public async Task CloudBlobContainerSetPermissionsAsync() { CloudBlobContainer container = GetRandomContainerReference(); try { await container.CreateAsync(); BlobContainerPermissions permissions = await container.GetPermissionsAsync(); Assert.AreEqual(BlobContainerPublicAccessType.Off, permissions.PublicAccess); Assert.AreEqual(0, permissions.SharedAccessPolicies.Count); // We do not have precision at milliseconds level. Hence, we need // to recreate the start DateTime to be able to compare it later. DateTime start = DateTime.UtcNow; start = new DateTime(start.Year, start.Month, start.Day, start.Hour, start.Minute, start.Second, DateTimeKind.Utc); DateTime expiry = start.AddMinutes(30); permissions.PublicAccess = BlobContainerPublicAccessType.Container; permissions.SharedAccessPolicies.Add("key1", new SharedAccessBlobPolicy() { SharedAccessStartTime = start, SharedAccessExpiryTime = expiry, Permissions = SharedAccessBlobPermissions.List, }); await container.SetPermissionsAsync(permissions); await Task.Delay(30 * 1000); CloudBlobContainer container2 = container.ServiceClient.GetContainerReference(container.Name); permissions = await container2.GetPermissionsAsync(); Assert.AreEqual(BlobContainerPublicAccessType.Container, permissions.PublicAccess); Assert.AreEqual(1, permissions.SharedAccessPolicies.Count); Assert.IsTrue(permissions.SharedAccessPolicies["key1"].SharedAccessStartTime.HasValue); Assert.AreEqual(start, permissions.SharedAccessPolicies["key1"].SharedAccessStartTime.Value.UtcDateTime); Assert.IsTrue(permissions.SharedAccessPolicies["key1"].SharedAccessExpiryTime.HasValue); Assert.AreEqual(expiry, permissions.SharedAccessPolicies["key1"].SharedAccessExpiryTime.Value.UtcDateTime); Assert.AreEqual(SharedAccessBlobPermissions.List, permissions.SharedAccessPolicies["key1"].Permissions); } finally { container.DeleteIfExistsAsync().AsTask().Wait(); } }
/// <summary> /// Async Get container presssions /// </summary> /// <param name="container">A cloudblobcontainer object</param> /// <param name="accessCondition">Access condition</param> /// <param name="options">Blob request option</param> /// <param name="operationContext">Operation context</param> /// <param name="cancellationToken">User cancellation token</param> /// <returns>A task object which retrieve the permission of the specified container</returns> public Task<BlobContainerPermissions> GetContainerPermissionsAsync(CloudBlobContainer container, AccessCondition accessCondition, BlobRequestOptions options, OperationContext operationContext, CancellationToken cancellationToken) { return container.GetPermissionsAsync(accessCondition, options, operationContext, cancellationToken); }
/// <summary> /// Creates a shared access policy on the container. /// </summary> /// <param name="container">A CloudBlobContainer object.</param> /// <param name="policyName">The name of the stored access policy.</param> /// <returns>A Task object.</returns> private static async Task CreateSharedAccessPolicyAsync(CloudBlobContainer container, string policyName) { // Create a new shared access policy and define its constraints. // The access policy provides create, write, read, list, and delete permissions. SharedAccessBlobPolicy sharedPolicy = new SharedAccessBlobPolicy() { // When the start time for the SAS is omitted, the start time is assumed to be the time when the storage service receives the request. // Omitting the start time for a SAS that is effective immediately helps to avoid clock skew. SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24), Permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.List | SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Create | SharedAccessBlobPermissions.Delete }; // Get the container's existing permissions. BlobContainerPermissions permissions = await container.GetPermissionsAsync(); // Add the new policy to the container's permissions, and set the container's permissions. permissions.SharedAccessPolicies.Add(policyName, sharedPolicy); await container.SetPermissionsAsync(permissions); }
/// <summary> /// Sets the anonymous access level. /// </summary> /// <param name="container">The container.</param> /// <param name="accessType">Type of the access.</param> /// <returns>A Task object.</returns> private static async Task SetAnonymousAccessLevelAsync(CloudBlobContainer container, BlobContainerPublicAccessType accessType) { try { // Read the existing permissions first so that we have all container permissions. // This ensures that we do not inadvertently remove any shared access policies while setting the public access level. BlobContainerPermissions permissions = await container.GetPermissionsAsync(); // Set the container's public access level. permissions.PublicAccess = BlobContainerPublicAccessType.Container; await container.SetPermissionsAsync(permissions); Console.WriteLine("Container public access set to {0}", accessType.ToString()); Console.WriteLine(); } catch (StorageException e) { Console.WriteLine(e.Message); Console.ReadLine(); throw; } }
