You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary
The AzureStorage class in the django-storages module does not currently support generating signed URLs for uploads due to the hardcoded BlobSasPermissions(read=True) in the url() method. This limitation restricts users from creating SAS tokens with upload permissions.
Environment
django-storages version: All
Steps to Reproduce
Attempt to generate a signed URL for upload using the AzureStorage class.
Observe that the generated URL only has read permissions.
Expected Behavior
Users should be able to generate signed URLs with different permissions, including upload permissions.
Actual Behavior
The url() method only generates URLs with read permissions, as BlobSasPermissions(read=True) is hardcoded.
Proposed Solution
Allow the url() method to accept a mode parameter to specify different permissions. Here is a possible implementation:
diff --git a/storages/backends/azure_storage.py b/storages/backends/azure_storage.py
index 69b0213..435bc9a 100644
--- a/storages/backends/azure_storage.py
+++ b/storages/backends/azure_storage.py
@@ -309,9 +309,10 @@ class AzureStorage(BaseStorage):
# azure expects time in UTC
return datetime.utcnow() + timedelta(seconds=expire)
- def url(self, name, expire=None, parameters=None):
+ def url(self, name, expire=None, parameters=None, mode="r"):
name = self._get_valid_path(name)
params = parameters or {}
+ permission = BlobSasPermissions.from_string(mode)
if expire is None:
expire = self.expiration_secs
@@ -326,7 +327,7 @@ class AzureStorage(BaseStorage):
name,
account_key=self.account_key,
user_delegation_key=user_delegation_key,
- permission=BlobSasPermissions(read=True),
+ permission=permission,
expiry=expiry,
**params,
)
Testing
I have tested this solution in my environment and confirmed that it allows generating signed URLs with different permissions, including upload permissions. Using these generated URLs, I successfully uploaded a file to Azure Storage.
The text was updated successfully, but these errors were encountered:
Summary
The
AzureStorage
class in thedjango-storages
module does not currently support generating signed URLs for uploads due to the hardcodedBlobSasPermissions(read=True)
in theurl()
method. This limitation restricts users from creating SAS tokens with upload permissions.Environment
django-storages version: All
Steps to Reproduce
Attempt to generate a signed URL for upload using the
AzureStorage
class.Observe that the generated URL only has read permissions.
Expected Behavior
Users should be able to generate signed URLs with different permissions, including upload permissions.
Actual Behavior
The
url()
method only generates URLs with read permissions, asBlobSasPermissions(read=True)
is hardcoded.Proposed Solution
Allow the
url()
method to accept amode
parameter to specify different permissions. Here is a possible implementation:Testing
I have tested this solution in my environment and confirmed that it allows generating signed URLs with different permissions, including upload permissions. Using these generated URLs, I successfully uploaded a file to Azure Storage.
The text was updated successfully, but these errors were encountered: