Skip to content

[Storage] set/get_access_policy for ContainerClient #3303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 16 commits into from
Nov 25, 2025
+282 −70
Merged

[Storage] set/get_access_policy for ContainerClient #3303

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
6cb4e42
Generate + set/get_access_policy
vincenttran-msft Nov 7, 2025
b4e964a
Add a multiple SignedIdentifier case to test, add helper and utilize …
vincenttran-msft Nov 7, 2025
6dd2d4b
nit export SignedIdentifiersHeaders
vincenttran-msft Nov 7, 2025
f391027
Use default values to get the datetime objects in the recording vars
vincenttran-msft Nov 12, 2025
7bc0007
PR feedback
vincenttran-msft Nov 14, 2025
b064f91
Merge branch 'main' into vincenttran/access_policy_2
vincenttran-msft Nov 14, 2025
bd4a5e6
Regen against feature branch, CI clean docstring example, changelog e…
vincenttran-msft Nov 14, 2025
e3661fa
PR feedback
vincenttran-msft Nov 15, 2025
8598541
Make snippet more pointed, add ignore
vincenttran-msft Nov 15, 2025
f26b766
PR feedback
vincenttran-msft Nov 18, 2025
6dda315
Merge branch 'main' into vincenttran/access_policy_2
vincenttran-msft Nov 21, 2025
72d0f5c
Not generating properly
vincenttran-msft Nov 21, 2025
d2f0a0f
Refactor to use new rfc3339-fixed-width
vincenttran-msft Nov 21, 2025
6961ba5
Regen against base feature branch
vincenttran-msft Nov 21, 2025
2d951fe
Merge branch 'main' into vincenttran/access_policy_2
vincenttran-msft Nov 24, 2025
5d8e9a5
Test recordings
vincenttran-msft Nov 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions sdk/storage/.dict.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ RAGRS
restype
ruleid
secondtag
subsecond
testblob1
testblob2
testblob3
Expand Down
5 changes: 5 additions & 0 deletions sdk/storage/azure_storage_blob/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,13 @@

### Features Added

- Added support for `set_access_policy` to `BlobContainerClient`.
- Added support for `get_access_policy` to `BlobContainerClient`.

### Breaking Changes

- Changed conversion implementation from `BlobTags` to `HashMap<String, String>` from `TryFrom` to `From`.

### Bugs Fixed

### Other Changes
Expand Down
1 change: 1 addition & 0 deletions sdk/storage/azure_storage_blob/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ async-trait.workspace = true
azure_core = { workspace = true, features = ["xml"] }
serde.workspace = true
serde_json.workspace = true
time.workspace = true
typespec_client_core = { workspace = true, features = ["derive"] }
url.workspace = true
uuid.workspace = true
Expand Down
2 changes: 1 addition & 1 deletion sdk/storage/azure_storage_blob/assets.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"AssetsRepo": "Azure/azure-sdk-assets",
"AssetsRepoPrefixPath": "rust",
"Tag": "rust/azure_storage_blob_1e5e3b2c6c",
"Tag": "rust/azure_storage_blob_dd4a0a3a13",
"TagPrefix": "rust/azure_storage_blob"
}
62 changes: 55 additions & 7 deletions sdk/storage/azure_storage_blob/src/clients/blob_container_client.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,13 @@ use crate::{
BlobContainerClientBreakLeaseOptions, BlobContainerClientBreakLeaseResult,
BlobContainerClientChangeLeaseOptions, BlobContainerClientChangeLeaseResult,
BlobContainerClientCreateOptions, BlobContainerClientDeleteOptions,
BlobContainerClientFindBlobsByTagsOptions, BlobContainerClientGetAccountInfoOptions,
BlobContainerClientGetAccountInfoResult, BlobContainerClientGetPropertiesOptions,
BlobContainerClientGetPropertiesResult, BlobContainerClientListBlobFlatSegmentOptions,
BlobContainerClientReleaseLeaseOptions, BlobContainerClientReleaseLeaseResult,
BlobContainerClientRenewLeaseOptions, BlobContainerClientRenewLeaseResult,
BlobContainerClientSetMetadataOptions,
BlobContainerClientFindBlobsByTagsOptions, BlobContainerClientGetAccessPolicyOptions,
BlobContainerClientGetAccountInfoOptions, BlobContainerClientGetAccountInfoResult,
BlobContainerClientGetPropertiesOptions, BlobContainerClientGetPropertiesResult,
BlobContainerClientListBlobFlatSegmentOptions, BlobContainerClientReleaseLeaseOptions,
BlobContainerClientReleaseLeaseResult, BlobContainerClientRenewLeaseOptions,
BlobContainerClientRenewLeaseResult, BlobContainerClientSetAccessPolicyOptions,
BlobContainerClientSetMetadataOptions, SignedIdentifiers,
},
models::{FilterBlobSegment, ListBlobsFlatSegmentResponse, StorageErrorCode},
pipeline::StorageHeadersPolicy,
Expand All @@ -25,7 +26,7 @@ use azure_core::{
error::ErrorKind,
http::{
policies::{BearerTokenAuthorizationPolicy, Policy},
NoFormat, Pager, Pipeline, Response, StatusCode, Url, XmlFormat,
NoFormat, Pager, Pipeline, RequestContent, Response, StatusCode, Url, XmlFormat,
},
tracing, Result,
};
Expand Down Expand Up @@ -365,4 +366,51 @@ impl BlobContainerClient {
Err(e) => Err(e),
}
}

/// Sets the permissions for the specified container. The permissions indicate whether blobs in a
/// container may be accessed publicly.
///
/// # Arguments
///
/// * `container_acl` - The access control list for the container. You can create this from a
/// [`HashMap<String, AccessPolicy>`] using [`SignedIdentifiers::from()`] and then wrapping it into a RequestContent.
/// * `options` - Optional configuration for the request.
///
/// # Example
///
/// ```rust, ignore
/// use azure_core::http::RequestContent;
/// use azure_storage_blob::{format_storage_datetime, models::{AccessPolicy, SignedIdentifiers}};
/// use typespec_client_core::time::OffsetDateTime;
///
/// let mut policies = HashMap::new();
/// policies.insert("some_policy_id".to_string(), AccessPolicy {
/// start: Some(format_storage_datetime(OffsetDateTime::now_utc())?),
/// expiry: Some(format_storage_datetime(OffsetDateTime::now_utc() + Duration::from_secs(10))?),
/// permission: Some("rwd".to_string()),
/// });
///
/// let request_content = RequestContent::try_from(SignedIdentifiers::from(policies))?;
/// container_client.set_access_policy(request_content, None).await?;
/// ```
pub async fn set_access_policy(
&self,
container_acl: RequestContent<SignedIdentifiers, XmlFormat>,
options: Option<BlobContainerClientSetAccessPolicyOptions<'_>>,
) -> Result<Response<(), NoFormat>> {
self.client.set_access_policy(container_acl, options).await
}

/// Gets the permissions for the specified container. The permissions indicate whether container data
/// may be accessed publicly.
///
/// # Arguments
///
/// * `options` - Optional configuration for the request.
pub async fn get_access_policy(
&self,
options: Option<BlobContainerClientGetAccessPolicyOptions<'_>>,
) -> Result<Response<SignedIdentifiers, XmlFormat>> {
self.client.get_access_policy(options).await
}
}
63 changes: 15 additions & 48 deletions sdk/storage/azure_storage_blob/src/generated/clients/blob_container_client.rs
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading