public void NewQueueSasWithLimitedPermission()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
//queue read permission
string queuePermission = "r";
string limitedPermission = "aup";
string sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, queuePermission);
ValidateLimitedSasPermission(queue, limitedPermission, sastoken);
//queue add permission
queuePermission = "a";
limitedPermission = "rup";
sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, queuePermission);
ValidateLimitedSasPermission(queue, limitedPermission, sastoken);
//queue update permission
queuePermission = "u";
limitedPermission = "rap";
sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, queuePermission);
ValidateLimitedSasPermission(queue, limitedPermission, sastoken);
//queue process permission
queuePermission = "p";
limitedPermission = "rau";
sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, queuePermission);
ValidateLimitedSasPermission(queue, limitedPermission, sastoken);
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void NewQueueSas_Httpsonly()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
string sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, "raup", null, null, false, SharedAccessProtocol.HttpsOnly);
queueUtil.ValidateQueueAddableWithSasToken(queue, sastoken);
try
{
queueUtil.ValidateQueueAddableWithSasToken(queue, sastoken, useHttps: false);
Test.Error(string.Format("Queue Add with http should fail since the sas is HttpsOnly."));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(306, e.RequestInformation.HttpStatusCode, "Protocal not match error: ");
}
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void NewQueueSasWithPolicy()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
TimeSpan sasLifeTime = TimeSpan.FromMinutes(10);
QueuePermissions permission = new QueuePermissions();
string policyName = Utility.GenNameString("saspolicy");
permission.SharedAccessPolicies.Add(policyName, new SharedAccessQueuePolicy
{
SharedAccessExpiryTime = DateTime.Now.Add(sasLifeTime),
Permissions = SharedAccessQueuePermissions.Read,
});
queue.SetPermissions(permission);
string sasToken = CommandAgent.GetQueueSasFromCmd(queue.Name, policyName, string.Empty);
Test.Info("Sleep and wait for sas policy taking effect");
double lifeTime = 1;
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
ValidateSasToken(queue, "r", sasToken);
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
/// <summary>
/// Generate a sas token and validate it.
/// </summary>
/// <param name="queuePermission">Queue permission</param>
internal void GenerateSasTokenAndValidate(string queuePermission)
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
string sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, queuePermission);
ValidateSasToken(queue, queuePermission, sastoken);
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void NewQueueSas_IncludeIPRange()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
string sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, "raup", null, null, false, null, "0.0.0.0-255.255.255.255");
queueUtil.ValidateQueueUpdateableWithSasToken(queue, sastoken);
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void NewQueueSasWithLifeTime()
{
CloudQueue queue = queueUtil.CreateQueue();
double lifeTime = 3; //Minutes
const double deltaTime = 0.5;
DateTime startTime = DateTime.Now.AddMinutes(lifeTime);
DateTime expiryTime = startTime.AddMinutes(lifeTime);
try
{
string queuePermission = Utility.GenRandomCombination(Utility.QueuePermission);
string sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, queuePermission, startTime, expiryTime);
try
{
ValidateSasToken(queue, queuePermission, sastoken);
Test.Error(string.Format("Access queue should fail since the start time is {0}, but now is {1}",
startTime.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
}
queue.Clear();
Test.Info("Sleep and wait for the sas token start time");
Thread.Sleep(TimeSpan.FromMinutes(lifeTime + deltaTime));
ValidateSasToken(queue, queuePermission, sastoken);
Test.Info("Sleep and wait for sas token expiry time");
Thread.Sleep(TimeSpan.FromMinutes(lifeTime + deltaTime));
try
{
ValidateSasToken(queue, queuePermission, sastoken);
Test.Error(string.Format("Access queue should fail since the expiry time is {0}, but now is {1}",
expiryTime.ToUniversalTime().ToString(), DateTime.UtcNow.ToString()));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
}
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void PolicyWithSASPermission()
{
TimeSpan sasLifeTime = TimeSpan.FromMinutes(10);
string policyName = Utility.GenNameString("saspolicy");
DateTime? expiryTime = DateTime.Today.AddDays(10);
DateTime? startTime = DateTime.Today.AddDays(-2);
string permission = "raup";
CloudQueue queue = queueUtil.CreateQueue();
try
{
CreateStoredAccessPolicy(policyName, permission, startTime, expiryTime, queue, false);
string sasToken = CommandAgent.GetQueueSasFromCmd(queue.Name, policyName, string.Empty);
Test.Info("Sleep and wait for sas policy taking effect");
double lifeTime = 1;
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
queueUtil.ValidateQueueAddableWithSasToken(queue, sasToken);
//remove the Add permission
permission = "r";
CommandAgent.SetAzureStorageQueueStoredAccessPolicy(queue.Name, policyName, permission, null, null);
Test.Info("Sleep and wait for sas policy taking effect");
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
try
{
queueUtil.ValidateQueueAddableWithSasToken(queue, sasToken);
Test.Error("Add in queue should fail since Add permission is removed");
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(403, e.RequestInformation.HttpStatusCode, "(403) Forbidden");
}
//add back the Add permission
permission = "ra";
CommandAgent.SetAzureStorageQueueStoredAccessPolicy(queue.Name, policyName, permission, null, null);
Test.Info("Sleep and wait for sas policy taking effect");
Thread.Sleep(TimeSpan.FromMinutes(lifeTime));
queueUtil.ValidateQueueAddableWithSasToken(queue, sasToken);
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void NewQueueSasWithFullUri()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
string queuePermission = Utility.GenRandomCombination(Utility.QueuePermission);
string fullUri = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, queuePermission);
string sasToken = (lang == Language.PowerShell ? fullUri.Substring(fullUri.IndexOf("?")) : fullUri);
ValidateSasToken(queue, queuePermission, sasToken);
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void QueueWithReadPermission()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
string sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, "r");
CommandAgent.SetStorageContextWithSASToken(StorageAccount.Credentials.AccountName, sastoken, StorageEndpoint);
//list specified queue with properties and meta data
Test.Assert(CommandAgent.GetAzureStorageQueue(queue.Name), Utility.GenComparisonData("GetAzureStorageQueue", true));
}
finally
{
queueUtil.RemoveQueue(queue.Name);
}
}
public void NewQueueSas_NotCurrentIP()
{
CloudQueue queue = queueUtil.CreateQueue();
try
{
string sastoken = CommandAgent.GetQueueSasFromCmd(queue.Name, string.Empty, "raup", null, null, false, null, "2.3.4.5");
try
{
queueUtil.ValidateQueueReadableWithSasToken(queue, sastoken);
Test.Error(string.Format("Queue read hould fail since the ipAcl is not current IP."));
}
catch (StorageException e)
{
Test.Info(e.Message);
ExpectEqual(e.RequestInformation.HttpStatusCode, 403, "(403) Forbidden");
}
}
finally
{
queueUtil.RemoveQueue(queue);
}
}
public void NewQueueSasWithNotExistQueue()
{
string queueName = Utility.GenNameString("queue");
CommandAgent.GetQueueSasFromCmd(queueName, string.Empty, "r");
}
