[SERVER-69288] Disallow mixing tenantIds within transactions Created: 31/Aug/22  Updated: 15/Nov/23  Resolved: 09/Nov/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Hugh Tong (Inactive) Assignee: Backlog - Service Architecture
Resolution: Won't Do Votes: 0
Labels: ntdi_nice_to_have
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to SERVER-83101 Complete TODO listed in SERVER-69288 Closed
Assigned Teams:
Service Arch
Participants:

 Description   

A transaction should result from a single session with a single tenant.  Currently, we don't perform any enforcement at the oplog entry level to prevent mixing tenantIds in a transaction.  Enforcing this would mean that the top-level tenantId in the oplog entry should also match the tenantIds in all operations in the applyOps array.  However, this is also used as a method of testing for tenantIds in transactions in unit tests, which will need to be modified to either detect this or accommodate this.



 Comments   
Comment by Githook User [ 15/Nov/23 ]

Author:

{'name': 'Didier Nadeau', 'email': 'didier.nadeau@mongodb.com', 'username': 'nadeaudi'}

Message: SERVER-83101 Remove todo for SERVER-69288
Branch: master
https://github.com/mongodb/mongo/commit/3e64abf05bef76af33107eaf6c0bc5d726e92003

Comment by Sophia Tan [ 30/Mar/23 ]

I think mongod need not perform any enforcement at any layer (either command process level or oplog entry level) to prevent mixing tenantids in a transaction.

We should trust the AtlasProxy always inject the right tenant id into requests which includes non-transaction operations and transaction operations. For a tenant user, one transaction is related to the single tenant only. The AtlasProxy should ensure it. 

For a cloud super user, the cloud client should not doing operations cross multiple tenants within one transaction. The cloud client should ensure it.

We are going to close this ticket. janna.golden@mongodb.com Would you please point us to someone of serverless cloud team for double check before closing it? 

Generated at Thu Feb 08 06:13:05 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.