[SERVER-72291] Make RolesInfoCommandArg::parseFromBSON tenant aware Created: 20/Dec/22  Updated: 29/Oct/23  Resolved: 20/Jan/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 6.3.0-rc0

Type: Bug Priority: Major - P3
Reporter: Sophia Tan Assignee: Hugh Tong (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Serverless
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Server Serverless 2023-01-23
Participants:

 Description   

jstests/core/roles_info.js is failed with injected dollar tenant when send the following request:

 { "rolesInfo" : { "role" : "testRoleJSCoreRolesInfo", "db" : "test" } }

To reproduce it, use the command line "buildscripts/resmoke.py run --suite native_tenant_data_isolation_with_dollar_tenant_jscore_passthrough jstests/core/roles_info.js ".

Root cause: The tenant information is dropped off when parsing command parameter with auth::RolesInfoCommandArg::parseFromBSON(commandElement).

To fix it, we should change the auth::RolesInfoCommandArg::parseFromBSON(commandElement) to take in tenant information. Perhaps, the IDL compiler should also be changed to generate the correct call site code for this function.



 Comments   
Comment by Githook User [ 19/Jan/23 ]

Author:

{'name': 'Hugh Tong', 'email': 'hugh.tong@mongodb.com', 'username': 'cortrain'}

Message: SERVER-72291 Make RolesInfoCommandArg::parseFromBSON tenant aware
Branch: master
https://github.com/mongodb/mongo/commit/8f21dc0a2c7a479fa7294b795bd8fc2110f6df7e

Comment by Hugh Tong (Inactive) [ 18/Jan/23 ]

I think it's sufficient to state that we will add the tenantId to objects which maintain a tenantId object (in this case, RoleName and UserName objects), while ignoring other types, as this parsing function is used on a number of different fields with different types.  The value of the tenantId is irrelevant to those types that do not maintain tenantId objects as those fields generally have nothing to do with namespace scopes.  I think the title is fine, and our comments will serve to supplement the description above. 

Comment by Sophia Tan [ 11/Jan/23 ]

I realized it's not accurate to say this issue is caused by `auth::RolesInfoCommandArg::parseFromBSON(commandElement)` which parse command arg without tenant id. Actually, the command arg can be either std::string or RolesInfo object. We should not add the tenant id into string. So, we can keep the `auth::RolesInfoCommandArg::parseFromBSON(commandElement)` as it was and return the parsed command arg without involving tenant id. But, in further steps, when we create RolesInfo based on dbName and the command arg, the tenant id should be added into the RolesInfo object. 

hugh.tong@mongodb.com Would you please help to update the description and the title of this ticket once you find the real root cause and figure out the right way to fix it?

Generated at Thu Feb 08 06:21:22 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.