// </Snippet_FileACL> #endregion #region Update ACL // --------------------------------------------------------- // Update directory-level ACLs //---------------------------------------------------------- // <Snippet_UpdateACL> public async Task UpdateDirectoryACLs(DataLakeFileSystemClient fileSystemClient) { DataLakeDirectoryClient directoryClient = fileSystemClient.GetDirectoryClient(""); PathAccessControl directoryAccessControl = await directoryClient.GetAccessControlAsync(); List <PathAccessControlItem> accessControlListUpdate = (List <PathAccessControlItem>)directoryAccessControl.AccessControlList; int index = -1; foreach (var item in accessControlListUpdate) { if (item.AccessControlType == AccessControlType.Other) { index = accessControlListUpdate.IndexOf(item); break; } } if (index > -1) { accessControlListUpdate[index] = new PathAccessControlItem(AccessControlType.Other, RolePermissions.Read | RolePermissions.Execute); directoryClient.SetAccessControlList(accessControlListUpdate); } }
// </Snippet_UpdateACLsRecursively> #endregion #region Remove ACL entry // --------------------------------------------------------- // Remove directory-level ACL entry //---------------------------------------------------------- // <Snippet_RemoveACLEntry> public async Task RemoveDirectoryACLEntry (DataLakeFileSystemClient fileSystemClient) { DataLakeDirectoryClient directoryClient = fileSystemClient.GetDirectoryClient(""); PathAccessControl directoryAccessControl = await directoryClient.GetAccessControlAsync(); List <PathAccessControlItem> accessControlListUpdate = (List <PathAccessControlItem>)directoryAccessControl.AccessControlList; PathAccessControlItem entryToRemove = null; foreach (var item in accessControlListUpdate) { if (item.EntityId == "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx") { entryToRemove = item; break; } } if (entryToRemove != null) { accessControlListUpdate.Remove(entryToRemove); directoryClient.SetAccessControlList(accessControlListUpdate); } }
// </Snippet_GetFileSystem> #endregion #region Get and set directory ACLs // --------------------------------------------------------- // Get and set directory-level ACLs //---------------------------------------------------------- // <Snippet_ACLDirectory> public async Task ManageDirectoryACLs(DataLakeFileSystemClient fileSystemClient) { DataLakeDirectoryClient directoryClient = fileSystemClient.GetDirectoryClient(""); PathAccessControl directoryAccessControl = await directoryClient.GetAccessControlAsync(); foreach (var item in directoryAccessControl.AccessControlList) { Console.WriteLine(item.ToString()); } IList <PathAccessControlItem> accessControlList = PathAccessControlExtensions.ParseAccessControlList ("user::rwx,group::r-x,other::rw-"); directoryClient.SetAccessControlList(accessControlList); }
/// <summary> /// execute command /// </summary> public override void ExecuteCmdlet() { IStorageBlobManagement localChannel = Channel; bool foundAFolder = false; DataLakeFileClient fileClient = null; DataLakeDirectoryClient dirClient = null; if (ParameterSetName == ManualParameterSet) { DataLakeFileSystemClient fileSystem = GetFileSystemClientByName(localChannel, this.FileSystem); foundAFolder = GetExistDataLakeGen2Item(fileSystem, this.Path, out fileClient, out dirClient); } else //BlobParameterSet { if (!InputObject.IsDirectory) { fileClient = InputObject.File; } else { dirClient = InputObject.Directory; foundAFolder = true; } } if (foundAFolder) { if (ShouldProcess(GetDataLakeItemUriWithoutSas(dirClient), "Update Directory: ")) { //Set Permission if (this.Permission != null || this.Owner != null || this.Group != null) { //PathAccessControl originPathAccessControl = dirClient.GetAccessControl().Value; dirClient.SetPermissions( this.Permission != null ? PathPermissions.ParseSymbolicPermissions(this.Permission) : null, this.Owner, this.Group); } //Set ACL if (this.Acl != null) { dirClient.SetAccessControlList(PSPathAccessControlEntry.ParseAccessControls(this.Acl)); } // Set Properties SetDatalakegen2ItemProperties(dirClient, this.BlobProperties, setToServer: true); //Set MetaData SetDatalakegen2ItemMetaData(dirClient, this.BlobMetadata, setToServer: true); WriteDataLakeGen2Item(localChannel, dirClient); } } else { if (ShouldProcess(GetDataLakeItemUriWithoutSas(fileClient), "Update File: ")) { //Set Permission if (this.Permission != null || this.Owner != null || this.Group != null) { fileClient.SetPermissions( this.Permission != null ? PathPermissions.ParseSymbolicPermissions(this.Permission) : null, this.Owner, this.Group); } //Set ACL if (this.Acl != null) { fileClient.SetAccessControlList(PSPathAccessControlEntry.ParseAccessControls(this.Acl)); } // Set Properties SetDatalakegen2ItemProperties(fileClient, this.BlobProperties, setToServer: true); //Set MetaData SetDatalakegen2ItemMetaData(fileClient, this.BlobMetadata, setToServer: true); WriteDataLakeGen2Item(localChannel, fileClient); } } }