/// <summary>
/// set the access level of specified container
/// </summary>
/// <param name="name">container name</param>
/// <param name="accessLevel">access level in ("off", "blob", "container")</param>
internal async Task SetContainerAcl(long taskId, IStorageBlobManagement localChannel, string name, BlobContainerPublicAccessType accessLevel)
{
if (!NameUtil.IsValidContainerName(name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, name));
}
BlobRequestOptions requestOptions = RequestOptions;
CloudBlobContainer container = localChannel.GetContainerReference(name);
BlobContainerClient containerClient = AzureStorageContainer.GetTrack2BlobContainerClient(container, this.Channel.StorageContext, ClientOptions);
// Get container permission and set the public access as input
BlobContainerAccessPolicy accessPolicy;
try
{
accessPolicy = containerClient.GetAccessPolicy(null, this.CmdletCancellationToken);
}
catch (global::Azure.RequestFailedException e) when(e.Status == 404)
{
throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name));
}
PublicAccessType publicAccessType = PublicAccessType.None;
switch (accessLevel)
{
case BlobContainerPublicAccessType.Blob:
publicAccessType = PublicAccessType.Blob;
break;
case BlobContainerPublicAccessType.Container:
publicAccessType = PublicAccessType.BlobContainer;
break;
case BlobContainerPublicAccessType.Off:
publicAccessType = PublicAccessType.None;
break;
default:
case BlobContainerPublicAccessType.Unknown:
throw new ArgumentOutOfRangeException("Permission");
}
await containerClient.SetAccessPolicyAsync(publicAccessType, accessPolicy.SignedIdentifiers, null, this.CmdletCancellationToken).ConfigureAwait(false);
if (PassThru)
{
AzureStorageContainer storageContainer = new AzureStorageContainer(containerClient, Channel.StorageContext);
storageContainer.SetTrack2Permission();
OutputStream.WriteObject(taskId, storageContainer);
}
}
public override void ExecuteCmdlet()
{
if (ShouldProcess(this.Name, "Restore deleted container"))
{
if (!NameUtil.IsValidContainerName(this.Name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, this.Name));
}
BlobServiceClient blobServiceClient = Util.GetTrack2BlobServiceClient(this.Channel.StorageContext, ClientOptions);
BlobContainerClient destContainerClient = blobServiceClient.UndeleteBlobContainer(this.Name, this.VersionId, this.Name, this.CmdletCancellationToken).Value;
AzureStorageContainer destAzureStorageContainer = new AzureStorageContainer(destContainerClient, Channel.StorageContext);
destAzureStorageContainer.SetTrack2Permission();
WriteObject(destAzureStorageContainer);
}
}
/// <summary>
/// Async get container permission
/// </summary>
/// <param name="container">CloudBlobContainer object</param>
/// <param name="taskId">Task id</param>
/// <param name="context">Azure storage context</param>
/// <returns></returns>
internal async Task GetContainerPermission(long taskId, IStorageBlobManagement localChannel, CloudBlobContainer container, BlobContinuationToken continuationToken)
{
BlobRequestOptions requestOptions = RequestOptions;
AccessCondition accessCondition = null;
BlobContainerPermissions permissions = null;
bool needUseTrack2 = false;
try
{
permissions = await localChannel.GetContainerPermissionsAsync(container, accessCondition,
requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false);
}
catch (StorageException e) when(e.IsNotFoundException() || e.IsForbiddenException())
{
// 404 Not found, or 403 Forbidden means we don't have permission to query the Permission of the specified container.
// Just skip return container permission in this case.
}
catch (StorageException e) when(e.IsConflictException())
{
// 409 Conflict, might caused by the container has an Stored access policy contains a permission that is not supported by Track1 SDK API veresion, so switch to Track2 SDK
needUseTrack2 = true;
}
if (!needUseTrack2) // Track1
{
WriteCloudContainerObject(taskId, localChannel, container, permissions, continuationToken);
}
else //Track2
{
AzureStorageContainer azureContainer = new AzureStorageContainer(container, null);
azureContainer.Context = localChannel.StorageContext;
azureContainer.ContinuationToken = continuationToken;
azureContainer.SetTrack2Permission();
OutputStream.WriteObject(taskId, azureContainer);
}
}
/// <summary>
/// set the access level of specified container
/// </summary>
/// <param name="name">container name</param>
/// <param name="accessLevel">access level in ("off", "blob", "container")</param>
internal async Task SetContainerAcl(long taskId, IStorageBlobManagement localChannel, string name, BlobContainerPublicAccessType accessLevel)
{
if (!NameUtil.IsValidContainerName(name))
{
throw new ArgumentException(String.Format(Resources.InvalidContainerName, name));
}
BlobRequestOptions requestOptions = RequestOptions;
AccessCondition accessCondition = null;
bool needUseTrack2 = false;
CloudBlobContainer container = localChannel.GetContainerReference(name);
// Get container permission and set the public access as input
BlobContainerPermissions permissions = null;
try
{
permissions = localChannel.GetContainerPermissions(container, null, requestOptions, OperationContext);
}
catch (StorageException e) when(e.IsNotFoundException())
{
throw new ResourceNotFoundException(String.Format(Resources.ContainerNotFound, name));
}
catch (StorageException e) when(e.IsConflictException())
{
// 409 Conflict, might caused by the container has an Stored access policy contains a permission that is not supported by Track1 SDK API veresion, so switch to Track2 SDK
needUseTrack2 = true;
}
if (!needUseTrack2) // Track1
{
permissions.PublicAccess = accessLevel;
await localChannel.SetContainerPermissionsAsync(container, permissions, accessCondition, requestOptions, OperationContext, CmdletCancellationToken).ConfigureAwait(false);
if (PassThru)
{
WriteCloudContainerObject(taskId, localChannel, container, permissions);
}
}
else // Track2
{
BlobContainerClient containerClient = AzureStorageContainer.GetTrack2BlobContainerClient(container, this.Channel.StorageContext, ClientOptions);
// Get container permission and set the public access as input
BlobContainerAccessPolicy accessPolicy;
accessPolicy = containerClient.GetAccessPolicy(null, this.CmdletCancellationToken);
PublicAccessType publicAccessType = PublicAccessType.None;
switch (accessLevel)
{
case BlobContainerPublicAccessType.Blob:
publicAccessType = PublicAccessType.Blob;
break;
case BlobContainerPublicAccessType.Container:
publicAccessType = PublicAccessType.BlobContainer;
break;
case BlobContainerPublicAccessType.Off:
publicAccessType = PublicAccessType.None;
break;
default:
case BlobContainerPublicAccessType.Unknown:
throw new ArgumentOutOfRangeException("Permission");
}
await containerClient.SetAccessPolicyAsync(publicAccessType, accessPolicy.SignedIdentifiers, null, this.CmdletCancellationToken).ConfigureAwait(false);
if (PassThru)
{
AzureStorageContainer storageContainer = new AzureStorageContainer(container, null);
storageContainer.Context = localChannel.StorageContext;
storageContainer.SetTrack2Permission();
OutputStream.WriteObject(taskId, storageContainer);
}
}
}
