internal async Task GetAzureContainerStoredAccessPolicyAsync(long taskId, IStorageBlobManagement localChannel, string containerName, string policyName) { //Get container instance, Get existing permissions CloudBlobContainer container_Track1 = Channel.GetContainerReference(containerName); BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(container_Track1, Channel.StorageContext, ClientOptions); BlobContainerAccessPolicy accessPolicy = (await container.GetAccessPolicyAsync(BlobRequestConditions, cancellationToken: CmdletCancellationToken).ConfigureAwait(false)).Value; IEnumerable <BlobSignedIdentifier> signedIdentifiers = accessPolicy.SignedIdentifiers; if (!String.IsNullOrEmpty(policyName)) { BlobSignedIdentifier signedIdentifier = null; foreach (BlobSignedIdentifier identifier in signedIdentifiers) { if (identifier.Id == policyName) { signedIdentifier = identifier; } } if (signedIdentifier == null) { throw new ResourceNotFoundException(String.Format(CultureInfo.CurrentCulture, Resources.PolicyNotFound, policyName)); } else { OutputStream.WriteObject(taskId, AccessPolicyHelper.ConstructPolicyOutputPSObject <BlobSignedIdentifier>(signedIdentifier)); } } else { foreach (BlobSignedIdentifier identifier in signedIdentifiers) { OutputStream.WriteObject(taskId, AccessPolicyHelper.ConstructPolicyOutputPSObject <BlobSignedIdentifier>(identifier)); } } }
/// <summary> /// get blob content /// </summary> /// <param name="container">source container object</param> /// <param name="blobName">source blob name</param> /// <param name="fileName">destination file name</param> /// <returns>the downloaded AzureStorageBlob object</returns> internal void GetBlobContent(CloudBlobContainer container, string blobName, string fileName) { if (!NameUtil.IsValidBlobName(blobName)) { throw new ArgumentException(String.Format(Resources.InvalidBlobName, blobName)); } // Don't need get File full path here, since will get file full path in GetBlobContent() with blob object. ValidatePipelineCloudBlobContainer(container); if (UseTrack2Sdk()) { BlobContainerClient track2container = AzureStorageContainer.GetTrack2BlobContainerClient(container, Channel.StorageContext, ClientOptions); BlobBaseClient blobClient = track2container.GetBlobBaseClient(blobName); GetBlobContent(blobClient, fileName, true); } else { AccessCondition accessCondition = null; BlobRequestOptions requestOptions = RequestOptions; CloudBlob blob = GetBlobReferenceFromServerWithContainer(Channel, container, blobName, accessCondition, requestOptions, OperationContext); GetBlobContent(blob, fileName, true); } }
/// <summary> /// get blob content /// </summary> /// <param name="container">source container object</param> /// <param name="blobName">source blob name</param> /// <param name="fileName">destination file name</param> /// <returns>the downloaded AzureStorageBlob object</returns> internal void GetBlobContent(CloudBlobContainer container, string blobName, string fileName) { if (!NameUtil.IsValidBlobName(blobName)) { throw new ArgumentException(String.Format(Resources.InvalidBlobName, blobName)); } string filePath = GetFullReceiveFilePath(fileName, blobName, null); ValidatePipelineCloudBlobContainer(container); if (UseTrack2SDK()) { BlobContainerClient track2container = AzureStorageContainer.GetTrack2BlobContainerClient(container, Channel.StorageContext, ClientOptions); BlobBaseClient blobClient = track2container.GetBlobBaseClient(blobName); GetBlobContent(blobClient, filePath, true); } else { AccessCondition accessCondition = null; BlobRequestOptions requestOptions = RequestOptions; CloudBlob blob = GetBlobReferenceFromServerWithContainer(Channel, container, blobName, accessCondition, requestOptions, OperationContext); GetBlobContent(blob, filePath, true); } }
private BlobBaseClient GetDestBlob(IStorageBlobManagement destChannel, string destContainerName, string destBlobName, global::Azure.Storage.Blobs.Models.BlobType?blobType) { NameUtil.ValidateContainerName(destContainerName); NameUtil.ValidateBlobName(destBlobName); BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(destChannel.GetContainerReference(destContainerName), destChannel.StorageContext, ClientOptions); BlobBaseClient destBlob = Util.GetTrack2BlobClient(container, destBlobName, destChannel.StorageContext, null, null, null, ClientOptions, blobType is null ? global::Azure.Storage.Blobs.Models.BlobType.Block : blobType.Value); return(destBlob); }