/// <summary> /// Test container reads and writes, expecting success. /// </summary> /// <param name="testContainer">The container.</param> /// <param name="testAccessCondition">The access condition to use.</param> private async Task ContainerReadWriteExpectLeaseSuccessAsync(CloudBlobContainer testContainer, AccessCondition testAccessCondition) { await testContainer.FetchAttributesAsync(testAccessCondition, null /* options */, null); await testContainer.GetPermissionsAsync(testAccessCondition, null /* options */, null); await testContainer.SetMetadataAsync(testAccessCondition, null /* options */, null); await testContainer.SetPermissionsAsync(new BlobContainerPermissions(), testAccessCondition, null /* options */, null); }
/// <summary> /// Test container reads and writes, expecting lease failure. /// </summary> /// <param name="testContainer">The container.</param> /// <param name="testAccessCondition">The failing access condition to use.</param> /// <param name="expectedErrorCode">The expected error code.</param> /// <param name="description">The reason why these calls should fail.</param> private async Task ContainerReadWriteExpectLeaseFailureAsync(CloudBlobContainer testContainer, AccessCondition testAccessCondition, HttpStatusCode expectedStatusCode, string expectedErrorCode, string description) { OperationContext operationContext = new OperationContext(); // FetchAttributes is a HEAD request with no extended error info, so it returns with the generic ConditionFailed error code. await TestHelper.ExpectedExceptionAsync( async () => await testContainer.FetchAttributesAsync(testAccessCondition, null /* options */, operationContext), operationContext, description + "(Fetch Attributes)", HttpStatusCode.PreconditionFailed); await TestHelper.ExpectedExceptionAsync( async () => await testContainer.GetPermissionsAsync(testAccessCondition, null /* options */, operationContext), operationContext, description + " (Get Permissions)", expectedStatusCode, expectedErrorCode); await TestHelper.ExpectedExceptionAsync( async () => await testContainer.SetMetadataAsync(testAccessCondition, null /* options */, operationContext), operationContext, description + " (Set Metadata)", expectedStatusCode, expectedErrorCode); await TestHelper.ExpectedExceptionAsync( async () => await testContainer.SetPermissionsAsync(new BlobContainerPermissions(), testAccessCondition, null /* options */, operationContext), operationContext, description + " (Set Permissions)", expectedStatusCode, expectedErrorCode); }
/// <summary> /// Test container reads and writes, expecting success. /// </summary> /// <param name="testContainer">The container.</param> /// <param name="testAccessCondition">The access condition to use.</param> private void ContainerReadWriteExpectLeaseSuccessTask(CloudBlobContainer testContainer, AccessCondition testAccessCondition) { testContainer.FetchAttributesAsync(testAccessCondition, null /* options */, null /* operationContext */).Wait(); testContainer.GetPermissionsAsync(testAccessCondition, null /* options */, null /* operationContext */).Wait(); testContainer.SetMetadataAsync(testAccessCondition, null /* options */, null /* operationContext */).Wait(); testContainer.SetPermissionsAsync(new BlobContainerPermissions(), testAccessCondition, null /* options */, null /* operationContext */).Wait(); }
private async Task<HttpResponseMessage> FormContainerAclResponse(CloudBlobContainer container) { BlobContainerPermissions permissions = await container.GetPermissionsAsync(); HttpResponseMessage response = CreateResponse(permissions.SharedAccessPolicies); await AddBasicContainerHeaders(response, container); //Only add this header if some form of public access is permitted. if (permissions.PublicAccess != BlobContainerPublicAccessType.Off) { response.Headers.Add("x-ms-blob-public-access", permissions.PublicAccess.ToString().ToLower()); } return response; }
static async Task CopyContainer(CloudBlobContainer sourceContainer, CloudBlobContainer destContainer) { await sourceContainer.FetchAttributesAsync(); var access = await sourceContainer.GetPermissionsAsync(); await destContainer.CreateIfNotExistsAsync(access.PublicAccess, null, null); await destContainer.SetPermissionsAsync(access); destContainer.Metadata.Clear(); foreach (var metadatum in sourceContainer.Metadata) { destContainer.Metadata.Add(metadatum); } await destContainer.SetMetadataAsync(); }