public void NewTableSasWithRangePK()
{
CloudTable table = tableUtil.CreateTable();
string rk = Utility.GenNameString("rk");
string key = Utility.GenNameString("key");
string pk1 = Utility.GenNameString("pk1");
string pk2 = Utility.GenNameString("pk2");
string pk3 = Utility.GenNameString("pk3");
string pk4 = Utility.GenNameString("pk4");
string value1 = InsertTableEntity(table, pk1, rk, key);
string value2 = InsertTableEntity(table, pk2, rk, key);
string value3 = InsertTableEntity(table, pk3, rk, key);
string value4 = InsertTableEntity(table, pk4, rk, key);
//Range(PK2, Pk3)
string permission = "r";
string sasToken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, permission,
null, null, false, pk2, string.Empty, pk3, string.Empty);
CloudTable sasTable = tableUtil.GetTableBySasToken(table, sasToken);
try
{
ExpectPermissionException(sasTable, pk1, rk, "Pk1 entity");
ExpectEntityValue(value2, sasTable, pk2, rk, key, "PK2 entity");
ExpectEntityValue(value3, sasTable, pk3, rk, key, "PK3 entity");
ExpectPermissionException(sasTable, pk4, rk, "Pk4 entity");
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSasWithInvalidRangeRK()
{
CloudTable table = tableUtil.CreateTable();
string pk = Utility.GenNameString("pk");
string key = Utility.GenNameString("key");
string rk1 = Utility.GenNameString("rk1");
string rk2 = Utility.GenNameString("rk2");
string rk3 = Utility.GenNameString("rk3");
string rk4 = Utility.GenNameString("rk4");
string value1 = InsertTableEntity(table, pk, rk1, key);
string value2 = InsertTableEntity(table, pk, rk2, key);
string value3 = InsertTableEntity(table, pk, rk3, key);
string value4 = InsertTableEntity(table, pk, rk4, key);
try
{
//Range(RK2, Rk3)
string permission = "r";
string sasToken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, permission,
null, null, false, pk, rk3, pk, rk2);
CloudTable sasTable = tableUtil.GetTableBySasToken(table, sasToken);
ExpectPermissionException(sasTable, pk, rk1, "Rk1 entity");
ExpectPermissionException(sasTable, pk, rk2, "RK2 entity");
ExpectPermissionException(sasTable, pk, rk3, "RK3 entity");
ExpectPermissionException(sasTable, pk, rk4, "Rk4 entity");
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSasWithLimitedPermission()
{
CloudTable table = tableUtil.CreateTable();
try
{
//table read permission
string tablePermission = "r";
string limitedPermission = "uda";
string sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, tablePermission);
ValidateLimitedSasPermission(table, limitedPermission, sastoken);
//table add permission
tablePermission = "a";
limitedPermission = "rdu";
sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, tablePermission);
ValidateLimitedSasPermission(table, limitedPermission, sastoken);
//table update permission
tablePermission = "u";
limitedPermission = "rad";
sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, tablePermission);
ValidateLimitedSasPermission(table, limitedPermission, sastoken);
//table delete permission
tablePermission = "d";
limitedPermission = "rau";
sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, tablePermission);
ValidateLimitedSasPermission(table, limitedPermission, sastoken);
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSasWithPolicy()
{
CloudTable table = tableUtil.CreateTable();
try
{
TimeSpan sasLifeTime = TimeSpan.FromMinutes(10);
TablePermissions permission = new TablePermissions();
string policyName = Utility.GenNameString("saspolicy");
permission.SharedAccessPolicies.Add(policyName, new SharedAccessTablePolicy
{
SharedAccessExpiryTime = DateTime.Now.Add(sasLifeTime),
Permissions = SharedAccessTablePermissions.Query
});
table.SetPermissions(permission);
string sasToken = CommandAgent.GetTableSasFromCmd(table.Name, policyName, string.Empty);
Test.Info("Sleep and wait for sas policy taking effect");
double lifeTime = 1;
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
ValidateSasToken(table, "r", sasToken);
}
finally
{
tableUtil.RemoveTable(table);
}
}
/// <summary>
/// Generate a sas token and validate it.