/// <summary> /// remove azure blob /// </summary> /// <param name="container">CloudBlobContainer object</param> /// <param name="blobName">blob name</param> /// <returns>true if the blob is removed successfully, false if user cancel the remove operation</returns> internal async Task RemoveAzureBlob(long taskId, IStorageBlobManagement localChannel, CloudBlobContainer container, string blobName) { if (!NameUtil.IsValidBlobName(blobName)) { throw new ArgumentException(String.Format(Resources.InvalidBlobName, blobName)); } ValidatePipelineCloudBlobContainer(container); if (!UseTrack2Sdk()) { AccessCondition accessCondition = null; BlobRequestOptions requestOptions = null; CloudBlob blob = null; try { blob = await localChannel.GetBlobReferenceFromServerAsync(container, blobName, this.SnapshotTime, accessCondition, requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false); } catch (InvalidOperationException) { blob = null; } if (null == blob && container.ServiceClient.Credentials.IsSharedKey) { throw new ResourceNotFoundException(String.Format(Resources.BlobNotFound, blobName, container.Name)); } else { //Construct the blob as CloudBlockBlob no matter what's the real blob type //We can't get the blob type if Credentials only have the delete permission and don't have read permission. blob = container.GetBlockBlobReference(blobName, this.SnapshotTime); } await RemoveAzureBlob(taskId, localChannel, blob, true).ConfigureAwait(false); } else { if (this.VersionId != null & this.SnapshotTime != null) { throw new ArgumentException("Can't input VersionId and SnapshotTime, since a blob can't have both."); } BlobContainerClient track2container = AzureStorageContainer.GetTrack2BlobContainerClient(container, localChannel.StorageContext, ClientOptions); BlobBaseClient blobClient = Util.GetTrack2BlobClient(track2container, blobName, localChannel.StorageContext, this.VersionId, null, this.SnapshotTime is null? null : this.SnapshotTime.Value.ToString("o"), ClientOptions); // Skip check blob existance, as Server will report error is necessary await RemoveAzureBlobTrack2(taskId, localChannel, blobClient, true).ConfigureAwait(false); } }
internal string SetAzureContainerStoredAccessPolicy(IStorageBlobManagement localChannel, string containerName, string policyName, DateTime?startTime, DateTime?expiryTime, string permission, bool noStartTime, bool noExpiryTime) { //Get container instance, Get existing permissions CloudBlobContainer container_Track1 = Channel.GetContainerReference(containerName); BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(container_Track1, Channel.StorageContext, ClientOptions); BlobContainerAccessPolicy accessPolicy = container.GetAccessPolicy(cancellationToken: CmdletCancellationToken).Value; IEnumerable <BlobSignedIdentifier> signedIdentifiers = accessPolicy.SignedIdentifiers; //Set the policy with new value BlobSignedIdentifier signedIdentifier = null; foreach (BlobSignedIdentifier identifier in signedIdentifiers) { if (identifier.Id == policyName) { signedIdentifier = identifier; } } if (signedIdentifier == null) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.PolicyNotFound, policyName)); } if (noStartTime) { signedIdentifier.AccessPolicy.PolicyStartsOn = DateTimeOffset.MinValue; } else if (startTime != null) { signedIdentifier.AccessPolicy.PolicyStartsOn = StartTime.Value.ToUniversalTime(); } if (noExpiryTime) { signedIdentifier.AccessPolicy.PolicyExpiresOn = DateTimeOffset.MinValue; } else if (ExpiryTime != null) { signedIdentifier.AccessPolicy.PolicyExpiresOn = ExpiryTime.Value.ToUniversalTime(); } if (this.Permission != null) { signedIdentifier.AccessPolicy.Permissions = this.Permission; signedIdentifier.AccessPolicy.Permissions = AccessPolicyHelper.OrderBlobPermission(this.Permission); } //Set permissions back to container container.SetAccessPolicy(accessPolicy.BlobPublicAccess, signedIdentifiers, BlobRequestConditions, CmdletCancellationToken); WriteObject(AccessPolicyHelper.ConstructPolicyOutputPSObject <BlobSignedIdentifier>(signedIdentifier)); return(policyName); }
/// <summary> /// set the access level of specified container /// </summary> /// <param name="name">container name</param> /// <param name="accessLevel">access level in ("off", "blob", "container")</param> internal async Task SetContainerAcl(long taskId, IStorageBlobManagement localChannel, string name, BlobContainerPublicAccessType accessLevel) { if (!NameUtil.IsValidContainerName(name)) { throw new ArgumentException(String.Format(Resources.InvalidContainerName, name)); } BlobRequestOptions requestOptions = RequestOptions; CloudBlobContainer container = localChannel.GetContainerReference(name); BlobContainerClient containerClient = AzureStorageContainer.GetTrack2BlobContainerClient(container, this.Channel.StorageContext, ClientOptions); // Get container permission and set the public access as input BlobContainerAccessPolicy accessPolicy; try { accessPolicy = containerClient.GetAccessPolicy(null, this.CmdletCancellationToken); } catch (global::Azure.RequestFailedException e) when(e.Status == 404) { throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name)); } PublicAccessType publicAccessType = PublicAccessType.None; switch (accessLevel) { case BlobContainerPublicAccessType.Blob: publicAccessType = PublicAccessType.Blob; break; case BlobContainerPublicAccessType.Container: publicAccessType = PublicAccessType.BlobContainer; break; case BlobContainerPublicAccessType.Off: publicAccessType = PublicAccessType.None; break; default: case BlobContainerPublicAccessType.Unknown: throw new ArgumentOutOfRangeException("Permission"); } await containerClient.SetAccessPolicyAsync(publicAccessType, accessPolicy.SignedIdentifiers, null, this.CmdletCancellationToken).ConfigureAwait(false); if (PassThru) { AzureStorageContainer storageContainer = new AzureStorageContainer(containerClient, Channel.StorageContext); storageContainer.SetTrack2Permission(); OutputStream.WriteObject(taskId, storageContainer); } }
