def test_set_table_acl_with_signed_identifiers(self, resource_group,
location, storage_account,
storage_account_key):
# Arrange
url = self.account_url(storage_account, "table")
if 'cosmos' in url:
pytest.skip("Cosmos endpoint does not support this")
ts = TableServiceClient(url, storage_account_key)
table = self._create_table(ts)
client = ts.get_table_client(table_name=table.table_name)
# Act
identifiers = dict()
identifiers['testid'] = AccessPolicy(
start=datetime.utcnow() - timedelta(minutes=5),
expiry=datetime.utcnow() + timedelta(hours=1),
permission='r')
try:
client.set_table_access_policy(signed_identifiers=identifiers)
# Assert
acl = client.get_table_access_policy()
self.assertIsNotNone(acl)
self.assertEqual(len(acl), 1)
self.assertTrue('testid' in acl)
finally:
# self._delete_table(table)
ts.delete_table(table.table_name)
async def test_set_table_acl_with_signed_identifiers(
self, tables_storage_account_name,
tables_primary_storage_account_key):
# Arrange
url = self.account_url(tables_storage_account_name, "table")
ts = TableServiceClient(url, tables_primary_storage_account_key)
table = await self._create_table(ts)
client = ts.get_table_client(table_name=table.table_name)
# Act
identifiers = dict()
identifiers['testid'] = AccessPolicy(
start=datetime.utcnow() - timedelta(minutes=5),
expiry=datetime.utcnow() + timedelta(hours=1),
permission=TableSasPermissions(read=True))
try:
await client.set_table_access_policy(signed_identifiers=identifiers
)
# Assert
acl = await client.get_table_access_policy()
assert acl is not None
assert len(acl) == 1
assert 'testid' in acl
finally:
await ts.delete_table(table.table_name)
async def test_set_table_acl_with_signed_identifiers(
self, resource_group, location, cosmos_account,
cosmos_account_key):
# Arrange
url = self.account_url(cosmos_account, "cosmos")
if 'cosmos' in url:
pytest.skip("Cosmos endpoint does not support this")
ts = TableServiceClient(url, cosmos_account_key)
table = await self._create_table(ts)
client = ts.get_table_client(table_name=table.table_name)
# Act
identifiers = dict()
identifiers['testid'] = AccessPolicy(
start=datetime.utcnow() - timedelta(minutes=5),
expiry=datetime.utcnow() + timedelta(hours=1),
permission=TableSasPermissions(read=True))
try:
await client.set_table_access_policy(signed_identifiers=identifiers
)
# Assert
acl = await client.get_table_access_policy()
self.assertIsNotNone(acl)
self.assertEqual(len(acl), 1)
self.assertTrue('testid' in acl)
finally:
await ts.delete_table(table.table_name)
if self.is_live:
sleep(SLEEP_DELAY)
def test_set_table_acl_with_signed_identifiers(self, tables_cosmos_account_name,
tables_primary_cosmos_account_key):
# Arrange
url = self.account_url(tables_cosmos_account_name, "cosmos")
ts = TableServiceClient(url, tables_primary_cosmos_account_key)
table = self._create_table(ts)
client = ts.get_table_client(table_name=table.table_name)
# Act
identifiers = dict()
identifiers['testid'] = AccessPolicy(start=datetime.utcnow() - timedelta(minutes=5),
expiry=datetime.utcnow() + timedelta(hours=1),
permission='r')
try:
client.set_table_access_policy(signed_identifiers=identifiers)
# Assert
acl = client.get_table_access_policy()
assert acl is not None
assert len(acl) == 1
assert 'testid' in acl
finally:
ts.delete_table(table.table_name)
if self.is_live:
sleep(SLEEP_DELAY)
def test_set_table_acl_with_signed_identifiers(self, resource_group,
location, storage_account,
storage_account_key):
# Arrange
account_url = self.account_url(storage_account, "table")
if 'cosmos' in account_url:
pytest.skip("Cosmos URLs do notsupport unicode table names")
ts = self.create_client_from_credential(TableServiceClient,
storage_account_key,
account_url=account_url)
table = self._create_table(ts)
client = ts.get_table_client(table_name=table.table_name)
# Act
identifiers = dict()
identifiers['testid'] = AccessPolicy(
start=datetime.utcnow() - timedelta(minutes=5),
expiry=datetime.utcnow() + timedelta(hours=1),
permission='r')
try:
client.set_table_access_policy(signed_identifiers=identifiers)
# Assert
acl = client.get_table_access_policy()
assert acl is not None
assert len(acl) == 1
assert 'testid' in acl
finally:
ts.delete_table(table.table_name)
def test_set_table_acl_with_signed_identifiers(
self, tables_storage_account_name,
tables_primary_storage_account_key):
# Arrange
account_url = self.account_url(tables_storage_account_name, "table")
ts = self.create_client_from_credential(
TableServiceClient,
tables_primary_storage_account_key,
endpoint=account_url)
table = self._create_table(ts)
client = ts.get_table_client(table_name=table.table_name)
# Act
identifiers = dict()
identifiers['testid'] = AccessPolicy(
start=datetime.utcnow() - timedelta(minutes=5),
expiry=datetime.utcnow() + timedelta(hours=1),
permission='r')
try:
client.set_table_access_policy(signed_identifiers=identifiers)
# Assert
acl = client.get_table_access_policy()
assert acl is not None
assert len(acl) == 1
assert 'testid' in acl
finally:
ts.delete_table(table.table_name)
def set_access_policy(self):
# [START create_table_client_from_connection_string]
from azure.data.tables import TableClient
table = TableClient.from_connection_string(self.connection_string,
table_name="mytable1")
# [END create_table_client_from_connection_string]
# Create the Table
table.create_table()
try:
# [START set_access_policy]
# Create an access policy
from azure.data.tables import AccessPolicy, TableSasPermissions
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = TableSasPermissions(add=True)
identifiers = {'my-access-policy-id': access_policy}
# Set the access policy
table.set_table_access_policy(identifiers)
# [END set_access_policy]
# Use the access policy to generate a SAS token
# [START table_client_sas_token]
from azure.data.tables import generate_table_sas
sas_token = generate_table_sas(table.account_name,
table.table_name,
table.credential.account_key,
policy_id='my-access-policy-id')
# [END table_client_sas_token]
# Authenticate with the sas token
# [START create_table_client]
# token_auth_table = table.from_table_url(
# table_url=table.url,
# credential=sas_token
# )
# [END create_table_client]
finally:
# Delete the table
table.delete_table()
