Merge branch 'accountsas' of https://github.com/wastoresh/azure-powershell-pr into dev

Author: blueww

src/Common/Storage/Commands.Storage.Test/Service/MockStorageBlobManagement.cs

@@ -685,6 +685,16 @@ public Task<string> StartCopyAsync(CloudBlob blob, Uri source, AccessCondition s
             throw new NotImplementedException();
         }
 
+        /// <summary>
+        /// Get the SAS token for an account.
+        /// </summary>
+        /// <param name="sharedAccessAccountPolicy">Shared access policy to generate the SAS token.</param>
+        /// <returns>Account SAS token.</returns>
+        public string GetStorageAccountSASToken(SharedAccessAccountPolicy sharedAccessAccountPolicy)
+        {
+            throw new NotImplementedException();
+        }
+
         /// <summary>
         /// The storage context
         /// </summary>

src/Common/Storage/Commands.Storage/Commands.Storage.csproj

@@ -180,6 +180,7 @@
     <Compile Include="Common\BlobToFileSystemNameResolver.cs" />
     <Compile Include="Blob\Cmdlet\StartAzureStorageBlobCopy.cs" />
     <Compile Include="Blob\Cmdlet\StopAzureStorageBlobCopy.cs" />
+    <Compile Include="Common\Cmdlet\NewAzureStorageAccountSasToken.cs" />
     <Compile Include="Common\Cmdlet\SetAzureStorageCORSRule.cs" />
     <Compile Include="Common\Cmdlet\GetAzureStorageCORSRule.cs" />
     <Compile Include="Common\Cmdlet\GetAzureStorageServiceLogging.cs" />

src/Common/Storage/Commands.Storage/Common/Cmdlet/NewAzureStorageAccountSasToken.cs

@@ -0,0 +1,154 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+namespace Microsoft.WindowsAzure.Commands.Storage.Common.Cmdlet
+{
+    using System;
+    using System.Management.Automation;
+    using System.Security.Permissions;
+    using Microsoft.WindowsAzure.Commands.Storage.Model.Contract;
+    using Microsoft.WindowsAzure.Storage;
+
+    [Cmdlet(VerbsCommon.New, StorageNouns.AccountSas), OutputType(typeof(String))]
+    public class NewAzureStorageAccountSasTokenCommand : StorageCloudBlobCmdletBase
+    {
+        [Parameter(Mandatory = true, HelpMessage = "Service type that this SAS token applies to.")]
+        public SharedAccessAccountServices Service { get; set; }
+
+        [Parameter(Mandatory = true, HelpMessage = "Resource type that this SAS token applies to.")]
+        public SharedAccessAccountResourceTypes ResourceType { get; set; }
+
+        [Parameter(Mandatory = true, HelpMessage = "Permissions.")]
+        public string Permission { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "Protocol can be used in the request with this SAS token.")]
+        public SharedAccessProtocol Protocol { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "IP, or IP range ACL (access control list) that the request would be accepted from by Azure Storage.")]
+        public string IPAddressOrRange { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "Start Time")]
+        public DateTime? StartTime { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "Expiry Time")]
+        public DateTime? ExpiryTime { get; set; }
+
+        /// <summary>
+        /// Initializes a new instance of the NewAzureStorageAccountSasTokenCommand class.
+        /// </summary>
+        public NewAzureStorageAccountSasTokenCommand()
+            : this(null)
+        {
+        }
+
+        /// <summary>
+        /// Initializes a new instance of the NewAzureStorageAccountSasTokenCommand class.
+        /// </summary>
+        /// <param name="channel">IStorageBlobManagement channel</param>
+        public NewAzureStorageAccountSasTokenCommand(IStorageBlobManagement channel)
+        {
+            Channel = channel;
+            EnableMultiThread = false;
+        }
+
+        /// <summary>
+        /// Execute command
+        /// </summary>
+        [PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
+        public override void ExecuteCmdlet()
+        {
+            var sharedAccessPolicy = new SharedAccessAccountPolicy()
+            {
+                Permissions = SetupAccessPolicyPermission(this.Permission),
+                Services = Service,
+                ResourceTypes = ResourceType,
+                Protocols = Protocol,
+                IPAddressOrRange = SetupIPAddressOrRange(this.IPAddressOrRange)
+            };
+
+            DateTimeOffset? accessStartTime;
+            DateTimeOffset? accessEndTime;
+            SasTokenHelper.SetupAccessPolicyLifeTime(StartTime, ExpiryTime,
+                out accessStartTime, out accessEndTime, true);
+            sharedAccessPolicy.SharedAccessStartTime = accessStartTime;
+            sharedAccessPolicy.SharedAccessExpiryTime = accessEndTime;
+
+            this.WriteObject(Channel.GetStorageAccountSASToken(sharedAccessPolicy));
+        }
+
+        /// <summary>
+        /// Set up access policy permission
+        /// </summary>
+        /// <param name="policy">SharedAccessBlobPolicy object</param>
+        /// <param name="permission">Permisson</param>
+        internal SharedAccessAccountPermissions SetupAccessPolicyPermission(string permission)
+        {
+            if (string.IsNullOrEmpty(permission)) return SharedAccessAccountPermissions.None;
+
+            SharedAccessAccountPermissions accountPermission = SharedAccessAccountPermissions.None;
+            permission = permission.ToLower();
+            foreach (char op in permission)
+            {
+                switch (op)
+                {
+                    case StorageNouns.Permission.Read:
+                    case StorageNouns.Permission.Query:
+                        accountPermission |= SharedAccessAccountPermissions.Read;
+                        break;
+                    case StorageNouns.Permission.Process:
+                        accountPermission |= SharedAccessAccountPermissions.ProcessMessages;
+                        break;
+                    case StorageNouns.Permission.Write:
+                        accountPermission |= SharedAccessAccountPermissions.Write;
+                        break;
+                    case StorageNouns.Permission.Add:
+                        accountPermission |= SharedAccessAccountPermissions.Add;
+                        break;
+                    case StorageNouns.Permission.Create:
+                        accountPermission |= SharedAccessAccountPermissions.Create;
+                        break;
+                    case StorageNouns.Permission.Update:
+                        accountPermission |= SharedAccessAccountPermissions.Update;
+                        break;
+                    case StorageNouns.Permission.Delete:
+                        accountPermission |= SharedAccessAccountPermissions.Delete;
+                        break;
+                    case StorageNouns.Permission.List:
+                        accountPermission |= SharedAccessAccountPermissions.List;
+                        break;
+                    default:
+                        throw new ArgumentException(string.Format(Resources.InvalidAccessPermission, op));
+                }
+            }
+
+            return accountPermission;
+        }
+
+        internal IPAddressOrRange SetupIPAddressOrRange(string inputIPACL)
+        {
+            if (string.IsNullOrEmpty(inputIPACL)) return null;
+
+            int separator = inputIPACL.IndexOf('-');
+
+            if (-1 == separator)
+            {
+                return new IPAddressOrRange(inputIPACL);
+            }
+            else
+            {
+                return new IPAddressOrRange(inputIPACL.Substring(0, separator), inputIPACL.Substring(separator + 1));
+            }
+        }
+    }
+}

src/Common/Storage/Commands.Storage/Common/StorageNouns.cs

@@ -104,6 +104,11 @@ public static class StorageNouns
         /// </summary>
         public const string StorageCORSRule = "AzureStorageCORSRule";
 
+        /// <summary>
+        /// Azure storage account sas
+        /// </summary>
+        public const string AccountSas = "AzureStorageAccountSASToken";
+
         /// <summary>
         /// Azure storage container sas
         /// </summary>
@@ -214,6 +219,11 @@ public static class Permission
             /// Query permission
             /// </summary>
             public const char Query = 'q';
+
+            /// <summary>
+            /// Create permission.
+            /// </summary>
+            public const char Create = 'c';
         }
     }
 }

src/Common/Storage/Commands.Storage/Model/Contract/IStorageBlobManagement.cs

@@ -208,6 +208,13 @@ public interface IStorageBlobManagement : IStorageManagement
         /// <param name="operationContext">Operation context</param>
         void SetStorageServiceProperties(StorageServiceType type, ServiceProperties properties, IRequestOptions options, OperationContext operationContext);
 
+        /// <summary>
+        /// Get the SAS token for an account.
+        /// </summary>
+        /// <param name="sharedAccessAccountPolicy">Shared access policy to generate the SAS token.</param>
+        /// <returns>Account SAS token.</returns>
+        string GetStorageAccountSASToken(SharedAccessAccountPolicy sharedAccessAccountPolicy);
+
         /// <summary>
         /// Async get container presssions
         /// </summary>

src/Common/Storage/Commands.Storage/Model/Contract/StorageBlobManagement.cs

@@ -396,6 +396,16 @@ public void SetStorageServiceProperties(StorageServiceType type, ServiceProperti
             }
         }
 
+        /// <summary>
+        /// Get the SAS token for an account.
+        /// </summary>
+        /// <param name="sharedAccessAccountPolicy">Shared access policy to generate the SAS token.</param>
+        /// <returns>Account SAS token.</returns>
+        public string GetStorageAccountSASToken(SharedAccessAccountPolicy sharedAccessAccountPolicy)
+        {
+            return StorageContext.StorageAccount.GetSharedAccessSignature(sharedAccessAccountPolicy);
+        }
+
         /// <summary>
         /// Async Get container presssions
         /// </summary>

src/ResourceManager/KeyVault/Commands.KeyVault/Commands.KeyVault.csproj

@@ -186,6 +186,9 @@
       <SpecificVersion>False</SpecificVersion>
       <HintPath>..\..\..\packages\Newtonsoft.Json.6.0.8\lib\net45\Newtonsoft.Json.dll</HintPath>
     </Reference>
+    <Reference Include="System.Spatial, Version=5.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\..\..\packages\System.Spatial.5.6.0\lib\net40\System.Spatial.dll</HintPath>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
     <Reference Include="System.Net" />