/// <summary> /// List containers by container name pattern. /// </summary> /// <param name="name">Container name pattern</param> /// <returns>An enumerable collection of cloudblob container</returns> internal IEnumerable <Tuple <AzureStorageContainer, BlobContinuationToken> > ListContainersByName(string name) { string prefix = string.Empty; if (String.IsNullOrEmpty(name) || WildcardPattern.ContainsWildcardCharacters(name)) { prefix = NameUtil.GetNonWildcardPrefix(name); WildcardOptions options = WildcardOptions.IgnoreCase | WildcardOptions.Compiled; WildcardPattern wildcard = null; if (!string.IsNullOrEmpty(name)) { wildcard = new WildcardPattern(name, options); } Func <string, bool> containerFilter = (containerName) => null == wildcard || wildcard.IsMatch(containerName); IEnumerable <Tuple <AzureStorageContainer, BlobContinuationToken> > containerList = ListContainersByPrefix(prefix, containerFilter); foreach (var containerInfo in containerList) { yield return(containerInfo); } } else { if (!NameUtil.IsValidContainerName(name)) { throw new ArgumentException(String.Format(Resources.InvalidContainerName, name)); } if (this.IncludeDeleted.IsPresent) { WriteWarning("Can't get single deleted container, so -IncludeDeleted will be omit when get single container with -Name."); } CloudBlobContainer container = Channel.GetContainerReference(name); BlobContainerClient containerClient = AzureStorageContainer.GetTrack2BlobContainerClient(container, this.Channel.StorageContext, ClientOptions); global::Azure.Storage.Blobs.Models.BlobContainerProperties properties = null; try { properties = containerClient.GetProperties(cancellationToken: this.CmdletCancellationToken); } catch (global::Azure.RequestFailedException e) when(e.Status == 404) { throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name)); } yield return(new Tuple <AzureStorageContainer, BlobContinuationToken>(new AzureStorageContainer(containerClient, Channel.StorageContext, properties), null)); } }
internal async Task SetBlobTag(long taskId, IStorageBlobManagement localChannel, CloudBlobContainer container, string blobName) { if (!NameUtil.IsValidBlobName(blobName)) { throw new ArgumentException(String.Format(Resources.InvalidBlobName, blobName)); } ValidatePipelineCloudBlobContainer(container); BlobContainerClient track2container = AzureStorageContainer.GetTrack2BlobContainerClient(container, this.Channel.StorageContext, ClientOptions); BlobBaseClient blobClient = Util.GetTrack2BlobClient(track2container, blobName, localChannel.StorageContext, null, false, null, ClientOptions); await SetBlobTag(taskId, localChannel, blobClient, true).ConfigureAwait(false); }
/// <summary> /// create a new azure container /// </summary> /// <param name="name">container name</param> internal async Task CreateAzureContainer(long taskId, IStorageBlobManagement localChannel, string name, BlobContainerPublicAccessType accesslevel) { if (!NameUtil.IsValidContainerName(name)) { throw new ArgumentException(String.Format(Resources.InvalidContainerName, name)); } BlobRequestOptions requestOptions = RequestOptions; CloudBlobContainer container = localChannel.GetContainerReference(name); BlobContainerClient containerClient = AzureStorageContainer.GetTrack2BlobContainerClient(container, localChannel.StorageContext); PublicAccessType containerPublicAccess = PublicAccessType.None; if (accesslevel == BlobContainerPublicAccessType.Blob) { containerPublicAccess = PublicAccessType.Blob; } else if (accesslevel == BlobContainerPublicAccessType.Container) { containerPublicAccess = PublicAccessType.BlobContainer; } global::Azure.Storage.Blobs.Models.BlobContainerEncryptionScopeOptions encryptionScopeOption = null; if (this.DefaultEncryptionScope != null) { encryptionScopeOption = new global::Azure.Storage.Blobs.Models.BlobContainerEncryptionScopeOptions() { // parameterset can ensure the 2 parameters must be set together. DefaultEncryptionScope = this.DefaultEncryptionScope, PreventEncryptionScopeOverride = this.preventEncryptionScopeOverride.Value }; } Response <BlobContainerInfo> responds = await containerClient.CreateIfNotExistsAsync(containerPublicAccess, null, encryptionScopeOption, CmdletCancellationToken).ConfigureAwait(false); if (responds == null || responds.Value == null) // Container already exist so not created again { throw new ResourceAlreadyExistException(String.Format(Resources.ContainerAlreadyExists, name)); } BlobContainerPermissions permissions = new BlobContainerPermissions() { PublicAccess = accesslevel }; container.FetchAttributes(); WriteCloudContainerObject(taskId, localChannel, container, permissions); }
