Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-64100

Prohibit encrypted fields and json schema with encrypted fields in create collection

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 6.0.0-rc0
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None
    • Fully Compatible
    • Security 2022-03-21, Security 2022-04-04

      To reduce scope, it is difficult to verify if a user has specified encryptedField and JSON schema for the same field in createCollection. We also do not want users to have FLE 1 deterministic and FLE 2 in the same collection. As a result, we are going to block users from using them at the same time.

      In DatabaseImpl::userCreateNS,if collectionOptions.encryptedFieldConfig.has_value(), remove MatchExpressionParser::AllowedFeatures::kEncryptKeywords from allowedFeatures in MatchExpressionParser::parse.
      See https://github.com/mongodb/mongo/blob/cd92f1325982f82314e0cbb08ced8d254198a7b2/src/mongo/db/catalog/database_impl.cpp#L1069

            Assignee:
            shreyas.kalyan@mongodb.com Shreyas Kalyan
            Reporter:
            mark.benvenuto@mongodb.com Mark Benvenuto
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: