diff --git a/sdk/storage/azure-storage-blobs/CHANGELOG.md b/sdk/storage/azure-storage-blobs/CHANGELOG.md index 5952666db..c6ee2264f 100644 --- a/sdk/storage/azure-storage-blobs/CHANGELOG.md +++ b/sdk/storage/azure-storage-blobs/CHANGELOG.md @@ -46,6 +46,7 @@ - `ListContainersSegmentOptions` to `ListBlobContainersSegmentOptions` - API signature for CommitBlockList has changed. `BlockType` doesn't need to be specified anymore. - `PageBlobClient::GetPageRanges` doesn't support getting difference between current blob and a snapshot anymore. Use `PageBlobClient::GetPageRangesDiff` instead. +- Move Blob SAS into `Azure::Storage::Sas` namespace. ## 12.0.0-beta.5 (2020-11-13) diff --git a/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_sas_builder.hpp b/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_sas_builder.hpp index b78c4c8e1..20928adb3 100644 --- a/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_sas_builder.hpp +++ b/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_sas_builder.hpp @@ -10,7 +10,7 @@ #include "azure/storage/blobs/protocol/blob_rest_client.hpp" #include "azure/storage/common/account_sas_builder.hpp" -namespace Azure { namespace Storage { namespace Blobs { +namespace Azure { namespace Storage { namespace Sas { /** * @brief Specifies which resources are accessible via the shared access signature. @@ -298,11 +298,11 @@ namespace Azure { namespace Storage { namespace Blobs { * @return The SAS query parameters used for authenticating requests. */ std::string GenerateSasToken( - const Models::UserDelegationKey& userDelegationKey, + const Blobs::Models::UserDelegationKey& userDelegationKey, const std::string& accountName); private: std::string Permissions; }; -}}} // namespace Azure::Storage::Blobs +}}} // namespace Azure::Storage::Sas diff --git a/sdk/storage/azure-storage-blobs/src/blob_sas_builder.cpp b/sdk/storage/azure-storage-blobs/src/blob_sas_builder.cpp index d3b1c6339..5f177ea08 100644 --- a/sdk/storage/azure-storage-blobs/src/blob_sas_builder.cpp +++ b/sdk/storage/azure-storage-blobs/src/blob_sas_builder.cpp @@ -5,7 +5,7 @@ #include "azure/core/http/http.hpp" #include "azure/storage/common/crypt.hpp" -namespace Azure { namespace Storage { namespace Blobs { +namespace Azure { namespace Storage { namespace Sas { namespace { std::string BlobSasResourceToString(BlobSasResource resource) @@ -114,7 +114,7 @@ namespace Azure { namespace Storage { namespace Blobs { { canonicalName += "/" + BlobName; } - std::string protocol = Storage::Details::SasProtocolToString(Protocol); + std::string protocol = Details::SasProtocolToString(Protocol); std::string resource = BlobSasResourceToString(Resource); std::string snapshotVersion; @@ -193,7 +193,7 @@ namespace Azure { namespace Storage { namespace Blobs { } std::string BlobSasBuilder::GenerateSasToken( - const Models::UserDelegationKey& userDelegationKey, + const Blobs::Models::UserDelegationKey& userDelegationKey, const std::string& accountName) { std::string canonicalName = "/blob/" + accountName + "/" + BlobContainerName; @@ -202,7 +202,7 @@ namespace Azure { namespace Storage { namespace Blobs { { canonicalName += "/" + BlobName; } - std::string protocol = Storage::Details::SasProtocolToString(Protocol); + std::string protocol = Details::SasProtocolToString(Protocol); std::string resource = BlobSasResourceToString(Resource); std::string snapshotVersion; @@ -285,4 +285,4 @@ namespace Azure { namespace Storage { namespace Blobs { return builder.GetAbsoluteUrl(); } -}}} // namespace Azure::Storage::Blobs +}}} // namespace Azure::Storage::Sas diff --git a/sdk/storage/azure-storage-blobs/test/blob_batch_client_test.cpp b/sdk/storage/azure-storage-blobs/test/blob_batch_client_test.cpp index 7734b84cd..d354b11fc 100644 --- a/sdk/storage/azure-storage-blobs/test/blob_batch_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/blob_batch_client_test.cpp @@ -22,16 +22,16 @@ namespace Azure { namespace Storage { namespace Test { TEST_F(BlobBatchClientTest, BatchSasAuth) { - AccountSasBuilder accountSasBuilder; - accountSasBuilder.Protocol = SasProtocol::HttpsAndHttp; + Sas::AccountSasBuilder accountSasBuilder; + accountSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; accountSasBuilder.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); accountSasBuilder.ExpiresOn = ToIso8601(std::chrono::system_clock::now() + std::chrono::minutes(60)); - accountSasBuilder.Services = AccountSasServices::Blobs; + accountSasBuilder.Services = Sas::AccountSasServices::Blobs; accountSasBuilder.ResourceTypes - = AccountSasResource::Object | AccountSasResource::BlobContainer; - accountSasBuilder.SetPermissions(AccountSasPermissions::All); + = Sas::AccountSasResource::Object | Sas::AccountSasResource::BlobContainer; + accountSasBuilder.SetPermissions(Sas::AccountSasPermissions::All); auto keyCredential = Details::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; diff --git a/sdk/storage/azure-storage-blobs/test/blob_container_client_test.cpp b/sdk/storage/azure-storage-blobs/test/blob_container_client_test.cpp index b748559c9..a7e10b0d8 100644 --- a/sdk/storage/azure-storage-blobs/test/blob_container_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/blob_container_client_test.cpp @@ -39,12 +39,12 @@ namespace Azure { namespace Storage { namespace Test { std::string BlobContainerClientTest::GetSas() { - Blobs::BlobSasBuilder sasBuilder; - sasBuilder.Protocol = SasProtocol::HttpsAndHttp; + Sas::BlobSasBuilder sasBuilder; + sasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; sasBuilder.ExpiresOn = ToIso8601(std::chrono::system_clock::now() + std::chrono::hours(72)); sasBuilder.BlobContainerName = m_containerName; - sasBuilder.Resource = Blobs::BlobSasResource::BlobContainer; - sasBuilder.SetPermissions(Blobs::BlobContainerSasPermissions::All); + sasBuilder.Resource = Sas::BlobSasResource::BlobContainer; + sasBuilder.SetPermissions(Sas::BlobContainerSasPermissions::All); return sasBuilder.GenerateSasToken( *Details::ParseConnectionString(StandardStorageConnectionString()).KeyCredential); } diff --git a/sdk/storage/azure-storage-blobs/test/blob_sas_test.cpp b/sdk/storage/azure-storage-blobs/test/blob_sas_test.cpp index 2716fb272..a2682d5b7 100644 --- a/sdk/storage/azure-storage-blobs/test/blob_sas_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/blob_sas_test.cpp @@ -9,28 +9,28 @@ namespace Azure { namespace Storage { namespace Test { TEST_F(BlobContainerClientTest, BlobSasTest) { - AccountSasBuilder accountSasBuilder; - accountSasBuilder.Protocol = SasProtocol::HttpsAndHttp; + Sas::AccountSasBuilder accountSasBuilder; + accountSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; accountSasBuilder.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); accountSasBuilder.ExpiresOn = ToIso8601(std::chrono::system_clock::now() + std::chrono::minutes(60)); - accountSasBuilder.Services = AccountSasServices::Blobs; - accountSasBuilder.ResourceTypes = AccountSasResource::All; + accountSasBuilder.Services = Sas::AccountSasServices::Blobs; + accountSasBuilder.ResourceTypes = Sas::AccountSasResource::All; std::string blobName = RandomString(); - Blobs::BlobSasBuilder blobSasBuilder; - blobSasBuilder.Protocol = SasProtocol::HttpsAndHttp; + Sas::BlobSasBuilder blobSasBuilder; + blobSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; blobSasBuilder.