internal string CreateAzureContainerStoredAccessPolicy(IStorageBlobManagement localChannel, string containerName, string policyName, DateTime?startTime, DateTime?expiryTime, string permission) { if (!NameUtil.IsValidStoredAccessPolicyName(policyName)) { throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, Resources.InvalidAccessPolicyName, policyName)); } //Get container instance, Get existing permissions CloudBlobContainer container_Track1 = Channel.GetContainerReference(containerName); BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(container_Track1, Channel.StorageContext, ClientOptions); BlobContainerAccessPolicy accessPolicy = container.GetAccessPolicy(cancellationToken: CmdletCancellationToken).Value; IEnumerable <BlobSignedIdentifier> signedIdentifiers = accessPolicy.SignedIdentifiers; //Add new policy foreach (BlobSignedIdentifier identifier in signedIdentifiers) { if (identifier.Id == policyName) { throw new ResourceAlreadyExistException(String.Format(CultureInfo.CurrentCulture, Resources.PolicyAlreadyExists, policyName)); } } BlobSignedIdentifier signedIdentifier = new BlobSignedIdentifier(); signedIdentifier.Id = policyName; signedIdentifier.AccessPolicy = new BlobAccessPolicy(); if (StartTime != null) { signedIdentifier.AccessPolicy.PolicyStartsOn = StartTime.Value.ToUniversalTime(); } if (ExpiryTime != null) { signedIdentifier.AccessPolicy.PolicyExpiresOn = ExpiryTime.Value.ToUniversalTime(); } signedIdentifier.AccessPolicy.Permissions = AccessPolicyHelper.OrderBlobPermission(this.Permission); var newsignedIdentifiers = new List <BlobSignedIdentifier>(signedIdentifiers); newsignedIdentifiers.Add(signedIdentifier); //Set permissions back to container container.SetAccessPolicy(accessPolicy.BlobPublicAccess, newsignedIdentifiers, BlobRequestConditions, CmdletCancellationToken); return(policyName); }
internal bool RemoveAzureContainerStoredAccessPolicy(IStorageBlobManagement localChannel, string containerName, string policyName) { bool success = false; string result = string.Empty; //Get container instance, Get existing permissions CloudBlobContainer container_Track1 = Channel.GetContainerReference(containerName); BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(container_Track1, Channel.StorageContext, ClientOptions); BlobContainerAccessPolicy accessPolicy = container.GetAccessPolicy(cancellationToken: CmdletCancellationToken).Value; IEnumerable <BlobSignedIdentifier> signedIdentifiers = accessPolicy.SignedIdentifiers; //remove policy BlobSignedIdentifier signedIdentifier = null; foreach (BlobSignedIdentifier identifier in signedIdentifiers) { if (identifier.Id == policyName) { signedIdentifier = identifier; } } if (signedIdentifier == null) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.PolicyNotFound, policyName)); } if (ShouldProcess(policyName, "Remove policy")) { List <BlobSignedIdentifier> policyList = new List <BlobSignedIdentifier>(signedIdentifiers); policyList.Remove(signedIdentifier); //Set permissions back to container container.SetAccessPolicy(accessPolicy.BlobPublicAccess, policyList, BlobRequestConditions, CmdletCancellationToken); success = true; } return(success); }
public override void ExecuteCmdlet() { if (String.IsNullOrEmpty(Name)) { return; } // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas bool generateUserDelegationSas = false; if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken) { if (ShouldProcess(Name, "Generate User Delegation SAS, since input Storage Context is OAuth based.")) { generateUserDelegationSas = true; if (!string.IsNullOrEmpty(accessPolicyIdentifier)) { throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy"); } } else { return; } } if (!UseTrack2Sdk()) // Track1 { CloudBlobContainer container = Channel.GetContainerReference(Name); SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy(); bool shouldSetExpiryTime = SasTokenHelper.ValidateContainerAccessPolicy(Channel, container.Name, accessPolicy, accessPolicyIdentifier); SetupAccessPolicy(accessPolicy, shouldSetExpiryTime); string sasToken; if (generateUserDelegationSas) { UserDelegationKey userDelegationKey = Channel.GetUserDelegationKey(accessPolicy.SharedAccessStartTime, accessPolicy.SharedAccessExpiryTime, null, null, OperationContext); sasToken = container.GetUserDelegationSharedAccessSignature(userDelegationKey, accessPolicy, null, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange)); } else { sasToken = container.GetSharedAccessSignature(accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange)); } if (FullUri) { string fullUri = SasTokenHelper.GetFullUriWithSASToken(container.Uri.AbsoluteUri.ToString(), sasToken); WriteObject(fullUri); } else { WriteObject(sasToken); } } else //Track2 { //Get container instance CloudBlobContainer container_Track1 = Channel.GetContainerReference(Name); BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(container_Track1, Channel.StorageContext, ClientOptions); // Get contaienr saved policy if any Track2Models.BlobSignedIdentifier identifier = null; if (ParameterSetName == SasPolicyParmeterSet) { identifier = SasTokenHelper.GetBlobSignedIdentifier(container, this.Policy, CmdletCancellationToken); } //Create SAS builder BlobSasBuilder sasBuilder = SasTokenHelper.SetBlobSasBuilder_FromContainer(container, identifier, this.Permission, this.StartTime, this.ExpiryTime, this.IPAddressOrRange, this.Protocol); //Create SAS and output it string sasToken = SasTokenHelper.GetBlobSharedAccessSignature(Channel.StorageContext, sasBuilder, generateUserDelegationSas, ClientOptions, CmdletCancellationToken); if (sasToken[0] != '?') { sasToken = "?" + sasToken; } if (FullUri) { string fullUri = SasTokenHelper.GetFullUriWithSASToken(container.Uri.AbsoluteUri.ToString(), sasToken); WriteObject(fullUri); } else { WriteObject(sasToken); } } }
