublicAccessType accessType, NameValueCollection metadata)
{
CloudBlobContainer container = BlobStorageType.GetContainerReference(containerName);
BlobContainerPermissions perm = new BlobContainerPermissions();
perm.PublicAccess = accessType;
container.SetPermissions(perm);
container.Metadata.Add(metadata);
return(container.CreateIfNotExist());
}
public async Task SetAnonAccessOnContainerAsync(string storageContainerName, BlobContainerPublicAccessType accessType = BlobContainerPublicAccessType.Blob)
{
var containerRef = _blobClient.GetContainerReference(storageContainerName);
await containerRef.CreateIfNotExistsAsync();
BlobContainerPermissions permissions = await containerRef.GetPermissionsAsync();
permissions.PublicAccess = accessType;
await containerRef.SetPermissionsAsync(permissions);
}
public CloudBlobContainer GetContainer(string containerName,
BlobContainerPublicAccessType blobContainerPublicAccessType = BlobContainerPublicAccessType.Off)
{
var storageAccount = new CloudStorageAccount(_storageCredentials, true);
var blobClient = storageAccount.CreateCloudBlobClient();
var blobContainer = blobClient.GetContainerReference(containerName);
blobContainer.CreateIfNotExists(blobContainerPublicAccessType);
return(blobContainer);
}
private static async Task TestAccessAsync(BlobContainerPublicAccessType accessType, CloudBlobContainer container, CloudBlob inputBlob)
{
StorageCredentials credentials = new StorageCredentials();
container = new CloudBlobContainer(container.Uri, credentials);
CloudPageBlob blob = new CloudPageBlob(inputBlob.Uri, credentials);
OperationContext context = new OperationContext();
BlobRequestOptions options = new BlobRequestOptions();
if (accessType.Equals(BlobContainerPublicAccessType.Container))
{
await blob.FetchAttributesAsync();
await container.ListBlobsSegmentedAsync(null, true, BlobListingDetails.All, null, null, options, context);
await container.FetchAttributesAsync();
}
else if (accessType.Equals(BlobContainerPublicAccessType.Blob))
{
await blob.FetchAttributesAsync();
await TestHelper.ExpectedExceptionAsync(
async() => await container.ListBlobsSegmentedAsync(null, true, BlobListingDetails.All, null, null, options, context),
context,
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
await TestHelper.ExpectedExceptionAsync(
async() => await container.FetchAttributesAsync(null, options, context),
context,
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
else
{
await TestHelper.ExpectedExceptionAsync(
async() => await blob.FetchAttributesAsync(null, options, context),
context,
"Fetch blob attributes while public access does not allow",
HttpStatusCode.NotFound);
await TestHelper.ExpectedExceptionAsync(
async() => await container.ListBlobsSegmentedAsync(null, true, BlobListingDetails.All, null, null, options, context),
context,
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
await TestHelper.ExpectedExceptionAsync(
async() => await container.FetchAttributesAsync(null, options, context),
context,
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
}
public CloudBlobContainer CreateContainer(string containerName, BlobContainerPublicAccessType permission = BlobContainerPublicAccessType.Blob)
{
var container = this.BlobClient.GetContainerReference(containerName);
container.CreateIfNotExists();
container.SetPermissions(new BlobContainerPermissions {
PublicAccess = permission
});
return(container);
}
/// <summary>
/// Creates the container if it does not already exist.
