Esempio n. 1
0
        public void NewContainerSas_Httpsonly()
        {
            blobUtil.SetupTestContainerAndBlob();
            try
            {
                string containerPermission = "rwdl";
                string sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission, null, null, false, SharedAccessProtocol.HttpsOnly);

                blobUtil.ValidateBlobWriteableWithSasToken(blobUtil.Blob, sastoken);

                try
                {
                    blobUtil.ValidateBlobWriteableWithSasToken(blobUtil.Blob, sastoken, useHttps: false);
                    Test.Error(string.Format("Write blob with http should fail since the sas is HttpsOnly."));
                }
                catch (StorageException e)
                {
                    Test.Info(e.Message);
                    ExpectEqual(306, e.RequestInformation.HttpStatusCode, "Protocal not match error: ");
                }
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }
Esempio n. 2
0
        public void NewContainerSasWithPolicy()
        {
            blobUtil.SetupTestContainerAndBlob();

            try
            {
                TimeSpan sasLifeTime = TimeSpan.FromMinutes(10);
                BlobContainerPermissions permission = new BlobContainerPermissions();
                string policyName = Utility.GenNameString("saspolicy");

                permission.SharedAccessPolicies.Add(policyName, new SharedAccessBlobPolicy
                {
                    SharedAccessExpiryTime = DateTime.Now.Add(sasLifeTime),
                    Permissions            = SharedAccessBlobPermissions.Read,
                });

                blobUtil.Container.SetPermissions(permission);
                string sasToken = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, policyName, string.Empty);
                Test.Info("Sleep and wait for sas policy taking effect");
                double lifeTime = 1;
                Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
                ValidateSasToken(blobUtil.Container, "r", sasToken);
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }
Esempio n. 3
0
        public void NewContainerSasWithLimitedPermission()
        {
            blobUtil.SetupTestContainerAndBlob();
            try
            {
                //Container read permission
                string containerPermission = "r";
                string limitedPermission   = lang == Language.PowerShell ? "wdlac" : "wdl";
                string sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
                ValidateLimitedSasPermission(blobUtil.Container, limitedPermission, sastoken);

                //Container write permission
                containerPermission = "w";
                limitedPermission   = "rdl";
                sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
                ValidateLimitedSasPermission(blobUtil.Container, limitedPermission, sastoken);

                //Container delete permission
                containerPermission = "d";
                limitedPermission   = lang == Language.PowerShell ? "rwlac" : "rwl";
                sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
                ValidateLimitedSasPermission(blobUtil.Container, limitedPermission, sastoken);

                //Container list permission
                containerPermission = "l";
                limitedPermission   = lang == Language.PowerShell ? "rwdac" : "rwd";
                sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
                ValidateLimitedSasPermission(blobUtil.Container, limitedPermission, sastoken);

                // TODO: Enable it when xplat supports the permissions
                if (lang == Language.PowerShell)
                {
                    //Container add permission
                    containerPermission = "a";
                    limitedPermission   = "rwdlc";
                    sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
                    ValidateLimitedSasPermission(blobUtil.Container, limitedPermission, sastoken);

                    //Container create permission
                    containerPermission = "c";
                    limitedPermission   = "rwdla";
                    sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
                    ValidateLimitedSasPermission(blobUtil.Container, limitedPermission, sastoken);
                }

                //Container none permission
                //containerPermission = "";
                //limitedPermission = "rdwl";
                //sastoken = agent.GetContainerSasFromPsCmd(blobUtil.Container.Name, string.Empty, containerPermission);
                //ValidateLimitedSasPermission(blobUtil.Container, limitedPermission, sastoken);
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }
Esempio n. 4
0
 /// <summary>
 /// Generate a sas token and validate it.
 /// </summary>
 /// <param name="containerPermission">Container permission</param>
 internal void GenerateSasTokenAndValid(string containerPermission)
 {
     blobUtil.SetupTestContainerAndBlob();
     try
     {
         string sastoken = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
         ValidateSasToken(blobUtil.Container, containerPermission, sastoken);
     }
     finally
     {
         blobUtil.CleanupTestContainerAndBlob();
     }
 }
Esempio n. 5
0
 public void NewContainerSasWithFullUri()
 {
     blobUtil.SetupTestContainerAndBlob();
     try
     {
         string containerPermission = Utility.GenRandomCombination(Utility.ContainerPermission);
         string fullUri             = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission);
         string sasToken            = (lang == Language.PowerShell ? fullUri.Substring(fullUri.IndexOf("?")) : fullUri);
         ValidateSasToken(blobUtil.Container, containerPermission, sasToken);
     }
     finally
     {
         blobUtil.CleanupTestContainerAndBlob();
     }
 }
Esempio n. 6
0
        public void NewContainerSas_CurrentIPRange()
        {
            blobUtil.SetupTestContainerAndBlob();
            try
            {
                string containerPermission = "rwdl";
                string fullUri             = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission, null, null, true, null, "0.0.0.0-255.255.255.255");
                string sastoken            = (lang == Language.PowerShell ? fullUri.Substring(fullUri.IndexOf("?")) : fullUri);

