From 67a2c582f510e91afdc9609b3779f06a8e04ec69 Mon Sep 17 00:00:00 2001 From: Matias Quaranta Date: Tue, 6 Oct 2020 14:37:11 -0700 Subject: [PATCH] Authorization: Fixes DocumentClientException being thrown on write operations (#1909) When a wrong key is used for a Write operation, the client was throwing a DocumentClientException instead of a CosmosException --- .../src/Resource/Container/ContainerCore.cs | 2 +- .../CosmosPermissionTests.cs | 37 ++++++++++++++++++- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/Microsoft.Azure.Cosmos/src/Resource/Container/ContainerCore.cs b/Microsoft.Azure.Cosmos/src/Resource/Container/ContainerCore.cs index a657beb685..53c77e949e 100644 --- a/Microsoft.Azure.Cosmos/src/Resource/Container/ContainerCore.cs +++ b/Microsoft.Azure.Cosmos/src/Resource/Container/ContainerCore.cs @@ -307,9 +307,9 @@ public override async Task> GetPartitionKeyRangesAsync( /// A containing the for this container. public override async Task GetCachedContainerPropertiesAsync(CancellationToken cancellationToken = default) { - ClientCollectionCache collectionCache = await this.ClientContext.DocumentClient.GetCollectionCacheAsync(); try { + ClientCollectionCache collectionCache = await this.ClientContext.DocumentClient.GetCollectionCacheAsync(); return await collectionCache.ResolveByNameAsync(HttpConstants.Versions.CurrentVersion, this.LinkUri, cancellationToken); } catch (DocumentClientException ex) diff --git a/Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/CosmosPermissionTests.cs b/Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/CosmosPermissionTests.cs index e8e2dfd842..efd00f6907 100644 --- a/Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/CosmosPermissionTests.cs +++ b/Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/CosmosPermissionTests.cs @@ -364,12 +364,47 @@ public async Task EnsureUnauthorized_ThrowsCosmosClientException() // Take the key and change some middle character authKey = authKey.Replace("m", "M"); - CosmosClient cosmosClient = new CosmosClient( + using CosmosClient cosmosClient = new CosmosClient( endpoint, authKey); CosmosException exception = await Assert.ThrowsExceptionAsync(() => cosmosClient.GetContainer("test", "test").ReadItemAsync("test", new PartitionKey("test"))); Assert.AreEqual(HttpStatusCode.Unauthorized, exception.StatusCode); } + + [TestMethod] + public async Task EnsureUnauthorized_Writes_ThrowsCosmosClientException() + { + string authKey = ConfigurationManager.AppSettings["MasterKey"]; + string endpoint = ConfigurationManager.AppSettings["GatewayEndpoint"]; + + // Take the key and change some middle character + authKey = authKey.Replace("m", "M"); + + using CosmosClient cosmosClient = new CosmosClient( + endpoint, + authKey); + CosmosException exception = await Assert.ThrowsExceptionAsync(() => cosmosClient.GetContainer("test", "test").CreateItemAsync(new { id = "test" })); + Assert.AreEqual(HttpStatusCode.Unauthorized, exception.StatusCode); + } + + [TestMethod] + public async Task EnsureUnauthorized_Query_ThrowsCosmosClientException() + { + string authKey = ConfigurationManager.AppSettings["MasterKey"]; + string endpoint = ConfigurationManager.AppSettings["GatewayEndpoint"]; + + // Take the key and change some middle character + authKey = authKey.Replace("m", "M"); + + using CosmosClient cosmosClient = new CosmosClient( + endpoint, + authKey); + + using FeedIterator iterator = cosmosClient.GetContainer("test", "test").GetItemQueryIterator("SELECT * FROM c"); + + CosmosException exception = await Assert.ThrowsExceptionAsync(() => iterator.ReadNextAsync()); + Assert.AreEqual(HttpStatusCode.Unauthorized, exception.StatusCode); + } } }