/// <summary> /// remove azure container by container name /// </summary> /// <param name="name">container name</param> internal async Task RemoveAzureContainer(long taskId, IStorageBlobManagement localChannel, string name) { if (!NameUtil.IsValidContainerName(name)) { throw new ArgumentException(String.Format(Resources.InvalidContainerName, name)); } string result = string.Empty; bool removed = false; CloudBlobContainer container = localChannel.GetContainerReference(name); if (!UseTrack2Sdk())//Track1 { BlobRequestOptions requestOptions = RequestOptions; AccessCondition accessCondition = null; if (!await localChannel.DoesContainerExistAsync(container, requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false)) { throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name)); } if (force || ContainerIsEmpty(container) || OutputStream.ConfirmAsync(String.Format("Remove container and all content in it: {0}", name)).Result) { await localChannel.DeleteContainerAsync(container, accessCondition, requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false); result = String.Format(Resources.RemoveContainerSuccessfully, name); removed = true; } else { result = String.Format(Resources.RemoveContainerCancelled, name); } } else { BlobContainerClient containerClient = AzureStorageContainer.GetTrack2BlobContainerClient(container, this.Channel.StorageContext, ClientOptions); if (!containerClient.Exists(this.CmdletCancellationToken)) { throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name)); } if (force || ContainerIsEmpty(container) || OutputStream.ConfirmAsync(String.Format("Remove container and all content in it: {0}", name)).Result) { await containerClient.DeleteAsync(cancellationToken : this.CmdletCancellationToken).ConfigureAwait(false); result = String.Format(Resources.RemoveContainerSuccessfully, name); removed = true; } else { result = String.Format(Resources.RemoveContainerCancelled, name); } } OutputStream.WriteVerbose(taskId, result); if (PassThru) { OutputStream.WriteObject(taskId, removed); } }
/// <summary> /// list blobs by blob prefix and container name /// </summary> /// <param name="containerName">container name</param> /// <param name="prefix">blob preifx</param> /// <returns>An enumerable collection of IListBlobItem</returns> internal async Task ListBlobsByPrefix(long taskId, IStorageBlobManagement localChannel, string containerName, string prefix, Func <string, bool> blobFilter = null, bool includeDeleted = false, bool includeVersion = false) { CloudBlobContainer container = await GetCloudBlobContainerByName(localChannel, containerName).ConfigureAwait(false); BlobContainerClient track2container = AzureStorageContainer.GetTrack2BlobContainerClient(container, localChannel.StorageContext, ClientOptions); int listCount = InternalMaxCount; int MaxListCount = 5000; int requestCount = MaxListCount; int realListCount = 0; BlobContinuationToken continuationToken = ContinuationToken; string track2ContinuationToken = this.ContinuationToken is null ? null : this.ContinuationToken.NextMarker; if (UseTrack2Sdk()) // For new feature only available on Track2 SDK, need list with Track2 SDK. { BlobTraits blobTraits = BlobTraits.Metadata | BlobTraits.CopyStatus; // | BlobTraits.Tags; BlobStates blobStates = BlobStates.Snapshots; if (includeDeleted) { blobStates = blobStates | BlobStates.Deleted; } if (includeVersion) { blobStates = blobStates | BlobStates.Version; } do { requestCount = Math.Min(listCount, MaxListCount); realListCount = 0; IEnumerator <Page <BlobItem> > enumerator = track2container.GetBlobs(blobTraits, blobStates, prefix, CmdletCancellationToken) .AsPages(track2ContinuationToken, requestCount) .GetEnumerator(); Page <BlobItem> page; enumerator.MoveNext(); page = enumerator.Current; foreach (BlobItem item in page.Values) { if (blobFilter == null || blobFilter(item.Name)) { OutputStream.WriteObject(taskId, GetAzureStorageBlob(item, track2container, localChannel.StorageContext, page.ContinuationToken, ClientOptions)); } realListCount++; } track2ContinuationToken = page.ContinuationToken; if (InternalMaxCount != int.MaxValue) { listCount -= realListCount; } } while (listCount > 0 && !string.IsNullOrEmpty(track2ContinuationToken)); } else { BlobRequestOptions requestOptions = RequestOptions; bool useFlatBlobListing = true; BlobListingDetails details = BlobListingDetails.Snapshots | BlobListingDetails.Metadata | BlobListingDetails.Copy; if (includeDeleted) { details = details | BlobListingDetails.Deleted; } do { requestCount = Math.Min(listCount, MaxListCount); realListCount = 0; BlobResultSegment blobResult = await localChannel.ListBlobsSegmentedAsync(container, prefix, useFlatBlobListing, details, requestCount, continuationToken, requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false); foreach (IListBlobItem blobItem in blobResult.Results) { CloudBlob blob = blobItem as CloudBlob; if (blob == null) { continue; } if (blobFilter == null || blobFilter(blob.Name)) { WriteCloudBlobObject(taskId, localChannel, blob, blobResult.ContinuationToken); realListCount++; } } if (InternalMaxCount != int.MaxValue) { listCount -= realListCount; } continuationToken = blobResult.ContinuationToken; }while (listCount > 0 && continuationToken != null); } }
/// <summary> /// list blobs by blob name and container name /// </summary> /// <param name="containerName">container name</param> /// <param name="blobName">blob name pattern</param> /// <returns>An enumerable collection of IListBlobItem</returns> internal async Task ListBlobsByName(long taskId, IStorageBlobManagement localChannel, string containerName, string blobName, bool includeDeleted = false, bool includeVersion = false) { CloudBlobContainer container = null; BlobRequestOptions requestOptions = RequestOptions; AccessCondition accessCondition = null; string prefix = string.Empty; if (String.IsNullOrEmpty(blobName) || WildcardPattern.ContainsWildcardCharacters(blobName) || includeDeleted) { container = await GetCloudBlobContainerByName(localChannel, containerName).ConfigureAwait(false); prefix = NameUtil.GetNonWildcardPrefix(blobName); WildcardOptions options = WildcardOptions.IgnoreCase | WildcardOptions.Compiled; WildcardPattern wildcard = null; if (!String.IsNullOrEmpty(blobName)) { wildcard = new WildcardPattern(blobName, options); } Func <string, bool> blobFilter = (blobNameToFilte) => wildcard == null || wildcard.IsMatch(blobNameToFilte); await ListBlobsByPrefix(taskId, localChannel, containerName, prefix, blobFilter, includeDeleted, IncludeVersion).ConfigureAwait(false); } else { container = await GetCloudBlobContainerByName(localChannel, containerName, true).ConfigureAwait(false); BlobContainerClient track2container = AzureStorageContainer.GetTrack2BlobContainerClient(container, localChannel.StorageContext, ClientOptions); if (!NameUtil.IsValidBlobName(blobName)) { throw new ArgumentException(String.Format(Resources.InvalidBlobName, blobName)); } BlobBaseClient blobClient = null; if (UseTrack2Sdk()) // User Track2 SDK { blobClient = Util.GetTrack2BlobClient(track2container, blobName, localChannel.StorageContext, this.VersionId, false, this.SnapshotTime is null ? null : this.SnapshotTime.Value.ToString("o"), ClientOptions); global::Azure.Storage.Blobs.Models.BlobProperties blobProperties; try { blobProperties = blobClient.GetProperties(BlobRequestConditions, cancellationToken: CmdletCancellationToken); } catch (global::Azure.RequestFailedException e) when(e.Status == 404) { throw new ResourceNotFoundException(String.Format(Resources.BlobNotFound, blobName, containerName)); } blobClient = Util.GetTrack2BlobClient(track2container, blobName, localChannel.StorageContext, this.VersionId, blobProperties.IsLatestVersion, this.SnapshotTime is null ? null : this.SnapshotTime.Value.ToString("o"), ClientOptions, blobProperties.BlobType); AzureStorageBlob outputBlob = new AzureStorageBlob(blobClient, localChannel.StorageContext, blobProperties, ClientOptions); OutputStream.WriteObject(taskId, outputBlob); } else // Use Track1 SDK { CloudBlob blob = await localChannel.GetBlobReferenceFromServerAsync(container, blobName, this.SnapshotTime, accessCondition, requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false); if (null == blob) { throw new ResourceNotFoundException(String.Format(Resources.BlobNotFound, blobName, containerName)); } else { OutputStream.WriteObject(taskId, new AzureStorageBlob(blob, localChannel.StorageContext, ClientOptions)); } } } }
/// <summary> /// set the access level of specified container /// </summary> /// <param name="name">container name</param> /// <param name="accessLevel">access level in ("off", "blob", "container")</param> internal async Task SetContainerAcl(long taskId, IStorageBlobManagement localChannel, string name, BlobContainerPublicAccessType accessLevel) { if (!NameUtil.IsValidContainerName(name)) { throw new ArgumentException(String.Format(Resources.InvalidContainerName, name)); } BlobRequestOptions requestOptions = RequestOptions; AccessCondition accessCondition = null; bool needUseTrack2 = false; CloudBlobContainer container = localChannel.GetContainerReference(name); // Get container permission and set the public access as input BlobContainerPermissions permissions = null; try { permissions = localChannel.GetContainerPermissions(container, null, requestOptions, OperationContext); } catch (StorageException