From 9b915eb78dc0f3ecd2ef0ae135c467c8dcdc138d Mon Sep 17 00:00:00 2001 From: tg-msft Date: Tue, 17 Oct 2023 17:36:31 -0700 Subject: [PATCH 1/3] Adding basic [CallerShouldAudit] support and initial annotations of Storage and Tables. --- .../src/Shared/CallerShouldAuditAttribute.cs | 25 +++++++++++++++++++ .../src/Azure.Storage.Blobs.csproj | 3 ++- .../Azure.Storage.Blobs/src/BlobBaseClient.cs | 3 ++- .../src/BlobContainerClient.cs | 6 +++-- .../src/BlobServiceClient.cs | 7 ++++++ .../src/Sas/BlobSasBuilder.cs | 3 +++ .../src/Azure.Storage.Common.csproj | 1 + .../src/Sas/AccountSasBuilder.cs | 2 ++ .../src/Azure.Storage.Files.DataLake.csproj | 1 + .../src/DataLakeDirectoryClient.cs | 6 +++++ .../src/DataLakeFileClient.cs | 4 +++ .../src/DataLakeFileSystemClient.cs | 4 +++ .../src/DataLakePathClient.cs | 14 ++++++++++- .../src/DataLakeServiceClient.cs | 6 +++++ .../src/Sas/DataLakeSasBuilder.cs | 3 +++ .../src/Azure.Storage.Files.Shares.csproj | 3 ++- .../src/Sas/ShareSasBuilder.cs | 2 ++ .../src/ShareClient.cs | 10 ++++++-- .../src/ShareDirectoryClient.cs | 2 ++ .../src/ShareFileClient.cs | 2 ++ .../src/ShareServiceClient.cs | 4 +++ .../src/Azure.Storage.Queues.csproj | 1 + .../Azure.Storage.Queues/src/QueueClient.cs | 2 ++ .../src/QueueServiceClient.cs | 4 +++ .../src/Sas/QueueSasBuilder.cs | 2 ++ .../src/Azure.Data.Tables.csproj | 7 +++--- .../src/Sas/TableAccountSasBuilder.cs | 2 ++ .../src/Sas/TableSasBuilder.cs | 2 ++ .../Azure.Data.Tables/src/TableClient.cs | 4 +++ .../src/TableServiceClient.cs | 4 +++ 30 files changed, 127 insertions(+), 12 deletions(-) create mode 100644 sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs diff --git a/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs b/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs new file mode 100644 index 000000000000..593d89b88a23 --- /dev/null +++ b/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs @@ -0,0 +1,25 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System; + +namespace Azure.Core +{ + /// + /// Decorates an operation whose invocation should potentially be audited + /// by Azure service implementations. Auditing could be recommended + /// because the operation changes critical service state, creates delegated + /// access to a resource, affects data retention, etc. It's a best guess + /// from the service team that the operation should be audited to mitigate + /// any potential future issues. + /// + [AttributeUsage(AttributeTargets.Method)] + internal class CallerShouldAuditAttribute : Attribute + { + /// + /// Gets or sets a description or link to the rationale for potentially + /// auditing this operation. + /// + public string? Reason { get; set; } + } +} diff --git a/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj b/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj index f25e8b33ebed..80afbc2b0327 100644 --- a/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj +++ b/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj @@ -35,12 +35,13 @@ - + + diff --git a/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs b/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs index 6eab5e874f60..68c3cb70c0e8 100644 --- a/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs +++ b/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs @@ -4,7 +4,6 @@ using System; using System.ComponentModel; using System.IO; -using System.Runtime.CompilerServices; using System.Threading; using System.Threading.Tasks; using Azure.Core; @@ -6556,6 +6555,7 @@ private async Task> SetLegalHoldInternal( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual Uri GenerateSasUri(BlobSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new BlobSasBuilder(permissions, expiresOn) { @@ -6589,6 +6589,7 @@ public virtual Uri GenerateSasUri(BlobSasPermissions permissions, DateTimeOffset /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual Uri GenerateSasUri(BlobSasBuilder builder) { if (builder == null) diff --git a/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs b/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs index 1b8b5e27da5e..31c82c953867 100644 --- a/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs +++ b/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs @@ -6,7 +6,6 @@ using System.ComponentModel; using System.IO; using System.Linq; -using System.Net; using System.Threading; using System.Threading.Tasks; using Azure.Core; @@ -15,7 +14,6 @@ using Azure.Storage.Blobs.Specialized; using Azure.Storage.Cryptography; using Azure.Storage.Sas; -using Azure.Storage.Shared; using Metadata = System.Collections.Generic.IDictionary; #pragma warning disable SA1402 // File may only contain a single type @@ -2204,6 +2202,7 @@ private async Task> GetAccessPolicyInternal( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual Response SetAccessPolicy( PublicAccessType accessType = PublicAccessType.None, IEnumerable permissions = default, @@ -2259,6 +2258,7 @@ public virtual Response SetAccessPolicy( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual async Task> SetAccessPolicyAsync( PublicAccessType accessType = PublicAccessType.None, IEnumerable permissions = default, @@ -3574,6 +3574,7 @@ internal async Task> FindBlobsByTagsInternal( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual Uri GenerateSasUri(BlobContainerSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new BlobSasBuilder(permissions, expiresOn) { BlobContainerName = Name }); @@ -3599,6 +3600,7 @@ public virtual Uri GenerateSasUri(BlobContainerSasPermissions permissions, DateT /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual Uri GenerateSasUri(BlobSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs b/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs index 6f41d5d209ec..d453503c4faf 100644 --- a/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs +++ b/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs @@ -13,6 +13,7 @@ using Azure.Storage.Blobs.Models; using Azure.Storage.Cryptography; using Azure.Storage.Sas; +using static System.Net.WebRequestMethods; using Metadata = System.Collections.Generic.IDictionary; namespace Azure.Storage.Blobs @@ -1179,6 +1180,7 @@ private async Task> GetPropertiesInternal( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual Response SetProperties( BlobServiceProperties properties, CancellationToken cancellationToken = default) => @@ -1213,6 +1215,7 @@ public virtual Response SetProperties( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual async Task SetPropertiesAsync( BlobServiceProperties properties, CancellationToken cancellationToken = default) => @@ -1460,6 +1463,7 @@ private async Task> GetStatisticsInternal( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual Response GetUserDelegationKey( DateTimeOffset? startsOn, DateTimeOffset expiresOn, @@ -1496,6 +1500,7 @@ public virtual Response GetUserDelegationKey( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public virtual async Task> GetUserDelegationKeyAsync( DateTimeOffset? startsOn, DateTimeOffset expiresOn, @@ -2362,6 +2367,7 @@ internal async Task> FindBlobsByTagsInternal( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public Uri GenerateAccountSasUri( AccountSasPermissions permissions, DateTimeOffset expiresOn, @@ -2394,6 +2400,7 @@ public Uri GenerateAccountSasUri( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public Uri GenerateAccountSasUri(AccountSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs b/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs index 239dce00c19d..34727cb0f4e3 100644 --- a/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs +++ b/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs @@ -6,6 +6,7 @@ using System.ComponentModel; using System.Security.Cryptography; using System.Text; +using Azure.Core; using Azure.Storage.Blobs; using Azure.Storage.Blobs.Models; @@ -337,6 +338,7 @@ public void SetPermissions(string rawPermissions) /// The used for authenticating /// requests. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); @@ -401,6 +403,7 @@ public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sh /// /// The used for authenticating requests. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public BlobSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName) { userDelegationKey = userDelegationKey ?? throw Errors.ArgumentNull(nameof(userDelegationKey)); diff --git a/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj b/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj index 0dfb8eee1cb9..f923a5d85493 100644 --- a/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj +++ b/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj @@ -25,6 +25,7 @@ + diff --git a/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs b/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs index e5c00a7705a2..481e2b33ec1c 100644 --- a/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs +++ b/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using System.ComponentModel; using System.Text; +using Azure.Core; namespace Azure.Storage.Sas { @@ -190,6 +191,7 @@ public void SetPermissions(string rawPermissions) /// The used for authenticating /// requests. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-common")] public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { // https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj b/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj index 03442a266b62..69ccde968cb4 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj @@ -31,6 +31,7 @@ + diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs index 3b5a2da29b8c..5d4a78aeba60 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs @@ -1442,6 +1442,7 @@ public override async Task> GetAccessControlAsync( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override Response SetAccessControlList( IList accessControlList, string owner = default, @@ -1506,6 +1507,7 @@ public override Response SetAccessControlList( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override async Task> SetAccessControlListAsync( IList accessControlList, string owner = default, @@ -1573,6 +1575,7 @@ public override async Task> SetAccessControlListAsync( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override Response SetPermissions( PathPermissions permissions = default, string owner = default, @@ -1637,6 +1640,7 @@ public override Response SetPermissions( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override async Task> SetPermissionsAsync( PathPermissions permissions = default, string owner = default, @@ -2948,6 +2952,7 @@ public virtual AsyncPageable GetPathsAsync( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new DataLakeSasBuilder(permissions, expiresOn) { @@ -2979,6 +2984,7 @@ public override Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeO /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override Uri GenerateSasUri(DataLakeSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs index 0692f48a220e..9007f66d3b75 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs @@ -1431,6 +1431,7 @@ public override async Task> GetAccessControlAsync( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override Response SetAccessControlList( IList accessControlList, string owner = default, @@ -1495,6 +1496,7 @@ public override Response SetAccessControlList( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override async Task> SetAccessControlListAsync( IList accessControlList, string owner = default, @@ -1562,6 +1564,7 @@ public override async Task> SetAccessControlListAsync( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override Response SetPermissions( PathPermissions permissions, string owner = default, @@ -1626,6 +1629,7 @@ public override Response SetPermissions( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public override async Task> SetPermissionsAsync( PathPermissions permissions, string owner = default, diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs index 8eb41cb20c2e..60c0a3142682 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs @@ -2906,6 +2906,7 @@ public virtual async Task> GetAccessPolicyAsync /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response SetAccessPolicy( Models.PublicAccessType accessType = Models.PublicAccessType.None, IEnumerable permissions = default, @@ -2985,6 +2986,7 @@ public virtual Response SetAccessPolicy( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task> SetAccessPolicyAsync( Models.PublicAccessType accessType = Models.PublicAccessType.None, IEnumerable permissions = default, @@ -3179,6 +3181,7 @@ public virtual async Task> SetAccessPolicyAsync( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Uri GenerateSasUri(DataLakeFileSystemSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new DataLakeSasBuilder(permissions, expiresOn) { FileSystemName = Name }); @@ -3205,6 +3208,7 @@ public virtual Uri GenerateSasUri(DataLakeFileSystemSasPermissions permissions, /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Uri GenerateSasUri( DataLakeSasBuilder builder) { diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs index 2c13895de7e5..db1991ddaf7a 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs @@ -1313,7 +1313,7 @@ public virtual Response CreateIfNotExists( umask: options?.AccessOptions?.Umask, owner: options?.AccessOptions?.Owner, group: options?.AccessOptions?.Group, - accessControlList: options?.AccessOptions?.AccessControlList, + SetAccessControlListrolList: options?.AccessOptions?.AccessControlList, leaseId: options?.LeaseId, leaseDuration: options?.LeaseDuration, timeToExpire: options?.ScheduleDeletionOptions?.TimeToExpire, @@ -2569,6 +2569,7 @@ private async Task> GetAccessControlInternal( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response SetAccessControlList( IList accessControlList, string owner = default, @@ -2619,6 +2620,7 @@ public virtual Response SetAccessControlList( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task> SetAccessControlListAsync( IList accessControlList, string owner = default, @@ -2776,6 +2778,7 @@ private async Task> SetAccessControlListInternal( /// Otherwise if a failure occurs outside the request, the respective /// type will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response SetAccessControlRecursive( IList accessControlList, string continuationToken = default, @@ -2823,6 +2826,7 @@ public virtual Response SetAccessControlRecursive( /// Otherwise if a failure occurs outside the request, the respective /// type will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task> SetAccessControlRecursiveAsync( IList accessControlList, string continuationToken = default, @@ -2870,6 +2874,7 @@ public virtual async Task> SetAccessControlR /// Otherwise if a failure occurs outside the request, the respective /// type will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response UpdateAccessControlRecursive( IList accessControlList, string continuationToken = default, @@ -2917,6 +2922,7 @@ public virtual Response UpdateAccessControlRecursive( /// Otherwise if a failure occurs outside the request, the respective /// type will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task> UpdateAccessControlRecursiveAsync( IList