private string GenerateAndValidateAccountSAS( SharedAccessAccountServices service, SharedAccessAccountResourceTypes resourceType, string permission, SharedAccessProtocol?protocol = null, string iPAddressOrRange = null, DateTime?startTime = null, DateTime?expiryTime = null) { Test.Assert(CommandAgent.NewAzureStorageAccountSAS( service, resourceType, permission, protocol, iPAddressOrRange, startTime, expiryTime), "Should succeeded in generating an account sas with full permissions, services and resource types"); string sasToken; if (lang == Language.PowerShell) { sasToken = CommandAgent.Output[0][Constants.SASTokenKey].ToString(); } else { sasToken = "?" + CommandAgent.Output[0][Constants.SASTokenKeyNode]; } AccountSASUtils.ValidateAccountSAS( service, resourceType, permission, protocol, iPAddressOrRange, startTime, expiryTime, sasToken); return(sasToken); }
public void AccountSAS_InvalidParameter() { SharedAccessAccountServices service = SharedAccessAccountServices.Blob | SharedAccessAccountServices.File | SharedAccessAccountServices.Queue | SharedAccessAccountServices.Table; SharedAccessAccountResourceTypes resourceType = SharedAccessAccountResourceTypes.Container | SharedAccessAccountResourceTypes.Object | SharedAccessAccountResourceTypes.Service; string permission = AccountSASUtils.fullPermission; SharedAccessProtocol sasProtocal = SharedAccessProtocol.HttpsOrHttp; string iPAddressOrRange = "0.0.0.0-255.255.255.255"; DateTime startTime = DateTime.Now.AddMinutes(-5); DateTime expiryTime = DateTime.Now.AddMinutes(60); //invalid permission Test.Assert(!CommandAgent.NewAzureStorageAccountSAS( service, resourceType, "racwx", sasProtocal, iPAddressOrRange, startTime, expiryTime), "Set stored access policy with invalid permission should fail"); if (lang == Language.PowerShell) { ExpectedContainErrorMessage("Invalid access permission"); } else { ExpectedContainErrorMessage("Given \"x\" is invalid"); } //repeated permission - success GenerateAndValidateAccountSAS( service, resourceType, "rracw", sasProtocal, iPAddressOrRange, startTime, expiryTime); //invalid IP/IP range Test.Assert(!CommandAgent.NewAzureStorageAccountSAS( service, resourceType, permission, null, "123.3.4a", null, null), "Set stored access policy with invalid iPAddressOrRange should fail"); if (lang == Language.PowerShell) { ExpectedContainErrorMessage("Error when parsing IP address: IP address is invalid."); } else { ExpectedContainErrorMessage("Invalid ip range format"); } Test.Assert(!CommandAgent.NewAzureStorageAccountSAS( service, resourceType, permission, sasProtocal, "123.4.5.6_125.6.7.8", null, null), "Set stored access policy with invalid iPAddressOrRange should fail"); if (lang == Language.PowerShell) { ExpectedContainErrorMessage("Error when parsing IP address: IP address is invalid."); } else { ExpectedContainErrorMessage("Invalid ip range format"); } //success: start IP > end IP GenerateAndValidateAccountSAS( service, resourceType, permission, sasProtocal, "22.22.22.22-11.111.11.11", startTime, expiryTime); //Start time > expire Time Test.Assert(!CommandAgent.NewAzureStorageAccountSAS( service, resourceType, permission, sasProtocal, iPAddressOrRange, DateTime.Now.AddMinutes(5), DateTime.Now.AddMinutes(-5)), "Set stored access policy with invalid Start Time should fail"); ExpectedContainErrorMessage("The expiry time of the specified access policy should be greater than start time"); }