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); blobSasBuilder.ExpiresOn = ToIso8601(std::chrono::system_clock::now() + std::chrono::minutes(60)); blobSasBuilder.BlobContainerName = m_containerName; blobSasBuilder.BlobName = blobName; - blobSasBuilder.Resource = Blobs::BlobSasResource::Blob; + blobSasBuilder.Resource = Sas::BlobSasResource::Blob; - Blobs::BlobSasBuilder containerSasBuilder = blobSasBuilder; + Sas::BlobSasBuilder containerSasBuilder = blobSasBuilder; containerSasBuilder.BlobName.clear(); - containerSasBuilder.Resource = Blobs::BlobSasResource::BlobContainer; + containerSasBuilder.Resource = Sas::BlobSasResource::BlobContainer; auto keyCredential = Details::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; @@ -118,105 +118,105 @@ namespace Azure { namespace Storage { namespace Test { //}; for (auto permissions : { - AccountSasPermissions::All, - AccountSasPermissions::Read, - AccountSasPermissions::Write, - AccountSasPermissions::Delete, - AccountSasPermissions::DeleteVersion, - AccountSasPermissions::List, - AccountSasPermissions::Add, - AccountSasPermissions::Create, - AccountSasPermissions::Tags, - AccountSasPermissions::Filter, + Sas::AccountSasPermissions::All, + Sas::AccountSasPermissions::Read, + Sas::AccountSasPermissions::Write, + Sas::AccountSasPermissions::Delete, + Sas::AccountSasPermissions::DeleteVersion, + Sas::AccountSasPermissions::List, + Sas::AccountSasPermissions::Add, + Sas::AccountSasPermissions::Create, + Sas::AccountSasPermissions::Tags, + Sas::AccountSasPermissions::Filter, }) { accountSasBuilder.SetPermissions(permissions); auto sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); - if ((permissions & AccountSasPermissions::Read) == AccountSasPermissions::Read) + if ((permissions & Sas::AccountSasPermissions::Read) == Sas::AccountSasPermissions::Read) { verify_blob_read(sasToken); } - if ((permissions & AccountSasPermissions::Write) == AccountSasPermissions::Write) + if ((permissions & Sas::AccountSasPermissions::Write) == Sas::AccountSasPermissions::Write) { verify_blob_write(sasToken); } - if ((permissions & AccountSasPermissions::Delete) == AccountSasPermissions::Delete) + if ((permissions & Sas::AccountSasPermissions::Delete) == Sas::AccountSasPermissions::Delete) { verify_blob_delete(sasToken); } - if ((permissions & AccountSasPermissions::List) == AccountSasPermissions::List) + if ((permissions & Sas::AccountSasPermissions::List) == Sas::AccountSasPermissions::List) { verify_blob_list(sasToken); } - if ((permissions & AccountSasPermissions::Add) == AccountSasPermissions::Add) + if ((permissions & Sas::AccountSasPermissions::Add) == Sas::AccountSasPermissions::Add) { verify_blob_add(sasToken); } - if ((permissions & AccountSasPermissions::Create) == AccountSasPermissions::Create) + if ((permissions & Sas::AccountSasPermissions::Create) == Sas::AccountSasPermissions::Create) { verify_blob_create(sasToken); } - if ((permissions & AccountSasPermissions::Tags) == AccountSasPermissions::Tags) + if ((permissions & Sas::AccountSasPermissions::Tags) == Sas::AccountSasPermissions::Tags) { // verify_blob_tags(sasToken); } - if ((permissions & AccountSasPermissions::Filter) == AccountSasPermissions::Filter) + if ((permissions & Sas::AccountSasPermissions::Filter) == Sas::AccountSasPermissions::Filter) { // verify_blob_filter(sasToken); } } for (auto permissions : - {Blobs::BlobSasPermissions::All, - Blobs::BlobSasPermissions::Read, - Blobs::BlobSasPermissions::Write, - Blobs::BlobSasPermissions::Delete, - Blobs::BlobSasPermissions::Add, - Blobs::BlobSasPermissions::Create, - Blobs::BlobSasPermissions::Tags, - Blobs::BlobSasPermissions::DeleteVersion}) + {Sas::BlobSasPermissions::All, + Sas::BlobSasPermissions::Read, + Sas::BlobSasPermissions::Write, + Sas::BlobSasPermissions::Delete, + Sas::BlobSasPermissions::Add, + Sas::BlobSasPermissions::Create, + Sas::BlobSasPermissions::Tags, + Sas::BlobSasPermissions::DeleteVersion}) { blobSasBuilder.SetPermissions(permissions); auto sasToken = blobSasBuilder.GenerateSasToken(*keyCredential); auto sasToken2 = blobSasBuilder.GenerateSasToken(userDelegationKey, accountName); - if ((permissions & Blobs::BlobSasPermissions::Read) == Blobs::BlobSasPermissions::Read) + if ((permissions & Sas::BlobSasPermissions::Read) == Sas::BlobSasPermissions::Read) { verify_blob_read(sasToken); verify_blob_read(sasToken2); } - if ((permissions & Blobs::BlobSasPermissions::Write) == Blobs::BlobSasPermissions::Write) + if ((permissions & Sas::BlobSasPermissions::Write) == Sas::BlobSasPermissions::Write) { verify_blob_write(sasToken); verify_blob_write(sasToken2); } - if ((permissions & Blobs::BlobSasPermissions::Delete) == Blobs::BlobSasPermissions::Delete) + if ((permissions & Sas::BlobSasPermissions::Delete) == Sas::BlobSasPermissions::Delete) { verify_blob_delete(sasToken); verify_blob_delete(sasToken2); } - if ((permissions & Blobs::BlobSasPermissions::Add) == Blobs::BlobSasPermissions::Add) + if ((permissions & Sas::BlobSasPermissions::Add) == Sas::BlobSasPermissions::Add) { verify_blob_add(sasToken); verify_blob_add(sasToken2); } - if ((permissions & Blobs::BlobSasPermissions::Create) == Blobs::BlobSasPermissions::Create) + if ((permissions & Sas::BlobSasPermissions::Create) == Sas::BlobSasPermissions::Create) { verify_blob_create(sasToken); verify_blob_create(sasToken2); } - if ((permissions & Blobs::BlobSasPermissions::Tags) == Blobs::BlobSasPermissions::Tags) + if ((permissions & Sas::BlobSasPermissions::Tags) == Sas::BlobSasPermissions::Tags) { // verify_blob_tags(sasToken); // verify_blob_tags(sasToken2); } } - accountSasBuilder.SetPermissions(AccountSasPermissions::All); + accountSasBuilder.SetPermissions(Sas::AccountSasPermissions::All); // Expires { - AccountSasBuilder builder2 = accountSasBuilder; + Sas::AccountSasBuilder builder2 = accountSasBuilder; builder2.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); builder2.ExpiresOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(1)); auto sasToken = builder2.GenerateSasToken(*keyCredential); @@ -225,7 +225,7 @@ namespace Azure { namespace Storage { namespace Test { // Without start time { - AccountSasBuilder builder2 = accountSasBuilder; + Sas::AccountSasBuilder builder2 = accountSasBuilder; builder2.StartsOn.Reset(); auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_NO_THROW(verify_blob_create(sasToken)); @@ -233,7 +233,7 @@ namespace Azure { namespace Storage { namespace Test { // IP { - AccountSasBuilder builder2 = accountSasBuilder; + Sas::AccountSasBuilder builder2 = accountSasBuilder; builder2.IPRange = "1.1.1.1"; auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_THROW(verify_blob_create(sasToken), StorageException); @@ -246,20 +246,20 @@ namespace Azure { namespace Storage { namespace Test { // Account SAS Service { - AccountSasBuilder builder2 = accountSasBuilder; - builder2.Services = AccountSasServices::Files; + Sas::AccountSasBuilder builder2 = accountSasBuilder; + builder2.Services = Sas::AccountSasServices::Files; auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_THROW(verify_blob_create(sasToken), StorageException); - builder2.Services = AccountSasServices::All; + builder2.Services = Sas::AccountSasServices::All; sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_NO_THROW(verify_blob_create(sasToken)); } // Account SAS Resource Types { - AccountSasBuilder builder2 = accountSasBuilder; - builder2.ResourceTypes = AccountSasResource::Service; + Sas::AccountSasBuilder builder2 = accountSasBuilder; + builder2.ResourceTypes = Sas::AccountSasResource::Service; auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_THROW(verify_blob_create(sasToken), StorageException); @@ -268,67 +268,67 @@ namespace Azure { namespace Storage { namespace Test { } for (auto permissions : - {Blobs::BlobContainerSasPermissions::All, - Blobs::BlobContainerSasPermissions::Read, - Blobs::BlobContainerSasPermissions::Write, - Blobs::BlobContainerSasPermissions::Delete, - Blobs::BlobContainerSasPermissions::List, - Blobs::BlobContainerSasPermissions::Add, - Blobs::BlobContainerSasPermissions::Create, - Blobs::BlobContainerSasPermissions::Tags}) + {Sas::BlobContainerSasPermissions::All, + Sas::BlobContainerSasPermissions::Read, + Sas::BlobContainerSasPermissions::Write, + Sas::BlobContainerSasPermissions::Delete, + Sas::BlobContainerSasPermissions::List, + Sas::BlobContainerSasPermissions::Add, + Sas::BlobContainerSasPermissions::Create, + Sas::BlobContainerSasPermissions::Tags}) { containerSasBuilder.SetPermissions(permissions); auto