accessControlList, string continuationToken = default, @@ -2964,6 +2970,7 @@ public virtual async Task> UpdateAccessContr /// Otherwise if a failure occurs outside the request, the respective /// type will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response RemoveAccessControlRecursive( IList accessControlList, string continuationToken = default, @@ -3011,6 +3018,7 @@ public virtual Response RemoveAccessControlRecursive( /// Otherwise if a failure occurs outside the request, the respective /// type will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task> RemoveAccessControlRecursiveAsync( IList accessControlList, string continuationToken = default, @@ -3272,6 +3280,7 @@ private async Task> SetAccessControlRecursiv /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response SetPermissions( PathPermissions permissions, string owner = default, @@ -3322,6 +3331,7 @@ public virtual Response SetPermissions( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task> SetPermissionsAsync( PathPermissions permissions, string owner = default, @@ -3828,6 +3838,7 @@ public virtual async Task> SetMetadataAsync( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new DataLakeSasBuilder(permissions, expiresOn) { @@ -3858,6 +3869,7 @@ public virtual Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeOf /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Uri GenerateSasUri(DataLakeSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs index 7400878b0051..0bf300e05880 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs @@ -479,6 +479,7 @@ public virtual DataLakeFileSystemClient GetFileSystemClient(string fileSystemNam /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response GetUserDelegationKey( DateTimeOffset? startsOn, DateTimeOffset expiresOn, @@ -535,6 +536,7 @@ public virtual Response GetUserDelegationKey( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task> GetUserDelegationKeyAsync( DateTimeOffset? startsOn, DateTimeOffset expiresOn, @@ -1386,6 +1388,7 @@ public virtual async Task> UndeleteFileSystem /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public Uri GenerateAccountSasUri( AccountSasPermissions permissions, DateTimeOffset expiresOn, @@ -1418,6 +1421,7 @@ public Uri GenerateAccountSasUri( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public Uri GenerateAccountSasUri( AccountSasBuilder builder) { @@ -1552,6 +1556,7 @@ public virtual async Task> GetPropertiesAsyn /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual Response SetProperties( DataLakeServiceProperties properties, CancellationToken cancellationToken = default) @@ -1600,6 +1605,7 @@ public virtual Response SetProperties( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public virtual async Task SetPropertiesAsync( DataLakeServiceProperties properties, CancellationToken cancellationToken = default) diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs index f1d4cb60edd2..7b053ca9388b 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs @@ -6,6 +6,7 @@ using System.ComponentModel; using System.Security.Cryptography; using System.Text; +using Azure.Core; using Azure.Storage.Files.DataLake; using Azure.Storage.Files.DataLake.Models; @@ -354,6 +355,7 @@ public void SetPermissions(string rawPermissions) /// The used for authenticating /// requests. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); @@ -419,6 +421,7 @@ public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredentia /// /// The used for authenticating requests. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")] public DataLakeSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName) { userDelegationKey = userDelegationKey ?? throw Errors.ArgumentNull(nameof(userDelegationKey)); diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj b/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj index 0bd5dadc4117..8766dcd7425e 100644 --- a/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj +++ b/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj @@ -30,10 +30,11 @@ + + - diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs b/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs index c64fa2b38119..cfecb1220d20 100644 --- a/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs +++ b/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using System.ComponentModel; using System.Text; +using Azure.Core; using Azure.Storage.Files.Shares; namespace Azure.Storage.Sas @@ -280,6 +281,7 @@ public void SetPermissions(string rawPermissions) /// /// The used for authenticating requests. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs index 8d3406e9bf24..3d60e907b988 100644 --- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs +++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs @@ -2686,6 +2686,7 @@ private async Task>> GetAccessPolicy /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Response SetAccessPolicy( IEnumerable permissions, ShareFileRequestConditions conditions = default, @@ -2726,6 +2727,7 @@ public virtual Response SetAccessPolicy( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual async Task> SetAccessPolicyAsync( IEnumerable permissions, ShareFileRequestConditions conditions = default, @@ -2763,7 +2765,7 @@ await SetAccessPolicyInternal( /// a failure occurs. /// [EditorBrowsable(EditorBrowsableState.Never)] - + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] #pragma warning disable AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken. public virtual Response SetAccessPolicy( #pragma warning restore AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken. @@ -2802,7 +2804,7 @@ public virtual Response SetAccessPolicy( /// a failure occurs. /// [EditorBrowsable(EditorBrowsableState.Never)] - + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] #pragma warning disable AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken. public virtual async Task> SetAccessPolicyAsync( #pragma warning restore AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken. @@ -3218,6 +3220,7 @@ private async Task> GetPermissionInternal( /// /// A with ID of the newly created file permission. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Response CreatePermission( string permission, CancellationToken cancellationToken = default) => @@ -3243,6 +3246,7 @@ public virtual Response CreatePermission( /// /// A with ID of the newly created file permission. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual async Task> CreatePermissionAsync( string permission, CancellationToken cancellationToken = default) => @@ -3500,6 +3504,7 @@ await GetDirectoryClient(directoryName) /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Uri GenerateSasUri(ShareSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new ShareSasBuilder(permissions, expiresOn) { ShareName = Name }); @@ -3525,6 +3530,7 @@ public virtual Uri GenerateSasUri(ShareSasPermissions permissions, DateTimeOffse /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Uri GenerateSasUri(ShareSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs index 4b94f5fddc28..8f65226cedab 100644 --- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs +++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs @@ -3239,6 +3239,7 @@ await GetFileClient(fileName) /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new ShareSasBuilder(permissions, expiresOn) { @@ -3269,6 +3270,7 @@ public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeO /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Uri GenerateSasUri(ShareSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs index c9605b686651..23dc6001bdcb 100644 --- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs +++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs @@ -6587,6 +6587,7 @@ private async Task OpenWriteInternal( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new ShareSasBuilder(permissions, expiresOn) { @@ -6618,6 +6619,7 @@ public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeO /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Uri GenerateSasUri(ShareSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs index 296459388823..ad03d61fd51f 100644 --- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs +++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs @@ -722,6 +722,7 @@ private async Task> GetPropertiesInternal( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual Response SetProperties( ShareServiceProperties properties, CancellationToken cancellationToken = default) => @@ -755,6 +756,7 @@ public virtual Response SetProperties( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public virtual async Task SetPropertiesAsync( ShareServiceProperties properties, CancellationToken cancellationToken = default) => @@ -1399,6 +1401,7 @@ private async Task> UndeleteShareInternal( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public Uri GenerateAccountSasUri( AccountSasPermissions permissions, DateTimeOffset expiresOn, @@ -1433,6 +1436,7 @@ public Uri GenerateAccountSasUri( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")] public Uri GenerateAccountSasUri(AccountSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj b/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj index e088484e088c..723ce16f4d02 100644 --- a/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj +++ b/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj @@ -37,6 +37,7 @@ + diff --git a/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs b/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs index 462e614fd437..3e21453d5258 100644 --- a/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs +++ b/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs @@ -3130,6 +3130,7 @@ private async Task> UpdateMessageInternal( /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")] public virtual Uri GenerateSasUri(QueueSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new QueueSasBuilder(permissions, expiresOn) { QueueName = Name }); @@ -3151,6 +3152,7 @@ public virtual Uri GenerateSasUri(QueueSasPermissions permissions, DateTimeOffse /// /// A will be thrown if