Welcome!

Linux Authors: Esmeralda Swartz, Elizabeth White, Roger Strukhoff, Lori MacVittie, Trevor Parsons

Blog Feed Post

Azure CLI Day 27 – mobile table create with permissions

bash-azure

In my previous post (http://thinkfirstcodelater.com/blog/?p=3261) I showed you how to create a table in a SQL database for a Windows Azure Mobile Service using the cross platform command line tools. In this post I’ll show you how to create a table and assign operation specific permissions.

Once again, just a reminder that I’m using the command line tools on a MacBook Air with OSX (Mountain Lion) installed, and I’m using Google Chrome as my default browser. However, the experience should be identical on Windows and Linux as well.

Open an instance of your command line (Terminal, Bash, Command Prompt, etc.) and type the following:

azure mobile table create -h

Screen Shot 2013-09-22 at 4.58.10 PM

This should look familiar as its the same command we used in the previous post to create a table. In this exercise we’re going to take a look at the -p or –permissions option. This option allows you to assign operation specific permissions to a table. To assign a permission you simply need to provide the name of the operation along with permission. The available operations are:

  • insert
  • read
  • update
  • delete

The available permissions are:

  • user: Only authenticated users are permitted access to the requested resources. Server-side code can be used to further restrict access to tables based on an authenticated user.
  • public: Any request is accepted. This option leaves the specific resource wide-open for everyone to access.
  • application: The application key is required to access the requested resource.
  • admin: The service master key is required to access the requested resources. This limits access to code running on the service and administrator accounts, which includes the Windows Azure management portal.

When you create a table and do not specify permissions, the application permission is applies to all operations. It is important to note that the operation and permission names are case sensitive.

For this exercise, we’re going to create a new table named “BlogPost” and assign the following permissions to it:

  • Anyone can read data from the table.
  • Only authenticated users can insert and update data in the table.
  • Only administrators can delete data from the table.

Enter the following into your CLI, substituting where appropriate:

azure mobile table create -p “insert=user,update=user,delete=admin,read=public” “[YOUR WINDOWS AZURE MOBILE SERVICE]” “BlogPost”

In my case I entered the following:

azure mobile table create -p “insert=user,update=user,delete=admin,read=public” “zumo101″ “BlogPost”

Screen Shot 2013-09-22 at 5.16.09 PM

Once the command completes you can verify the permissions by doing the following:

  1. Open your Internet browser and navigate to the Windows Azure management portal (https://manage.windowsazure.com).
  2. Navigate to your Mobile Service’s dashboard.
  3. Click the DATA link.
  4. Click the BlogPost link to get to the table you just created.
  5. Click the PERMISSIONS link.

Screen Shot 2013-09-22 at 5.21.09 PM

That’s it. In the next post I’ll show you how to list the SQL database tables associated with a Windows Azure Mobile Service.

Did you know you can try Windows Azure for free for 30 days? Just go to http://aka.ms/thecloud and sign up.

Read the original blog entry...

More Stories By Adam Grocholski

Hey there! My name is Adam Grocholski, and I'm a Technical Evangelist at Microsoft where I spend time focusing on Windows, Windows Phone, and Windows Azure. I live in the frozen tundra of Minnesota and run thinkfirstcodelater.com. You can also follow me on twitter at @codel8r.