/// </summary>
/// <param name="newContainerAccessType">Access type for the newly created container.</param>
/// <returns>true if the container did not already exist and was created; otherwise false.</returns>
public bool CreateIfNotExists(BlobContainerPublicAccessType newContainerAccessType)
{
var result = this._cloudBlobContainer.CreateIfNotExists();
if (result)
{
this.SetAccessPermission(newContainerAccessType);
}
return(result);
}
private async void EnsureContainerExists(string containerName, BlobContainerPublicAccessType blobAccess)
{
CloudBlobContainer container = GetContainer(containerName);
if (container == null)
{
throw new ArgumentException("Invalid container name: " + containerName);
}
await container.CreateIfNotExistsAsync(blobAccess, null, null);
}
public CloudBlobContainer GetContainer(string containerName, BlobContainerPublicAccessType publicAccess)
{
CloudBlobContainer container = _storage.GetContainerReference(containerName);
if (container.CreateIfNotExists())
{
BlobContainerPermissions permissions = container.GetPermissions();
permissions.PublicAccess = publicAccess;
container.SetPermissions(permissions);
}
return(container);
}
/// <summary>
/// Constructs a web request to set the ACL for a container.
/// </summary>
/// <param name="uri">The absolute URI to the container.</param>
/// <param name="timeout">The server timeout interval.</param>
/// <param name="publicAccess">The type of public access to allow for the container.</param>
/// <param name="accessCondition">The access condition to apply to the request.</param>
/// <returns><returns>A web request to use to perform the operation.</returns></returns>
public static StorageRequestMessage SetAcl(Uri uri, int?timeout, BlobContainerPublicAccessType publicAccess, AccessCondition accessCondition, HttpContent content, OperationContext operationContext, ICanonicalizer canonicalizer, StorageCredentials credentials)
{
StorageRequestMessage request = HttpRequestMessageFactory.SetAcl(uri, timeout, GetContainerUriQueryBuilder(), content, operationContext, canonicalizer, credentials);
if (publicAccess != BlobContainerPublicAccessType.Off)
{
request.Headers.Add(Constants.HeaderConstants.ContainerPublicAccessType, publicAccess.ToString().ToLower());
}
request.ApplyAccessCondition(accessCondition);
return(request);
}
/// <summary>
/// Constructs a web request to create a new container.
/// </summary>
/// <param name="uri">The absolute URI to the container.</param>
/// <param name="timeout">The server timeout interval.</param>
/// <param name="accessType">An <see cref="BlobContainerPublicAccessType"/> object that specifies whether data in the container may be accessed publicly and what level of access is to be allowed.</param>
/// <returns>A web request to use to perform the operation.</returns>
public static HttpRequestMessage Create(Uri uri, int? timeout, HttpContent content, OperationContext operationContext, BlobContainerPublicAccessType accessType)
{
UriQueryBuilder containerBuilder = GetContainerUriQueryBuilder();
HttpRequestMessage request = HttpRequestMessageFactory.Create(uri, timeout, containerBuilder, content, operationContext);
if (accessType != BlobContainerPublicAccessType.Off)
{
request.Headers.Add(Constants.HeaderConstants.ContainerPublicAccessType, accessType.ToString().ToLower());
}
return request;
}
public async Task Initialize(BlobContainerPublicAccessType accessType)
{
var blobStorageType = _account.CreateCloudBlobClient();
var container = blobStorageType.GetContainerReference(_documentsContainerName);
await container.CreateIfNotExistsAsync();
var perm = new BlobContainerPermissions
{
PublicAccess = accessType
};
await container.SetPermissionsAsync(perm);
}
/// <summary>
/// Constructs a web request to create a new container.
/// </summary>
/// <param name="uri">A <see cref="System.Uri"/> specifying the absolute URI to the container.</param>
/// <param name="timeout">An integer specifying the server timeout interval.</param>
/// <param name="useVersionHeader">A boolean value indicating whether to set the <i>x-ms-version</i> HTTP header.</param>
/// <param name="operationContext">An <see cref="OperationContext"/> object that represents the context for the current operation.</param>
/// <param name="accessType">An <see cref="BlobContainerPublicAccessType"/> object that specifies whether data in the container may be accessed publicly and the level of access.</param>
/// <returns>A <see cref="System.Net.HttpWebRequest"/> object.</returns>
public static HttpWebRequest Create(Uri uri, int? timeout, bool useVersionHeader, OperationContext operationContext, BlobContainerPublicAccessType accessType)
{
UriQueryBuilder containerBuilder = GetContainerUriQueryBuilder();
HttpWebRequest request = HttpWebRequestFactory.Create(uri, timeout, containerBuilder, useVersionHeader, operationContext);
if (accessType != BlobContainerPublicAccessType.Off)
{
request.Headers.Add(Constants.HeaderConstants.ContainerPublicAccessType, accessType.ToString().ToLower(CultureInfo.InvariantCulture));
}
return request;
}
/// <summary>
/// Constructs a web request to set the ACL for a container.
