/// <summary>
/// Test deleting entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestDelete(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
TableServiceContext referenceContext = testClient.GetTableServiceContext();
Action <BaseEntity> deleteDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
context.AttachTo(tableName, tableEntity, "*");
context.DeleteObject(tableEntity);
context.SaveChangesWithRetries();
context.Detach(tableEntity);
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Delete) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
deleteDelegate,
"delete",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Test upsert (insert or replace) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestUpsertReplace(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action <BaseEntity> upsertDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
// Replace entity
tableEntity.A = "10";
context.AttachTo(tableName, tableEntity);
context.UpdateObject(tableEntity);
context.SaveChangesWithRetries(SaveChangesOptions.ReplaceOnUpdate);
};
SharedAccessTablePermissions upsertPermissions = (SharedAccessTablePermissions.Update | SharedAccessTablePermissions.Add);
bool expectSuccess = (accessPermissions & upsertPermissions) == upsertPermissions;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
upsertDelegate,
"upsert replace",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Test adding entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestAdd(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
TableServiceContext referenceContext = testClient.GetTableServiceContext();
Action <BaseEntity> addDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
context.AddObject(tableName, tableEntity);
context.SaveChangesWithRetries();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Add) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
addDelegate,
"add",
expectSuccess,
expectSuccess ? HttpStatusCode.Created : HttpStatusCode.NotFound);
}
/// <summary>
/// Test update (replace) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestUpdateReplace(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action <BaseEntity, OperationContext> updateDelegate = (tableEntity, ctx) =>
{
// replace entity
tableEntity.A = "20";
tableEntity.ETag = "*";
testClient.GetTableReference(tableName).Execute(TableOperation.Replace(tableEntity), null, ctx);
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Update) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
updateDelegate,
"update replace",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Test deleting entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestDelete(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action <BaseEntity, OperationContext> deleteDelegate = (tableEntity, ctx) =>
{
// delete entity
tableEntity.A = "10";
tableEntity.ETag = "*";
testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.Delete(tableEntity), null, ctx).AsTask().Wait();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Delete) != 0;
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
deleteDelegate,
"delete",
expectSuccess,
expectSuccess?HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Test upsert (insert or replace) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestUpsertReplace(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action <BaseEntity, OperationContext> upsertDelegate = (tableEntity, ctx) =>
{
// insert or replace entity
tableEntity.A = "10";
testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.InsertOrReplace(tableEntity), null, ctx).AsTask().Wait();
};
SharedAccessTablePermissions upsertPermissions = (SharedAccessTablePermissions.Update | SharedAccessTablePermissions.Add);
bool expectSuccess = (accessPermissions & upsertPermissions) == upsertPermissions;
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
upsertDelegate,
"upsert replace",
expectSuccess,
expectSuccess?HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Test adding entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestAdd(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action <BaseEntity, OperationContext> addDelegate = (tableEntity, ctx) =>
{
// insert entity
tableEntity.A = "10";
testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.Insert(tableEntity), null, ctx).AsTask().Wait();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Add) != 0;
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
addDelegate,
"add",
expectSuccess,
expectSuccess?HttpStatusCode.Created : HttpStatusCode.NotFound);
}
/// <summary>
/// Converts the permissions specified for the shared access policy to a string.
/// </summary>
/// <param name="permissions">The shared access permissions.</param>
/// <returns>The shared access permissions in string format.</returns>
public static string PermissionsToString(SharedAccessTablePermissions permissions)
{
// The service supports a fixed order => raud
StringBuilder builder = new StringBuilder();
if ((permissions & SharedAccessTablePermissions.Query) == SharedAccessTablePermissions.Query)
{
builder.Append("r");
}
if ((permissions & SharedAccessTablePermissions.Add) == SharedAccessTablePermissions.Add)
{
builder.Append("a");
}
if ((permissions & SharedAccessTablePermissions.Update) == SharedAccessTablePermissions.Update)
{
builder.Append("u");
}
if ((permissions & SharedAccessTablePermissions.Delete) == SharedAccessTablePermissions.Delete)
{
builder.Append("d");
}
return(builder.ToString());
}
/// <summary>
/// Tests table access permissions with SAS, using a stored policy and using permissions on the URI.
/// Various table range constraints are tested.
/// </summary>
/// <param name="accessPermissions">The permissions to test.</param>
internal async Task TestTableSas(SharedAccessTablePermissions accessPermissions)
{
string startPk = "M";
string startRk = "F";
string endPk = "S";
string endRk = "T";
// No ranges specified
await TestTableSasWithRange(accessPermissions, null, null, null, null);
// All ranges specified
await TestTableSasWithRange(accessPermissions, startPk, startRk, endPk, endRk);
// StartPk & StartRK specified
await TestTableSasWithRange(accessPermissions, startPk, startRk, null, null);
// StartPk specified
await TestTableSasWithRange(accessPermissions, startPk, null, null, null);
// EndPk & EndRK specified
await TestTableSasWithRange(accessPermissions, null, null, endPk, endRk);
// EndPk specified
await TestTableSasWithRange(accessPermissions, null, null, endPk, null);
// StartPk and EndPk specified
await TestTableSasWithRange(accessPermissions, startPk, null, endPk, null);
// StartRk and StartRK and EndPk specified
await TestTableSasWithRange(accessPermissions, startPk, startRk, endPk, null);
// StartRk and EndPK and EndPk specified
await TestTableSasWithRange(accessPermissions, startPk, null, endPk, endRk);
}
public static SharedAccessTablePermissions PermissionsFromString(string input)
{
CommonUtility.AssertNotNull("input", input);
SharedAccessTablePermissions sharedAccessTablePermissions = SharedAccessTablePermissions.None;
for (int i = 0; i < input.Length; i++)
{
switch (input[i])
{
case 'a':
sharedAccessTablePermissions |= SharedAccessTablePermissions.Add;
break;
case 'd':
sharedAccessTablePermissions |= SharedAccessTablePermissions.Delete;
break;
case 'r':
sharedAccessTablePermissions |= SharedAccessTablePermissions.Query;
break;
case 'u':
sharedAccessTablePermissions |= SharedAccessTablePermissions.Update;
break;
default:
throw new ArgumentOutOfRangeException("input");
}
}
// if (sharedAccessTablePermissions == SharedAccessTablePermissions.None)
// {
// sharedAccessTablePermissions = sharedAccessTablePermissions;
// }
return(sharedAccessTablePermissions);
}
/// <summary>
/// Converts the permissions specified for the shared access policy to a string.
/// </summary>
/// <param name="permissions">The shared access permissions.</param>
/// <returns>The shared access permissions in string format.</returns>
public static string PermissionsToString(SharedAccessTablePermissions permissions)
{
// The service supports a fixed order => raud
StringBuilder builder = new StringBuilder();
if ((permissions & SharedAccessTablePermissions.Query) == SharedAccessTablePermissions.Query)
{
builder.Append("r");
}
if ((permissions & SharedAccessTablePermissions.Add) == SharedAccessTablePermissions.Add)
{
builder.Append("a");
}
if ((permissions & SharedAccessTablePermissions.Update) == SharedAccessTablePermissions.Update)
{
builder.Append("u");
}
if ((permissions & SharedAccessTablePermissions.Delete) == SharedAccessTablePermissions.Delete)
{
builder.Append("d");
}
return builder.ToString();
}
/// <summary>
/// Test point queries entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestPointQuery(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action <BaseEntity> queryDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
TableServiceQuery <BaseEntity> query = (from entity in context.CreateQuery <BaseEntity>(tableName)
where entity.PartitionKey == tableEntity.PartitionKey && entity.RowKey == tableEntity.RowKey
select entity).AsTableServiceQuery(context);
IEnumerable <BaseEntity> list = query.Execute().ToList();
Assert.AreEqual(1, list.Count());
BaseEntity e = list.Single();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Query) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
