def test_sas_signed_identifier(self):
# SAS URL is calculated from storage key, so this test runs live only
if TestMode.need_recording_file(self.test_mode):
return
# Arrange
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueuePermissions.READ
identifiers = {'testid': access_policy}
queue_client = self._create_queue()
resp = queue_client.set_queue_access_policy(identifiers)
queue_client.enqueue_message(u'message1')
token = queue_client.generate_shared_access_signature(
policy_id='testid')
# Act
service = QueueClient(
queue_url=queue_client.url,
credential=token,
)
result = service.peek_messages()
# Assert
self.assertIsNotNone(result)
self.assertEqual(1, len(result))
message = result[0]
self.assertIsNotNone(message)
self.assertNotEqual('', message.id)
self.assertEqual(u'message1', message.content)
def test_set_access_policy(self, resource_group, location, storage_account, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
if not self.is_live:
return
# [START create_queue_client_from_connection_string]
from azure.storage.queue import QueueClient
queue_client = QueueClient.from_connection_string(self.connection_string(storage_account, storage_account_key), "queuetest")
# [END create_queue_client_from_connection_string]
# Create the queue
try:
queue_client.create_queue()
except ResourceExistsError:
pass
queue_client.send_message(u"hello world")
try:
# [START set_access_policy]
# Create an access policy
from azure.storage.queue import AccessPolicy, QueueSasPermissions
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueueSasPermissions(read=True)
identifiers = {'my-access-policy-id': access_policy}
# Set the access policy
queue_client.set_queue_access_policy(identifiers)
# [END set_access_policy]
# Use the access policy to generate a SAS token
# [START queue_client_sas_token]
from azure.storage.queue import generate_queue_sas
sas_token = generate_queue_sas(
queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
policy_id='my-access-policy-id'
)
# [END queue_client_sas_token]
# Authenticate with the sas token
# [START create_queue_client]
q = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=sas_token
)
# [END create_queue_client]
# Use the newly authenticated client to receive messages
my_message = q.receive_messages()
assert my_message is not None
finally:
# Delete the queue
queue_client.delete_queue()
async def test_set_access_policy(self, resource_group, location,
storage_account, storage_account_key):
connection_string = self.connection_string(storage_account,
storage_account_key)
storage_url = self._account_url(storage_account.name)
# [START async_create_queue_client_from_connection_string]
from azure.storage.queue.aio import QueueClient
queue_client = QueueClient.from_connection_string(
self.connection_string(storage_account, storage_account_key),
"asyncqueuetest")
# [END async_create_queue_client_from_connection_string]
# Create the queue
try:
await queue_client.create_queue()
except ResourceExistsError:
pass
await queue_client.send_message(u"hello world")
try:
# [START async_set_access_policy]
# Create an access policy
from azure.storage.queue import AccessPolicy, QueueSasPermissions
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueueSasPermissions(read=True)
identifiers = {'my-access-policy-id': access_policy}
# Set the access policy
await queue_client.set_queue_access_policy(identifiers)
# [END async_set_access_policy]
# Use the access policy to generate a SAS token
from azure.storage.queue import generate_queue_sas
sas_token = generate_queue_sas(queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
policy_id='my-access-policy-id')
# [END async_set_access_policy]
# Authenticate with the sas token
# [START async_create_queue_client]
from azure.storage.queue.aio import QueueClient
q = QueueClient.from_queue_url(queue_url=queue_client.url,
credential=sas_token)
# [END async_create_queue_client]
# Use the newly authenticated client to receive messages
my_messages = q.receive_messages()
finally:
# Delete the queue
await queue_client.delete_queue()
def test_set_access_policy(self):
# SAS URL is calculated from storage key, so this test runs live only
if TestMode.need_recording_file(self.test_mode):
return
# [START create_queue_client_from_connection_string]
from azure.storage.queue import QueueClient
queue_client = QueueClient.from_connection_string(self.connection_string, "queuetest")