/// </summary>
/// <param name="uri">The absolute URI to the container.</param>
/// <param name="timeout">The server timeout interval.</param>
/// <param name="publicAccess">The type of public access to allow for the container.</param>
/// <param name="accessCondition">The access condition to apply to the request.</param>
/// <param name="operationContext">An <see cref="OperationContext"/> object for tracking the current operation.</param>
/// <returns>A web request to use to perform the operation.</returns>
public static HttpWebRequest SetAcl(Uri uri, int?timeout, BlobContainerPublicAccessType publicAccess, AccessCondition accessCondition, OperationContext operationContext)
{
HttpWebRequest request = HttpWebRequestFactory.SetAcl(uri, GetContainerUriQueryBuilder(), timeout, operationContext);
if (publicAccess != BlobContainerPublicAccessType.Off)
{
request.Headers.Add("x-ms-blob-public-access", publicAccess.ToString().ToLower());
}
request.ApplyAccessCondition(accessCondition);
return(request);
}
public void Initialize(BlobContainerPublicAccessType accessType = BlobContainerPublicAccessType.Off)
{
CloudBlobClient blobStorageType = account.CreateCloudBlobClient();
CloudBlobContainer container = blobStorageType.GetContainerReference(documentsContainerName);
container.CreateIfNotExists();
var perm = new BlobContainerPermissions
{
PublicAccess = accessType
};
container.SetPermissions(perm);
}
public async Task <bool> changeContainerState(string containerName, BlobContainerPublicAccessType type)
{
try
{
CloudBlobContainer c = Client.GetContainerReference(containerName);
await c.SetPermissionsAsync(new BlobContainerPermissions { PublicAccess = type });
return(true);
}
catch (Exception e) {
return(false);
}
}
private async Task <CloudBlobContainer> GetCloudContainer(string connectionString, string containerName, string blobContainerPublicAccessType)
{
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(connectionString);
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
BlobContainerPublicAccessType blobContainerPublicAccessTypeKey = (BlobContainerPublicAccessType)Enum.Parse(typeof(BlobContainerPublicAccessType), blobContainerPublicAccessType, true);
CloudBlobContainer blobContainer = blobClient.GetContainerReference(containerName);
if (await blobContainer.CreateIfNotExistsAsync())
{
await blobContainer.SetPermissionsAsync(
new BlobContainerPermissions { PublicAccess = blobContainerPublicAccessTypeKey }
);
}
return(blobContainer);
}
public void CreateContainerSuccessfullyTest()
{
string name = String.Empty;
BlobContainerPublicAccessType accesslevel = BlobContainerPublicAccessType.Off;
((MockCommandRuntime)command.CommandRuntime).ResetPipelines();
name = "test";
AzureStorageContainer container = command.CreateAzureContainer(name, accesslevel);
Assert.AreEqual("test", container.Name);
((MockCommandRuntime)command.CommandRuntime).ResetPipelines();
AssertThrows <ResourceAlreadyExistException>(() => command.CreateAzureContainer(name, accesslevel),
String.Format(Resources.ContainerAlreadyExists, name));
}
public override void Create(BlobContainerPublicAccessType publicAccessType, Action<CloudOperationResponse<bool>> callback)
{
var requestUri = BuildUri(this.Uri, string.Empty, "restype=container&timeout=10000");
var request = this.ResolveRequest(requestUri);
request.Method = "PUT";
// Set the permissions for the specified container.
request.Headers.AddContainerPublicAccessTypeHeader(publicAccessType);
// Add metadata for the specified container.
request.Headers.AddMetadataHeaders(this.Metadata);
this.SendRequest(request, HttpStatusCode.Created, r => true, callback);
}
public async Task SetPermissionAsync(ContainerPermission permission)
{
BlobContainerPublicAccessType accessType = permission.HasFlag(ContainerPermission.Public) ?
