private string GenerateAndValidateAccountSAS(
SharedAccessAccountServices service,
SharedAccessAccountResourceTypes resourceType,
string permission,
SharedAccessProtocol?protocol = null,
string iPAddressOrRange = null,
DateTime?startTime = null, DateTime?expiryTime = null)
{
Test.Assert(CommandAgent.NewAzureStorageAccountSAS(
service, resourceType, permission, protocol, iPAddressOrRange, startTime, expiryTime), "Should succeeded in generating an account sas with full permissions, services and resource types");
string sasToken;
if (lang == Language.PowerShell)
{
sasToken = CommandAgent.Output[0][Constants.SASTokenKey].ToString();
}
else
{
sasToken = "?" + CommandAgent.Output[0][Constants.SASTokenKeyNode];
}
AccountSASUtils.ValidateAccountSAS(
service, resourceType, permission, protocol, iPAddressOrRange, startTime, expiryTime, sasToken);
return(sasToken);
}
public void AccountSAS_InvalidParameter()
{
SharedAccessAccountServices service = SharedAccessAccountServices.Blob | SharedAccessAccountServices.File | SharedAccessAccountServices.Queue | SharedAccessAccountServices.Table;
SharedAccessAccountResourceTypes resourceType = SharedAccessAccountResourceTypes.Container | SharedAccessAccountResourceTypes.Object | SharedAccessAccountResourceTypes.Service;
string permission = AccountSASUtils.fullPermission;
SharedAccessProtocol sasProtocal = SharedAccessProtocol.HttpsOrHttp;
string iPAddressOrRange = "0.0.0.0-255.255.255.255";
DateTime startTime = DateTime.Now.AddMinutes(-5);
DateTime expiryTime = DateTime.Now.AddMinutes(60);
//invalid permission
Test.Assert(!CommandAgent.NewAzureStorageAccountSAS(
service, resourceType, "racwx", sasProtocal, iPAddressOrRange, startTime, expiryTime), "Set stored access policy with invalid permission should fail");
if (lang == Language.PowerShell)
{
ExpectedContainErrorMessage("Invalid access permission");
}
else
{
ExpectedContainErrorMessage("Given \"x\" is invalid");
}
//repeated permission - success
GenerateAndValidateAccountSAS(
service, resourceType, "rracw", sasProtocal, iPAddressOrRange, startTime, expiryTime);
//invalid IP/IP range
Test.Assert(!CommandAgent.NewAzureStorageAccountSAS(
service, resourceType, permission, null, "123.3.4a", null, null), "Set stored access policy with invalid iPAddressOrRange should fail");
if (lang == Language.PowerShell)
{
ExpectedContainErrorMessage("Error when parsing IP address: IP address is invalid.");
}
else
{
ExpectedContainErrorMessage("Invalid ip range format");
}
Test.Assert(!CommandAgent.NewAzureStorageAccountSAS(
service, resourceType, permission, sasProtocal, "123.4.5.6_125.6.7.8", null, null), "Set stored access policy with invalid iPAddressOrRange should fail");
if (lang == Language.PowerShell)
{
ExpectedContainErrorMessage("Error when parsing IP address: IP address is invalid.");
}
else
{
ExpectedContainErrorMessage("Invalid ip range format");
}
//success: start IP > end IP
GenerateAndValidateAccountSAS(
service, resourceType, permission, sasProtocal, "22.22.22.22-11.111.11.11", startTime, expiryTime);
//Start time > expire Time
Test.Assert(!CommandAgent.NewAzureStorageAccountSAS(
service, resourceType, permission, sasProtocal, iPAddressOrRange, DateTime.Now.AddMinutes(5), DateTime.Now.AddMinutes(-5)), "Set stored access policy with invalid Start Time should fail");
ExpectedContainErrorMessage("The expiry time of the specified access policy should be greater than start time");
}