queryDelegate,
"point query",
expectSuccess,
expectSuccess ? HttpStatusCode.OK : HttpStatusCode.NotFound);
}
/// <summary>
/// Set Permissions From String, for Service SAS - Tables
/// "raud"
/// </summary>
/// <returns></returns>
private static SharedAccessTablePermissions Set_PermissionsFromStr_ServiceSAS_Tables()
{
string sp = SAS_Utils.SAS.sp.v;
SharedAccessTablePermissions Permissions = 0;
Permissions |= (sp.IndexOf("r") != -1) ? SharedAccessTablePermissions.Query : 0;
Permissions |= (sp.IndexOf("a") != -1) ? SharedAccessTablePermissions.Add : 0;
Permissions |= (sp.IndexOf("u") != -1) ? SharedAccessTablePermissions.Update : 0;
Permissions |= (sp.IndexOf("d") != -1) ? SharedAccessTablePermissions.Delete : 0;
return(Permissions);
}
public static string GenerateTableStorageSasUrl(string connectionString, string tableName, DateTime expiryTime, SharedAccessTablePermissions permissions)
{
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(connectionString);
CloudTableClient tableClient = storageAccount.CreateCloudTableClient();
CloudTable tableReference = tableClient.GetTableReference(tableName);
tableReference.CreateIfNotExists();
var sasToken = tableReference.GetSharedAccessSignature(
new SharedAccessTablePolicy()
{
SharedAccessExpiryTime = expiryTime,
Permissions = permissions
});
return tableReference.Uri + sasToken;
}
public string GetSas(string partition, SharedAccessTablePermissions permissions)
{
SharedAccessTablePolicy policy = new SharedAccessTablePolicy()
{
SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(15),
Permissions = permissions
};
string sasToken = this.ServiceClient.GetTableReference("Photos").GetSharedAccessSignature(
policy /* access policy */,
null /* access policy identifier */,
partition /* start partition key */,
null /* start row key */,
partition /* end partition key */,
null /* end row key */);
return sasToken;
}
/// <summary>
/// Test point queries entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestPointQuery(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Query) != 0;
Action <BaseEntity, OperationContext> queryDelegate = (tableEntity, ctx) =>
{
Task <TableResult> retrieveTask = testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.Retrieve <BaseEntity>(tableEntity.PartitionKey, tableEntity.RowKey), null, ctx).AsTask();
retrieveTask.Wait();
if (expectSuccess)
{
Assert.IsNotNull(retrieveTask.Result.Result);
}
else
{
Assert.AreEqual(ctx.LastResult.HttpStatusCode, (int)HttpStatusCode.OK);
}
};
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
queryDelegate,
"point query",
expectSuccess,
expectSuccess?HttpStatusCode.OK : HttpStatusCode.NotFound);
}
public void SetStoredAccessPolicySuccessTest()
{
AddTestStoredAccessPolicy();
string policyName = TestPolicy1;
string tableName = "sampleTable";
string permission = "u";
DateTime startTime = DateTime.Today;
DateTime expiryTime = DateTime.Today.AddDays(2);
command.SetAzureTableStoredAccessPolicy(command.Channel, tableName, policyName, startTime, expiryTime, permission, false, false);
SharedAccessTablePermissions expectedPermissions = SharedAccessTablePermissions.None;
expectedPermissions |= SharedAccessTablePermissions.Update;
SharedAccessTablePolicy resultPolicy = tableMock.tablePermissions.SharedAccessPolicies[policyName];
Assert.IsNotNull(resultPolicy);
Assert.AreEqual <SharedAccessTablePermissions>(expectedPermissions, resultPolicy.Permissions);
Assert.AreEqual <DateTimeOffset?>(startTime.ToUniversalTime(), resultPolicy.SharedAccessStartTime);
Assert.AreEqual <DateTimeOffset?>(expiryTime.ToUniversalTime(), resultPolicy.SharedAccessExpiryTime);
}
/// <summary>
/// Constructs a <see cref="SharedAccessTablePermissions"/> object from a permissions string.
/// </summary>
/// <param name="input">The shared access permissions in string format.</param>
/// <returns>A set of shared access permissions.</returns>
public static SharedAccessTablePermissions PermissionsFromString(string input)
{
CommonUtility.AssertNotNull("input", input);
SharedAccessTablePermissions permissions = 0;
foreach (char c in input)
{
switch (c)
{
case 'r':
permissions |= SharedAccessTablePermissions.Query;
break;
case 'a':
permissions |= SharedAccessTablePermissions.Add;
break;
case 'u':
permissions |= SharedAccessTablePermissions.Update;
break;
case 'd':
permissions |= SharedAccessTablePermissions.Delete;
break;
default:
throw new ArgumentOutOfRangeException("input");
}
}
// Incase we ever change none to be something other than 0
if (permissions == 0)
{
permissions |= SharedAccessTablePermissions.None;
}
return(permissions);
}
public static string PermissionsToString(SharedAccessTablePermissions permissions)
{
StringBuilder stringBuilder = new StringBuilder();
if ((permissions & SharedAccessTablePermissions.Query) == SharedAccessTablePermissions.Query)
{
stringBuilder.Append("r");
}
if ((permissions & SharedAccessTablePermissions.Add) == SharedAccessTablePermissions.Add)
{
stringBuilder.Append("a");
}
if ((permissions & SharedAccessTablePermissions.Update) == SharedAccessTablePermissions.Update)
{
stringBuilder.Append("u");
}
if ((permissions & SharedAccessTablePermissions.Delete) == SharedAccessTablePermissions.Delete)
{
stringBuilder.Append("d");
}
return(stringBuilder.ToString());
}
public void CreateAzureTableStoredAccessPolicySuccessTest()
{
string policyName = "Policy" + Guid.NewGuid();
string tableName = "sampleTable";
string permission = "rd";
DateTime startTime = DateTime.Today;
DateTime expiryTime = DateTime.Today.AddDays(1);
command.CreateAzureTableStoredAccessPolicy(command.Channel, tableName, policyName, startTime, expiryTime, permission);
SharedAccessTablePermissions expectedPermissions = SharedAccessTablePermissions.None;
expectedPermissions |= SharedAccessTablePermissions.Query;
expectedPermissions |= SharedAccessTablePermissions.Delete;
SharedAccessTablePolicy resultPolicy = tableMock.tablePermissions.SharedAccessPolicies[policyName];
Assert.IsNotNull(resultPolicy);
Assert.AreEqual <SharedAccessTablePermissions>(expectedPermissions, resultPolicy.Permissions);
Assert.AreEqual <DateTimeOffset?>(startTime.ToUniversalTime(), resultPolicy.SharedAccessStartTime);
Assert.AreEqual <DateTimeOffset?>(expiryTime.ToUniversalTime(), resultPolicy.SharedAccessExpiryTime);
}
/// <summary>
/// Test adding entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestAdd(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
TableServiceContext referenceContext = testClient.GetTableServiceContext();
Action<BaseEntity> addDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
context.AddObject(tableName, tableEntity);
context.SaveChangesWithRetries();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Add) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
addDelegate,
"add",
expectSuccess,
expectSuccess ? HttpStatusCode.Created : HttpStatusCode.NotFound);
}
/// <summary>
/// Test upsert (insert or merge) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestUpsertMerge(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity, OperationContext> upsertDelegate = (tableEntity, ctx) =>
{
// insert or merge entity
tableEntity.A = "10";
testClient.GetTableReference(tableName).Execute(TableOperation.InsertOrMerge(tableEntity), null, ctx);
};
SharedAccessTablePermissions upsertPermissions = (SharedAccessTablePermissions.Update | SharedAccessTablePermissions.Add);
bool expectSuccess = (accessPermissions & upsertPermissions) == upsertPermissions;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
upsertDelegate,
"upsert merge",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Tests table access permissions with SAS, using a stored policy and using permissions on the URI.
/// </summary>
/// <param name="accessPermissions">The permissions to test.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
internal async Task TestTableSasWithRange(
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
CloudTableClient tableClient = GenerateCloudTableClient();
CloudTable table = tableClient.GetTableReference("T" + Guid.NewGuid().ToString("N"));
try
{
await table.CreateAsync();
// Set up a policy
string identifier = Guid.NewGuid().ToString();
TablePermissions permissions = new TablePermissions();
permissions.SharedAccessPolicies.Add(identifier, new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddDays(1)
});
await table.SetPermissionsAsync(permissions);
await Task.Delay(30 * 1000);
// Prepare SAS authentication using access identifier
string sasString = table.GetSharedAccessSignature(new SharedAccessTablePolicy(), identifier, startPk, startRk, endPk, endRk);
CloudTableClient identifierSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Prepare SAS authentication using explicit policy
sasString = table.GetSharedAccessSignature(
new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddMinutes(30)
},
null,
startPk,
startRk,
endPk,
endRk);
CloudTableClient explicitSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Point query
await TestPointQuery(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestPointQuery(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Add row
await TestAdd(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestAdd(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (merge)
await TestUpdateMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpdateMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (replace)
await TestUpdateReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpdateReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Delete row
await TestDelete(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestDelete(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (merge)
await TestUpsertMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpsertMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (replace)
await TestUpsertReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpsertReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
}
finally
{
table.DeleteIfExistsAsync().AsTask().Wait();
}
}
/// <summary>
/// Test point queries entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestPointQuery(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity> queryDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
TableServiceQuery<BaseEntity> query = (from entity in context.CreateQuery<BaseEntity>(tableName)
where entity.PartitionKey == tableEntity.PartitionKey && entity.RowKey == tableEntity.RowKey
select entity).AsTableServiceQuery(context);
IEnumerable<BaseEntity> list = query.Execute().ToList();
Assert.AreEqual(1, list.Count());
BaseEntity e = list.Single();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Query) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
queryDelegate,
"point query",
expectSuccess,
expectSuccess ? HttpStatusCode.OK : HttpStatusCode.NotFound);
}
/// <summary>
/// Test update (merge) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestUpdateMerge(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity> updateDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
// Merge entity
tableEntity.A = "10";
context.AttachTo(tableName, tableEntity, "*");
context.UpdateObject(tableEntity);
context.SaveChangesWithRetries();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Update) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
updateDelegate,
"update merge",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Tests table access permissions with SAS, using a stored policy and using permissions on the URI.
/// Various table range constraints are tested.
/// </summary>
/// <param name="accessPermissions">The permissions to test.</param>
internal void TestTableSas(SharedAccessTablePermissions accessPermissions)
{
string startPk = "M";
string startRk = "F";
string endPk = "S";
string endRk = "T";
// No ranges specified
TestTableSasWithRange(accessPermissions, null, null, null, null);
// All ranges specified
TestTableSasWithRange(accessPermissions, startPk, startRk, endPk, endRk);
// StartPk & StartRK specified
TestTableSasWithRange(accessPermissions, startPk, startRk, null, null);
// StartPk specified
TestTableSasWithRange(accessPermissions, startPk, null, null, null);
// EndPk & EndRK specified
TestTableSasWithRange(accessPermissions, null, null, endPk, endRk);
// EndPk specified
TestTableSasWithRange(accessPermissions, null, null, endPk, null);
// StartPk and EndPk specified
TestTableSasWithRange(accessPermissions, startPk, null, endPk, null);
// StartRk and StartRK and EndPk specified
TestTableSasWithRange(accessPermissions, startPk, startRk, endPk, null);
// StartRk and EndPK and EndPk specified
TestTableSasWithRange(accessPermissions, startPk, null, endPk, endRk);
}
/// <summary>
/// Tests table access permissions with SAS, using a stored policy and using permissions on the URI.
/// </summary>
/// <param name="accessPermissions">The permissions to test.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
internal void TestTableSasWithRange(
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
TestContext.WriteLine("Testing SAS range: spk={0}; epk={1}; srk={2}; erk={3}", startPk, endPk, startRk, endRk);
CloudTableClient tableClient = GenerateCloudTableClient();
CloudTable table = tableClient.GetTableReference("T" + Guid.NewGuid().ToString("N"));
try
{
table.Create();
// Set up a policy
string identifier = Guid.NewGuid().ToString();
TablePermissions permissions = new TablePermissions();
permissions.SharedAccessPolicies.Add(identifier, new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddDays(1)
});
table.SetPermissions(permissions);
Thread.Sleep(30 * 1000);
// Prepare SAS authentication using access identifier
string sasString = table.GetSharedAccessSignature(new SharedAccessTablePolicy(), identifier, startPk, startRk, endPk, endRk);
CloudTableClient identifierSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Prepare SAS authentication using explicit policy
sasString = table.GetSharedAccessSignature(
new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddMinutes(30)
},
null,
startPk,
startRk,
endPk,
endRk);
CloudTableClient explicitSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Point query
TestPointQuery(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestPointQuery(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Add row
TestAdd(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestAdd(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (merge)
TestUpdateMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpdateMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (replace)
TestUpdateReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpdateReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Delete row
TestDelete(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestDelete(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (merge)
TestUpsertMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpsertMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (replace)
TestUpsertReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpsertReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
}
finally
{
table.DeleteIfExists();
}
}
/// <summary>
/// Test deleting entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestDelete(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
TableServiceContext referenceContext = testClient.GetTableServiceContext();
Action<BaseEntity> deleteDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
context.AttachTo(tableName, tableEntity, "*");
context.DeleteObject(tableEntity);
context.SaveChangesWithRetries();
context.Detach(tableEntity);
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Delete) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
deleteDelegate,
"delete",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.Forbidden);
}
/// <summary>
/// Test upsert (insert or replace) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestUpsertReplace(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity> upsertDelegate = (tableEntity) =>
{
TableServiceContext context = testClient.GetTableServiceContext();
// Replace entity
tableEntity.A = "10";
context.AttachTo(tableName, tableEntity);
context.UpdateObject(tableEntity);
context.SaveChangesWithRetries(SaveChangesOptions.ReplaceOnUpdate);
};
SharedAccessTablePermissions upsertPermissions = (SharedAccessTablePermissions.Update | SharedAccessTablePermissions.Add);
bool expectSuccess = (accessPermissions & upsertPermissions) == upsertPermissions;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
upsertDelegate,
"upsert replace",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
}
/// <summary>