BlobContainerPublicAccessType.Blob :
BlobContainerPublicAccessType.Off;
try {
await this._blobContainer
.SetPermissionsAsync(new BlobContainerPermissions { PublicAccess = accessType })
.ConfigureAwait(false);
}
catch (Exception e) {
throw new StorageException(StorageExceptionReason.StorageOperationFailed, "Unable to set permissions for the storage.", e);
}
}
/// <summary>
/// Creates the container if it does not already exist.
/// </summary>
/// <param name="newContainerAccessType">Access type for the newly created container.</param>
/// <param name="cancellationToken">A <see cref="T:System.Threading.CancellationToken" /> to observe while waiting for a task to complete.</param>
/// <returns>true if the container did not already exist and was created; otherwise false.</returns>
public Task <bool> CreateIfNotExistsAsync(BlobContainerPublicAccessType newContainerAccessType, CancellationToken?cancellationToken = null)
{
return(Task.Run(async() =>
{
var result = await this._cloudBlobContainer.CreateIfNotExistsAsync(cancellationToken ?? CancellationToken.None);
if (result)
{
this.SetAccessPermission(newContainerAccessType);
}
return result;
},
cancellationToken ?? CancellationToken.None));
}
protected async Task CreateBlob(BlobContainerPublicAccessType permission = BlobContainerPublicAccessType.Blob)
{
if (_blobContainer == null)
{
CloudBlobClient blobClient = _storageAccount.CreateCloudBlobClient();
_blobContainer = blobClient.GetContainerReference(_containerName);
await _blobContainer.CreateIfNotExistsAsync();
_blobContainer.SetPermissions(
new BlobContainerPermissions
{
PublicAccess = permission
});
}
}
private static void TestAccessTask(BlobContainerPublicAccessType accessType, CloudBlobContainer container, CloudBlob inputBlob)
{
StorageCredentials credentials = new StorageCredentials();
container = new CloudBlobContainer(container.Uri, credentials);
CloudPageBlob blob = new CloudPageBlob(inputBlob.Uri, credentials);
if (accessType.Equals(BlobContainerPublicAccessType.Container))
{
blob.FetchAttributesAsync().Wait();
BlobContinuationToken token = null;
do
{
BlobResultSegment results = container.ListBlobsSegmented(token);
results.Results.ToArray();
token = results.ContinuationToken;
}
while (token != null);
container.FetchAttributesAsync().Wait();
}
else if (accessType.Equals(BlobContainerPublicAccessType.Blob))
{
blob.FetchAttributesAsync().Wait();
TestHelper.ExpectedExceptionTask(
container.ListBlobsSegmentedAsync(null),
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
TestHelper.ExpectedExceptionTask(
container.FetchAttributesAsync(),
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
else
{
TestHelper.ExpectedExceptionTask(
blob.FetchAttributesAsync(),
"Fetch blob attributes while public access does not allow",
HttpStatusCode.NotFound);
TestHelper.ExpectedExceptionTask(
container.ListBlobsSegmentedAsync(null),
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
TestHelper.ExpectedExceptionTask(
container.FetchAttributesAsync(),
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
}
private static async Task TestAccessAsync(BlobContainerPublicAccessType accessType, CloudBlobContainer container, CloudBlob inputBlob)
{
StorageCredentials credentials = new StorageCredentials();
container = new CloudBlobContainer(container.Uri, credentials);
CloudPageBlob blob = new CloudPageBlob(inputBlob.Uri, credentials);
OperationContext context = new OperationContext();
BlobRequestOptions options = new BlobRequestOptions();
if (accessType.Equals(BlobContainerPublicAccessType.Container))
{
await blob.FetchAttributesAsync();
await container.ListBlobsSegmentedAsync(null, true, BlobListingDetails.All, null, null, options, context);
await container.FetchAttributesAsync();
}
else if (accessType.Equals(BlobContainerPublicAccessType.Blob))
{
await blob.FetchAttributesAsync();
await TestHelper.ExpectedExceptionAsync(
async () => await container.ListBlobsSegmentedAsync(null, true, BlobListingDetails.All, null, null, options, context),
context,
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
await TestHelper.ExpectedExceptionAsync(