# [END create_queue_client_from_connection_string]
# Create the queue
try:
queue_client.create_queue()
except ResourceExistsError:
pass
queue_client.enqueue_message(u"hello world")
try:
# [START set_access_policy]
# Create an access policy
from azure.storage.queue import AccessPolicy, QueuePermissions
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueuePermissions.READ
identifiers = {'my-access-policy-id': access_policy}
# Set the access policy
queue_client.set_queue_access_policy(identifiers)
# [END set_access_policy]
# Use the access policy to generate a SAS token
# [START queue_client_sas_token]
sas_token = queue_client.generate_shared_access_signature(
policy_id='my-access-policy-id'
)
# [END queue_client_sas_token]
# Authenticate with the sas token
# [START create_queue_client]
q = QueueClient(
queue_url=queue_client.url,
credential=sas_token
)
# [END create_queue_client]
# Use the newly authenticated client to receive messages
my_message = q.receive_messages()
assert my_message is not None
finally:
# Delete the queue
queue_client.delete_queue()
def set_access_policy(self):
# [START create_queue_client_from_connection_string]
from azure.storage.queue import QueueClient
queue = QueueClient.from_connection_string(self.connection_string, "myqueue1")
# [END create_queue_client_from_connection_string]
# Create the queue
queue.create_queue()
# Send a message
queue.send_message(u"hello world")
try:
# [START set_access_policy]
# Create an access policy
from azure.storage.queue import AccessPolicy, QueueSasPermissions
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueueSasPermissions(read=True)
identifiers = {'my-access-policy-id': access_policy}
# Set the access policy
queue.set_queue_access_policy(identifiers)
# [END set_access_policy]
# Use the access policy to generate a SAS token
# [START queue_client_sas_token]
from azure.storage.queue import generate_queue_sas
sas_token = generate_queue_sas(
queue.account_name,
queue.queue_name,
queue.credential.account_key,
policy_id='my-access-policy-id'
)
# [END queue_client_sas_token]
# Authenticate with the sas token
# [START create_queue_client]
token_auth_queue = QueueClient.from_queue_url(
queue_url=queue.url,
credential=sas_token
)
# [END create_queue_client]
# Use the newly authenticated client to receive messages
my_message = token_auth_queue.receive_messages()
finally:
# Delete the queue
queue.delete_queue()
async def test_set_queue_acl_with_signed_identifiers(
self, resource_group, location, storage_account,
storage_account_key):
# Arrange
qsc = QueueServiceClient(self.account_url(storage_account, "queue"),
storage_account_key,
transport=AiohttpTestTransport())
queue_client = await self._create_queue(qsc)
# Act
access_policy = AccessPolicy(
permission=QueueSasPermissions(read=True),
expiry=datetime.utcnow() + timedelta(hours=1),
start=datetime.utcnow() - timedelta(minutes=5))
identifiers = {'testid': access_policy}
resp = await queue_client.set_queue_access_policy(
signed_identifiers=identifiers)
# Assert
self.assertIsNone(resp)
acl = await queue_client.get_queue_access_policy()
self.assertIsNotNone(acl)
self.assertEqual(len(acl), 1)
self.assertTrue('testid' in acl)
def test_set_queue_acl_with_signed_identifiers(self, storage_account_name,
storage_account_key):
# Arrange
qsc = QueueServiceClient(
self.account_url(storage_account_name, "queue"),
storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
# Act
access_policy = AccessPolicy(
permission=QueueSasPermissions(read=True),
expiry=datetime.utcnow() + timedelta(hours=1),
start=datetime.utcnow() - timedelta(minutes=5))
identifiers = {'testid': access_policy}
resp = queue_client.set_queue_access_policy(
signed_identifiers=identifiers)
# Assert
self.assertIsNone(resp)
acl = queue_client.get_queue_access_policy()
self.assertIsNotNone(acl)
self.assertEqual(len(acl), 1)
self.assertTrue('testid' in acl)
def queue_acl_operations(self, queue_service):
queue_name = 'aclqueue' + self.random_data.get_random_name(6)
try:
print('1. Create a queue with name - ' + queue_name)
queue_client = queue_service.create_queue(queue_name)
print('2. Set access policy for queue')
access_policy = AccessPolicy(
permission=QueueSasPermissions(read=True),
expiry=datetime.datetime.utcnow() +
datetime.timedelta(hours=1),
start=datetime.datetime.utcnow())
identifiers = {'id': access_policy}
queue_client.set_queue_access_policy(
signed_identifiers=identifiers)
print('3. Get access policy from queue')