/// Test update (replace) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private void TestUpdateReplace(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity, OperationContext> updateDelegate = (tableEntity, ctx) =>
{
// replace entity
tableEntity.A = "20";
tableEntity.ETag = "*";
testClient.GetTableReference(tableName).Execute(TableOperation.Replace(tableEntity), null, ctx);
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Update) != 0;
// Perform test
TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
updateDelegate,
"update replace",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.Forbidden);
}
/// <summary>
/// Test upsert (insert or replace) on entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestUpsertReplace(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity, OperationContext> upsertDelegate = (tableEntity, ctx) =>
{
// insert or replace entity
tableEntity.A = "10";
testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.InsertOrReplace(tableEntity), null, ctx).AsTask().Wait();
};
SharedAccessTablePermissions upsertPermissions = (SharedAccessTablePermissions.Update | SharedAccessTablePermissions.Add);
bool expectSuccess = (accessPermissions & upsertPermissions) == upsertPermissions;
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
upsertDelegate,
"upsert replace",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.Forbidden,
false,
false);
}
/// <summary>
/// Test deleting entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestDelete(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity, OperationContext> deleteDelegate = (tableEntity, ctx) =>
{
// delete entity
tableEntity.A = "10";
tableEntity.ETag = "*";
testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.Delete(tableEntity), null, ctx).AsTask().Wait();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Delete) != 0;
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
deleteDelegate,
"delete",
expectSuccess,
expectSuccess ? HttpStatusCode.NoContent : HttpStatusCode.Forbidden,
false,
false);
}
/// <summary>
/// Test adding entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestAdd(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
Action<BaseEntity, OperationContext> addDelegate = (tableEntity, ctx) =>
{
// insert entity
tableEntity.A = "10";
testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.Insert(tableEntity), null, ctx).AsTask().Wait();
};
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Add) != 0;
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
addDelegate,
"add",
expectSuccess,
expectSuccess ? HttpStatusCode.Created : HttpStatusCode.Forbidden,
false,
false);
}
public static string PermissionsToString(SharedAccessTablePermissions permissions)
{
throw new System.NotImplementedException();
}
/// <summary>
/// Tests table access permissions with SAS, using a stored policy and using permissions on the URI.
/// </summary>
/// <param name="accessPermissions">The permissions to test.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
internal async Task TestTableSasWithRange(
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
CloudTableClient tableClient = GenerateCloudTableClient();
CloudTable table = tableClient.GetTableReference("T" + Guid.NewGuid().ToString("N"));
try
{
await table.CreateAsync();
// Set up a policy
string identifier = Guid.NewGuid().ToString();
TablePermissions permissions = new TablePermissions();
permissions.SharedAccessPolicies.Add(identifier, new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddDays(1)
});
await table.SetPermissionsAsync(permissions);
await Task.Delay(30 * 1000);
// Prepare SAS authentication using access identifier
string sasString = table.GetSharedAccessSignature(new SharedAccessTablePolicy(), identifier, startPk, startRk, endPk, endRk);
CloudTableClient identifierSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Prepare SAS authentication using explicit policy
sasString = table.GetSharedAccessSignature(
new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddMinutes(30)
},
null,
startPk,
startRk,
endPk,
endRk);
CloudTableClient explicitSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Point query
await TestPointQuery(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestPointQuery(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Add row
await TestAdd(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestAdd(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (merge)
await TestUpdateMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpdateMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (replace)
await TestUpdateReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpdateReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Delete row
await TestDelete(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestDelete(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (merge)
await TestUpsertMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpsertMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (replace)
await TestUpsertReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
await TestUpsertReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
}
finally
{
table.DeleteIfExistsAsync().AsTask().Wait();
}
}
/// <summary>
/// Test point queries entities inside and outside the given range.
/// </summary>
/// <param name="testClient">The table client to test.</param>
/// <param name="tableName">The name of the table to test.</param>
/// <param name="accessPermissions">The access permissions of the table client.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
private async Task TestPointQuery(
CloudTableClient testClient,
string tableName,
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
bool expectSuccess = (accessPermissions & SharedAccessTablePermissions.Query) != 0;
Action<BaseEntity, OperationContext> queryDelegate = (tableEntity, ctx) =>
{
Task<TableResult> retrieveTask = testClient.GetTableReference(tableName).ExecuteAsync(TableOperation.Retrieve<BaseEntity>(tableEntity.PartitionKey, tableEntity.RowKey), null, ctx).AsTask();
retrieveTask.Wait();
if (expectSuccess)
{
Assert.IsNotNull(retrieveTask.Result.Result);
}
else
{
Assert.AreEqual(ctx.LastResult.HttpStatusCode, (int)HttpStatusCode.OK);
}
};
// Perform test
await TestOperationWithRange(
tableName,
startPk,
startRk,
endPk,
endRk,
queryDelegate,
"point query",
expectSuccess,
expectSuccess ? HttpStatusCode.OK : HttpStatusCode.NotFound,
false,
expectSuccess);
}
public static string GenerateTableStorageSasUrl(string connectionString, string tableName, DateTime expiryTime, SharedAccessTablePermissions permissions)
{
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(connectionString);
CloudTableClient tableClient = storageAccount.CreateCloudTableClient();
CloudTable tableReference = tableClient.GetTableReference(tableName);
tableReference.CreateIfNotExists();
var sasToken = tableReference.GetSharedAccessSignature(
new SharedAccessTablePolicy()
{
SharedAccessExpiryTime = expiryTime,
Permissions = permissions
});
return(tableReference.Uri + sasToken);
}
/// <summary>
/// Tests table access permissions with SAS, using a stored policy and using permissions on the URI.
/// </summary>
/// <param name="accessPermissions">The permissions to test.</param>
/// <param name="startPk">The start partition key range.</param>
/// <param name="startRk">The start row key range.</param>
/// <param name="endPk">The end partition key range.</param>
/// <param name="endRk">The end row key range.</param>
internal void TestTableSasWithRange(
SharedAccessTablePermissions accessPermissions,
string startPk,
string startRk,
string endPk,
string endRk)
{
TestContext.WriteLine("Testing SAS range: spk={0}; epk={1}; srk={2}; erk={3}", startPk, endPk, startRk, endRk);
CloudTableClient tableClient = GenerateCloudTableClient();
CloudTable table = tableClient.GetTableReference("T" + Guid.NewGuid().ToString("N"));
try
{
table.Create();
// Set up a policy
string identifier = Guid.NewGuid().ToString();
TablePermissions permissions = new TablePermissions();
permissions.SharedAccessPolicies.Add(identifier, new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddDays(1)
});
table.SetPermissions(permissions);
Thread.Sleep(30 * 1000);
// Prepare SAS authentication using access identifier
string sasString = table.GetSharedAccessSignature(new SharedAccessTablePolicy(), identifier, startPk, startRk, endPk, endRk);
CloudTableClient identifierSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Prepare SAS authentication using explicit policy
sasString = table.GetSharedAccessSignature(
new SharedAccessTablePolicy
{
Permissions = accessPermissions,
SharedAccessExpiryTime = DateTimeOffset.Now.AddMinutes(30)
},
null,
startPk,
startRk,
endPk,
endRk);
CloudTableClient explicitSasClient = new CloudTableClient(tableClient.BaseUri, new StorageCredentials(sasString));
// Point query
TestPointQuery(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestPointQuery(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Add row
TestAdd(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestAdd(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (merge)
TestUpdateMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpdateMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Update row (replace)
TestUpdateReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpdateReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Delete row
TestDelete(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestDelete(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (merge)
TestUpsertMerge(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpsertMerge(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
// Upsert row (replace)
TestUpsertReplace(identifierSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
TestUpsertReplace(explicitSasClient, table.Name, accessPermissions, startPk, startRk, endPk, endRk);
}
finally
{
table.DeleteIfExists();
}
}