async () => await container.FetchAttributesAsync(null, options, context),
context,
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
else
{
await TestHelper.ExpectedExceptionAsync(
async () => await blob.FetchAttributesAsync(null, options, context),
context,
"Fetch blob attributes while public access does not allow",
HttpStatusCode.NotFound);
await TestHelper.ExpectedExceptionAsync(
async () => await container.ListBlobsSegmentedAsync(null, true, BlobListingDetails.All, null, null, options, context),
context,
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
await TestHelper.ExpectedExceptionAsync(
async () => await container.FetchAttributesAsync(null, options, context),
context,
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
}
public void CreateContainer(string containerName, BlobContainerPublicAccessType publicAccessType, IDictionary<string, string> metadata, Action<CloudOperationResponse<Uri>> callback)
{
if (string.IsNullOrWhiteSpace(containerName))
throw new ArgumentException("The container name cannot be null, empty or white space.", "containerName");
var requestUri = BuildUri(
this.sasServiceEndpoint,
BuilUriPath(ContainersOperation, containerName),
string.Empty);
var request = this.ResolveRequest(requestUri);
request.Method = "PUT";
// Set the permissions for the specified container.
request.Headers.AddContainerPublicAccessTypeHeader(publicAccessType);
// Add metadata for the specified container.
request.Headers.AddMetadataHeaders(metadata);
this.SendRequest(request, HttpStatusCode.Created, UriResponseMapper, callback);
}
private static void TestAccess(BlobContainerPublicAccessType accessType, CloudBlobContainer container, CloudBlob inputBlob)
{
StorageCredentials credentials = new StorageCredentials();
container = new CloudBlobContainer(container.Uri, credentials);
CloudPageBlob blob = new CloudPageBlob(inputBlob.Uri, credentials);
if (accessType.Equals(BlobContainerPublicAccessType.Container))
{
blob.FetchAttributes();
container.ListBlobs().ToArray();
container.FetchAttributes();
}
else if (accessType.Equals(BlobContainerPublicAccessType.Blob))
{
blob.FetchAttributes();
TestHelper.ExpectedException(
() => container.ListBlobs().ToArray(),
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
TestHelper.ExpectedException(
() => container.FetchAttributes(),
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
else
{
TestHelper.ExpectedException(
() => blob.FetchAttributes(),
"Fetch blob attributes while public access does not allow",
HttpStatusCode.NotFound);
TestHelper.ExpectedException(
() => container.ListBlobs().ToArray(),
"List blobs while public access does not allow for listing",
HttpStatusCode.NotFound);
TestHelper.ExpectedException(
() => container.FetchAttributes(),
"Fetch container attributes while public access does not allow",
HttpStatusCode.NotFound);
}
}
/// <summary>
/// create a new azure container
/// </summary>
/// <param name="name">container name</param>
internal async Task CreateAzureContainer(long taskId, IStorageBlobManagement localChannel, string name, BlobContainerPublicAccessType accesslevel)
{
if (!NameUtil.IsValidContainerName(name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, name));
}
BlobRequestOptions requestOptions = RequestOptions;
CloudBlobContainer container = localChannel.GetContainerReference(name);
BlobContainerPermissions permissions = new BlobContainerPermissions();
permissions.PublicAccess = accesslevel;
bool created = await localChannel.CreateContainerIfNotExistsAsync(container, permissions.PublicAccess, requestOptions, OperationContext, CmdletCancellationToken);
if (!created)
{
throw new ResourceAlreadyExistException(String.Format(Resources.ContainerAlreadyExists, name));
}
WriteCloudContainerObject(taskId, localChannel, container, permissions);
}
public static BlobStorage Create(CloudStorageAccount storageAccount, string containerReference,
BlobContainerPublicAccessType publicAccessPermission = BlobContainerPublicAccessType.Container)
{
try
{
// Get blob container
var blobStorage = storageAccount.CreateCloudBlobClient();