                blobUtil.ValidateBlobWriteableWithSasToken(blobUtil.Blob, sastoken);
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }
Esempio n. 7
0
        public void NewContainerSasWithLifeTime()
        {
            blobUtil.SetupTestContainerAndBlob();
            double       lifeTime   = 3; //Minutes
            const double deltaTime  = 0.5;
            DateTime     startTime  = DateTime.Now.AddMinutes(lifeTime);
            DateTime     expiryTime = startTime.AddMinutes(lifeTime);

            try
            {
                string containerPermission = Utility.GenRandomCombination(Utility.ContainerPermission);
                string sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission, startTime, expiryTime);
                try
                {
                    ValidateSasToken(blobUtil.Container, containerPermission, sastoken);
                    Test.Error(string.Format("Access container should fail since the start time is {0}, but now is {1}",
                                             startTime.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
                }
                catch (StorageException e)
                {
                    Test.Info(e.Message);
                    ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
                }

                Test.Info("Sleep and wait for the sas token start time");
                Thread.Sleep(TimeSpan.FromMinutes(lifeTime + deltaTime));
                ValidateSasToken(blobUtil.Container, containerPermission, sastoken);
                Test.Info("Sleep and wait for sas token expiry time");
                Thread.Sleep(TimeSpan.FromMinutes(lifeTime + deltaTime));

                try
                {
                    ValidateSasToken(blobUtil.Container, containerPermission, sastoken);
                    Test.Error(string.Format("Access container should fail since the expiry time is {0}, but now is {1}",
                                             expiryTime.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
                }
                catch (StorageException e)
                {
                    Test.Info(e.Message);
                    ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
                }
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }
Esempio n. 8
0
        public void ContainerWithListPermission()
        {
            blobUtil.SetupTestContainerAndBlob();
            try
            {
                string sastoken = CommandAgent.GetContainerSasFromCmd(blobUtil.ContainerName, string.Empty, "l");
                CommandAgent.SetStorageContextWithSASToken(StorageAccount.Credentials.AccountName, sastoken, StorageEndpoint);

                // List blobs with the generated SAS token
                Test.Assert(CommandAgent.GetAzureStorageBlob(string.Empty, blobUtil.ContainerName),
                            string.Format("List blobs in container {0} should succeed", blobUtil.ContainerName));
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }
Esempio n. 9
0
        public void PolicyWithSASStartTimeFutureToPast()
        {
            blobUtil.SetupTestContainerAndBlob();

            try
            {
                TimeSpan sasLifeTime = TimeSpan.FromMinutes(10);
                string   policyName  = Utility.GenNameString("saspolicy");
                DateTime?expiryTime  = DateTime.Today.AddDays(10);
                DateTime?startTime   = DateTime.Today.AddDays(2);
                string   permission  = "r";

                //start time is in the future
                CreateStoredAccessPolicy(policyName, permission, startTime, expiryTime, blobUtil.Container, false);
                string sasToken = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, policyName, string.Empty);
                Test.Info("Sleep and wait for sas policy taking effect");
                double lifeTime = 1;
                Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
                try
                {
                    blobUtil.ValidateContainerReadableWithSasToken(blobUtil.Container, sasToken);
                    Test.Error(string.Format("Access container should fail since the start time is {0}, but now is {1}",
                                             startTime.Value.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
                }
                catch (StorageException e)
                {
                    Test.Info(e.Message);
                    ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
                }

                //modify start time to past
                startTime = DateTime.Today.AddDays(-2);
                CommandAgent.SetAzureStorageContainerStoredAccessPolicy(blobUtil.Container.Name, policyName, null, startTime, null);

                Test.Info("Sleep and wait for sas policy taking effect");
                Thread.Sleep(TimeSpan.FromMinutes(lifeTime));

                blobUtil.ValidateContainerReadableWithSasToken(blobUtil.Container, sasToken);
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }
Esempio n. 10
0
        public void NewContainerSas_NotCurrentIP()
        {
            blobUtil.SetupTestContainerAndBlob();
            try
            {
                string containerPermission = "rwdl";
                string sastoken            = CommandAgent.GetContainerSasFromCmd(blobUtil.Container.Name, string.Empty, containerPermission, null, null, false, null, "1.1.1.1");

                try
                {
                    blobUtil.ValidateBlobWriteableWithSasToken(blobUtil.Blob, sastoken);
                    Test.Error(string.Format("Write blob with should fail since the ipAcl is not current IP."));
                }
                catch (StorageException e)
                {
                    Test.Info(e.Message);
                    ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
                }
            }
            finally
            {
                blobUtil.CleanupTestContainerAndBlob();
            }
        }