[SERVER-50311] Test field-level encryption with Versioned API Created: 14/Aug/20 Updated: 31/Aug/20 Resolved: 31/Aug/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Replication |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | A. Jesse Jiryu Davis | Assignee: | A. Jesse Jiryu Davis |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Sprint: | Repl 2020-09-07 |
| Participants: |
| Description |
|
Commands that the mongo shell or a driver send through the Field Level Encryption Proxy to mongod/mongos must preserve the shell's or driver's API version parameters (apiVersion, apiStrict, apiDeprecationErrors). If mongod's or mongos's "requireApiVersion" parameter is set to true and the client is configured with apiVersion: "1", the client should work. |
| Comments |
| Comment by A. Jesse Jiryu Davis [ 31/Aug/20 ] |
|
After a brief look at the mongo shell code, I think there's no relationship between API parameters and field-level encryption, and there's nothing to test. I'll make sure the drivers team is aware of the need to test with a driver. |
| Comment by A. Jesse Jiryu Davis [ 14/Aug/20 ] |
|
Good to know, we'll have to test the mongo shell, at least one driver, and probably mongosh. |
| Comment by Mark Benvenuto [ 14/Aug/20 ] |
|
What about commands sent to mongocryptd by a driver? The shell never talks to mongocryptd, it simply uses the query analyzer code internally. MongoSH will have to talk to mongocryptd though. |