[Storage] Support dfs sas encryptionscope (Azure#19814)

* Upgrade to new storage dataplane SDK

* [Storage] Support dfs sas encryptionscope

* Update DependencyAnalyzer.cs (#21)

Co-authored-by: Dingmeng Xue <[email protected]>

Author: blueww

src/Storage/Storage.Management.Test/Storage.Management.Test.csproj

@@ -11,10 +11,10 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Azure.Storage.Blobs" Version="12.12.0" />
-    <PackageReference Include="Azure.Storage.Files.DataLake" Version="12.10.0" />
-    <PackageReference Include="Azure.Storage.Files.Shares" Version="12.10.0" />
-    <PackageReference Include="Azure.Storage.Queues" Version="12.10.0" />
+    <PackageReference Include="Azure.Storage.Blobs" Version="12.14.0" />
+    <PackageReference Include="Azure.Storage.Files.DataLake" Version="12.12.0" />
+    <PackageReference Include="Azure.Storage.Files.Shares" Version="12.12.0" />
+    <PackageReference Include="Azure.Storage.Queues" Version="12.12.0" />
   </ItemGroup>
 
   <ItemGroup>

src/Storage/Storage.Management/ChangeLog.md

@@ -18,6 +18,8 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+* Supported generate DataLakeGen2 Sas token with Encryption scope
+    -  `New-AzDataLakeGen2SasToken`
 * Supported blob type conversions in sync blob copy
     - `Copy-AzStorageBlob`
 * Supported create/upgrade storage account with Keyvault from another tenant and access Keyvault with FederatedClientId

src/Storage/Storage.Management/help/New-AzDataLakeGen2SasToken.md

@@ -16,15 +16,15 @@ Generates a SAS token for Azure DatalakeGen2 item.
 ```
 New-AzDataLakeGen2SasToken [-FileSystem] <String> [-Path <String>] [-Permission <String>]
  [-Protocol <SasProtocol>] [-IPAddressOrRange <String>] [-StartTime <DateTimeOffset>]
- [-ExpiryTime <DateTimeOffset>] [-FullUri] [-Context <IStorageContext>]
+ [-ExpiryTime <DateTimeOffset>] [-EncryptionScope <String>] [-FullUri] [-Context <IStorageContext>]
  [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
 ```
 
 ### ItemPipeline
 ```
 New-AzDataLakeGen2SasToken -InputObject <AzureDataLakeGen2Item> [-Permission <String>]
  [-Protocol <SasProtocol>] [-IPAddressOrRange <String>] [-StartTime <DateTimeOffset>]
- [-ExpiryTime <DateTimeOffset>] [-FullUri] [-Context <IStorageContext>]
+ [-ExpiryTime <DateTimeOffset>] [-EncryptionScope <String>] [-FullUri] [-Context <IStorageContext>]
  [-DefaultProfile <IAzureContextContainer>] [<CommonParameters>]
 ```
 
@@ -40,12 +40,12 @@ New-AzDataLakeGen2SasToken -FileSystem "filesystem1" -Path "dir1/dir2" -Permissi
 
 This example generates a DatalakeGen2 SAS token with full permission.
 
-### Example 2: Generate a SAS token with specific StartTime, ExpireTime, Protocal, IPAddressOrRange, by pipeline a datalakegen2 item
+### Example 2: Generate a SAS token with specific StartTime, ExpireTime, Protocal, IPAddressOrRange, Encryption Scope, by pipeline a datalakegen2 item
 ```
-Get-AzDataLakeGen2Item -FileSystem test -Path "testdir/dir2" | New-AzDataLakeGen2SasToken -Permission rw -Protocol Https -IPAddressOrRange 10.0.0.0-12.10.0.0 -StartTime (Get-Date) -ExpiryTime (Get-Date).AddDays(6)
+Get-AzDataLakeGen2Item -FileSystem test -Path "testdir/dir2" | New-AzDataLakeGen2SasToken -Permission rw -Protocol Https -IPAddressOrRange 10.0.0.0-12.10.0.0 -StartTime (Get-Date) -ExpiryTime (Get-Date).AddDays(6) -EncryptionScope scopename
 ```
 
-This example generates a DatalakeGen2 SAS token by pipeline a datalake gen2 item, and with specific StartTime, ExpireTime, Protocal, IPAddressOrRange.
+This example generates a DatalakeGen2 SAS token by pipeline a datalake gen2 item, and with specific StartTime, ExpireTime, Protocal, IPAddressOrRange, Encryption Scope.
 
 ## PARAMETERS
 
@@ -79,6 +79,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -EncryptionScope
+Encryption scope to use when sending requests authorized with this SAS URI.
+
+```yaml
+Type: System.String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -ExpiryTime
 Expiry Time
 

src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2Item.cs

@@ -191,10 +191,18 @@ public override void ExecuteCmdlet()
                     PathHttpHeaders pathHttpHeaders = SetDatalakegen2ItemProperties(dirClient, BlobProperties, setToServer: false);
                     IDictionary<string, string> metadata = SetDatalakegen2ItemMetaData(dirClient, BlobMetadata, setToServer: false);
 
-                    dirClient.Create(pathHttpHeaders, 
-                        metadata, 
-                        this.Permission, 
-                        this.Umask != null ? DataLakeModels.PathPermissions.ParseSymbolicPermissions(this.Umask).ToOctalPermissions() : null);
+                    DataLakePathCreateOptions createOptions = new DataLakePathCreateOptions()
+                    {
+                        HttpHeaders = pathHttpHeaders,
+                        Metadata = metadata,
+                        AccessOptions = new DataLakeAccessOptions()
+                        {
+                            Permissions = this.Permission,
+                            Umask = this.Umask != null ? DataLakeModels.PathPermissions.ParseSymbolicPermissions(this.Umask).ToOctalPermissions() : null
+                        }
+                    };
+
+                    dirClient.Create(createOptions, this.CmdletCancellationToken);
 
                     WriteDataLakeGen2Item(localChannel, dirClient);
                 }

src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2SasToken.cs

@@ -77,6 +77,10 @@ public class NewDataLakeGen2SasTokenCommand : StorageCloudBlobCmdletBase
         [ValidateNotNull]
         public DateTimeOffset? ExpiryTime { get; set; }
 
+        [Parameter(Mandatory = false, HelpMessage = "Encryption scope to use when sending requests authorized with this SAS URI.")]
+        [ValidateNotNullOrEmpty]
+        public string EncryptionScope { get; set; }
+
         [Parameter(Mandatory = false, HelpMessage = "Display full uri with sas token")]
         public SwitchParameter FullUri { get; set; }
 
@@ -170,6 +174,10 @@ public override void ExecuteCmdlet()
             {
                 sasBuilder.Protocol = this.Protocol.Value;
             }
+            if (this.EncryptionScope != null)
+            {
+                sasBuilder.EncryptionScope = this.EncryptionScope;
+            }
 
             DataLakeFileSystemClient fileSystem = GetFileSystemClientByName(localChannel, this.FileSystem);
 

src/Storage/Storage/Storage.csproj

@@ -13,10 +13,10 @@
 
   <ItemGroup>
     <PackageReference Include="Azure.Data.Tables" Version="12.2.0" />
-    <PackageReference Include="Azure.Storage.Blobs" Version="12.12.0" />
-    <PackageReference Include="Azure.Storage.Files.DataLake" Version="12.10.0" />
-    <PackageReference Include="Azure.Storage.Files.Shares" Version="12.10.0" />
-    <PackageReference Include="Azure.Storage.Queues" Version="12.10.0" />
+    <PackageReference Include="Azure.Storage.Blobs" Version="12.14.0" />
+    <PackageReference Include="Azure.Storage.Files.DataLake" Version="12.12.0" />
+    <PackageReference Include="Azure.Storage.Files.Shares" Version="12.12.0" />
+    <PackageReference Include="Azure.Storage.Queues" Version="12.12.0" />
     <PackageReference Include="Microsoft.Azure.Cosmos.Table" Version="1.0.8" />
     <PackageReference Include="System.Security.Permissions" Version="4.5.0" />
     <PackageReference Include="Microsoft.Azure.Storage.Blob" Version="11.2.2" />

tools/StaticAnalysis/DependencyAnalyzer/DependencyAnalyzer.cs

@@ -119,6 +119,7 @@ public class DependencyAnalyzer : IStaticAnalyzer
             "System.Resources.ResourceManager",
             "System.Resources.Writer",
             "System.Runtime",
+            "System.Runtime.CompilerServices.Unsafe",
             "System.Runtime.CompilerServices.VisualC",
             "System.Runtime.Extensions",
             "System.Runtime.Handles",