Skip to content

Commit aae4e15

Browse files
bluewwblueww
authored
[Storage] Support LocalUser & SFTP (Azure#19239)
1 parent 1251ae8 commit aae4e15

28 files changed

+4653
-24
lines changed

src/Storage/Storage.Management.Test/ScenarioTests/StorageAccountTests.cs

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -287,6 +287,13 @@ public void TestNewAzStorageContext()
287287
public void TestNewSetAzStorageAccountFileAADKERB()
288288
{
289289
TestRunner.RunTestScript("Test-NewSetAzStorageAccountFileAADKERB");
290-
}
290+
}
291+
292+
[Fact]
293+
[Trait(Category.AcceptanceType, Category.CheckIn)]
294+
public void TestAzureStorageLocalUserSftp()
295+
{
296+
TestRunner.RunTestScript("Test-AzureStorageLocalUserSftp");
297+
}
291298
}
292299
}

src/Storage/Storage.Management.Test/ScenarioTests/StorageAccountTests.ps1

Lines changed: 165 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2302,4 +2302,168 @@ function Test-NewSetAzStorageAccountFileAADKERB
23022302
Clean-ResourceGroup $rgname
23032303
}
23042304
}
2305-
2305+
2306+
<#
2307+
.SYNOPSIS
2308+
Test AzureStorageLocalUserSftp
2309+
.DESCRIPTION
2310+
SmokeTest
2311+
#>
2312+
function Test-AzureStorageLocalUserSftp
2313+
{
2314+
# Setup
2315+
$rgname = Get-StorageManagementTestResourceName;
2316+
2317+
try
2318+
{
2319+
# Test
2320+
$stoname = 'sto' + $rgname;
2321+
$stotype = 'Standard_LRS';
2322+
$loc = Get-ProviderLocation_Canary ResourceManagement;
2323+
$kind = 'StorageV2'
2324+
2325+
New-AzResourceGroup -Name $rgname -Location $loc;
2326+
New-AzStorageAccount -ResourceGroupName $rgname -Name $stoname -Location $loc -Type $stotype -Kind $kind -EnableSftp $true -EnableHierarchicalNamespace $true -EnableNfsV3 $false -EnableLocalUser $true
2327+
2328+
Retry-IfException { $global:sto = Get-AzStorageAccount -ResourceGroupName $rgname -Name $stoname; }
2329+
Assert-AreEqual $stoname $sto.StorageAccountName;
2330+
Assert-AreEqual $stotype $sto.Sku.Name;
2331+
Assert-AreEqual $loc.ToLower().Replace(" ", "") $sto.Location;
2332+
Assert-AreEqual $kind $sto.Kind;
2333+
Assert-AreEqual $true $sto.EnableSftp;
2334+
Assert-AreEqual $true $sto.EnableLocalUser;
2335+
2336+
Retry-IfException { $global:sto = Set-AzStorageAccount -ResourceGroupName $rgname -Name $stoname -EnableSftp $false }
2337+
Assert-AreEqual $false $sto.EnableSftp;
2338+
Assert-AreEqual $true $sto.EnableLocalUser;
2339+
2340+
Retry-IfException { $global:sto = Set-AzStorageAccount -ResourceGroupName $rgname -Name $stoname -EnableLocalUser $false }
2341+
Assert-AreEqual $false $sto.EnableSftp;
2342+
Assert-AreEqual $false $sto.EnableLocalUser;
2343+
2344+
Retry-IfException { $global:sto = Set-AzStorageAccount -ResourceGroupName $rgname -Name $stoname -EnableLocalUser $true -EnableSftp $true }
2345+
Assert-AreEqual $true $sto.EnableSftp;
2346+
Assert-AreEqual $true $sto.EnableLocalUser;
2347+
2348+
# create local user
2349+
$userName1 = "testuser1"
2350+
$userName2 = "testuser2"
2351+
$sshkey1 = New-AzStorageLocalUserSshPublicKey -Key "ssh-rsa keykeykeykeykey=" -Description "sshpulickey name1"
2352+
$sshkey2 = New-AzStorageLocalUserSshPublicKey -Key "ssh-rsa keykeykeykeykew=" -Description "sshpulickey name2"
2353+
$permissionScope1 = New-AzStorageLocalUserPermissionScope -Permission rwd -Service blob -ResourceName container1