sasToken = containerSasBuilder.GenerateSasToken(*keyCredential); auto sasToken2 = containerSasBuilder.GenerateSasToken(userDelegationKey, accountName); - if ((permissions & Blobs::BlobContainerSasPermissions::Read) - == Blobs::BlobContainerSasPermissions::Read) + if ((permissions & Sas::BlobContainerSasPermissions::Read) + == Sas::BlobContainerSasPermissions::Read) { verify_blob_read(sasToken); verify_blob_read(sasToken2); } - if ((permissions & Blobs::BlobContainerSasPermissions::Write) - == Blobs::BlobContainerSasPermissions::Write) + if ((permissions & Sas::BlobContainerSasPermissions::Write) + == Sas::BlobContainerSasPermissions::Write) { verify_blob_write(sasToken); verify_blob_write(sasToken2); } - if ((permissions & Blobs::BlobContainerSasPermissions::Delete) - == Blobs::BlobContainerSasPermissions::Delete) + if ((permissions & Sas::BlobContainerSasPermissions::Delete) + == Sas::BlobContainerSasPermissions::Delete) { verify_blob_delete(sasToken); verify_blob_delete(sasToken2); } - if ((permissions & Blobs::BlobContainerSasPermissions::List) - == Blobs::BlobContainerSasPermissions::List) + if ((permissions & Sas::BlobContainerSasPermissions::List) + == Sas::BlobContainerSasPermissions::List) { verify_blob_list(sasToken); verify_blob_list(sasToken2); } - if ((permissions & Blobs::BlobContainerSasPermissions::Add) - == Blobs::BlobContainerSasPermissions::Add) + if ((permissions & Sas::BlobContainerSasPermissions::Add) + == Sas::BlobContainerSasPermissions::Add) { verify_blob_add(sasToken); verify_blob_add(sasToken2); } - if ((permissions & Blobs::BlobContainerSasPermissions::Create) - == Blobs::BlobContainerSasPermissions::Create) + if ((permissions & Sas::BlobContainerSasPermissions::Create) + == Sas::BlobContainerSasPermissions::Create) { verify_blob_create(sasToken); verify_blob_create(sasToken2); } - if ((permissions & Blobs::BlobContainerSasPermissions::Tags) - == Blobs::BlobContainerSasPermissions::Tags) + if ((permissions & Sas::BlobContainerSasPermissions::Tags) + == Sas::BlobContainerSasPermissions::Tags) { // verify_blob_tags(sasToken); // verify_blob_tags(sasToken2); } } - blobSasBuilder.SetPermissions(Blobs::BlobSasPermissions::All); + blobSasBuilder.SetPermissions(Sas::BlobSasPermissions::All); // Expires { - Blobs::BlobSasBuilder builder2 = blobSasBuilder; + Sas::BlobSasBuilder builder2 = blobSasBuilder; builder2.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); builder2.ExpiresOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(1)); auto sasToken = builder2.GenerateSasToken(*keyCredential); @@ -340,7 +340,7 @@ namespace Azure { namespace Storage { namespace Test { // Without start time { - Blobs::BlobSasBuilder builder2 = blobSasBuilder; + Sas::BlobSasBuilder builder2 = blobSasBuilder; builder2.StartsOn.Reset(); auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_NO_THROW(verify_blob_create(sasToken)); @@ -350,7 +350,7 @@ namespace Azure { namespace Storage { namespace Test { // IP { - Blobs::BlobSasBuilder builder2 = blobSasBuilder; + Sas::BlobSasBuilder builder2 = blobSasBuilder; builder2.IPRange = "0.0.0.0-0.0.0.1"; auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_THROW(verify_blob_create(sasToken), StorageException); @@ -377,10 +377,10 @@ namespace Azure { namespace Storage { namespace Test { options.SignedIdentifiers.emplace_back(identifier); m_blobContainerClient->SetAccessPolicy(options); - Blobs::BlobSasBuilder builder2 = blobSasBuilder; + Sas::BlobSasBuilder builder2 = blobSasBuilder; builder2.StartsOn.Reset(); builder2.ExpiresOn.clear(); - builder2.SetPermissions(static_cast(0)); + builder2.SetPermissions(static_cast(0)); builder2.Identifier = identifier.Id; auto sasToken = builder2.GenerateSasToken(*keyCredential); @@ -397,7 +397,7 @@ namespace Azure { namespace Storage { namespace Test { headers.CacheControl = "no-cache"; headers.ContentEncoding = "identify"; - Blobs::BlobSasBuilder builder2 = blobSasBuilder; + Sas::BlobSasBuilder builder2 = blobSasBuilder; builder2.ContentType = "application/x-binary"; builder2.ContentLanguage = "en-US"; builder2.ContentDisposition = "attachment"; @@ -425,8 +425,8 @@ namespace Azure { namespace Storage { namespace Test { } blobClient0.Create(); - Blobs::BlobSasBuilder BlobSnapshotSasBuilder = blobSasBuilder; - BlobSnapshotSasBuilder.Resource = Blobs::BlobSasResource::BlobSnapshot; + Sas::BlobSasBuilder BlobSnapshotSasBuilder = blobSasBuilder; + BlobSnapshotSasBuilder.Resource = Sas::BlobSasResource::BlobSnapshot; std::string blobSnapshotUrl; @@ -452,9 +452,9 @@ namespace Azure { namespace Storage { namespace Test { }; for (auto permissions : { - Blobs::BlobSasPermissions::Read | Blobs::BlobSasPermissions::Delete, - Blobs::BlobSasPermissions::Read, - Blobs::BlobSasPermissions::Delete, + Sas::BlobSasPermissions::Read | Sas::BlobSasPermissions::Delete, + Sas::BlobSasPermissions::Read, + Sas::BlobSasPermissions::Delete, }) { create_snapshot(); @@ -462,12 +462,12 @@ namespace Azure { namespace Storage { namespace Test { auto sasToken = BlobSnapshotSasBuilder.GenerateSasToken(*keyCredential); auto sasToken2 = BlobSnapshotSasBuilder.GenerateSasToken(userDelegationKey, accountName); - if ((permissions & Blobs::BlobSasPermissions::Read) == Blobs::BlobSasPermissions::Read) + if ((permissions & Sas::BlobSasPermissions::Read) == Sas::BlobSasPermissions::Read) { verify_blob_snapshot_read(sasToken); verify_blob_snapshot_read(sasToken2); } - if ((permissions & Blobs::BlobSasPermissions::Delete) == Blobs::BlobSasPermissions::Delete) + if ((permissions & Sas::BlobSasPermissions::Delete) == Sas::BlobSasPermissions::Delete) { create_snapshot(); sasToken = BlobSnapshotSasBuilder.GenerateSasToken(*keyCredential); @@ -485,8 +485,8 @@ namespace Azure { namespace Storage { namespace Test { } blobClient0.Create(); - Blobs::BlobSasBuilder BlobVersionSasBuilder = blobSasBuilder; - BlobVersionSasBuilder.Resource = Blobs::BlobSasResource::BlobVersion; + Sas::BlobSasBuilder BlobVersionSasBuilder = blobSasBuilder; + BlobVersionSasBuilder.Resource = Sas::BlobSasResource::BlobVersion; std::string blobVersionUrl; @@ -513,9 +513,9 @@ namespace Azure { namespace Storage { namespace Test { }; for (auto permissions : { - Blobs::BlobSasPermissions::Read | Blobs::BlobSasPermissions::DeleteVersion, - Blobs::BlobSasPermissions::Read, - Blobs::BlobSasPermissions::DeleteVersion, + Sas::BlobSasPermissions::Read | Sas::BlobSasPermissions::DeleteVersion, + Sas::BlobSasPermissions::Read, + Sas::BlobSasPermissions::DeleteVersion, }) { create_version(); @@ -523,13 +523,13 @@ namespace Azure { namespace Storage { namespace Test { auto sasToken = BlobVersionSasBuilder.GenerateSasToken(*keyCredential); auto sasToken2 = BlobVersionSasBuilder.GenerateSasToken(userDelegationKey, accountName); - if ((permissions & Blobs::BlobSasPermissions::Read) == Blobs::BlobSasPermissions::Read) + if ((permissions & Sas::BlobSasPermissions::Read) == Sas::BlobSasPermissions::Read) { verify_blob_version_read(sasToken); verify_blob_version_read(sasToken2); } - if ((permissions & Blobs::BlobSasPermissions::DeleteVersion) - == Blobs::BlobSasPermissions::DeleteVersion) + if ((permissions & Sas::BlobSasPermissions::DeleteVersion) + == Sas::BlobSasPermissions::DeleteVersion) { create_version(); sasToken = BlobVersionSasBuilder.GenerateSasToken(*keyCredential); diff --git a/sdk/storage/azure-storage-common/CHANGELOG.md b/sdk/storage/azure-storage-common/CHANGELOG.md