e) when(e.IsNotFoundException()) { throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name)); } catch (StorageException e) when(e.IsConflictException()) { // 409 Conflict, might caused by the container has an Stored access policy contains a permission that is not supported by Track1 SDK API veresion, so switch to Track2 SDK needUseTrack2 = true; } if (!needUseTrack2) // Track1 { permissions.PublicAccess = accessLevel; await localChannel.SetContainerPermissionsAsync(container, permissions, accessCondition, requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false); if (PassThru) { WriteCloudContainerObject(taskId, localChannel, container, permissions); } } else // Track2 { BlobContainerClient containerClient = AzureStorageContainer.GetTrack2BlobContainerClient(container, this.Channel.StorageContext, ClientOptions); // Get container permission and set the public access as input BlobContainerAccessPolicy accessPolicy; accessPolicy = containerClient.GetAccessPolicy(null, this.CmdletCancellationToken); PublicAccessType publicAccessType = PublicAccessType.None; switch (accessLevel) { case BlobContainerPublicAccessType.Blob: publicAccessType = PublicAccessType.Blob; break; case BlobContainerPublicAccessType.Container: publicAccessType = PublicAccessType.BlobContainer; break; case BlobContainerPublicAccessType.Off: publicAccessType = PublicAccessType.None; break; default: case BlobContainerPublicAccessType.Unknown: throw new ArgumentOutOfRangeException("Permission"); } await containerClient.SetAccessPolicyAsync(publicAccessType, accessPolicy.SignedIdentifiers, null, this.CmdletCancellationToken).ConfigureAwait(false); if (PassThru) { AzureStorageContainer storageContainer = new AzureStorageContainer(container, null); storageContainer.Context = localChannel.StorageContext; storageContainer.SetTrack2Permission(); OutputStream.WriteObject(taskId, storageContainer); } } }
public override void ExecuteCmdlet() { CloudBlob blob = null; if (ParameterSetName == BlobNamePipelineParmeterSetWithPermission || ParameterSetName == BlobNamePipelineParmeterSetWithPolicy) { blob = GetCloudBlobByName(Container, Blob); } else { blob = this.CloudBlob; } // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas bool generateUserDelegationSas = false; if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken) { if (ShouldProcess(blob.Name, "Generate User Delegation SAS, since input Storage Context is OAuth based.")) { generateUserDelegationSas = true; if (!string.IsNullOrEmpty(accessPolicyIdentifier)) { throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy"); } } else { return; } } if (!(blob is InvalidCloudBlob) && !UseTrack2Sdk()) { SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy(); bool shouldSetExpiryTime = SasTokenHelper.ValidateContainerAccessPolicy(Channel, blob.Container.Name, accessPolicy, accessPolicyIdentifier); SetupAccessPolicy(accessPolicy, shouldSetExpiryTime); string sasToken = GetBlobSharedAccessSignature(blob, accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange), generateUserDelegationSas); if (FullUri) { string fullUri = blob.SnapshotQualifiedUri.ToString(); if (blob.IsSnapshot) { // Since snapshot URL already has '?', need remove '?' in the first char of sas fullUri = fullUri + "&" + sasToken.Substring(1); } else { fullUri = fullUri + sasToken; } WriteObject(fullUri); } else { WriteObject(sasToken); } } else // Use Track2 SDk { //Get blob instance BlobBaseClient blobClient; if (this.BlobBaseClient != null) { blobClient = this.BlobBaseClient; } else { blobClient = AzureStorageBlob.GetTrack2BlobClient(blob, Channel.StorageContext, this.ClientOptions); } // Get contaienr saved policy if any BlobSignedIdentifier identifier = null; if (ParameterSetName == BlobNamePipelineParmeterSetWithPolicy || ParameterSetName == BlobPipelineParameterSetWithPolicy) { BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(Channel.GetContainerReference(blobClient.BlobContainerName), Channel.StorageContext, ClientOptions); identifier = SasTokenHelper.GetBlobSignedIdentifier(container, this.Policy, CmdletCancellationToken); } //Create SAS builder BlobSasBuilder sasBuilder = SasTokenHelper.SetBlobSasBuilder_FromBlob(blobClient, identifier, this.Permission, this.StartTime, this.ExpiryTime, this.IPAddressOrRange, this.Protocol); //Create SAS and ourput string sasToken = SasTokenHelper.GetBlobSharedAccessSignature(Channel.StorageContext, sasBuilder, generateUserDelegationSas, ClientOptions, CmdletCancellationToken); if (sasToken[0] != '?') { sasToken = "?" + sasToken; } if (FullUri) { string fullUri = blobClient.Uri.ToString(); if (blob.IsSnapshot) { // Since snapshot URL already has '?', need remove '?' in the first char of sas fullUri = fullUri + "&" + sasToken.Substring(1); } else { fullUri = fullUri + sasToken; } WriteObject(fullUri); } else { WriteObject(sasToken); } } }