/// </summary>
/// <param name="tablePermission">table permission</param>
internal void GenerateSasTokenAndValidate(string tablePermission)
{
CloudTable table = tableUtil.CreateTable();
try
{
string sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, tablePermission);
ValidateSasToken(table, tablePermission, sastoken);
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSas_HttpsOrHttp()
{
CloudTable table = tableUtil.CreateTable();
try
{
string sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, "ruda", protocol: SharedAccessProtocol.HttpsOrHttp);
tableUtil.ValidateTableQueryableWithSasToken(table, sastoken, useHttps: false);
tableUtil.ValidateTableQueryableWithSasToken(table, sastoken, useHttps: true);
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSasWithFullUri()
{
CloudTable table = tableUtil.CreateTable();
try
{
string tablePermission = Utility.GenRandomCombination(NewTableSas.TablePermission);
string fullUri = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, tablePermission);
string sasToken = (lang == Language.PowerShell ? fullUri.Substring(fullUri.IndexOf("?")) : fullUri);
ValidateSasToken(table, tablePermission, sasToken);
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSasWithLifeTime()
{
CloudTable table = tableUtil.CreateTable();
double lifeTime = 3; //Minutes
const double deltaTime = 0.5;
DateTime startTime = DateTime.Now.AddMinutes(lifeTime);
DateTime expiryTime = startTime.AddMinutes(lifeTime);
try
{
string tablePermission = Utility.GenRandomCombination(NewTableSas.TablePermission);
string sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, tablePermission, startTime, expiryTime);
try
{
ValidateSasToken(table, tablePermission, sastoken);
Test.Error(string.Format("Access table should fail since the start time is {0}, but now is {1}",
startTime.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
}
Test.Info("Sleep and wait for the sas token start time");
Thread.Sleep(TimeSpan.FromMinutes(lifeTime + deltaTime));
ValidateSasToken(table, tablePermission, sastoken);
Test.Info("Sleep and wait for sas token expiry time");
Thread.Sleep(TimeSpan.FromMinutes(lifeTime + deltaTime));
try
{
ValidateSasToken(table, tablePermission, sastoken);
Test.Error(string.Format("Access table should fail since the expiry time is {0}, but now is {1}",
expiryTime.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
}
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void PolicyWithSASExpiryTimeFutureToPast()
{
TimeSpan sasLifeTime = TimeSpan.FromMinutes(10);
string policyName = Utility.GenNameString("saspolicy");
DateTime? expiryTime = DateTime.Today.AddDays(10);
DateTime? startTime = DateTime.Today.AddDays(-2);
string permission = lang == Language.PowerShell ? "q" : "r";
CloudTable table = tableUtil.CreateTable();
try
{
//expiry time is future
CreateStoredAccessPolicy(policyName, permission, startTime, expiryTime, table, false);
string sasToken = CommandAgent.GetTableSasFromCmd(table.Name, policyName, string.Empty);
Test.Info("Sleep and wait for sas policy taking effect");
double lifeTime = 1;
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
tableUtil.ValidateTableQueryableWithSasToken(table, sasToken);
//modify exipiry time to past
expiryTime = DateTime.Today.AddDays(-2);
CommandAgent.SetAzureStorageTableStoredAccessPolicy(table.Name, policyName, null, null, expiryTime);
Test.Info("Sleep and wait for sas policy taking effect");
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
try
{
tableUtil.ValidateTableQueryableWithSasToken(table, sasToken);
Test.Error(string.Format("Access table should fail since the expiry time is {0}, but now is {1}",
expiryTime.Value.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
}
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSas_ExcludeIPRange()
{
CloudTable table = tableUtil.CreateTable();
try
{
string sastoken = CommandAgent.GetTableSasFromCmd(table.Name, string.Empty, "ruda", iPAddressOrRange: "10.10.10.10-10.10.10.11");
try
{
tableUtil.ValidateTableUpdateableWithSasToken(table, sastoken);
Test.Error(string.Format("Update Table should fail since the ip range not include current IP."));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
}
}
finally
{
tableUtil.RemoveTable(table);
}
}
public void NewTableSasWithNotExistTable()
{
string tableName = Utility.GenNameString("table");
CommandAgent.GetTableSasFromCmd(tableName, string.Empty, "r");
}