acl = queue_client.get_queue_access_policy()
print('4. Clear access policy in queue')
# Clear
queue_client.set_queue_access_policy({})
finally:
print('5. Delete queue')
queue_client.delete_queue()
print("Queue ACL operations sample completed")
def test_sas_signed_identifier(self, resource_group, location,
storage_account, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
if not self.is_live:
return
# Arrange
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueueSasPermissions(read=True)
identifiers = {'testid': access_policy}
qsc = QueueServiceClient(self._account_url(storage_account.name),
storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
resp = queue_client.set_queue_access_policy(identifiers)
queue_client.send_message(u'message1')
token = generate_queue_sas(queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
policy_id='testid')
# Act
service = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=token,
)
result = service.peek_messages()
# Assert
self.assertIsNotNone(result)
self.assertEqual(1, len(result))
message = result[0]
self.assertIsNotNone(message)
self.assertNotEqual('', message.id)
self.assertEqual(u'message1', message.content)
def test_set_queue_acl_too_many_ids(self):
# Arrange
queue_client = self._create_queue()
# Act
identifiers = dict()
for i in range(0, 16):
identifiers['id{}'.format(i)] = AccessPolicy()
# Assert
with self.assertRaises(ValueError):
queue_client.set_queue_access_policy(identifiers)
async def test_set_queue_acl_too_many_ids(self, resource_group, location, storage_account, storage_account_key):
# Arrange
qsc = QueueServiceClient(self.account_url(storage_account.name, "queue"), storage_account_key, transport=AiohttpTestTransport())
queue_client = await self._create_queue(qsc)
# Act
identifiers = dict()
for i in range(0, 16):
identifiers['id{}'.format(i)] = AccessPolicy()
# Assert
with self.assertRaises(ValueError):
await queue_client.set_queue_access_policy(identifiers)
async def test_sas_signed_identifier(self, resource_group, location,
storage_account, storage_account_key):
qsc = QueueServiceClient(self._account_url(storage_account.name),
storage_account_key,
transport=AiohttpTestTransport())
# SAS URL is calculated from storage key, so this test runs live only
if self.is_playback():
return
# Arrange
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueuePermissions.READ
identifiers = {'testid': access_policy}
queue_client = await self._create_queue(qsc)
resp = await queue_client.set_queue_access_policy(identifiers)
await queue_client.enqueue_message(u'message1')
token = queue_client.generate_shared_access_signature(
policy_id='testid')
# Act
service = QueueClient(
queue_url=queue_client.url,
credential=token,
)
result = await service.peek_messages()
# Assert
self.assertIsNotNone(result)
self.assertEqual(1, len(result))
message = result[0]
self.assertIsNotNone(message)
self.assertNotEqual('', message.id)
self.assertEqual(u'message1', message.content)
def test_set_queue_acl_too_many_ids(self, resource_group, location, storage_account, storage_account_key):
# Arrange
qsc = QueueServiceClient(self.account_url(storage_account, "queue"), storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
# Act
identifiers = dict()
for i in range(0, 16):
identifiers['id{}'.format(i)] = AccessPolicy()
# Assert
with self.assertRaises(ValueError):
queue_client.set_queue_access_policy(identifiers)
def test_set_queue_acl_with_empty_signed_identifier(self):
# Arrange
queue_client = self._create_queue()
# Act
queue_client.set_queue_access_policy(signed_identifiers={'empty': AccessPolicy()})
# Assert
acl = queue_client.get_queue_access_policy()
self.assertIsNotNone(acl)
self.assertEqual(len(acl), 1)
self.assertIsNotNone(acl['empty'])
self.assertIsNone(acl['empty'].permission)
self.assertIsNone(acl['empty'].expiry)
self.assertIsNone(acl['empty'].start)
def test_set_queue_acl_with_signed_identifiers(self):
# Arrange
queue_client = self._create_queue()
# Act
access_policy = AccessPolicy(permission=QueuePermissions.READ,
expiry=datetime.utcnow() + timedelta(hours=1),
start=datetime.utcnow() - timedelta(minutes=5))
identifiers = {'testid': access_policy}
resp = queue_client.set_queue_access_policy(signed_identifiers=identifiers)
# Assert
self.assertIsNone(resp)
acl = queue_client.get_queue_access_policy()
self.assertIsNotNone(acl)
self.assertEqual(len(acl), 1)
self.assertTrue('testid' in acl)