diff --git a/sdk/storage/assets.json b/sdk/storage/assets.json index 79a5d9519..e27065b6b 100644 --- a/sdk/storage/assets.json +++ b/sdk/storage/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "cpp", "TagPrefix": "cpp/storage", - "Tag": "cpp/storage_34b082e038" + "Tag": "cpp/storage_d4662c63f9" } diff --git a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_sas_test.cpp b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_sas_test.cpp index 6e14985e4..814b5d77b 100644 --- a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_sas_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_sas_test.cpp @@ -408,7 +408,6 @@ namespace Azure { namespace Storage { namespace Test { Sas::DataLakeSasPermissions::List, Sas::DataLakeSasPermissions::Add, Sas::DataLakeSasPermissions::Create, - Sas::DataLakeSasPermissions::Move, Sas::DataLakeSasPermissions::Execute, Sas::DataLakeSasPermissions::ManageAccessControl, }) @@ -433,11 +432,6 @@ namespace Azure { namespace Storage { namespace Test { { VerifyDataLakeSasCreate(dataLakeDirectoryClient, sasToken2); } - if ((permissions & Sas::DataLakeSasPermissions::Move) == Sas::DataLakeSasPermissions::Move) - { - // Don't know why, move doesn' t work - // VerifyDataLakeSasMove(dataLakeDirectoryClient, directoryName, sasToken2); - } if ((permissions & Sas::DataLakeSasPermissions::ManageAccessControl) == Sas::DataLakeSasPermissions::ManageAccessControl) { diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp index bc9172d76..850f3a868 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp @@ -651,12 +651,12 @@ namespace Azure { namespace Storage { namespace Test { } } - TEST_F(FileShareClientTest, DISABLED_OAuth) + TEST_F(FileShareClientTest, OAuth_PLAYBACKONLY_) { // Create from client secret credential. std::shared_ptr credential = std::make_shared( - AadTenantId(), AadClientId(), AadClientSecret()); + AadTenantId(), AadClientId(), AadClientSecret(), GetTokenCredentialOptions()); auto options = InitStorageClientOptions(); options.ShareTokenIntent = Files::Shares::Models::ShareTokenIntent::Backup; diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp index 4e8683ceb..047405960 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp @@ -859,20 +859,30 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_EQ(response.Files[0].Name, specialFileName); } - TEST_F(FileShareDirectoryClientTest, HandlesFunctionalityWorks) + // cspell:ignore myshare mydirectory + TEST_F(FileShareDirectoryClientTest, HandlesFunctionalityWorks_PLAYBACKONLY_) { - auto result = m_fileShareDirectoryClient->ListHandles(); + auto shareClient = Files::Shares::ShareClient::CreateFromConnectionString( + StandardStorageConnectionString(), + "myshare", + InitStorageClientOptions()); + auto directoryClient + = shareClient.GetRootDirectoryClient().GetSubdirectoryClient("mydirectory"); + Files::Shares::ListDirectoryHandlesOptions options; + options.PageSizeHint = 1; + std::unordered_set handles; + for (auto pageResult = directoryClient.ListHandles(options); pageResult.HasPage(); + pageResult.MoveToNextPage()) + { + ASSERT_EQ(1L, pageResult.DirectoryHandles.size()); + handles.insert(pageResult.DirectoryHandles[0].HandleId); + } + EXPECT_EQ(handles.size(), 2); + + EXPECT_NO_THROW(directoryClient.ForceCloseAllHandles()); + + auto result = directoryClient.ListHandles(); EXPECT_TRUE(result.DirectoryHandles.empty()); - EXPECT_FALSE(result.NextPageToken.HasValue()); - for (auto pageResult = m_fileShareDirectoryClient->ListHandles(); pageResult.HasPage(); - pageResult.MoveToNextPage()) - { - } - EXPECT_NO_THROW(m_fileShareDirectoryClient->ForceCloseAllHandles()); - for (auto pageResult = m_fileShareDirectoryClient->ForceCloseAllHandles(); pageResult.HasPage(); - pageResult.MoveToNextPage()) - { - } } TEST_F(FileShareDirectoryClientTest, AllowTrailingDot) @@ -1052,14 +1062,14 @@ namespace Azure { namespace Storage { namespace Test { testTrailingDot(false, false); } - TEST_F(FileShareDirectoryClientTest, DISABLED_OAuth) + TEST_F(FileShareDirectoryClientTest, OAuth_PLAYBACKONLY_) { const std::string directoryName = RandomString(); // Create from client secret credential. std::shared_ptr credential = std::make_shared( - AadTenantId(), AadClientId(), AadClientSecret()); + AadTenantId(), AadClientId(), AadClientSecret(), GetTokenCredentialOptions()); auto options = InitStorageClientOptions(); options.ShareTokenIntent = Files::Shares::Models::ShareTokenIntent::Backup; @@ -1117,11 +1127,12 @@ namespace Azure { namespace Storage { namespace Test { } // cspell:ignore myshare mydirectory - // Can't run this test on pipeline, test it locally. - TEST_F(FileShareDirectoryClientTest, DISABLED_ListHandlesAccessRights) + TEST_F(FileShareDirectoryClientTest, ListHandlesAccessRights_PLAYBACKONLY_) { auto shareClient = Files::Shares::ShareClient::CreateFromConnectionString( - StandardStorageConnectionString(), "myshare"); + StandardStorageConnectionString(), + "myshare", + InitStorageClientOptions()); auto directoryClient = shareClient.GetRootDirectoryClient().GetSubdirectoryClient("mydirectory"); auto directoryHandles = directoryClient.ListHandles().DirectoryHandles; diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp index b62dae24e..d5e7636c4 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp @@ -302,23 +302,28 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NE(smbProperties2.ChangedOn.Value(), smbProperties.ChangedOn.Value()); } - TEST_F(FileShareFileClientTest, HandlesFunctionalityWorks) + TEST_F(FileShareFileClientTest, HandlesFunctionalityWorks_PLAYBACKONLY_) { - auto result = m_fileClient->ListHandles(); + auto shareClient = Files::Shares::ShareClient::CreateFromConnectionString( + StandardStorageConnectionString(), + "myshare", + InitStorageClientOptions()); + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient("myfile"); + Files::Shares::ListFileHandlesOptions options; + options.PageSizeHint = 1; + std::unordered_set handles; + for (auto pageResult = fileClient.ListHandles(options); pageResult.HasPage(); + pageResult.MoveToNextPage()) + { + ASSERT_EQ(1L, pageResult.FileHandles.size()); + handles.insert(pageResult.FileHandles[0].HandleId); + } + EXPECT_EQ(handles.size(), 2); + + EXPECT_NO_THROW(fileClient.ForceCloseAllHandles()); + + auto result = fileClient.ListHandles(); EXPECT_TRUE(result.FileHandles.empty()); - EXPECT_FALSE(result.NextPageToken.HasValue()); - - for (auto pageResult = m_fileClient->ListHandles(); pageResult.HasPage(); - pageResult.MoveToNextPage()) - { - } - - EXPECT_NO_THROW(m_fileClient->ForceCloseAllHandles()); - - for (auto pageResult = m_fileClient->ForceCloseAllHandles(); pageResult.HasPage(); - pageResult.MoveToNextPage()) - { - } } TEST_F(FileShareFileClientTest, LeaseRelated) @@ -1185,7 +1190,7 @@ namespace Azure { namespace Storage { namespace Test { testTrailingDot(false); } - TEST_F(FileShareFileClientTest, CopyAllowTrailingDot_LIVEONLY_) + TEST_F(FileShareFileClientTest, CopyAllowTrailingDot) { const std::string fileName = RandomString(); const std::string fileNameWithTrailingDot = fileName + "."; @@ -1204,7 +1209,7 @@ namespace Azure { namespace Storage { namespace Test { auto rootDirectoryClient = shareClient.GetRootDirectoryClient(); auto fileClient = rootDirectoryClient.GetFileClient(fileNameWithTrailingDot); - size_t fileSize = 1 * 1024 * 1024; + size_t fileSize = 1 * 1024; std::vector content(RandomBuffer(fileSize)); auto memBodyStream = Core::IO::MemoryBodyStream(content); @@ -1346,14 +1351,14 @@ namespace Azure { namespace Storage { namespace Test { testTrailingDot(false); } - TEST_F(FileShareFileClientTest, DISABLED_OAuth) + TEST_F(FileShareFileClientTest, OAuth_PLAYBACKONLY_) { const std::string fileName = RandomString(); // Create from client secret credential. std::shared_ptr credential = std::make_shared( - AadTenantId(), AadClientId(), AadClientSecret()); + AadTenantId(), AadClientId(), AadClientSecret(), GetTokenCredentialOptions()); auto options = InitStorageClientOptions(); options.ShareTokenIntent = Files::Shares::Models::ShareTokenIntent::Backup; @@ -1427,14 +1432,14 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(fileClient.Delete()); } - TEST_F(FileShareFileClientTest, DISABLED_OAuthCopy) + TEST_F(FileShareFileClientTest, OAuthCopy_PLAYBACKONLY_) { const std::string fileName = RandomString(); // Create from client secret credential. std::shared_ptr credential = std::make_shared( - AadTenantId(), AadClientId(), AadClientSecret()); + AadTenantId(), AadClientId(), AadClientSecret(), GetTokenCredentialOptions()); auto options = InitStorageClientOptions(); options.ShareTokenIntent = Files::Shares::Models::ShareTokenIntent::Backup; @@ -1475,11 +1480,12 @@ namespace Azure { namespace Storage { namespace Test { } // cspell:ignore myshare myfile - // Can't run this test on pipeline, test it locally. - TEST_F(FileShareFileClientTest, DISABLED_ListHandlesAccessRights) + TEST_F(FileShareFileClientTest, ListHandlesAccessRights_PLAYBACKONLY_) { auto shareClient = Files::Shares::ShareClient::CreateFromConnectionString( - StandardStorageConnectionString(), "myshare"); + StandardStorageConnectionString(), + "myshare", + InitStorageClientOptions()); auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient("myfile"); auto fileHandles = fileClient.ListHandles().FileHandles; Files::Shares::Models::ShareFileHandleAccessRights allAccessRights diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_sas_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_sas_test.cpp index a1ea60ea7..4008198c4 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_sas_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_sas_test.cpp @@ -9,13 +9,197 @@ namespace Azure { namespace Storage { namespace Test { - TEST_F(FileShareClientTest, FileSasTest_LIVEONLY_) + class ShareSasTest : public FileShareClientTest { + public: + template + T GetSasAuthenticatedClient(const T& shareClient, const std::string& sasToken) + { + T fileClient1( + AppendQueryParameters(Azure::Core::Url(shareClient.GetUrl()), sasToken), + InitStorageClientOptions()); + return fileClient1; + } + void VerifyShareSasRead( + const Files::Shares::ShareFileClient& fileClient, + const std::string& sasToken) + { + auto fileClient1 = GetSasAuthenticatedClient(fileClient, sasToken); + EXPECT_NO_THROW(fileClient1.GetProperties()); + } + + void VerifyShareSasNonRead( + const Files::Shares::ShareFileClient& fileClient, + const std::string& sasToken) + { + auto fileClient1 = GetSasAuthenticatedClient(fileClient, sasToken); + EXPECT_THROW(fileClient1.GetProperties(), StorageException); + } + + void VerifyShareSasWrite( + const Files::Shares::ShareFileClient& fileClient, + const std::string& sasToken) + { + auto fileClient1 = GetSasAuthenticatedClient(fileClient, sasToken); + EXPECT_NO_THROW(fileClient1.UploadFrom(reinterpret_cast("a"), 1)); + } + + void VerifyShareSasDelete( + const Files::Shares::ShareFileClient& fileClient, + const std::string& sasToken) + { + auto fileClient1 = GetSasAuthenticatedClient(fileClient, sasToken); + EXPECT_NO_THROW(fileClient1.Delete()); + fileClient.UploadFrom(reinterpret_cast("a"), 1); + } + + void VerifyShareSasCreate( + const Files::Shares::ShareFileClient& fileClient, + const std::string& sasToken) + { + fileClient.DeleteIfExists(); + auto fileClient1 = GetSasAuthenticatedClient(fileClient, sasToken); + EXPECT_NO_THROW(fileClient1.Create(1)); + } + + void VerifyShareSasList( + const Files::Shares::ShareDirectoryClient& directoryClient, + const std::string& sasToken) + { + auto directoryClient1 = GetSasAuthenticatedClient(directoryClient, sasToken); + EXPECT_NO_THROW(directoryClient1.ListFilesAndDirectories()); + } + }; + + TEST_F(ShareSasTest, AccountSasPermissions) + { + auto sasStartsOn = std::chrono::system_clock::now() - std::chrono::minutes(5); + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + Sas::AccountSasBuilder accountSasBuilder; + accountSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + accountSasBuilder.StartsOn = sasStartsOn; + accountSasBuilder.ExpiresOn = sasExpiresOn; + accountSasBuilder.Services = Sas::AccountSasServices::Files; + accountSasBuilder.ResourceTypes = Sas::AccountSasResource::All; + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string directoryName = RandomString(); + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto directoryClient + = shareClient.GetRootDirectoryClient().GetSubdirectoryClient(directoryName); + directoryClient.Create(); + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + auto allPermissions = Sas::AccountSasPermissions::Read | Sas::AccountSasPermissions::Write + | Sas::AccountSasPermissions::Delete | Sas::AccountSasPermissions::List + | Sas::AccountSasPermissions::Add | Sas::AccountSasPermissions::Create; + + for (auto permissions : { + allPermissions, + Sas::AccountSasPermissions::Read, + Sas::AccountSasPermissions::Write, + Sas::AccountSasPermissions::Delete, + Sas::AccountSasPermissions::List, + Sas::AccountSasPermissions::Create, + }) + { + accountSasBuilder.SetPermissions(permissions); + auto sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); + + if ((permissions & Sas::AccountSasPermissions::Read) == Sas::AccountSasPermissions::Read) + { + VerifyShareSasRead(fileClient, sasToken); + } + if ((permissions & Sas::AccountSasPermissions::Write) == Sas::AccountSasPermissions::Write) + { + VerifyShareSasWrite(fileClient, sasToken); + } + if ((permissions & Sas::AccountSasPermissions::Delete) == Sas::AccountSasPermissions::Delete) + { + VerifyShareSasDelete(fileClient, sasToken); + } + if ((permissions & Sas::AccountSasPermissions::List) == Sas::AccountSasPermissions::List) + { + VerifyShareSasList(directoryClient, sasToken); + } + if ((permissions & Sas::AccountSasPermissions::Create) == Sas::AccountSasPermissions::Create) + { + VerifyShareSasCreate(fileClient, sasToken); + } + } + } + + TEST_F(ShareSasTest, ShareServiceSasPermissions) { auto sasStartsOn = std::chrono::system_clock::now() - std::chrono::minutes(5); - auto sasExpiredOn = std::chrono::system_clock::now() - std::chrono::minutes(1); auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); std::string fileName = RandomString(); + std::string directoryName = RandomString(); + + Sas::ShareSasBuilder shareSasBuilder; + shareSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + shareSasBuilder.StartsOn = sasStartsOn; + shareSasBuilder.ExpiresOn = sasExpiresOn; + shareSasBuilder.ShareName = m_shareName; + shareSasBuilder.Resource = Sas::ShareSasResource::Share; + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + auto shareClient = *m_shareClient; + auto directoryClient + = shareClient.GetRootDirectoryClient().GetSubdirectoryClient(directoryName); + directoryClient.Create(); + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + for (auto permissions : + {Sas::ShareSasPermissions::All, + Sas::ShareSasPermissions::Read, + Sas::ShareSasPermissions::Write, + Sas::ShareSasPermissions::Delete, + Sas::ShareSasPermissions::List, + Sas::ShareSasPermissions::Create}) + { + shareSasBuilder.SetPermissions(permissions); + auto sasToken = shareSasBuilder.GenerateSasToken(*keyCredential); + + if ((permissions & Sas::ShareSasPermissions::Read) == Sas::ShareSasPermissions::Read) + { + VerifyShareSasRead(fileClient, sasToken); + } + if ((permissions & Sas::ShareSasPermissions::Write) == Sas::ShareSasPermissions::Write) + { + VerifyShareSasWrite(fileClient, sasToken); + } + if ((permissions & Sas::ShareSasPermissions::Delete) == Sas::ShareSasPermissions::Delete) + { + VerifyShareSasDelete(fileClient, sasToken); + } + if ((permissions & Sas::ShareSasPermissions::List) == Sas::ShareSasPermissions::List) + { + VerifyShareSasList(directoryClient, sasToken); + } + if ((permissions & Sas::ShareSasPermissions::Create) == Sas::ShareSasPermissions::Create) + { + VerifyShareSasCreate(fileClient, sasToken); + } + } + } + + TEST_F(ShareSasTest, FileServiceSasPermissions) + { + auto sasStartsOn = std::chrono::system_clock::now() - std::chrono::minutes(5); + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + std::string fileName = RandomString(); + Sas::ShareSasBuilder fileSasBuilder; fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; fileSasBuilder.StartsOn = sasStartsOn; @@ -24,92 +208,16 @@ namespace Azure { namespace Storage { namespace Test { fileSasBuilder.FilePath = fileName; fileSasBuilder.Resource = Sas::ShareSasResource::File; - Sas::ShareSasBuilder shareSasBuilder = fileSasBuilder; - shareSasBuilder.FilePath.clear(); - shareSasBuilder.Resource = Sas::ShareSasResource::Share; - auto keyCredential = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; - auto accountName = keyCredential->AccountName; - auto fileServiceClient0 = Files::Shares::ShareServiceClient::CreateFromConnectionString( - StandardStorageConnectionString()); - auto shareClient0 = fileServiceClient0.GetShareClient(m_shareName); - auto fileClient0 = shareClient0.GetRootDirectoryClient().GetFileClient(fileName); - std::string shareUrl = shareClient0.GetUrl(); - std::string fileUrl = fileClient0.GetUrl(); - - auto verifyFileRead = [&](const std::string& sas) { - int64_t fileSize = 512; - fileClient0.Create(fileSize); - auto fileClient = Files::Shares::ShareFileClient(fileUrl + sas); - auto downloadedContent = fileClient.Download(); - EXPECT_EQ( - ReadBodyStream(downloadedContent.Value.BodyStream).size(), static_cast(fileSize)); - }; - - auto verifyFileCreate = [&](const std::string& sas) { - int64_t fileSize = 512; - auto fileClient = Files::Shares::ShareFileClient(fileUrl + sas); - EXPECT_NO_THROW(fileClient.Create(fileSize)); - }; - - auto verifyFileWrite = [&](const std::string& sas) { - int64_t fileSize = 512; - fileClient0.Create(fileSize); - auto fileClient = Files::Shares::ShareFileClient(fileUrl + sas); - std::string fileContent = "a"; - EXPECT_NO_THROW(fileClient.UploadFrom( - reinterpret_cast(fileContent.data()), fileContent.size())); - }; - - auto verifyFileDelete = [&](const std::string& sas) { - int64_t fileSize = 512; - fileClient0.Create(fileSize); - auto fileClient = Files::Shares::ShareFileClient(fileUrl + sas); - EXPECT_NO_THROW(fileClient.Delete()); - }; - - auto verifyFileList = [&](const std::string& sas) { - auto shareClient = Files::Shares::ShareClient(shareUrl + sas); - EXPECT_NO_THROW(shareClient.GetRootDirectoryClient().ListFilesAndDirectories()); - }; + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); for (auto permissions : - {Sas::ShareSasPermissions::Read, - Sas::ShareSasPermissions::Write, - Sas::ShareSasPermissions::Delete, - Sas::ShareSasPermissions::List, - Sas::ShareSasPermissions::Create, - Sas::ShareSasPermissions::All}) - { - shareSasBuilder.SetPermissions(permissions); - auto sasToken = shareSasBuilder.GenerateSasToken(*keyCredential); - - if ((permissions & Sas::ShareSasPermissions::Read) == Sas::ShareSasPermissions::Read) - { - verifyFileRead(sasToken); - } - if ((permissions & Sas::ShareSasPermissions::Write) == Sas::ShareSasPermissions::Write) - { - verifyFileWrite(sasToken); - } - if ((permissions & Sas::ShareSasPermissions::Delete) == Sas::ShareSasPermissions::Delete) - { - verifyFileDelete(sasToken); - } - if ((permissions & Sas::ShareSasPermissions::List) == Sas::ShareSasPermissions::List) - { - verifyFileList(sasToken); - } - if ((permissions & Sas::ShareSasPermissions::Create) == Sas::ShareSasPermissions::Create) - { - verifyFileCreate(sasToken); - } - } - - for (auto permissions : - {Sas::ShareFileSasPermissions::Read, + {Sas::ShareFileSasPermissions::All, + Sas::ShareFileSasPermissions::Read, Sas::ShareFileSasPermissions::Write, Sas::ShareFileSasPermissions::Delete, Sas::ShareFileSasPermissions::Create}) @@ -119,101 +227,270 @@ namespace Azure { namespace Storage { namespace Test { if ((permissions & Sas::ShareFileSasPermissions::Read) == Sas::ShareFileSasPermissions::Read) { - verifyFileRead(sasToken); + VerifyShareSasRead(fileClient, sasToken); } if ((permissions & Sas::ShareFileSasPermissions::Write) == Sas::ShareFileSasPermissions::Write) { - verifyFileWrite(sasToken); + VerifyShareSasWrite(fileClient, sasToken); } if ((permissions & Sas::ShareFileSasPermissions::Delete) == Sas::ShareFileSasPermissions::Delete) { - verifyFileDelete(sasToken); + VerifyShareSasDelete(fileClient, sasToken); } if ((permissions & Sas::ShareFileSasPermissions::Create) == Sas::ShareFileSasPermissions::Create) { - verifyFileCreate(sasToken); + VerifyShareSasCreate(fileClient, sasToken); } } - - fileSasBuilder.SetPermissions(Sas::ShareFileSasPermissions::All); - // Expires - { - Sas::ShareSasBuilder builder2 = fileSasBuilder; - builder2.StartsOn = sasStartsOn; - builder2.ExpiresOn = sasExpiredOn; - auto sasToken = builder2.GenerateSasToken(*keyCredential); - EXPECT_THROW(verifyFileRead(sasToken), StorageException); - } - - // Without start time - { - Sas::ShareSasBuilder builder2 = fileSasBuilder; - builder2.StartsOn.Reset(); - auto sasToken = builder2.GenerateSasToken(*keyCredential); - EXPECT_NO_THROW(verifyFileRead(sasToken)); - } - - // IP - { - Sas::ShareSasBuilder builder2 = fileSasBuilder; - builder2.IPRange = "0.0.0.0-0.0.0.1"; - auto sasToken = builder2.GenerateSasToken(*keyCredential); - EXPECT_THROW(verifyFileRead(sasToken), StorageException); - - // TODO: Add this test case back with support to contain IPv6 ranges when service is ready. - // builder2.IPRange = "0.0.0.0-255.255.255.255"; - // sasToken = builder2.GenerateSasToken(*keyCredential); - // EXPECT_NO_THROW(verifyFileRead(sasToken)); - } - - // Identifier - { - Files::Shares::Models::SignedIdentifier identifier; - identifier.Id = RandomString(64); - identifier.Policy.StartsOn = sasStartsOn; - identifier.Policy.ExpiresOn = sasExpiresOn; - identifier.Policy.Permission = "r"; - m_shareClient->SetAccessPolicy({identifier}); - - Sas::ShareSasBuilder builder2 = fileSasBuilder; - builder2.StartsOn.Reset(); - builder2.ExpiresOn = Azure::DateTime(); - builder2.SetPermissions(static_cast(0)); - builder2.Identifier = identifier.Id; - - auto sasToken = builder2.GenerateSasToken(*keyCredential); - // TODO: looks like a server bug, the identifier doesn't work sometimes. - // EXPECT_NO_THROW(verifyFileRead(sasToken)); - } - - // response headers override - { - Files::Shares::Models::FileHttpHeaders headers; - headers.ContentType = "application/x-binary"; - headers.ContentLanguage = "en-US"; - headers.ContentDisposition = "attachment"; - headers.CacheControl = "no-cache"; - headers.ContentEncoding = "identify"; - - Sas::ShareSasBuilder builder2 = fileSasBuilder; - builder2.ContentType = "application/x-binary"; - builder2.ContentLanguage = "en-US"; - builder2.ContentDisposition = "attachment"; - builder2.CacheControl = "no-cache"; - builder2.ContentEncoding = "identify"; - auto sasToken = builder2.GenerateSasToken(*keyCredential); - auto fileClient = Files::Shares::ShareFileClient(fileUrl + sasToken); - fileClient0.Create(0); - auto p = fileClient.GetProperties(); - EXPECT_EQ(p.Value.HttpHeaders.ContentType, headers.ContentType); - EXPECT_EQ(p.Value.HttpHeaders.ContentLanguage, headers.ContentLanguage); - EXPECT_EQ(p.Value.HttpHeaders.ContentDisposition, headers.ContentDisposition); - EXPECT_EQ(p.Value.HttpHeaders.CacheControl, headers.CacheControl); - EXPECT_EQ(p.Value.HttpHeaders.ContentEncoding, headers.ContentEncoding); - } } + TEST_F(ShareSasTest, AccountSasExpired) + { + auto sasStartsOn = std::chrono::system_clock::now() - std::chrono::minutes(5); + auto sasExpiredOn = std::chrono::system_clock::now() - std::chrono::minutes(1); + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Sas::AccountSasBuilder accountSasBuilder; + accountSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + accountSasBuilder.StartsOn = sasStartsOn; + accountSasBuilder.ExpiresOn = sasExpiredOn; + accountSasBuilder.Services = Sas::AccountSasServices::Files; + accountSasBuilder.ResourceTypes = Sas::AccountSasResource::All; + accountSasBuilder.SetPermissions(Sas::AccountSasPermissions::All); + + auto sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasNonRead(fileClient, sasToken); + + accountSasBuilder.ExpiresOn = sasExpiresOn; + sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasRead(fileClient, sasToken); + } + + TEST_F(ShareSasTest, ServiceSasExpired) + { + auto sasStartsOn = std::chrono::system_clock::now() - std::chrono::minutes(5); + auto sasExpiredOn = std::chrono::system_clock::now() - std::chrono::minutes(1); + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Sas::ShareSasBuilder fileSasBuilder; + fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + fileSasBuilder.StartsOn = sasStartsOn; + fileSasBuilder.ExpiresOn = sasExpiredOn; + fileSasBuilder.ShareName = m_shareName; + fileSasBuilder.FilePath = fileName; + fileSasBuilder.Resource = Sas::ShareSasResource::File; + fileSasBuilder.SetPermissions(Sas::ShareFileSasPermissions::Read); + + auto sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasNonRead(fileClient, sasToken); + + fileSasBuilder.ExpiresOn = sasExpiresOn; + sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasRead(fileClient, sasToken); + } + + TEST_F(ShareSasTest, AccountSasWithoutStarttime) + { + + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Sas::AccountSasBuilder accountSasBuilder; + accountSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + accountSasBuilder.ExpiresOn = sasExpiresOn; + accountSasBuilder.Services = Sas::AccountSasServices::Files; + accountSasBuilder.ResourceTypes = Sas::AccountSasResource::All; + accountSasBuilder.SetPermissions(Sas::AccountSasPermissions::All); + + auto sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasRead(fileClient, sasToken); + } + + TEST_F(ShareSasTest, ServiceSasWithoutStarttime) + { + + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Sas::ShareSasBuilder fileSasBuilder; + fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + fileSasBuilder.ExpiresOn = sasExpiresOn; + fileSasBuilder.ShareName = m_shareName; + fileSasBuilder.FilePath = fileName; + fileSasBuilder.Resource = Sas::ShareSasResource::File; + fileSasBuilder.SetPermissions(Sas::ShareFileSasPermissions::Read); + + auto sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasRead(fileClient, sasToken); + } + + TEST_F(ShareSasTest, AccountSasWithIP) + { + + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Sas::AccountSasBuilder accountSasBuilder; + accountSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + accountSasBuilder.ExpiresOn = sasExpiresOn; + accountSasBuilder.Services = Sas::AccountSasServices::Files; + accountSasBuilder.ResourceTypes = Sas::AccountSasResource::All; + accountSasBuilder.SetPermissions(Sas::AccountSasPermissions::All); + + auto sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasRead(fileClient, sasToken); + + accountSasBuilder.IPRange = "0.0.0.0-0.0.0.1"; + sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasNonRead(fileClient, sasToken); + } + + TEST_F(ShareSasTest, ServiceSasWithIP) + { + + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Sas::ShareSasBuilder fileSasBuilder; + fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + fileSasBuilder.ExpiresOn = sasExpiresOn; + fileSasBuilder.ShareName = m_shareName; + fileSasBuilder.FilePath = fileName; + fileSasBuilder.Resource = Sas::ShareSasResource::File; + fileSasBuilder.SetPermissions(Sas::ShareFileSasPermissions::Read); + + auto sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasRead(fileClient, sasToken); + + fileSasBuilder.IPRange = "0.0.0.0-0.0.0.1"; + sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); + VerifyShareSasNonRead(fileClient, sasToken); + } + + TEST_F(ShareSasTest, SasWithIdentifier) + { + auto sasStartsOn = std::chrono::system_clock::now() - std::chrono::minutes(5); + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Files::Shares::Models::SignedIdentifier identifier; + identifier.Id = RandomString(64); + identifier.Policy.StartsOn = sasStartsOn; + identifier.Policy.ExpiresOn = sasExpiresOn; + identifier.Policy.Permission = "r"; + shareClient.SetAccessPolicy({identifier}); + + Sas::ShareSasBuilder fileSasBuilder; + fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + fileSasBuilder.ExpiresOn = sasExpiresOn; + fileSasBuilder.ShareName = m_shareName; + fileSasBuilder.FilePath = fileName; + fileSasBuilder.Resource = Sas::ShareSasResource::File; + fileSasBuilder.SetPermissions(static_cast(0)); + fileSasBuilder.Identifier = identifier.Id; + + TestSleep(std::chrono::seconds(30)); + + auto sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); + + VerifyShareSasRead(fileClient, sasToken); + } + + TEST_F(ShareSasTest, FileSasResponseHeadersOverride) + { + + auto sasExpiresOn = std::chrono::system_clock::now() + std::chrono::minutes(60); + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + + std::string fileName = RandomString(); + + auto shareClient = *m_shareClient; + auto fileClient = shareClient.GetRootDirectoryClient().GetFileClient(fileName); + fileClient.Create(1); + + Sas::ShareSasBuilder fileSasBuilder; + fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; + fileSasBuilder.ExpiresOn = sasExpiresOn; + fileSasBuilder.ShareName = m_shareName; + fileSasBuilder.FilePath = fileName; + fileSasBuilder.Resource = Sas::ShareSasResource::File; + fileSasBuilder.SetPermissions(Sas::ShareFileSasPermissions::All); + fileSasBuilder.ContentType = "application/x-binary"; + fileSasBuilder.ContentLanguage = "en-US"; + fileSasBuilder.ContentDisposition = "attachment"; + fileSasBuilder.CacheControl = "no-cache"; + fileSasBuilder.ContentEncoding = "identify"; + auto sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); + + auto fileClient1 = GetSasAuthenticatedClient(fileClient, sasToken); + auto properties = fileClient1.GetProperties(); + EXPECT_EQ(properties.Value.HttpHeaders.ContentType, fileSasBuilder.ContentType); + EXPECT_EQ(properties.Value.HttpHeaders.ContentLanguage, fileSasBuilder.ContentLanguage); + EXPECT_EQ(properties.Value.HttpHeaders.ContentDisposition, fileSasBuilder.ContentDisposition); + EXPECT_EQ(properties.Value.HttpHeaders.CacheControl, fileSasBuilder.CacheControl); + EXPECT_EQ(properties.Value.HttpHeaders.ContentEncoding, fileSasBuilder.ContentEncoding); + } }}} // namespace Azure::Storage::Test