Loading content onto Azure Static Web App from Azure File Share, managing user access permissions

Question

My project requirement is to use Azure File Share. The overall current architecture is:

• Static Web App - Vue.JS application for users to manage their personal files
• File Share - hosts user files

The problem:

• When creating SAS key for Azure File Share you cannot restrict user access to particular directory. You can scope access to file or entire file share, but not folder. Write only permission would allow users to write anywhere in file share.
• FileREST is not meant for displaying static content on web site, e.g. pictures/videos.

Potential solution (1) - Middleware service:

• Introduce a service that sits between Web App and File Share to manage user permissions and file access.

When user wants to get access to their folder in File Share, they first hit service to get their access key/token. When user wants to read/upload files, users include access key/token.

Potential solution (2) - Blob Storage to Azure File Share synchronization

• Introduce Azure Blob Storage, each client gets their own container.
• Each client gets access only to their specific container.
• Azure Function triggers when file is uploaded/deleted/modified and copies over the changes to File Share.

Question

Which one of these approaches seem to be on the correct side? Is there a better way of doing this?

Answer 1

Second would be the easist if you are planning to implement. Bacause for every customer can have their seperate container. That also give advantge to each customer to do not conflict of files name between them and if one conatainer goes interrupt so it won't face challange for other users , On Container level also you can define scope for that users as well.

Introduce a service that sits between Web App and File Share to manage user permissions and file access.

Involving agent/service between two service that will lead into the slow processing.