Azure-sdk-for-net: [FEATURE REQ] Consider a method for moving files that change ACL to match default values of parent directory

Created on 4 Jun 2020  Â·  5Comments  Â·  Source: Azure/azure-sdk-for-net

Library or service name.
Azure.Storage.Files.DataLake

I would like to move a file between directories or file systems that automatically sets ACL to that of the values specified by the default ACL of the destination.

Current options seem to be:

  1. Use DataLakeFileClient.RenameAsync then use DataLakeDirectoryClient.GetAccessControlAsync to get parent's ACL then use DataLakeFileClient.SetAccessControlListAsync

  2. Download file to MemoryStream using DataLakeFileClient.ReadAsync then upload to a new file using DataLakeFileClient.AppendAsync.

Option 1 requires heightened permissions than option 2 and option 2 is less efficient than option 1.

Better options may be:

  1. Create a DataLakeFileClient.MoveAsync (or DataLakeFileSystemClient.MoveAysnc) method that works similarly to RenameAsync but sets ACL to those of the parent's default ACL (and change owner and group would occur if new file was created), similarly to if a new file was created

  2. Add a parameter to DataLakeFileClient.RenameAsync that allows the resetting of the file's ACL

  3. Follow Microsoft.Azure.Storage.Blob v11 lead with a StartCopy method.

Pointing out obvious errors in my reasoning is welcomed. Thanks for your consideration and thank you for this great library.

Client Data Lake Storage Gen2 Service Attention Storage customer-reported needs-team-attention question
Source
picture bryanrcarlson

All 5 comments

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @sumantmehtams.

msftbot[bot] picture msftbot[bot] on 4 Jun 2020
👍1

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @xgithubtriage.

msftbot[bot] picture msftbot[bot] on 2 Sep 2020

Hi,

Sorry for the late reply.

For your "Better options" 1 & 2, it's not possible to implement this because the REST API does not have a parameter that allows us to set the ACLs of a file when renaming it

https://docs.microsoft.com/en-us/rest/api/storageservices/datalakestoragegen2/path/create

For "Better options" 3, I'm not sure what you mean by StartCopy. StartCopy applies to Blobs not DataLake. Even then, there's no parameter that allows us to pass ACLs to set.

Please let me know if there's any way we can help you with is if my answer is insufficient.

amnguye picture amnguye on 4 Sep 2020

Hello -- thanks for the reply.

Not being familiar with the REST API, but it looks like you can target paths parent ACLs with REST, rename blob to target path with REST, and change ACLs of renamed blob? A feature could wrap these calls into a single function? Or something similar - I'm sure engineers can come up with a better solution.

For "better options" 3, I was just suggesting a similar implementation for DataLake that is implemented in Blobs. That is, not using StarCopy directly but instead using it as inspiration.

These are all suggestions, anyway. I understand you have governance and technical constraints I'm not even aware of.

Thanks for listening.

bryanrcarlson picture bryanrcarlson on 4 Sep 2020

Hi,

Let me know if I'm incorrect in what you're saying. Is your ask is to create a convenience method that calls the following methods in these steps.

  1. Calls Rename on the DataLake file
  2. Call GetAccessControlList on the destination folder holding the DataLake FIle
  3. Calls SetAccessControlList on the newly renamed DataLake File
    (Which means that this method would make three calls to storage)

As for the StartCopy suggestion, I don't think that would resolve your request, as you would most likely would have to call Delete on the source blob afterwards. You would also have to create the destination blob. Also since StartCopy is a blob API and not a datalake API, I don't think it would be wise to call StartCopy on a DataLake File. (Also this would take a total of 2 calls instead of 1).

I'm not sure if this is a convenience method we want to support (also naming it Move doesn't seem to encompass what the method would do). If there's more of ask for a convenience method like this, I will reopen this issue/feature request.

Thanks for your input! Please let us know if you have any other suggestions or issues.

amnguye picture amnguye on 4 Sep 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

shahabhijeet picture shahabhijeet  Â·  3Comments
deenairn picture deenairn  Â·  3Comments
JoeBrockhaus picture JoeBrockhaus  Â·  4Comments
AliGuemues picture AliGuemues  Â·  3Comments
tomgallard picture tomgallard  Â·  3Comments