[SERVER-82279] listDatabases with unsigned security token with expectPrefix:true returns global databases along side tenant databases. Created: 17/Oct/23 Updated: 30/Jan/24 Resolved: 16/Jan/24 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 7.3.0-rc0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Sophia Tan | Assignee: | Dominic Hernandez |
| Resolution: | Fixed | Votes: | 1 |
| Labels: | ntdi_must_have | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||
| Assigned Teams: |
Service Arch
|
||||||||||||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||||||||||||
| Operating System: | ALL | ||||||||||||||||||||||||||||
| Steps To Reproduce: | buildscripts/resmoke.py run multitenancy_with_atlas_proxy_basic_commands.js |
||||||||||||||||||||||||||||
| Sprint: | Service Arch 2023-12-25, Service Arch 2024-01-08, Service Arch 2024-01-22 | ||||||||||||||||||||||||||||
| Participants: | |||||||||||||||||||||||||||||
| Linked BF Score: | 35 | ||||||||||||||||||||||||||||
| Description |
|
If listDatabase is called on a connection with an unsigned security token where expectPrefix:true, it will return the tenants databases, along with all of the global databases. If we set expectPrefix:false, we get the expected outcome of only listing the tenants databases. So this bug occurs only when expectPrefix is set to true in the security token. When calling listDatabase with expectPrefix set to true or false, it should only return tenant databases if a unsigned security token is set. global databases should not be returned when a tenantId is present in security token. |
| Comments |
| Comment by Githook User [ 16/Jan/24 ] |
|
Author: {'name': 'Dominic', 'email': 'dominic.hernandez@mongodb.com', 'username': 'dom-hernandez'}Message: GitOrigin-RevId: c063bc006c16d706ac2bd862e2410e399fefd8df |