Storage/STG93 Add UserPrincipalName support for GetAccessControlList

sdk/storage/assets.json

@@ -2,5 +2,5 @@
   "AssetsRepo": "Azure/azure-sdk-assets",
   "AssetsRepoPrefixPath": "cpp",
   "TagPrefix": "cpp/storage",
-  "Tag": "cpp/storage_56979c9851"
+  "Tag": "cpp/storage_96b65030ae"
 }

sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_options.hpp

@@ -787,6 +787,15 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake {
      * Specify the access condition for the path.
      */
     PathAccessConditions AccessConditions;
+
+    /**
+     * Valid only when Hierarchical Namespace is enabled for the account. If "true", the user
+     * identity values returned in the owner and group fields of each list entry will be transformed
+     * from Azure Active Directory Object IDs to User Principal Names. If "false", the values will
+     * be returned as Azure Active Directory Object IDs. The default value is false. Note that group
+     * and application Object IDs are not translated because they do not have unique friendly names.
+     */
+    Nullable<bool> UserPrincipalName;
   };
 
   /**

sdk/storage/azure-storage-files-datalake/src/datalake_path_client.cpp

@@ -421,6 +421,7 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake {
     protocolLayerOptions.IfNoneMatch = options.AccessConditions.IfNoneMatch;
     protocolLayerOptions.IfModifiedSince = options.AccessConditions.IfModifiedSince;
     protocolLayerOptions.IfUnmodifiedSince = options.AccessConditions.IfUnmodifiedSince;
+    protocolLayerOptions.Upn = options.UserPrincipalName;
     auto response = _detail::PathClient::GetAccessControlList(
         *m_pipeline, m_pathUrl, protocolLayerOptions, _internal::WithReplicaStatus(context));
     Azure::Nullable<std::vector<Models::Acl>> acl;

sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp

@@ -522,6 +522,40 @@ namespace Azure { namespace Storage { namespace Test {
     EXPECT_NE(it, acls.end());
   }
 
+  TEST_F(DataLakePathClientTest, GetAccessControlListWithUserPrincipalName)
+  {
+    std::string userPrincipalName = "[email protected]";
+    std::string userObjectId = "72a3f86f-271f-439e-b031-25678907d381";
+    std::vector<Files::DataLake::Models::Acl> acls;
+    Files::DataLake::Models::Acl acl;
+    acl.Type = "user";
+    acl.Id = userObjectId;
+    acl.Permissions = "rwx";
+    acls.emplace_back(acl);
+    m_pathClient->SetAccessControlList(acls);
+    Files::DataLake::GetPathAccessControlListOptions options;
+
+    // UserPrincipalName = true
+    options.UserPrincipalName = true;
+    auto properties = m_pathClient->GetAccessControlList(options).Value;
+    ASSERT_TRUE(!properties.Acls.empty());
+    // Validate that the user principal name is returned
+    acls = properties.Acls;
+    auto it = std::find_if(
+        acls.begin(), acls.end(), [&](const auto& acl) { return acl.Id == userPrincipalName; });
+    EXPECT_NE(it, acls.end());
+
+    // UserPrincipalName = false
+    options.UserPrincipalName = false;
+    properties = m_pathClient->GetAccessControlList(options).Value;
+    ASSERT_TRUE(!properties.Acls.empty());
+    // Validate that the user principal name is returned
+    acls = properties.Acls;
+    it = std::find_if(
+        acls.begin(), acls.end(), [&](const auto& acl) { return acl.Id == userObjectId; });
+    EXPECT_NE(it, acls.end());
+  }
+
   TEST_F(DataLakePathClientTest, Audience)
   {
     auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(