search

microsoft / AzureStorageExplorer

Easily manage the contents of your storage account with Azure Storage Explorer. Upload, download, and manage blobs, files, queues, tables, and Cosmos DB entities. Gain easy access to manage your virtual machine disks. Work with either Azure Resource Manager or classic storage accounts, plus manage and configure cross-origin resource sharing (CORS) rules.
Creative Commons Attribution 4.0 International
377 stars 87 forks source link

There is a failed activity log when clicking 'Play in Browse' in one file share which has the correct RBAC role #8229

Open v-kellyluo opened 1 month ago

v-kellyluo commented 1 month ago

Storage Explorer Version: 1.36.0 (101) Build Number: 20241009.1 Branch: rel/1.36.0 Platform/OS: Windows 10/Windows 11/Linux Ubuntu 22.04/MacOS Sequoia 15.0(Apple M1 Pro) Architecture: x64/arm64/x64/arm64 How Found: Exploratory testing Regression From: Not a regression

Steps to Reproduce

  1. Select one storage account.
  2. Assign RBAC roles 'Storage File Data Privileged Contributor' and 'Reader' to an azure account.
  3. Sign into storage explorer using the azure account.
  4. The storage account displays under the subscription.
  5. Expand the storage account -> File Shares.
  6. Open one file share -> Upload a .mp4 file -> Select the file -> Click 'Play in Browser'.
  7. Check whether succeeds to play the file in browser.

    Expected Experience

    Succeed to play the file in browser.

Actual Experience

There is a failed activity log. Image

Additional Context

  1. This issue also reproduces for other video files.
  2. This issue doesn't reproduce for blob containers.
craxal commented 1 month ago

@v-kellyluo Can you share more information about the error? Is it an access error?

v-kellyluo commented 1 month ago

@craxal , it isn't an access error, I can preview csv/parquet/avro files, only fails to open video files in browser.

  1. Here is the logs: 2024-10-11_022927.zip
  2. Here is the record: Image
craxal commented 3 weeks ago

@richardMSFT First verify if this is really a regression or not with 1.35.0. Then see if you can get any more error information. From there, we can determine if this is worth fixing for 1.36.2.

richardMSFT commented 3 weeks ago

After investigating, seems like this is not a regression. In 1.35.0 file shares could not be accessed with those roles due to credentials not being suitable. In 1.36.0 when trying to play in browser a .mp4 file the error being thrown is that "File Share requires storage account key to generate SAS". So it looks like that File Shares don't support user delegated SAS.

The fix is that we can expose the error in the activity log and this would be a fix that falls under "better UX".