1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
package azblob
import (
"bytes"
"strings"
"time"
chk "gopkg.in/check.v1"
)
func (s *aztestsSuite) TestSnapshotSAS(c *chk.C) {
//Generate URLs ----------------------------------------------------------------------------------------------------
bsu := getBSU()
containerURL, containerName := getContainerURL(c, bsu)
blobURL, blobName := getBlockBlobURL(c, containerURL)
_, err := containerURL.Create(ctx, Metadata{}, PublicAccessNone)
defer containerURL.Delete(ctx, ContainerAccessConditions{})
if err != nil {
c.Fatal(err)
}
//Create file in container, download from snapshot to test. --------------------------------------------------------
burl := containerURL.NewBlockBlobURL(blobName)
data := "Hello world!"
_, err = burl.Upload(ctx, strings.NewReader(data), BlobHTTPHeaders{ContentType: "text/plain"}, Metadata{}, BlobAccessConditions{}, DefaultAccessTier, nil, ClientProvidedKeyOptions{}, ImmutabilityPolicyOptions{})
if err != nil {
c.Fatal(err)
}
//Create a snapshot & URL
createSnapshot, err := burl.CreateSnapshot(ctx, Metadata{}, BlobAccessConditions{}, ClientProvidedKeyOptions{})
if err != nil {
c.Fatal(err)
}
//Format snapshot time
snapTime, err := time.Parse(SnapshotTimeFormat, createSnapshot.Snapshot())
if err != nil {
c.Fatal(err)
}
//Get credentials & current time
currentTime := time.Now().UTC()
credential, err := getGenericCredential("")
if err != nil {
c.Fatal("Invalid credential")
}
//Create SAS query
snapSASQueryParams, err := BlobSASSignatureValues{
StartTime: currentTime,
ExpiryTime: currentTime.Add(48 * time.Hour),
SnapshotTime: snapTime,
Permissions: "racwd",
ContainerName: containerName,
BlobName: blobName,
Protocol: SASProtocolHTTPS,
}.NewSASQueryParameters(credential)
if err != nil {
c.Fatal(err)
}
time.Sleep(time.Second * 2)
//Attach SAS query to block blob URL
p := NewPipeline(NewAnonymousCredential(), PipelineOptions{})
snapParts := NewBlobURLParts(blobURL.URL())
snapParts.SAS = snapSASQueryParams
sburl := NewBlockBlobURL(snapParts.URL(), p)
//Test the snapshot
downloadResponse, err := sburl.Download(ctx, 0, 0, BlobAccessConditions{}, false, ClientProvidedKeyOptions{})
if err != nil {
c.Fatal(err)
}
downloadedData := &bytes.Buffer{}
reader := downloadResponse.Body(RetryReaderOptions{})
downloadedData.ReadFrom(reader)
reader.Close()
c.Assert(data, chk.Equals, downloadedData.String())
//Try to delete snapshot -------------------------------------------------------------------------------------------
_, err = sburl.Delete(ctx, DeleteSnapshotsOptionNone, BlobAccessConditions{})
if err != nil { //This shouldn't fail.
c.Fatal(err)
}
//Create a normal blob and attempt to use the snapshot SAS against it (assuming failure) ---------------------------
//If this succeeds, it means a normal SAS token was created.
fsburl := containerURL.NewBlockBlobURL("failsnap")
_, err = fsburl.Upload(ctx, strings.NewReader(data), BlobHTTPHeaders{ContentType: "text/plain"}, Metadata{}, BlobAccessConditions{}, DefaultAccessTier, nil, ClientProvidedKeyOptions{}, ImmutabilityPolicyOptions{})
if err != nil {
c.Fatal(err) //should succeed to create the blob via normal auth means
}
fsburlparts := NewBlobURLParts(fsburl.URL())
fsburlparts.SAS = snapSASQueryParams
fsburl = NewBlockBlobURL(fsburlparts.URL(), p) //re-use fsburl as we don't need the sharedkey version anymore
resp, err := fsburl.Delete(ctx, DeleteSnapshotsOptionNone, BlobAccessConditions{})
if err == nil {
c.Fatal(resp) //This SHOULD fail. Otherwise we have a normal SAS token...
}
}
|
