/** * Parses the given comma separated traffic sources to bypass and convert them to list. * * @param bypass comma separated traffic sources to bypass. * @return the bypass list */ private static Set<String> parseBypass(Bypass bypass) { if (bypass == null) { return new TreeSet<>(); } else { Set<String> bypassSet = new TreeSet<>(); List<String> bypassStrList = Arrays.asList(bypass.toString().split(",")); for (String s : bypassStrList) { s = s.trim().toLowerCase(); if (!s.isEmpty() && !bypassSet.contains(s)) { bypassSet.add(s); } } return bypassSet; } } }
/** * Parses the given comma separated traffic sources to bypass and convert them to list. * * @param bypass comma separated traffic sources to bypass. * @return the bypass list */ private static Set<String> parseBypass(Bypass bypass) { if (bypass == null) { return new TreeSet<>(); } else { Set<String> bypassSet = new TreeSet<>(); List<String> bypassStrList = Arrays.asList(bypass.toString().split(",")); for (String s : bypassStrList) { s = s.trim().toLowerCase(); if (!s.isEmpty() && !bypassSet.contains(s)) { bypassSet.add(s); } } return bypassSet; } } }
/** * Removes the given bypass from the list of bypass configured for the storage account. * * @param bypass access type to which default network access action is not applied. */ private void removeFromBypassList(Bypass bypass) { NetworkRuleSet networkRuleSet = this.getNetworkRuleSetConfig(false); if (networkRuleSet == null) { return; } else { Set<String> bypassSet = parseBypass(networkRuleSet.bypass()); String bypassStr = bypass.toString().toLowerCase(); if (bypassSet.contains(bypassStr)) { bypassSet.remove(bypassStr); } if (bypassSet.isEmpty() && !bypassStr.equalsIgnoreCase(BYPASS_NONE_STR)) { bypassSet.add(BYPASS_NONE_STR); } networkRuleSet.withBypass(Bypass.fromString(StringUtils.join(bypassSet, ", "))); } }
/** * Add the given bypass to the list of bypass configured for the storage account. * * @param bypass access type to which default network access action is not applied. */ private void addToBypassList(Bypass bypass) { NetworkRuleSet networkRuleSet = this.getNetworkRuleSetConfig(true); final String bypassStr = bypass.toString().toLowerCase(); Set<String> bypassSet = parseBypass(networkRuleSet.bypass()); if (bypassStr.equalsIgnoreCase(BYPASS_NONE_STR)) { bypassSet.clear(); bypassSet.add(BYPASS_NONE_STR); } else { if (bypassSet.contains(BYPASS_NONE_STR)) { bypassSet.remove(BYPASS_NONE_STR); } bypassSet.add(bypassStr); } networkRuleSet.withBypass(Bypass.fromString(StringUtils.join(bypassSet, ", "))); }
/** * Add the given bypass to the list of bypass configured for the storage account. * * @param bypass access type to which default network access action is not applied. */ private void addToBypassList(Bypass bypass) { NetworkRuleSet networkRuleSet = this.getNetworkRuleSetConfig(true); final String bypassStr = bypass.toString().toLowerCase(); Set<String> bypassSet = parseBypass(networkRuleSet.bypass()); if (bypassStr.equalsIgnoreCase(BYPASS_NONE_STR)) { bypassSet.clear(); bypassSet.add(BYPASS_NONE_STR); } else { if (bypassSet.contains(BYPASS_NONE_STR)) { bypassSet.remove(BYPASS_NONE_STR); } bypassSet.add(bypassStr); } networkRuleSet.withBypass(Bypass.fromString(StringUtils.join(bypassSet, ", "))); }
/** * Removes the given bypass from the list of bypass configured for the storage account. * * @param bypass access type to which default network access action is not applied. */ private void removeFromBypassList(Bypass bypass) { NetworkRuleSet networkRuleSet = this.getNetworkRuleSetConfig(false); if (networkRuleSet == null) { return; } else { Set<String> bypassSet = parseBypass(networkRuleSet.bypass()); String bypassStr = bypass.toString().toLowerCase(); if (bypassSet.contains(bypassStr)) { bypassSet.remove(bypassStr); } if (bypassSet.isEmpty() && !bypassStr.equalsIgnoreCase(BYPASS_NONE_STR)) { bypassSet.add(BYPASS_NONE_STR); } networkRuleSet.withBypass(Bypass.fromString(StringUtils.join(bypassSet, ", "))); } }
/** * Checks storage log entries can be read from any network. * * @param inner the storage account * @return true if storage log entries can be read from any network, false otherwise */ static boolean canReadLogEntriesFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.LOGGING.toString().toLowerCase()); } return true; }
/** * Checks storage account can be accessed from applications running on azure. * * @param inner the storage account * @return true if storage can be accessed from application running on azure, false otherwise */ static boolean canAccessFromAzureServices(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.AZURE_SERVICES.toString().toLowerCase()); } return true; }
/** * Checks storage log entries can be read from any network. * * @param inner the storage account * @return true if storage log entries can be read from any network, false otherwise */ static boolean canReadLogEntriesFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.LOGGING.toString().toLowerCase()); } return true; }
/** * Checks storage metrics can be read from any network. * * @param inner the storage account * @return true if storage metrics can be read from any network, false otherwise */ static boolean canReadMetricsFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.METRICS.toString().toLowerCase()); } return true; }
/** * Checks storage metrics can be read from any network. * * @param inner the storage account * @return true if storage metrics can be read from any network, false otherwise */ static boolean canReadMetricsFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.METRICS.toString().toLowerCase()); } return true; }
/** * Checks storage account can be accessed from applications running on azure. * * @param inner the storage account * @return true if storage can be accessed from application running on azure, false otherwise */ static boolean canAccessFromAzureServices(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.AZURE_SERVICES.toString().toLowerCase()); } return true; }