index da06d7b3e..62166722e 100644 --- a/sdk/storage/azure-storage-common/CHANGELOG.md +++ b/sdk/storage/azure-storage-common/CHANGELOG.md @@ -6,6 +6,7 @@ - Rename `StorageSharedKeyCredential::UpdateAccountKey` to `StorageSharedKeyCredential::Update`. - Move `StorageRetryPolicy`, `StoragePerRetryPolicy` and `SharedKeyPolicy` to `Details` namespace. - Remove `StorageRetryOptions`, use `Azure::Core::Http::RetryOptions` instead. +- Move Account SAS into `Azure::Storage::Sas` namespace. ## 12.0.0-beta.5 (2020-11-13) diff --git a/sdk/storage/azure-storage-common/inc/azure/storage/common/account_sas_builder.hpp b/sdk/storage/azure-storage-common/inc/azure/storage/common/account_sas_builder.hpp index 32c67028d..00e9ce197 100644 --- a/sdk/storage/azure-storage-common/inc/azure/storage/common/account_sas_builder.hpp +++ b/sdk/storage/azure-storage-common/inc/azure/storage/common/account_sas_builder.hpp @@ -9,7 +9,7 @@ #include "azure/storage/common/constants.hpp" #include "azure/storage/common/storage_credential.hpp" -namespace Azure { namespace Storage { +namespace Azure { namespace Storage { namespace Sas { /** * @brief Defines the protocols permitted for Storage requests made with a shared access @@ -272,4 +272,4 @@ namespace Azure { namespace Storage { std::string Permissions; }; -}} // namespace Azure::Storage +}}} // namespace Azure::Storage::Sas diff --git a/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp b/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp index d36a47779..029eb21a3 100644 --- a/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp +++ b/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp @@ -12,25 +12,20 @@ namespace Azure { namespace Storage { - struct AccountSasBuilder; - namespace Blobs { + namespace Sas { + struct AccountSasBuilder; struct BlobSasBuilder; - } - namespace Files { - namespace Shares { - struct ShareSasBuilder; - } - namespace DataLake { - struct DataLakeSasBuilder; - } - } // namespace Files + struct ShareSasBuilder; + struct DataLakeSasBuilder; + } // namespace Sas + namespace Details { class SharedKeyPolicy; } /** - * @brief A StorageSharedKeyCredential is a credential backed by a storage account's name and one - * of its access keys. + * @brief A StorageSharedKeyCredential is a credential backed by a storage account's name and + * one of its access keys. */ class StorageSharedKeyCredential { public: @@ -65,10 +60,10 @@ namespace Azure { namespace Storage { private: friend class Details::SharedKeyPolicy; - friend struct Blobs::BlobSasBuilder; - friend struct Files::Shares::ShareSasBuilder; - friend struct Files::DataLake::DataLakeSasBuilder; - friend struct AccountSasBuilder; + friend struct Sas::BlobSasBuilder; + friend struct Sas::ShareSasBuilder; + friend struct Sas::DataLakeSasBuilder; + friend struct Sas::AccountSasBuilder; std::string GetAccountKey() const { std::lock_guard guard(m_mutex); diff --git a/sdk/storage/azure-storage-common/src/account_sas_builder.cpp b/sdk/storage/azure-storage-common/src/account_sas_builder.cpp index 7583cab4c..cd2c9ea2b 100644 --- a/sdk/storage/azure-storage-common/src/account_sas_builder.cpp +++ b/sdk/storage/azure-storage-common/src/account_sas_builder.cpp @@ -5,7 +5,7 @@ #include "azure/core/http/http.hpp" #include "azure/storage/common/crypt.hpp" -namespace Azure { namespace Storage { +namespace Azure { namespace Storage { namespace Sas { void AccountSasBuilder::SetPermissions(AccountSasPermissions permissions) { @@ -92,30 +92,32 @@ namespace Azure { namespace Storage { std::string stringToSign = credential.AccountName + "\n" + Permissions + "\n" + services + "\n" + resourceTypes + "\n" + (StartsOn.HasValue() ? StartsOn.GetValue() : "") + "\n" + ExpiresOn + "\n" + (IPRange.HasValue() ? IPRange.GetValue() : "") + "\n" + protocol + "\n" - + Details::DefaultSasVersion + "\n"; + + Storage::Details::DefaultSasVersion + "\n"; std::string signature - = Base64Encode(Details::HmacSha256(stringToSign, Base64Decode(credential.GetAccountKey()))); + = Base64Encode(Storage::Details::HmacSha256(stringToSign, Base64Decode(credential.GetAccountKey()))); Azure::Core::Http::Url builder; builder.AppendQueryParameter( - "sv", Details::UrlEncodeQueryParameter(Details::DefaultSasVersion)); - builder.AppendQueryParameter("ss", Details::UrlEncodeQueryParameter(services)); - builder.AppendQueryParameter("srt", Details::UrlEncodeQueryParameter(resourceTypes)); - builder.AppendQueryParameter("sp", Details::UrlEncodeQueryParameter(Permissions)); + "sv", Storage::Details::UrlEncodeQueryParameter(Storage::Details::DefaultSasVersion)); + builder.AppendQueryParameter("ss", Storage::Details::UrlEncodeQueryParameter(services)); + builder.AppendQueryParameter("srt", Storage::Details::UrlEncodeQueryParameter(resourceTypes)); + builder.AppendQueryParameter("sp", Storage::Details::UrlEncodeQueryParameter(Permissions)); if (StartsOn.HasValue()) { - builder.AppendQueryParameter("st", Details::UrlEncodeQueryParameter(StartsOn.GetValue())); + builder.AppendQueryParameter( + "st", Storage::Details::UrlEncodeQueryParameter(StartsOn.GetValue())); } - builder.AppendQueryParameter("se", Details::UrlEncodeQueryParameter(ExpiresOn)); + builder.AppendQueryParameter("se", Storage::Details::UrlEncodeQueryParameter(ExpiresOn)); if (IPRange.HasValue()) { - builder.AppendQueryParameter("sip", Details::UrlEncodeQueryParameter(IPRange.GetValue())); + builder.AppendQueryParameter( + "sip", Storage::Details::UrlEncodeQueryParameter(IPRange.GetValue())); } - builder.AppendQueryParameter("spr", Details::UrlEncodeQueryParameter(protocol)); - builder.AppendQueryParameter("sig", Details::UrlEncodeQueryParameter(signature)); + builder.AppendQueryParameter("spr", Storage::Details::UrlEncodeQueryParameter(protocol)); + builder.AppendQueryParameter("sig", Storage::Details::UrlEncodeQueryParameter(signature)); return builder.GetAbsoluteUrl(); } -}} // namespace Azure::Storage +}}} // namespace Azure::Storage::Sas diff --git a/sdk/storage/azure-storage-files-datalake/CHANGELOG.md b/sdk/storage/azure-storage-files-datalake/CHANGELOG.md index 065185a53..82976c37a 100644 --- a/sdk/storage/azure-storage-files-datalake/CHANGELOG.md +++ b/sdk/storage/azure-storage-files-datalake/CHANGELOG.md @@ -2,6 +2,9 @@ ## 12.0.0-beta.6 (Unreleased) +### Breaking Changes + +- Move DataLake SAS into `Azure::Storage::Sas` namespace. ## 12.0.0-beta.5 (2020-11-13) diff --git a/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_sas_builder.hpp b/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_sas_builder.hpp index 0f8aa95c3..96aab503d 100644 --- a/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_sas_builder.hpp +++ b/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_sas_builder.hpp @@ -9,7 +9,7 @@ #include "azure/storage/common/account_sas_builder.hpp" #include "azure/storage/files/datalake/datalake_responses.hpp" -namespace Azure { namespace Storage { namespace Files { namespace DataLake { +namespace Azure { namespace Storage { namespace Sas { /** * @brief Specifies which resources are accessible via the shared access signature. @@ -328,11 +328,11 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { * @return The SAS query parameters used for authenticating requests. */ std::string GenerateSasToken( - const Models::UserDelegationKey& userDelegationKey, + const Files::DataLake::Models::UserDelegationKey& userDelegationKey, const std::string& accountName); private: std::string Permissions; }; -}}}} // namespace Azure::Storage::Files::DataLake +}}} // namespace Azure::Storage::Sas diff --git a/sdk/storage/azure-storage-files-datalake/src/datalake_sas_builder.cpp b/sdk/storage/azure-storage-files-datalake/src/datalake_sas_builder.cpp index 81f204f3d..d8b205c86 100644 --- a/sdk/storage/azure-storage-files-datalake/src/datalake_sas_builder.cpp +++ b/sdk/storage/azure-storage-files-datalake/src/datalake_sas_builder.cpp @@ -5,7 +5,7 @@ #include "azure/core/http/http.hpp" #include "azure/storage/common/crypt.hpp" -namespace Azure { namespace Storage { namespace Files { namespace DataLake { +namespace Azure { namespace Storage { namespace Sas { namespace { std::string DataLakeSasResourceToString(DataLakeSasResource resource) { @@ -119,7 +119,7 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { { canonicalName += "/" + Path; } - std::string protocol = Storage::Details::SasProtocolToString(Protocol); + std::string protocol = Details::SasProtocolToString(Protocol); std::string resource = DataLakeSasResourceToString(Resource); std::string stringToSign = Permissions + "\n" + (StartsOn.HasValue() ? StartsOn.GetValue() : "") @@ -187,7 +187,7 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { } std::string DataLakeSasBuilder::GenerateSasToken( - const Models::UserDelegationKey& userDelegationKey, + const Files::DataLake::Models::UserDelegationKey& userDelegationKey, const std::string& accountName) { std::string canonicalName = "/blob/" + accountName + "/" + FileSystemName; @@ -195,7 +195,7 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { { canonicalName += "/" + Path; } - std::string protocol = Storage::Details::SasProtocolToString(Protocol); + std::string protocol = Details::SasProtocolToString(Protocol); std::string resource = DataLakeSasResourceToString(Resource); std::string stringToSign = Permissions + "\n" + (StartsOn.HasValue() ? StartsOn.GetValue() : "") @@ -289,4 +289,4 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { return builder.GetAbsoluteUrl(); } -}}}} // namespace Azure::Storage::Files::DataLake +}}} // namespace Azure::Storage::Sas diff --git a/sdk/storage/azure-storage-files-datalake/test/datalake_sas_test.cpp b/sdk/storage/azure-storage-files-datalake/test/datalake_sas_test.cpp index 3d1cb5961..a47734759 100644 --- a/sdk/storage/azure-storage-files-datalake/test/datalake_sas_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/datalake_sas_test.cpp @@ -13,24 +13,24 @@ namespace Azure { namespace Storage { namespace Test { std::string directory1Name = RandomString(); std::string directory2Name = RandomString(); std::string fileName = RandomString(); - Files::DataLake::DataLakeSasBuilder fileSasBuilder; - fileSasBuilder.Protocol = SasProtocol::HttpsAndHttp; + Sas::DataLakeSasBuilder fileSasBuilder; + fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; fileSasBuilder.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); fileSasBuilder.ExpiresOn = ToIso8601(std::chrono::system_clock::now() + std::chrono::minutes(60)); fileSasBuilder.FileSystemName = m_fileSystemName; fileSasBuilder.Path = directory1Name + "/" + directory2Name + "/" + fileName; - fileSasBuilder.Resource = Files::DataLake::DataLakeSasResource::File; + fileSasBuilder.Resource = Sas::DataLakeSasResource::File; - Files::DataLake::DataLakeSasBuilder directorySasBuilder = fileSasBuilder; + Sas::DataLakeSasBuilder directorySasBuilder = fileSasBuilder; directorySasBuilder.Path = directory1Name; directorySasBuilder.IsDirectory = true; directorySasBuilder.DirectoryDepth = 1; - directorySasBuilder.Resource = Files::DataLake::DataLakeSasResource::Directory; + directorySasBuilder.Resource = Sas::DataLakeSasResource::Directory; - Files::DataLake::DataLakeSasBuilder filesystemSasBuilder = fileSasBuilder; + Sas::DataLakeSasBuilder filesystemSasBuilder = fileSasBuilder; filesystemSasBuilder.Path.clear(); - filesystemSasBuilder.Resource = Files::DataLake::DataLakeSasResource::FileSystem; + filesystemSasBuilder.Resource = Sas::DataLakeSasResource::FileSystem; auto keyCredential = Details::ParseConnectionString(AdlsGen2ConnectionString()).KeyCredential; auto accountName = keyCredential->AccountName; @@ -143,55 +143,52 @@ namespace Azure { namespace Storage { namespace Test { }; for (auto permissions : { - Files::DataLake::DataLakeSasPermissions::All, - Files::DataLake::DataLakeSasPermissions::Read, - Files::DataLake::DataLakeSasPermissions::Write, - Files::DataLake::DataLakeSasPermissions::Delete, - Files::DataLake::DataLakeSasPermissions::Add, - Files::DataLake::DataLakeSasPermissions::Create, - Files::DataLake::DataLakeSasPermissions::List, - Files::DataLake::DataLakeSasPermissions::Move, - Files::DataLake::DataLakeSasPermissions::Execute, - Files::DataLake::DataLakeSasPermissions::ManageOwnership, - Files::DataLake::DataLakeSasPermissions::ManageAccessControl, + Sas::DataLakeSasPermissions::All, + Sas::DataLakeSasPermissions::Read, + Sas::DataLakeSasPermissions::Write, + Sas::DataLakeSasPermissions::Delete, + Sas::DataLakeSasPermissions::Add, + Sas::DataLakeSasPermissions::Create, + Sas::DataLakeSasPermissions::List, + Sas::DataLakeSasPermissions::Move, + Sas::DataLakeSasPermissions::Execute, + Sas::DataLakeSasPermissions::ManageOwnership, + Sas::DataLakeSasPermissions::ManageAccessControl, }) { fileSasBuilder.SetPermissions(permissions); auto sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); auto sasToken2 = fileSasBuilder.GenerateSasToken(userDelegationKey, accountName); - if ((permissions & Files::DataLake::DataLakeSasPermissions::Read) - == Files::DataLake::DataLakeSasPermissions::Read) + if ((permissions & Sas::DataLakeSasPermissions::Read) == Sas::DataLakeSasPermissions::Read) { verify_file_read(sasToken); verify_file_read(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Write) - == Files::DataLake::DataLakeSasPermissions::Write) + if ((permissions & Sas::DataLakeSasPermissions::Write) == Sas::DataLakeSasPermissions::Write) { verify_file_write(sasToken); verify_file_write(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Delete) - == Files::DataLake::DataLakeSasPermissions::Delete) + if ((permissions & Sas::DataLakeSasPermissions::Delete) + == Sas::DataLakeSasPermissions::Delete) { verify_file_delete(sasToken); verify_file_delete(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Add) - == Files::DataLake::DataLakeSasPermissions::Add) + if ((permissions & Sas::DataLakeSasPermissions::Add) == Sas::DataLakeSasPermissions::Add) { verify_file_add(sasToken); verify_file_add(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Create) - == Files::DataLake::DataLakeSasPermissions::Create) + if ((permissions & Sas::DataLakeSasPermissions::Create) + == Sas::DataLakeSasPermissions::Create) { verify_file_create(sasToken); verify_file_create(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::ManageAccessControl) - == Files::DataLake::DataLakeSasPermissions::ManageAccessControl) + if ((permissions & Sas::DataLakeSasPermissions::ManageAccessControl) + == Sas::DataLakeSasPermissions::ManageAccessControl) { verify_file_permissions(sasToken); verify_file_permissions(sasToken2); @@ -199,94 +196,90 @@ namespace Azure { namespace Storage { namespace Test { } for (auto permissions : { - Files::DataLake::DataLakeSasPermissions::All, - Files::DataLake::DataLakeSasPermissions::Read, - Files::DataLake::DataLakeSasPermissions::Write, - Files::DataLake::DataLakeSasPermissions::Delete, - Files::DataLake::DataLakeSasPermissions::Add, - Files::DataLake::DataLakeSasPermissions::Create, - Files::DataLake::DataLakeSasPermissions::List, - Files::DataLake::DataLakeSasPermissions::Move, - Files::DataLake::DataLakeSasPermissions::Execute, - Files::DataLake::DataLakeSasPermissions::ManageOwnership, - Files::DataLake::DataLakeSasPermissions::ManageAccessControl, + Sas::DataLakeSasPermissions::All, + Sas::DataLakeSasPermissions::Read, + Sas::DataLakeSasPermissions::Write, + Sas::DataLakeSasPermissions::Delete, + Sas::DataLakeSasPermissions::Add, + Sas::DataLakeSasPermissions::Create, + Sas::DataLakeSasPermissions::List, + Sas::DataLakeSasPermissions::Move, + Sas::DataLakeSasPermissions::Execute, + Sas::DataLakeSasPermissions::ManageOwnership, + Sas::DataLakeSasPermissions::ManageAccessControl, }) { directorySasBuilder.SetPermissions(permissions); auto sasToken2 = directorySasBuilder.GenerateSasToken(userDelegationKey, accountName); - if ((permissions & Files::DataLake::DataLakeSasPermissions::Read) - == Files::DataLake::DataLakeSasPermissions::Read) + if ((permissions & Sas::DataLakeSasPermissions::Read) == Sas::DataLakeSasPermissions::Read) { verify_file_read(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Write) - == Files::DataLake::DataLakeSasPermissions::Write) + if ((permissions & Sas::DataLakeSasPermissions::Write) == Sas::DataLakeSasPermissions::Write) { verify_file_write(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Delete) - == Files::DataLake::DataLakeSasPermissions::Delete) + if ((permissions & Sas::DataLakeSasPermissions::Delete) + == Sas::DataLakeSasPermissions::Delete) { verify_file_delete(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Add) - == Files::DataLake::DataLakeSasPermissions::Add) + if ((permissions & Sas::DataLakeSasPermissions::Add) == Sas::DataLakeSasPermissions::Add) { verify_file_add(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::Create) - == Files::DataLake::DataLakeSasPermissions::Create) + if ((permissions & Sas::DataLakeSasPermissions::Create) + == Sas::DataLakeSasPermissions::Create) { verify_file_create(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::List) - == Files::DataLake::DataLakeSasPermissions::List) + if ((permissions & Sas::DataLakeSasPermissions::List) == Sas::DataLakeSasPermissions::List) { verify_directory_list(sasToken2); } unused(verify_file_move); /* don't know why, move doesn't work - if ((permissions & Files::DataLake::DataLakeSasPermissions::Move) - == Files::DataLake::DataLakeSasPermissions::Move) + if ((permissions & Sas::DataLakeSasPermissions::Move) + == Sas::DataLakeSasPermissions::Move) { verify_file_move(sasToken2); } */ - if ((permissions & Files::DataLake::DataLakeSasPermissions::Execute) - == Files::DataLake::DataLakeSasPermissions::Execute) + if ((permissions & Sas::DataLakeSasPermissions::Execute) + == Sas::DataLakeSasPermissions::Execute) { verify_file_execute(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::ManageOwnership) - == Files::DataLake::DataLakeSasPermissions::ManageOwnership) + if ((permissions & Sas::DataLakeSasPermissions::ManageOwnership) + == Sas::DataLakeSasPermissions::ManageOwnership) { verify_file_ownership(sasToken2); } - if ((permissions & Files::DataLake::DataLakeSasPermissions::ManageAccessControl) - == Files::DataLake::DataLakeSasPermissions::ManageAccessControl) + if ((permissions & Sas::DataLakeSasPermissions::ManageAccessControl) + == Sas::DataLakeSasPermissions::ManageAccessControl) { verify_file_permissions(sasToken2); } } for (auto permissions : { - Files::DataLake::DataLakeFileSystemSasPermissions::All, - Files::DataLake::DataLakeFileSystemSasPermissions::Read, - Files::DataLake::DataLakeFileSystemSasPermissions::Write, - Files::DataLake::DataLakeFileSystemSasPermissions::Delete, - Files::DataLake::DataLakeFileSystemSasPermissions::List, - Files::DataLake::DataLakeFileSystemSasPermissions::Add, - Files::DataLake::DataLakeFileSystemSasPermissions::Create, + Sas::DataLakeFileSystemSasPermissions::All, + Sas::DataLakeFileSystemSasPermissions::Read, + Sas::DataLakeFileSystemSasPermissions::Write, + Sas::DataLakeFileSystemSasPermissions::Delete, + Sas::DataLakeFileSystemSasPermissions::List, + Sas::DataLakeFileSystemSasPermissions::Add, + Sas::DataLakeFileSystemSasPermissions::Create, }) { filesystemSasBuilder.SetPermissions(permissions); auto sasToken = filesystemSasBuilder.GenerateSasToken(*keyCredential); auto sasToken2 = filesystemSasBuilder.GenerateSasToken(userDelegationKey, accountName); - if ((permissions & Files::DataLake::DataLakeFileSystemSasPermissions::All) - == Files::DataLake::DataLakeFileSystemSasPermissions::All) + if ((permissions & Sas::DataLakeFileSystemSasPermissions::All) + == Sas::DataLakeFileSystemSasPermissions::All) { unused(verify_file_move); /* @@ -295,49 +288,49 @@ namespace Azure { namespace Storage { namespace Test { verify_file_move(sasToken2); */ } - if ((permissions & Files::DataLake::DataLakeFileSystemSasPermissions::Read) - == Files::DataLake::DataLakeFileSystemSasPermissions::Read) + if ((permissions & Sas::DataLakeFileSystemSasPermissions::Read) + == Sas::DataLakeFileSystemSasPermissions::Read) { verify_file_read(sasToken); verify_file_read(sasToken2); } - if ((permissions & Files::DataLake::DataLakeFileSystemSasPermissions::Write) - == Files::DataLake::DataLakeFileSystemSasPermissions::Write) + if ((permissions & Sas::DataLakeFileSystemSasPermissions::Write) + == Sas::DataLakeFileSystemSasPermissions::Write) { verify_file_write(sasToken); verify_file_write(sasToken2); } - if ((permissions & Files::DataLake::DataLakeFileSystemSasPermissions::Delete) - == Files::DataLake::DataLakeFileSystemSasPermissions::Delete) + if ((permissions & Sas::DataLakeFileSystemSasPermissions::Delete) + == Sas::DataLakeFileSystemSasPermissions::Delete) { verify_file_delete(sasToken); verify_file_delete(sasToken2); } - if ((permissions & Files::DataLake::DataLakeFileSystemSasPermissions::List) - == Files::DataLake::DataLakeFileSystemSasPermissions::List) + if ((permissions & Sas::DataLakeFileSystemSasPermissions::List) + == Sas::DataLakeFileSystemSasPermissions::List) { verify_filesystem_list(sasToken); verify_filesystem_list(sasToken2); } - if ((permissions & Files::DataLake::DataLakeFileSystemSasPermissions::Add) - == Files::DataLake::DataLakeFileSystemSasPermissions::Add) + if ((permissions & Sas::DataLakeFileSystemSasPermissions::Add) + == Sas::DataLakeFileSystemSasPermissions::Add) { verify_file_add(sasToken); verify_file_add(sasToken2); } - if ((permissions & Files::DataLake::DataLakeFileSystemSasPermissions::Create) - == Files::DataLake::DataLakeFileSystemSasPermissions::Create) + if ((permissions & Sas::DataLakeFileSystemSasPermissions::Create) + == Sas::DataLakeFileSystemSasPermissions::Create) { verify_file_create(sasToken); verify_file_create(sasToken2); } } - fileSasBuilder.SetPermissions(Files::DataLake::DataLakeSasPermissions::All); + fileSasBuilder.SetPermissions(Sas::DataLakeSasPermissions::All); // Expires { - Files::DataLake::DataLakeSasBuilder builder2 = fileSasBuilder; + Sas::DataLakeSasBuilder builder2 = fileSasBuilder; builder2.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); builder2.ExpiresOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(1)); auto sasToken = builder2.GenerateSasToken(*keyCredential); @@ -349,7 +342,7 @@ namespace Azure { namespace Storage { namespace Test { // Without start time { - Files::DataLake::DataLakeSasBuilder builder2 = fileSasBuilder; + Sas::DataLakeSasBuilder builder2 = fileSasBuilder; builder2.StartsOn.Reset(); auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_NO_THROW(verify_file_create(sasToken)); @@ -359,7 +352,7 @@ namespace Azure { namespace Storage { namespace Test { // IP { - Files::DataLake::DataLakeSasBuilder builder2 = fileSasBuilder; + Sas::DataLakeSasBuilder builder2 = fileSasBuilder; builder2.IPRange = "0.0.0.0-0.0.0.1"; auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_THROW(verify_file_create(sasToken), StorageException); @@ -376,7 +369,7 @@ namespace Azure { namespace Storage { namespace Test { // PreauthorizedAgentObjectId { - Files::DataLake::DataLakeSasBuilder builder2 = fileSasBuilder; + Sas::DataLakeSasBuilder builder2 = fileSasBuilder; builder2.PreauthorizedAgentObjectId = Azure::Core::Uuid::CreateUuid().GetUuidString(); builder2.CorrelationId = Azure::Core::Uuid::CreateUuid().GetUuidString(); auto sasToken2 = builder2.GenerateSasToken(userDelegationKey, accountName); @@ -395,10 +388,10 @@ namespace Azure { namespace Storage { namespace Test { options.SignedIdentifiers.emplace_back(identifier); containerClinet0.SetAccessPolicy(options); - Files::DataLake::DataLakeSasBuilder builder2 = fileSasBuilder; + Sas::DataLakeSasBuilder builder2 = fileSasBuilder; builder2.StartsOn.Reset(); builder2.ExpiresOn.clear(); - builder2.SetPermissions(static_cast(0)); + builder2.SetPermissions(static_cast(0)); builder2.Identifier = identifier.Id; auto sasToken = builder2.GenerateSasToken(*keyCredential); @@ -415,8 +408,8 @@ namespace Azure { namespace Storage { namespace Test { headers.CacheControl = "no-cache"; headers.ContentEncoding = "identify"; - Files::DataLake::DataLakeSasBuilder builder2 = fileSasBuilder; - builder2.SetPermissions(Files::DataLake::DataLakeSasPermissions::Read); + Sas::DataLakeSasBuilder builder2 = fileSasBuilder; + builder2.SetPermissions(Sas::DataLakeSasPermissions::Read); builder2.ContentType = "application/x-binary"; builder2.ContentLanguage = "en-US"; builder2.ContentDisposition = "attachment"; diff --git a/sdk/storage/azure-storage-files-datalake/test/datalake_service_client_test.cpp b/sdk/storage/azure-storage-files-datalake/test/datalake_service_client_test.cpp index 1a5fe6cf5..ff5d6570d 100644 --- a/sdk/storage/azure-storage-files-datalake/test/datalake_service_client_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/datalake_service_client_test.cpp @@ -141,15 +141,15 @@ namespace Azure { namespace Storage { namespace Test { { auto keyCredential = Azure::Storage::Details::ParseConnectionString(AdlsGen2ConnectionString()).KeyCredential; - AccountSasBuilder accountSasBuilder; - accountSasBuilder.Protocol = SasProtocol::HttpsAndHttp; + Sas::AccountSasBuilder accountSasBuilder; + accountSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; accountSasBuilder.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); accountSasBuilder.ExpiresOn = ToIso8601(std::chrono::system_clock::now() + std::chrono::minutes(60)); - accountSasBuilder.Services = AccountSasServices::Blobs; - accountSasBuilder.ResourceTypes = AccountSasResource::All; - accountSasBuilder.SetPermissions(AccountSasPermissions::All); + accountSasBuilder.Services = Sas::AccountSasServices::Blobs; + accountSasBuilder.ResourceTypes = Sas::AccountSasResource::All; + accountSasBuilder.SetPermissions(Sas::AccountSasPermissions::All); auto sasToken = accountSasBuilder.GenerateSasToken(*keyCredential); // Create from Anonymous credential. diff --git a/sdk/storage/azure-storage-files-shares/CHANGELOG.md b/sdk/storage/azure-storage-files-shares/CHANGELOG.md index bb72aa1e7..0c7aafa1d 100644 --- a/sdk/storage/azure-storage-files-shares/CHANGELOG.md +++ b/sdk/storage/azure-storage-files-shares/CHANGELOG.md @@ -11,6 +11,7 @@ - ShareClient::ChangeLease - ShareClient::BreakLease - ShareClient::RenewLease +- Move File SAS into `Azure::Storage::Sas` namespace. ## 12.0.0-beta.5 (2020-11-13) diff --git a/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_sas_builder.hpp b/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_sas_builder.hpp index 407b88126..fce822db6 100644 --- a/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_sas_builder.hpp +++ b/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_sas_builder.hpp @@ -9,7 +9,7 @@ #include "azure/storage/common/account_sas_builder.hpp" #include "azure/storage/common/constants.hpp" -namespace Azure { namespace Storage { namespace Files { namespace Shares { +namespace Azure { namespace Storage { namespace Sas { /** * @brief Specifies which resources are accessible via the shared access signature. @@ -232,4 +232,4 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { std::string Permissions; }; -}}}} // namespace Azure::Storage::Files::Shares +}}} // namespace Azure::Storage::Files::Shares diff --git a/sdk/storage/azure-storage-files-shares/src/share_sas_builder.cpp b/sdk/storage/azure-storage-files-shares/src/share_sas_builder.cpp index 919efcf60..625a6bc25 100644 --- a/sdk/storage/azure-storage-files-shares/src/share_sas_builder.cpp +++ b/sdk/storage/azure-storage-files-shares/src/share_sas_builder.cpp @@ -5,7 +5,7 @@ #include "azure/core/http/http.hpp" #include "azure/storage/common/crypt.hpp" -namespace Azure { namespace Storage { namespace Files { namespace Shares { +namespace Azure { namespace Storage { namespace Sas { namespace { std::string ShareSasResourceToString(ShareSasResource resource) @@ -80,66 +80,71 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { { canonicalName += "/" + FilePath; } - std::string protocol = Storage::Details::SasProtocolToString(Protocol); + std::string protocol = Details::SasProtocolToString(Protocol); std::string resource = ShareSasResourceToString(Resource); std::string stringToSign = Permissions + "\n" + (StartsOn.HasValue() ? StartsOn.GetValue() : "") + "\n" + ExpiresOn + "\n" + canonicalName + "\n" + Identifier + "\n" + (IPRange.HasValue() ? IPRange.GetValue() : "") + "\n" + protocol + "\n" - + Details::DefaultSasVersion + "\n" + CacheControl + "\n" + ContentDisposition + "\n" - + ContentEncoding + "\n" + ContentLanguage + "\n" + ContentType; + + Storage::Details::DefaultSasVersion + "\n" + CacheControl + "\n" + ContentDisposition + + "\n" + ContentEncoding + "\n" + ContentLanguage + "\n" + ContentType; - std::string signature - = Base64Encode(Details::HmacSha256(stringToSign, Base64Decode(credential.GetAccountKey()))); + std::string signature = Base64Encode( + Storage::Details::HmacSha256(stringToSign, Base64Decode(credential.GetAccountKey()))); Azure::Core::Http::Url builder; builder.AppendQueryParameter( - "sv", Details::UrlEncodeQueryParameter(Details::DefaultSasVersion)); - builder.AppendQueryParameter("spr", Details::UrlEncodeQueryParameter(protocol)); + "sv", Storage::Details::UrlEncodeQueryParameter(Storage::Details::DefaultSasVersion)); + builder.AppendQueryParameter("spr", Storage::Details::UrlEncodeQueryParameter(protocol)); if (StartsOn.HasValue()) { - builder.AppendQueryParameter("st", Details::UrlEncodeQueryParameter(StartsOn.GetValue())); + builder.AppendQueryParameter( + "st", Storage::Details::UrlEncodeQueryParameter(StartsOn.GetValue())); } if (!ExpiresOn.empty()) { - builder.AppendQueryParameter("se", Details::UrlEncodeQueryParameter(ExpiresOn)); + builder.AppendQueryParameter("se", Storage::Details::UrlEncodeQueryParameter(ExpiresOn)); } if (IPRange.HasValue()) { - builder.AppendQueryParameter("sip", Details::UrlEncodeQueryParameter(IPRange.GetValue())); + builder.AppendQueryParameter( + "sip", Storage::Details::UrlEncodeQueryParameter(IPRange.GetValue())); } if (!Identifier.empty()) { - builder.AppendQueryParameter("si", Details::UrlEncodeQueryParameter(Identifier)); + builder.AppendQueryParameter("si", Storage::Details::UrlEncodeQueryParameter(Identifier)); } - builder.AppendQueryParameter("sr", Details::UrlEncodeQueryParameter(resource)); + builder.AppendQueryParameter("sr", Storage::Details::UrlEncodeQueryParameter(resource)); if (!Permissions.empty()) { - builder.AppendQueryParameter("sp", Details::UrlEncodeQueryParameter(Permissions)); + builder.AppendQueryParameter("sp", Storage::Details::UrlEncodeQueryParameter(Permissions)); } - builder.AppendQueryParameter("sig", Details::UrlEncodeQueryParameter(signature)); + builder.AppendQueryParameter("sig", Storage::Details::UrlEncodeQueryParameter(signature)); if (!CacheControl.empty()) { - builder.AppendQueryParameter("rscc", Details::UrlEncodeQueryParameter(CacheControl)); + builder.AppendQueryParameter("rscc", Storage::Details::UrlEncodeQueryParameter(CacheControl)); } if (!ContentDisposition.empty()) { - builder.AppendQueryParameter("rscd", Details::UrlEncodeQueryParameter(ContentDisposition)); + builder.AppendQueryParameter( + "rscd", Storage::Details::UrlEncodeQueryParameter(ContentDisposition)); } if (!ContentEncoding.empty()) { - builder.AppendQueryParameter("rsce", Details::UrlEncodeQueryParameter(ContentEncoding)); + builder.AppendQueryParameter( + "rsce", Storage::Details::UrlEncodeQueryParameter(ContentEncoding)); } if (!ContentLanguage.empty()) { - builder.AppendQueryParameter("rscl", Details::UrlEncodeQueryParameter(ContentLanguage)); + builder.AppendQueryParameter( + "rscl", Storage::Details::UrlEncodeQueryParameter(ContentLanguage)); } if (!ContentType.empty()) { - builder.AppendQueryParameter("rsct", Details::UrlEncodeQueryParameter(ContentType)); + builder.AppendQueryParameter("rsct", Storage::Details::UrlEncodeQueryParameter(ContentType)); } return builder.GetAbsoluteUrl(); } -}}}} // namespace Azure::Storage::Files::Shares +}}} // namespace Azure::Storage::Sas diff --git a/sdk/storage/azure-storage-files-shares/test/share_sas_test.cpp b/sdk/storage/azure-storage-files-shares/test/share_sas_test.cpp index 6d5277bc8..c49527bc3 100644 --- a/sdk/storage/azure-storage-files-shares/test/share_sas_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/share_sas_test.cpp @@ -10,18 +10,18 @@ namespace Azure { namespace Storage { namespace Test { TEST_F(FileShareClientTest, FileSasTest) { std::string fileName = RandomString(); - Files::Shares::ShareSasBuilder fileSasBuilder; - fileSasBuilder.Protocol = SasProtocol::HttpsAndHttp; + Sas::ShareSasBuilder fileSasBuilder; + fileSasBuilder.Protocol = Sas::SasProtocol::HttpsAndHttp; fileSasBuilder.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); fileSasBuilder.ExpiresOn = ToIso8601(std::chrono::system_clock::now() + std::chrono::minutes(60)); fileSasBuilder.ShareName = m_shareName; fileSasBuilder.FilePath = fileName; - fileSasBuilder.Resource = Files::Shares::ShareSasResource::File; + fileSasBuilder.Resource = Sas::ShareSasResource::File; - Files::Shares::ShareSasBuilder shareSasBuilder = fileSasBuilder; + Sas::ShareSasBuilder shareSasBuilder = fileSasBuilder; shareSasBuilder.FilePath.clear(); - shareSasBuilder.Resource = Files::Shares::ShareSasResource::Share; + shareSasBuilder.Resource = Sas::ShareSasResource::Share; auto keyCredential = Details::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; @@ -71,78 +71,72 @@ namespace Azure { namespace Storage { namespace Test { }; for (auto permissions : - {Files::Shares::ShareSasPermissions::Read, - Files::Shares::ShareSasPermissions::Write, - Files::Shares::ShareSasPermissions::Delete, - Files::Shares::ShareSasPermissions::List, - Files::Shares::ShareSasPermissions::Create, - Files::Shares::ShareSasPermissions::All}) + {Sas::ShareSasPermissions::Read, + Sas::ShareSasPermissions::Write, + Sas::ShareSasPermissions::Delete, + Sas::ShareSasPermissions::List, + Sas::ShareSasPermissions::Create, + Sas::ShareSasPermissions::All}) { shareSasBuilder.SetPermissions(permissions); auto sasToken = shareSasBuilder.GenerateSasToken(*keyCredential); - if ((permissions & Files::Shares::ShareSasPermissions::Read) - == Files::Shares::ShareSasPermissions::Read) + if ((permissions & Sas::ShareSasPermissions::Read) == Sas::ShareSasPermissions::Read) { verifyFileRead(sasToken); } - if ((permissions & Files::Shares::ShareSasPermissions::Write) - == Files::Shares::ShareSasPermissions::Write) + if ((permissions & Sas::ShareSasPermissions::Write) == Sas::ShareSasPermissions::Write) { verifyFileWrite(sasToken); } - if ((permissions & Files::Shares::ShareSasPermissions::Delete) - == Files::Shares::ShareSasPermissions::Delete) + if ((permissions & Sas::ShareSasPermissions::Delete) == Sas::ShareSasPermissions::Delete) { verifyFileDelete(sasToken); } - if ((permissions & Files::Shares::ShareSasPermissions::List) - == Files::Shares::ShareSasPermissions::List) + if ((permissions & Sas::ShareSasPermissions::List) == Sas::ShareSasPermissions::List) { verifyFileList(sasToken); } - if ((permissions & Files::Shares::ShareSasPermissions::Create) - == Files::Shares::ShareSasPermissions::Create) + if ((permissions & Sas::ShareSasPermissions::Create) == Sas::ShareSasPermissions::Create) { verifyFileCreate(sasToken); } } for (auto permissions : - {Files::Shares::ShareFileSasPermissions::Read, - Files::Shares::ShareFileSasPermissions::Write, - Files::Shares::ShareFileSasPermissions::Delete, - Files::Shares::ShareFileSasPermissions::Create}) + {Sas::ShareFileSasPermissions::Read, + Sas::ShareFileSasPermissions::Write, + Sas::ShareFileSasPermissions::Delete, + Sas::ShareFileSasPermissions::Create}) { fileSasBuilder.SetPermissions(permissions); auto sasToken = fileSasBuilder.GenerateSasToken(*keyCredential); - if ((permissions & Files::Shares::ShareFileSasPermissions::Read) - == Files::Shares::ShareFileSasPermissions::Read) + if ((permissions & Sas::ShareFileSasPermissions::Read) == Sas::ShareFileSasPermissions::Read) { verifyFileRead(sasToken); } - if ((permissions & Files::Shares::ShareFileSasPermissions::Write) - == Files::Shares::ShareFileSasPermissions::Write) + if ((permissions & Sas::ShareFileSasPermissions::Write) + == Sas::ShareFileSasPermissions::Write) { verifyFileWrite(sasToken); } - if ((permissions & Files::Shares::ShareFileSasPermissions::Delete) - == Files::Shares::ShareFileSasPermissions::Delete) + if ((permissions & Sas::ShareFileSasPermissions::Delete) + == Sas::ShareFileSasPermissions::Delete) { verifyFileDelete(sasToken); } - if ((permissions & Files::Shares::ShareFileSasPermissions::Create) - == Files::Shares::ShareFileSasPermissions::Create) + if ((permissions & Sas::ShareFileSasPermissions::Create) + == Sas::ShareFileSasPermissions::Create) { verifyFileCreate(sasToken); } } - fileSasBuilder.SetPermissions(Files::Shares::ShareFileSasPermissions::All); + fileSasBuilder.SetPermissions(Sas::ShareFileSasPermissions::All); // Expires { - Files::Shares::ShareSasBuilder builder2 = fileSasBuilder; + Sas::ShareSasBuilder builder2 = fileSasBuilder; builder2.StartsOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(5)); builder2.ExpiresOn = ToIso8601(std::chrono::system_clock::now() - std::chrono::minutes(1)); auto sasToken = builder2.GenerateSasToken(*keyCredential); @@ -151,7 +145,7 @@ namespace Azure { namespace Storage { namespace Test { // Without start time { - Files::Shares::ShareSasBuilder builder2 = fileSasBuilder; + Sas::ShareSasBuilder builder2 = fileSasBuilder; builder2.StartsOn.Reset(); auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_NO_THROW(verifyFileRead(sasToken)); @@ -159,7 +153,7 @@ namespace Azure { namespace Storage { namespace Test { // IP { - Files::Shares::ShareSasBuilder builder2 = fileSasBuilder; + Sas::ShareSasBuilder builder2 = fileSasBuilder; builder2.IPRange = "0.0.0.0-0.0.0.1"; auto sasToken = builder2.GenerateSasToken(*keyCredential); EXPECT_THROW(verifyFileRead(sasToken), StorageException); @@ -181,10 +175,10 @@ namespace Azure { namespace Storage { namespace Test { identifier.Policy.Permission = "r"; m_shareClient->SetAccessPolicy({identifier}); - Files::Shares::ShareSasBuilder builder2 = fileSasBuilder; + Sas::ShareSasBuilder builder2 = fileSasBuilder; builder2.StartsOn.Reset(); builder2.ExpiresOn.clear(); - builder2.SetPermissions(static_cast(0)); + builder2.SetPermissions(static_cast(0)); builder2.Identifier = identifier.Id; auto sasToken = builder2.GenerateSasToken(*keyCredential); @@ -201,7 +195,7 @@ namespace Azure { namespace Storage { namespace Test { headers.CacheControl = "no-cache"; headers.ContentEncoding = "identify"; - Files::Shares::ShareSasBuilder builder2 = fileSasBuilder; + Sas::ShareSasBuilder builder2 = fileSasBuilder; builder2.ContentType = "application/x-binary"; builder2.ContentLanguage = "en-US"; builder2.ContentDisposition = "attachment";