获取 Azure Data Lake Gen2 (ACL) 的特定用户权限

Question

I am working with Azure Functions, and I would like to know how I can see the permissions of a user for a certain directory or file.

To get the info of ACL I am following the next documentation: https://docs.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-directory-file-acl-python (For the conexion I have used Connect by using an account key option)

I am able to get the next information:

{
    'accept_ranges': None,
    'cache_control': None,
    'content_disposition': None,
    'content_encoding': None,
    'content_language': None,
    'content_length': None,
    'content_range': None,
    'content_type': None,
    'content_md5': None,
    'date': datetime.datetime(XXXXX),
    'etag': '"4545454545"',
    'last_modified': datetime.datetime(XXXXX),
    'request_id': 'XXXXX',
    'version': '2019-02-02',
    'resource_type': None,
    'properties': None,
    'owner': '123',
    'group': '123',
    'permissions': 'rwxr-x---',
    'acl': 'user: : rwx,
    group: : r-x,
    other: : ---',
    'lease_duration': None,
    'lease_state': None,
    'lease_status': None,
    'error_code': None
}

This returns generic information, but what I would like to know is how can I get permission information for a specific user. I know how can I get user id or thr user's group id, but not how to relate to ACL.

Maybe I need to use an API?

Thanks beforehand!

Answer 1

Based on your result, you haven't given permissions to a user.

So you need follow this screenshot to give the permissions.

Then you could use the code to get its ACL.

acl_props = directory_client.get_access_control()

print(acl_props['acl'])

It should be like this:

user::rwx,
user:256xxxx6-019b-479c-a71f-d5axxxx93143:r-x,
group::r-x,
mask::r-x,
other::---

We can find that the second line is the ACL for the user allenwu1.

Then you could use str.index('user:{user id}:') to get its position. Then you can get the next three characters, which is the user's ACL.