2354+
$permissionScope2 = New-AzStorageLocalUserPermissionScope -Permission rw -Service file -ResourceName share2
2355+
$localuser1 = Set-AzStorageLocalUser -ResourceGroupName $rgname -StorageAccountName $stoname -UserName $userName1 -HomeDirectory "/" -SshAuthorizedKey $sshkey1,$sshkey2 -PermissionScope $permissionScope1,$permissionScope2 -HasSharedKey $true -HasSshKey $true -HasSshPassword $true
2356+
Assert-AreEqual $userName1 $localuser1.Name;
2357+
Assert-AreEqual $true $localuser1.HasSharedKey;
2358+
Assert-AreEqual $true $localuser1.HasSshKey;
2359+
Assert-AreEqual $true $localuser1.HasSshPassword;
2360+
Assert-AreEqual "/" $localuser1.HomeDirectory;
2361+
Assert-AreEqual 2 $localuser1.PermissionScopes.Count;
2362+
Assert-AreEqual "rwd" $localuser1.PermissionScopes[0].Permissions;
2363+
Assert-AreEqual "blob" $localuser1.PermissionScopes[0].Service;
2364+
Assert-AreEqual "container1" $localuser1.PermissionScopes[0].ResourceName;
2365+
Assert-AreEqual "rw" $localuser1.PermissionScopes[1].Permissions;
2366+
Assert-AreEqual "file" $localuser1.PermissionScopes[1].Service;
2367+
Assert-AreEqual "share2" $localuser1.PermissionScopes[1].ResourceName;
2368+
Assert-AreEqual 2 $localuser1.SshAuthorizedKeys.Count;
2369+
Assert-AreEqual "ssh-rsa keykeykeykeykey=" $localuser1.SshAuthorizedKeys[0].Key;
2370+
Assert-AreEqual "sshpulickey name1" $localuser1.SshAuthorizedKeys[0].Description;
2371+
Assert-AreEqual "ssh-rsa keykeykeykeykew=" $localuser1.SshAuthorizedKeys[1].Key;
2372+
Assert-AreEqual "sshpulickey name2" $localuser1.SshAuthorizedKeys[1].Description;
2373+
$localuser2 = Set-AzStorageLocalUser -ResourceGroupName $rgname -StorageAccountName $stoname -UserName $userName2 -HomeDirectory "/dir1"
2374+
Assert-AreEqual $userName2 $localuser2.Name;
2375+
Assert-Null $localuser2.HasSharedKey;
2376+
Assert-Null $localuser2.HasSshKey;
2377+
Assert-Null $localuser2.HasSshPassword;
2378+
Assert-AreEqual "/dir1" $localuser2.HomeDirectory;
2379+
Assert-Null $localuser2.PermissionScopes;
2380+
Assert-Null $localuser2.SshAuthorizedKeys;
2381+
2382+
# update local user
2383+
$localuser2 = Set-AzStorageLocalUser -ResourceGroupName $rgname -StorageAccountName $stoname -UserName $userName2 -HomeDirectory "/dir2" -HasSharedKey $true -HasSshKey $true -HasSshPassword $true `
2384+
-SshAuthorizedKey (@{
2385+
Description="sshpulickey name3";
2386+
Key="ssh-rsa keykeykeykeykew=";
2387+
},
2388+
@{
2389+
Description="sshpulickey name4";
2390+
Key="ssh-rsa keykeykeykeykew=";
2391+
}) `
2392+
-PermissionScope (@{
2393+
Permissions="rw";
2394+
Service="blob";
2395+
ResourceName="container1";
2396+
},
2397+
@{
2398+
Permissions="rwd";
2399+
Service="file";
2400+
ResourceName="share1";
2401+
})
2402+
Assert-AreEqual $userName2 $localuser2.Name;
2403+
Assert-AreEqual $true $localuser2.HasSharedKey;
2404+
Assert-AreEqual $true $localuser2.HasSshKey;
2405+
Assert-AreEqual $true $localuser2.HasSshPassword;
2406+
Assert-AreEqual "/dir2" $localuser2.HomeDirectory;
2407+
Assert-AreEqual 2 $localuser2.PermissionScopes.Count;
2408+
Assert-AreEqual "rw" $localuser2.PermissionScopes[0].Permissions;
2409+
Assert-AreEqual "blob" $localuser2.PermissionScopes[0].Service;
2410+