a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")] public virtual Uri GenerateSasUri( QueueSasBuilder builder) { diff --git a/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs b/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs index dabe13ca291c..e34cd7902692 100644 --- a/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs +++ b/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs @@ -639,6 +639,7 @@ private async Task> GetPropertiesInternal( /// /// /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")] public virtual Response SetProperties( QueueServiceProperties properties, CancellationToken cancellationToken = default) => @@ -663,6 +664,7 @@ public virtual Response SetProperties( /// /// /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")] public virtual async Task SetPropertiesAsync( QueueServiceProperties properties, CancellationToken cancellationToken = default) => @@ -989,6 +991,7 @@ await GetQueueClient(queueName) /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")] public Uri GenerateAccountSasUri( AccountSasPermissions permissions, DateTimeOffset expiresOn, @@ -1017,6 +1020,7 @@ public Uri GenerateAccountSasUri( /// A will be thrown if /// a failure occurs. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")] public Uri GenerateAccountSasUri(AccountSasBuilder builder) { builder = builder ?? throw Errors.ArgumentNull(nameof(builder)); diff --git a/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs b/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs index 59694bcfb329..90c4a5212c96 100644 --- a/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs +++ b/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using System.ComponentModel; using System.Text; +using Azure.Core; using Azure.Storage.Queues; namespace Azure.Storage.Sas @@ -228,6 +229,7 @@ public void SetPermissions(string rawPermissions) /// The used for authenticating /// requests. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")] public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); diff --git a/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj b/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj index 5dc36d8cb0e3..e1b89edd3bc6 100644 --- a/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj +++ b/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj @@ -16,10 +16,6 @@ - - - - @@ -27,9 +23,12 @@ + + + diff --git a/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs b/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs index 59830b775d09..65bf928c70af 100644 --- a/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs +++ b/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs @@ -161,6 +161,7 @@ public void SetPermissions(string rawPermissions) /// /// An instance of . /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public TableAccountSasQueryParameters ToSasQueryParameters(TableSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); @@ -208,6 +209,7 @@ public TableAccountSasQueryParameters ToSasQueryParameters(TableSharedKeyCredent /// /// A URL encoded query string representing the SAS. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public string Sign(TableSharedKeyCredential sharedKeyCredential) => ToSasQueryParameters(sharedKeyCredential).ToString(); diff --git a/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs b/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs index 9086fba7318e..b7295911abe1 100644 --- a/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs +++ b/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs @@ -185,6 +185,7 @@ public void SetPermissions(string rawPermissions) /// /// An instance of . /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public TableSasQueryParameters ToSasQueryParameters(TableSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); @@ -239,6 +240,7 @@ public TableSasQueryParameters ToSasQueryParameters(TableSharedKeyCredential sha /// /// A URL encoded query string representing the SAS. /// + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public string Sign(TableSharedKeyCredential sharedKeyCredential) => ToSasQueryParameters(sharedKeyCredential).ToString(); diff --git a/sdk/tables/Azure.Data.Tables/src/TableClient.cs b/sdk/tables/Azure.Data.Tables/src/TableClient.cs index f57725d0c331..e82d787c93b1 100644 --- a/sdk/tables/Azure.Data.Tables/src/TableClient.cs +++ b/sdk/tables/Azure.Data.Tables/src/TableClient.cs @@ -1407,6 +1407,7 @@ public virtual Response> GetAccessPolicies( /// the access policies for the table. /// A controlling the request lifetime. /// The server returned an error. See for details returned from the server. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual async Task SetAccessPolicyAsync(IEnumerable tableAcl, CancellationToken cancellationToken = default) { using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableClient)}.{nameof(SetAccessPolicy)}"); @@ -1426,6 +1427,7 @@ public virtual async Task SetAccessPolicyAsync(IEnumerable the access policies for the table. /// A controlling the request lifetime. /// The server returned an error. See for details returned from the server. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual Response SetAccessPolicy(IEnumerable tableAcl, CancellationToken cancellationToken = default) { using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableClient)}.{nameof(SetAccessPolicy)}"); @@ -1510,6 +1512,7 @@ public virtual Response> SubmitTransaction( /// /// A on successfully deleting. /// An will be thrown if a failure occurs. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual Uri GenerateSasUri(TableSasPermissions permissions, DateTimeOffset expiresOn) => GenerateSasUri(new TableSasBuilder(Name, permissions, expiresOn) { TableName = Name }); @@ -1525,6 +1528,7 @@ public virtual Uri GenerateSasUri(TableSasPermissions permissions, DateTimeOffse /// Used to generate a Shared Access Signature (SAS). /// A on successfully deleting. /// An will be thrown if a failure occurs. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual Uri GenerateSasUri( TableSasBuilder builder) { diff --git a/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs b/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs index 2948d58b2d43..740991fcc2ec 100644 --- a/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs +++ b/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs @@ -808,6 +808,7 @@ public virtual async Task DeleteTableAsync(string tableName, Cancellat /// The Table Service properties. /// A controlling the request lifetime. /// The indicating the result of the operation. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual Response SetProperties(TableServiceProperties properties, CancellationToken cancellationToken = default) { using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableServiceClient)}.{nameof(SetProperties)}"); @@ -828,6 +829,7 @@ public virtual Response SetProperties(TableServiceProperties properties, Cancell /// The Table Service properties. /// A controlling the request lifetime. /// The indicating the result of the operation. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual async Task SetPropertiesAsync(TableServiceProperties properties, CancellationToken cancellationToken = default) { using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableServiceClient)}.{nameof(SetProperties)}"); @@ -942,6 +944,7 @@ public virtual Response GetStatistics(CancellationToken /// /// A on successfully deleting. /// An will be thrown if a failure occurs. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual Uri GenerateSasUri(TableAccountSasPermissions permissions, TableAccountSasResourceTypes resourceTypes, DateTimeOffset expiresOn) => GenerateSasUri(new TableAccountSasBuilder(permissions, resourceTypes, expiresOn)); @@ -957,6 +960,7 @@ public virtual Uri GenerateSasUri(TableAccountSasPermissions permissions, TableA /// Used to generate a Shared Access Signature (SAS). /// A on successfully deleting. /// An will be thrown if a failure occurs. + [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")] public virtual Uri GenerateSasUri( TableAccountSasBuilder builder) { From a3b1e55305688d64ff91bc0fc21fa239ed370fcc Mon Sep 17 00:00:00 2001 From: tg-msft Date: Tue, 17 Oct 2023 18:05:34 -0700 Subject: [PATCH 2/3] Fixing up a few slips of the keyboard. --- sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs | 1 - .../Azure.Storage.Files.DataLake/src/DataLakePathClient.cs | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs b/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs index d453503c4faf..23edd6ac8fdc 100644 --- a/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs +++ b/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs @@ -13,7 +13,6 @@ using Azure.Storage.Blobs.Models; using Azure.Storage.Cryptography; using Azure.Storage.Sas; -using static System.Net.WebRequestMethods; using Metadata = System.Collections.Generic.IDictionary; namespace Azure.Storage.Blobs diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs index db1991ddaf7a..6581fe459007 100644 --- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs +++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs @@ -1313,7 +1313,7 @@ public virtual Response CreateIfNotExists( umask: options?.AccessOptions?.Umask, owner: options?.AccessOptions?.Owner, group: options?.AccessOptions?.Group, - SetAccessControlListrolList: options?.AccessOptions?.AccessControlList, + accessControlList: options?.AccessOptions?.AccessControlList, leaseId: options?.LeaseId, leaseDuration: options?.LeaseDuration, timeToExpire: options?.ScheduleDeletionOptions?.TimeToExpire, From d83909aff2529259f9381af4b986bfd072345c79 Mon Sep 17 00:00:00 2001 From: tg-msft Date: Tue, 17 Oct 2023 18:15:49 -0700 Subject: [PATCH 3/3] Adding a missing #nullable enable --- sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs b/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs index 593d89b88a23..c9455203a6c7 100644 --- a/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs +++ b/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs @@ -3,6 +3,8 @@ using System; +#nullable enable + namespace Azure.Core { ///