var container = blobStorage.GetContainerReference(containerReference);
container.CreateIfNotExists();
// Set blob container access permission
var permission = container.GetPermissions();
permission.PublicAccess = publicAccessPermission;
container.SetPermissions(permission);
return new BlobStorage(blobStorage, container);
}
catch (Exception exception)
{
throw new CloudStorageClientException(exception);
}
}
public static AzureBlobStorageFolder CreateContainerIfNotExists(CloudStorageAccount storageAccount, string containerName, BlobContainerPublicAccessType blobContainerPublicAccessType)
{
var containerReference = storageAccount.CreateCloudBlobClient().GetContainerReference(containerName);
return CreateContainerIfNotExists(containerReference, blobContainerPublicAccessType);
}
public static AzureBlobStorageFolder CreateContainerIfNotExists(CloudBlobContainer containerReference, BlobContainerPublicAccessType blobContainerPublicAccessType)
{
containerReference.CreateIfNotExists(blobContainerPublicAccessType);
return new AzureBlobStorageFolder(containerReference);
}
/// <summary>
/// Constructs a web request to create a new container.
/// </summary>
/// <param name="uri">A <see cref="System.Uri"/> specifying the absolute URI to the container.</param>
/// <param name="timeout">An integer specifying the server timeout interval.</param>
/// <param name="operationContext">An <see cref="OperationContext"/> object that represents the context for the current operation.</param>
/// <param name="accessType">An <see cref="BlobContainerPublicAccessType"/> object that specifies whether data in the container may be accessed publicly and the level of access.</param>
/// <returns>A <see cref="System.Net.HttpWebRequest"/> object.</returns>
public static HttpWebRequest Create(Uri uri, int? timeout, OperationContext operationContext, BlobContainerPublicAccessType accessType)
{
return ContainerHttpWebRequestFactory.Create(uri, timeout, true /* useVersionHeader */, operationContext, accessType);
}
/// <summary>
/// Sets the anonymous access level.
/// </summary>
/// <param name="container">The container.</param>
/// <param name="accessType">Type of the access.</param>
/// <returns>A Task object.</returns>
private static async Task SetAnonymousAccessLevelAsync(CloudBlobContainer container, BlobContainerPublicAccessType accessType)
{
try
{
// Read the existing permissions first so that we have all container permissions.
// This ensures that we do not inadvertently remove any shared access policies while setting the public access level.
BlobContainerPermissions permissions = await container.GetPermissionsAsync();
// Set the container's public access level.
permissions.PublicAccess = BlobContainerPublicAccessType.Container;
await container.SetPermissionsAsync(permissions);
Console.WriteLine("Container public access set to {0}", accessType.ToString());
Console.WriteLine();
}
catch (StorageException e)
{
Console.WriteLine(e.Message);
Console.ReadLine();
throw;
}
}
/// <summary>
/// Constructs a web request to set the ACL for a container.
/// </summary>
/// <param name="uri">A <see cref="System.Uri"/> specifying the absolute URI to the container.</param>
/// <param name="timeout">An integer specifying the server timeout interval.</param>
/// <param name="publicAccess">The type of public access to allow for the container.</param>
/// <param name="accessCondition">An <see cref="AccessCondition"/> object that represents the condition that must be met in order for the request to proceed.</param>
/// <param name="operationContext">An <see cref="OperationContext"/> object that represents the context for the current operation.</param>
/// <returns>A <see cref="System.Net.HttpWebRequest"/> object.</returns>
public static HttpWebRequest SetAcl(Uri uri, int? timeout, BlobContainerPublicAccessType publicAccess, AccessCondition accessCondition, OperationContext operationContext)
{
return ContainerHttpWebRequestFactory.SetAcl(uri, timeout, publicAccess, accessCondition, true /* useVersionHeader */, operationContext);
}
/// <summary>
/// Constructs a web request to set the ACL for a container.
