[SERVER-64100] Prohibit encrypted fields and json schema with encrypted fields in create collection Created: 01/Mar/22  Updated: 29/Oct/23  Resolved: 28/Mar/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 6.0.0-rc0

Type: Task Priority: Major - P3
Reporter: Mark Benvenuto Assignee: Shreyas Kalyan
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Security 2022-03-21, Security 2022-04-04
Participants:

 Description   

To reduce scope, it is difficult to verify if a user has specified encryptedField and JSON schema for the same field in createCollection. We also do not want users to have FLE 1 deterministic and FLE 2 in the same collection. As a result, we are going to block users from using them at the same time.

In DatabaseImpl::userCreateNS,if collectionOptions.encryptedFieldConfig.has_value(), remove MatchExpressionParser::AllowedFeatures::kEncryptKeywords from allowedFeatures in MatchExpressionParser::parse.
See https://github.com/mongodb/mongo/blob/cd92f1325982f82314e0cbb08ced8d254198a7b2/src/mongo/db/catalog/database_impl.cpp#L1069



 Comments   
Comment by Githook User [ 25/Mar/22 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-64100 Prohibit encrypted fields and json schema with encrypted fields in create collection
Branch: master
https://github.com/mongodb/mongo/commit/69efe52da64e312e10abfa70ba7ed0602f14e20f

Comment by Githook User [ 25/Mar/22 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-64100 Prohibit encrypted fields and json schema with encrypted fields in create collection
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/cd345f1b2ff71ac77d51619f06ce6217b8a26b5c

Generated at Thu Feb 08 05:59:30 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.