diff --git a/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainer.cs b/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainer.cs index fe01c70630..8c7d8d5211 100644 --- a/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainer.cs +++ b/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainer.cs @@ -109,14 +109,13 @@ public abstract Task> RewrapDataEncryp /// /// Returns an iterator that can be iterated to get properties of data encryption keys. /// - /// (Optional) Starting value of the range (inclusive) of ids of data encryption keys for which properties needs to be returned. - /// (Optional) Ending value of the range (inclusive) of ids of data encryption keys for which properties needs to be returned. - /// Whether the results should be returned sorted in descending order of id. + /// The cosmos SQL query text. /// (Optional) The continuation token in the Azure Cosmos DB service. /// (Optional) The options for the request. Set to restrict the number of results returned. + /// The type of object to query. /// An iterator over data encryption keys. /// - /// This create the type feed iterator for containers with queryDefinition as input. + /// This creates the type feed iterator for containers with query text as input. /// /// resultSet = this.cosmosDatabase.GetDataEncryptionKeyQueryIterator(); @@ -138,6 +137,41 @@ public abstract FeedIterator GetDataEncryptionKeyQueryIterator( string continuationToken = null, QueryRequestOptions requestOptions = null); + /// + /// Returns an iterator that can be iterated to get properties of data encryption keys. + /// + /// The Cosmos SQL query definition. + /// (Optional) The continuation token in the Azure Cosmos DB service. + /// (Optional) The options for the request. Set to restrict the number of results returned. + /// The type of object to query. + /// An iterator over data encryption keys. + /// + /// This creates the type feed iterator for containers with queryDefinition as input. + /// The example is to get all the DataEncryptionKeyProperties that have id in the range ["DEK_005", "DEK_015"]. + /// + /// = @startId and c.id <= @endId") + /// .WithParameter("@startId", "DEK_005") + /// .WithParameter("@endId", "DEK_015"); + /// FeedIterator resultSet = this.cosmosDatabase.GetDataEncryptionKeyQueryIterator(queryDefinition); + /// while (feedIterator.HasMoreResults) + /// { + /// foreach (DataEncryptionKeyProperties properties in await feedIterator.ReadNextAsync()) + /// { + /// Console.WriteLine(properties.Id); + /// } + /// } + /// ]]> + /// + /// + /// + /// is recommended for single data encryption key look-up. + /// + public abstract FeedIterator GetDataEncryptionKeyQueryIterator( + QueryDefinition queryDefinition, + string continuationToken = null, + QueryRequestOptions requestOptions = null); + /// /// Reads the properties of a data encryption key from the Azure Cosmos service as an asynchronous operation. /// diff --git a/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerCore.cs b/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerCore.cs index ac71b3eea6..1726dcf4b0 100644 --- a/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerCore.cs +++ b/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerCore.cs @@ -28,6 +28,14 @@ public override FeedIterator GetDataEncryptionKeyQueryIterator( return this.DekProvider.Container.GetItemQueryIterator(queryText, continuationToken, requestOptions); } + public override FeedIterator GetDataEncryptionKeyQueryIterator( + QueryDefinition queryDefinition, + string continuationToken = null, + QueryRequestOptions requestOptions = null) + { + return this.DekProvider.Container.GetItemQueryIterator(queryDefinition, continuationToken, requestOptions); + } + public override async Task> CreateDataEncryptionKeyAsync( string id, string encryptionAlgorithm, diff --git a/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerInlineCore.cs b/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerInlineCore.cs index 7d2be770bc..0a571f8412 100644 --- a/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerInlineCore.cs +++ b/Microsoft.Azure.Cosmos.Encryption/src/DataEncryptionKeyContainerInlineCore.cs @@ -33,6 +33,17 @@ public override FeedIterator GetDataEncryptionKeyQueryIterator( requestOptions); } + public override FeedIterator GetDataEncryptionKeyQueryIterator( + QueryDefinition queryDefinition, + string continuationToken = null, + QueryRequestOptions requestOptions = null) + { + return this.dataEncryptionKeyContainerCore.GetDataEncryptionKeyQueryIterator( + queryDefinition, + continuationToken, + requestOptions); + } + public override Task> CreateDataEncryptionKeyAsync( string id, string encryptionAlgorithm, diff --git a/Microsoft.Azure.Cosmos.Encryption/tests/EmulatorTests/EncryptionTests.cs b/Microsoft.Azure.Cosmos.Encryption/tests/EmulatorTests/EncryptionTests.cs index 8b0a749f3a..a5375209b3 100644 --- a/Microsoft.Azure.Cosmos.Encryption/tests/EmulatorTests/EncryptionTests.cs +++ b/Microsoft.Azure.Cosmos.Encryption/tests/EmulatorTests/EncryptionTests.cs @@ -465,12 +465,16 @@ await EncryptionTests.IterateDekFeedAsync( "SELECT TOP 1 * from c where c.id >= 'Contoso_v000' and c.id <= 'Contoso_v999' ORDER BY c.id DESC"); // Ensure only required results are returned + QueryDefinition queryDefinition = new QueryDefinition("SELECT * from c where c.id >= @startId and c.id <= @endId ORDER BY c.id ASC") + .WithParameter("@startId", "Contoso_v000") + .WithParameter("@endId", "Contoso_v999"); await EncryptionTests.IterateDekFeedAsync( dekProvider, new List { contosoV1, contosoV2 }, isExpectedDeksCompleteSetForRequest: true, isResultOrderExpected: true, - "SELECT * from c where c.id >= 'Contoso_v000' and c.id <= 'Contoso_v999' ORDER BY c.id ASC"); + query: null, + queryDefinition: queryDefinition); // Test pagination await EncryptionTests.IterateDekFeedAsync( @@ -1231,7 +1235,8 @@ private static async Task IterateDekFeedAsync( bool isExpectedDeksCompleteSetForRequest, bool isResultOrderExpected, string query, - int? itemCountInPage = null) + int? itemCountInPage = null, + QueryDefinition queryDefinition = null) { int remainingItemCount = expectedDekIds.Count; QueryRequestOptions requestOptions = null; @@ -1243,10 +1248,20 @@ private static async Task IterateDekFeedAsync( }; } - FeedIterator dekIterator = dekProvider.DataEncryptionKeyContainer - .GetDataEncryptionKeyQueryIterator( + FeedIterator dekIterator; + + if (queryDefinition != null) + { + dekIterator = dekProvider.DataEncryptionKeyContainer.GetDataEncryptionKeyQueryIterator( + queryDefinition, + requestOptions: requestOptions); + } + else + { + dekIterator = dekProvider.DataEncryptionKeyContainer.GetDataEncryptionKeyQueryIterator( query, requestOptions: requestOptions); + } Assert.IsTrue(dekIterator.HasMoreResults); diff --git a/Microsoft.Azure.Cosmos.Encryption/tests/Microsoft.Azure.Cosmos.Encryption.Tests/Contracts/DotNetSDKEncryptionAPI.json b/Microsoft.Azure.Cosmos.Encryption/tests/Microsoft.Azure.Cosmos.Encryption.Tests/Contracts/DotNetSDKEncryptionAPI.json index 1d38c29797..d33b38ec0e 100644 --- a/Microsoft.Azure.Cosmos.Encryption/tests/Microsoft.Azure.Cosmos.Encryption.Tests/Contracts/DotNetSDKEncryptionAPI.json +++ b/Microsoft.Azure.Cosmos.Encryption/tests/Microsoft.Azure.Cosmos.Encryption.Tests/Contracts/DotNetSDKEncryptionAPI.json @@ -196,6 +196,11 @@ "DataEncryptionKeyContainer": { "Subclasses": {}, "Members": { + "Microsoft.Azure.Cosmos.FeedIterator`1[T] GetDataEncryptionKeyQueryIterator[T](Microsoft.Azure.Cosmos.QueryDefinition, System.String, Microsoft.Azure.Cosmos.QueryRequestOptions)": { + "Type": "Method", + "Attributes": [], + "MethodInfo": "Microsoft.Azure.Cosmos.FeedIterator`1[T] GetDataEncryptionKeyQueryIterator[T](Microsoft.Azure.Cosmos.QueryDefinition, System.String, Microsoft.Azure.Cosmos.QueryRequestOptions)" + }, "Microsoft.Azure.Cosmos.FeedIterator`1[T] GetDataEncryptionKeyQueryIterator[T](System.String, System.String, Microsoft.Azure.Cosmos.QueryRequestOptions)": { "Type": "Method", "Attributes": [],