/// </summary>
/// <param name="uri">A <see cref="System.Uri"/> specifying the absolute URI to the container.</param>
/// <param name="timeout">An integer specifying the server timeout interval.</param>
/// <param name="publicAccess">The type of public access to allow for the container.</param>
/// <param name="accessCondition">An <see cref="AccessCondition"/> object that represents the condition that must be met in order for the request to proceed.</param>
/// <param name="useVersionHeader">A boolean value indicating whether to set the <i>x-ms-version</i> HTTP header.</param>
/// <param name="operationContext">An <see cref="OperationContext"/> object that represents the context for the current operation.</param>
/// <returns>A <see cref="System.Net.HttpWebRequest"/> object.</returns>
public static HttpWebRequest SetAcl(Uri uri, int? timeout, BlobContainerPublicAccessType publicAccess, AccessCondition accessCondition, bool useVersionHeader, OperationContext operationContext)
{
HttpWebRequest request = HttpWebRequestFactory.SetAcl(uri, GetContainerUriQueryBuilder(), timeout, useVersionHeader, operationContext);
if (publicAccess != BlobContainerPublicAccessType.Off)
{
request.Headers.Add(Constants.HeaderConstants.ContainerPublicAccessType, publicAccess.ToString().ToLower());
}
request.ApplyAccessCondition(accessCondition);
return request;
}
internal void SetContainerACLTest(Agent agent)
{
string NEW_CONTAINER_NAME = Utility.GenNameString("astoria-");
Collection<Dictionary<string, object>> comp = new Collection<Dictionary<string, object>>();
Dictionary<string, object> dic = Utility.GenComparisonData(StorageObjectType.Container, NEW_CONTAINER_NAME);
comp.Add(dic);
// create container if it does not exist
CloudBlobContainer container = CommonStorageAccount.CreateCloudBlobClient().GetContainerReference(NEW_CONTAINER_NAME);
container.CreateIfNotExists();
try
{
BlobContainerPublicAccessType[] accessTypes = new BlobContainerPublicAccessType[] {
BlobContainerPublicAccessType.Blob,
BlobContainerPublicAccessType.Container,
BlobContainerPublicAccessType.Off
};
// set PublicAccess as one value respetively
foreach (var accessType in accessTypes)
{
//--------------Set operation--------------
Test.Assert(agent.SetAzureStorageContainerACL(NEW_CONTAINER_NAME, accessType),
"SetAzureStorageContainerACL operation should succeed");
// Verification for returned values
dic["PublicAccess"] = accessType;
CloudBlobUtil.PackContainerCompareData(container, dic);
agent.OutputValidation(comp);
Test.Assert(container.GetPermissions().PublicAccess == accessType,
"PublicAccess should be equal: {0} = {1}", container.GetPermissions().PublicAccess, accessType);
}
}
finally
{
// clean up
container.DeleteIfExists();
}
}
/// <summary>
/// Constructs a web request to set the ACL for a container.
/// </summary>
/// <param name="uri">The absolute URI to the container.</param>
/// <param name="timeout">The server timeout interval.</param>
/// <param name="publicAccess">The type of public access to allow for the container.</param>
/// <param name="accessCondition">The access condition to apply to the request.</param>
/// <returns><returns>A web request to use to perform the operation.</returns></returns>
public static HttpRequestMessage SetAcl(Uri uri, int? timeout, BlobContainerPublicAccessType publicAccess, AccessCondition accessCondition, HttpContent content, OperationContext operationContext)
{
HttpRequestMessage request = HttpRequestMessageFactory.SetAcl(uri, timeout, GetContainerUriQueryBuilder(), content, operationContext);
if (publicAccess != BlobContainerPublicAccessType.Off)
{
request.Headers.Add(Constants.HeaderConstants.ContainerPublicAccessType, publicAccess.ToString().ToLower());
}
request.ApplyAccessCondition(accessCondition);
return request;
}
/// <summary>
/// Implementation for the Create method.
/// </summary>
/// <param name="options">A <see cref="BlobRequestOptions"/> object that specifies additional options for the request.</param>
/// <param name="accessType">An <see cref="BlobContainerPublicAccessType"/> object that specifies whether data in the container may be accessed publicly and the level of access.</param>
/// <returns>A <see cref="RESTCommand"/> that creates the container.</returns>
private RESTCommand<NullType> CreateContainerImpl(BlobRequestOptions options, BlobContainerPublicAccessType accessType)
{
RESTCommand<NullType> putCmd = new RESTCommand<NullType>(this.ServiceClient.Credentials, this.StorageUri);
options.ApplyToStorageCommand(putCmd);
putCmd.Handler = this.ServiceClient.AuthenticationHandler;
putCmd.BuildClient = HttpClientFactory.BuildHttpClient;
putCmd.BuildRequest = (cmd, uri, builder, cnt, serverTimeout, ctx) =>
{
HttpRequestMessage msg = ContainerHttpRequestMessageFactory.Create(uri, serverTimeout, cnt, ctx, accessType);
ContainerHttpRequestMessageFactory.AddMetadata(msg, this.Metadata);
return msg;
};
putCmd.PreProcessResponse = (cmd, resp, ex, ctx) =>
{
HttpResponseParsers.ProcessExpectedStatusCodeNoException(HttpStatusCode.Created, resp, NullType.Value, cmd, ex);
this.Properties = ContainerHttpResponseParsers.GetProperties(resp);
this.Metadata = ContainerHttpResponseParsers.GetMetadata(resp);
return NullType.Value;
};
return putCmd;
}
/// <summary>
/// Return a task that asynchronously create a container if it doesn't exist.
/// </summary>
/// <param name="container">CloudBlobContainer object</param>
/// <param name="accessType">Blob container public access type</param>
/// <param name="requestOptions">Blob request options</param>
/// <param name="operationContext">Operation context</param>
/// <param name="cmdletCancellationToken">Cancellation token</param>
/// <returns>Return a task that asynchronously create a container if it doesn't exist.</returns>
public Task<bool> CreateContainerIfNotExistsAsync(CloudBlobContainer container, BlobContainerPublicAccessType accessType, BlobRequestOptions requestOptions, OperationContext operationContext, CancellationToken cancellationToken)
{
return container.CreateIfNotExistsAsync(accessType, requestOptions, operationContext, cancellationToken);
}
public IAsyncOperation<bool> CreateIfNotExistsAsync(BlobContainerPublicAccessType accessType, BlobRequestOptions options, OperationContext operationContext)
{
BlobRequestOptions modifiedOptions = BlobRequestOptions.ApplyDefaults(options, BlobType.Unspecified, this.ServiceClient);
operationContext = operationContext ?? new OperationContext();
return AsyncInfo.Run(async (token) =>
{
bool exists = await this.ExistsAsync(true, modifiedOptions, operationContext).AsTask(token);
if (exists)
{
return false;
}
try
{
await this.CreateAsync(accessType, modifiedOptions, operationContext).AsTask(token);
return true;
}
catch (Exception)
{
if (operationContext.LastResult.HttpStatusCode == (int)HttpStatusCode.Conflict)
{
StorageExtendedErrorInformation extendedInfo = operationContext.LastResult.ExtendedErrorInformation;
if ((extendedInfo == null) ||
(extendedInfo.ErrorCode == BlobErrorCodeStrings.ContainerAlreadyExists))
{
return false;
}
else
{
throw;
}
}
else
{
throw;
}
}
});
}