Assert-AreEqual "container1" $localuser2.PermissionScopes[0].ResourceName;
2411+
Assert-AreEqual "rwd" $localuser2.PermissionScopes[1].Permissions;
2412+
Assert-AreEqual "file" $localuser2.PermissionScopes[1].Service;
2413+
Assert-AreEqual "share1" $localuser2.PermissionScopes[1].ResourceName;
2414+
Assert-AreEqual 2 $localuser2.SshAuthorizedKeys.Count;
2415+
Assert-AreEqual "ssh-rsa keykeykeykeykew=" $localuser2.SshAuthorizedKeys[0].Key;
2416+
Assert-AreEqual "sshpulickey name3" $localuser2.SshAuthorizedKeys[0].Description;
2417+
Assert-AreEqual "ssh-rsa keykeykeykeykew=" $localuser2.SshAuthorizedKeys[1].Key;
2418+
Assert-AreEqual "sshpulickey name4" $localuser2.SshAuthorizedKeys[1].Description;
2419+
2420+
# get single local user
2421+
$localuser1 = Get-AzStorageLocalUser -ResourceGroupName $rgname -StorageAccountName $stoname -UserName $userName1
2422+
Assert-AreEqual $userName1 $localuser1.Name;
2423+
Assert-AreEqual $true $localuser1.HasSharedKey;
2424+
Assert-AreEqual $true $localuser1.HasSshKey;
2425+
Assert-AreEqual $true $localuser1.HasSshPassword;
2426+
Assert-AreEqual "/" $localuser1.HomeDirectory;
2427+
Assert-AreEqual 2 $localuser1.PermissionScopes.Count;
2428+
Assert-AreEqual "rwd" $localuser1.PermissionScopes[0].Permissions;
2429+
Assert-AreEqual "blob" $localuser1.PermissionScopes[0].Service;
2430+
Assert-AreEqual "container1" $localuser1.PermissionScopes[0].ResourceName;
2431+
Assert-AreEqual "rw" $localuser1.PermissionScopes[1].Permissions;
2432+
Assert-AreEqual "file" $localuser1.PermissionScopes[1].Service;
2433+
Assert-AreEqual "share2" $localuser1.PermissionScopes[1].ResourceName;
2434+
Assert-Null $localuser1.SshAuthorizedKeys;
2435+
2436+
#list all local users
2437+
$localusers = Get-AzStorageLocalUser -ResourceGroupName $rgname -StorageAccountName $stoname
2438+
Assert-AreEqual 2 $localusers.Count;
2439+
Assert-AreEqual $userName1 $localusers[0].Name;
2440+
Assert-AreEqual $userName2 $localusers[1].Name;
2441+
2442+
# get public key
2443+
$key = Get-AzStorageLocalUserKey -ResourceGroupName $rgname -StorageAccountName $stoname -UserName $userName1
2444+
Assert-NotNull $key.SharedKey
2445+
Assert-AreEqual 2 $key.SshAuthorizedKeys.Count;
2446+
#Assert-AreEqual "ssh-rsa keykeykeykeykey=" $key.SshAuthorizedKeys[0].Key;
2447+
Assert-AreEqual "sshpulickey name1" $key.SshAuthorizedKeys[0].Description;
2448+
Assert-AreEqual "ssh-rsa keykeykeykeykew=" $key.SshAuthorizedKeys[1].Key;
2449+
Assert-AreEqual "sshpulickey name2" $key.SshAuthorizedKeys[1].Description;
2450+
2451+
# regenerate ssh password
2452+
$password = New-AzStorageLocalUserSshPassword -ResourceGroupName $rgname -StorageAccountName $stoname -UserName $userName1
2453+
Assert-NotNull $password.SshPassword
2454+
2455+
# remove local user
2456+
Remove-AzStorageLocalUser -ResourceGroupName $rgname -StorageAccountName $stoname -UserName $userName1
2457+
$localusers = Get-AzStorageLocalUser -ResourceGroupName $rgname -StorageAccountName $stoname
2458+
Assert-AreEqual 1 $localusers.Count;
2459+
Assert-AreEqual $userName2 $localusers[0].Name;
2460+
2461+
#clean up
2462+
Remove-AzStorageAccount -Force -ResourceGroupName $rgname -Name $stoname;
2463+
}
2464+
finally
2465+
{
2466+
# Cleanup
2467+
Clean-ResourceGroup $rgname
2468+
}
2469+
}

0 commit comments

Comments
 (0)