[SERVER-13057] Writes throw sometimes in shell (authz error) Created: 05/Mar/14 Updated: 11/Jul/16 Resolved: 19/Mar/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Shell, Write Ops |
| Affects Version/s: | None |
| Fix Version/s: | 2.6.0-rc2 |
| Type: | Bug | Priority: | Critical - P2 |
| Reporter: | Andreas Nilsson | Assignee: | Greg Studer |
| Resolution: | Done | Votes: | 0 |
| Labels: | 26qa, bulk_api | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
||||
| Issue Links: |
|
||||
| Backwards Compatibility: | Major Change | ||||
| Operating System: | ALL | ||||
| Steps To Reproduce: |
or
|
||||
| Participants: | |||||
| Description |
|
An authz error for a batch in a bulk operation will make the whole batch fail and throw an exception if using write commands. The expected behavior is to report the error correctly and finish execution as is done for write or writeConcern errors. Problem number 2 is that unordered operations behaves like ordered and not all permitted actions are actually being executed. In the example below we do the following with permissions to do insert but not remove.
but only the two first inserts are being acknowledged. Please note that this only occurs if the shell is run in --write-mode commands or equivalently smoke.py is invoked with --use-write-commands. The actual shell error is
Note: Previously users were required to call getLastError to check and there was no exception generated. In most other languages this is not the same behavior because getLastError was not suggested since writes took a write-concern (either via a default set at the client/db/collection level). |
| Comments |
| Comment by Githook User [ 18/Mar/14 ] | ||
|
Author: {u'username': u'gregstuder', u'name': u'Greg Studer', u'email': u'greg@10gen.com'}Message: | ||
| Comment by Githook User [ 18/Mar/14 ] | ||
|
Author: {u'username': u'gregstuder', u'name': u'Greg Studer', u'email': u'greg@10gen.com'}Message: | ||
| Comment by Greg Studer [ 10/Mar/14 ] | ||
|
Discussed - think the agreed behavior change was that insert/update/delete should only throw when getLastError would not return a value. The bulk api throws typed objects. | ||
| Comment by Scott Hernandez (Inactive) [ 07/Mar/14 ] | ||
|
Greg, parking with you while you think about it, and until we can come to a conclusion about changes. | ||
| Comment by Scott Hernandez (Inactive) [ 05/Mar/14 ] | ||
|
This is backwards breaking for scripts, which is not good. | ||
| Comment by Andreas Nilsson [ 05/Mar/14 ] | ||
|
The issue is actually more generic then described above. A simple insert or remove will use the bulk write API and hence throw an exception if the authz check fails. In the enclosed JS file adding:
will exhibit the same behavior. |