public override void ExecuteCmdlet() { CloudBlob blob = null; if (ParameterSetName == BlobNamePipelineParmeterSetWithPermission || ParameterSetName == BlobNamePipelineParmeterSetWithPolicy) { blob = GetCloudBlobByName(Container, Blob); } else { blob = this.CloudBlob; } // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas bool generateUserDelegationSas = false; if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken) { if (ShouldProcess(blob.Name, "Generate User Delegation SAS, since input Storage Context is OAuth based.")) { generateUserDelegationSas = true; if (!string.IsNullOrEmpty(accessPolicyIdentifier)) { throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy"); } } else { return; } } if (!(blob is InvalidCloudBlob) && !UseTrack2SDK()) { SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy(); bool shouldSetExpiryTime = SasTokenHelper.ValidateContainerAccessPolicy(Channel, blob.Container.Name, accessPolicy, accessPolicyIdentifier); SetupAccessPolicy(accessPolicy, shouldSetExpiryTime); string sasToken = GetBlobSharedAccessSignature(blob, accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange), generateUserDelegationSas); if (FullUri) { string fullUri = blob.SnapshotQualifiedUri.ToString(); if (blob.IsSnapshot) { // Since snapshot URL already has '?', need remove '?' in the first char of sas fullUri = fullUri + "&" + sasToken.Substring(1); } else { fullUri = fullUri + sasToken; } WriteObject(fullUri); } else { WriteObject(sasToken); } } else // Use Track2 SDk { BlobBaseClient blobClient; if (this.BlobBaseClient != null) { blobClient = this.BlobBaseClient; } else { blobClient = AzureStorageBlob.GetTrack2BlobClient(blob, Channel.StorageContext, this.ClientOptions); } BlobSasBuilder sasBuilder; if (ParameterSetName == BlobNamePipelineParmeterSetWithPolicy || ParameterSetName == BlobPipelineParameterSetWithPolicy) { BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(Channel.GetContainerReference(blobClient.BlobContainerName), Channel.StorageContext, ClientOptions); IEnumerable <BlobSignedIdentifier> signedIdentifiers = container.GetAccessPolicy(cancellationToken: CmdletCancellationToken).Value.SignedIdentifiers; BlobSignedIdentifier signedIdentifier = null; foreach (BlobSignedIdentifier identifier in signedIdentifiers) { if (identifier.Id == this.Policy) { signedIdentifier = identifier; break; } } if (signedIdentifier is null) { throw new ArgumentException(string.Format(Resources.InvalidAccessPolicy, this.Policy)); } sasBuilder = new BlobSasBuilder { BlobContainerName = blobClient.BlobContainerName, BlobName = blobClient.Name, Identifier = this.Policy }; if (this.StartTime != null) { if (signedIdentifier.AccessPolicy.StartsOn != DateTimeOffset.MinValue) { throw new InvalidOperationException(Resources.SignedStartTimeMustBeOmitted); } else { sasBuilder.StartsOn = this.StartTime.Value.ToUniversalTime(); } } if (this.ExpiryTime != null) { if (signedIdentifier.AccessPolicy.ExpiresOn != DateTimeOffset.MinValue) { throw new ArgumentException(Resources.SignedExpiryTimeMustBeOmitted); } else { sasBuilder.ExpiresOn = this.ExpiryTime.Value.ToUniversalTime(); } } else if (signedIdentifier.AccessPolicy.ExpiresOn == DateTimeOffset.MinValue) { if (sasBuilder.StartsOn != DateTimeOffset.MinValue) { sasBuilder.ExpiresOn = sasBuilder.StartsOn.ToUniversalTime().AddHours(1); } else { sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1); } } if (this.Permission != null) { if (signedIdentifier.AccessPolicy.Permissions != null) { throw new ArgumentException(Resources.SignedPermissionsMustBeOmitted); } else { sasBuilder.SetPermissions(this.Permission); } } } else { sasBuilder = new BlobSasBuilder { BlobContainerName = blobClient.BlobContainerName, BlobName = blobClient.Name, }; sasBuilder.SetPermissions(this.Permission); if (this.StartTime != null) { sasBuilder.StartsOn = this.StartTime.Value.ToUniversalTime(); } if (this.ExpiryTime != null) { sasBuilder.ExpiresOn = this.ExpiryTime.Value.ToUniversalTime(); } else { if (sasBuilder.StartsOn != DateTimeOffset.MinValue) { sasBuilder.ExpiresOn = sasBuilder.StartsOn.AddHours(1).ToUniversalTime(); } else { sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1); } } } if (this.IPAddressOrRange != null) { sasBuilder.IPRange = Util.SetupIPAddressOrRangeForSASTrack2(this.IPAddressOrRange); } if (this.Protocol != null) { if (this.Protocol.Value == SharedAccessProtocol.HttpsOrHttp) { sasBuilder.Protocol = SasProtocol.HttpsAndHttp; } else //HttpsOnly { sasBuilder.Protocol = SasProtocol.Https; } } if (Util.GetVersionIdFromBlobUri(blobClient.Uri) != null) { sasBuilder.BlobVersionId = Util.GetVersionIdFromBlobUri(blobClient.Uri); } if (Util.GetSnapshotTimeFromBlobUri(blobClient.Uri) != null) { sasBuilder.Snapshot = Util.GetSnapshotTimeFromBlobUri(blobClient.Uri).Value.ToString("o"); } string sasToken = GetBlobSharedAccessSignature(blobClient, sasBuilder, generateUserDelegationSas); if (sasToken[0] != '?') { sasToken = "?" + sasToken; } if (FullUri) { string fullUri = blobClient.Uri.ToString(); if (blob.IsSnapshot) { // Since snapshot URL already has '?', need remove '?' in the first char of sas fullUri = fullUri + "&" + sasToken.Substring(1); } else { fullUri = fullUri + sasToken; } WriteObject(fullUri); } else { WriteObject(sasToken); } } }