[SERVER-82279] listDatabases with unsigned security token with expectPrefix:true returns global databases along side tenant databases. Created: 17/Oct/23  Updated: 30/Jan/24  Resolved: 16/Jan/24

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.3.0-rc0

Type: Bug Priority: Major - P3
Reporter: Sophia Tan Assignee: Dominic Hernandez
Resolution: Fixed Votes: 1
Labels: ntdi_must_have
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Fix
Gantt Dependency
has to be done after SERVER-84690 Exclude testing aggregation stage $li... Closed
Problem/Incident
Related
related to SERVER-74910 Create concurrency test suite that ru... Closed
related to SERVER-84312 Complete TODO listed in SERVER-82279 Closed
Assigned Teams:
Service Arch
Backwards Compatibility: Fully Compatible
Operating System: ALL
Steps To Reproduce:

buildscripts/resmoke.py run multitenancy_with_atlas_proxy_basic_commands.js

Sprint: Service Arch 2023-12-25, Service Arch 2024-01-08, Service Arch 2024-01-22
Participants:
Linked BF Score: 35

 Description   

If listDatabase is called on a connection with an unsigned security token where expectPrefix:true, it will return the tenants databases, along with all of the global databases. 

If we set expectPrefix:false, we get the expected outcome of only listing the tenants databases. So this bug occurs only when expectPrefix is set to true in the security token.

When calling listDatabase with expectPrefix set to true or false, it should only return tenant databases if a unsigned security token is set. global databases should not be returned when a tenantId is present in security token.



 Comments   
Comment by Githook User [ 16/Jan/24 ]

Author:

{'name': 'Dominic', 'email': 'dominic.hernandez@mongodb.com', 'username': 'dom-hernandez'}

Message: SERVER-82279: listDatabases with unsigned security token with expectPrefix:true returns global databases along side tenant databases. (#17853)

GitOrigin-RevId: c063bc006c16d706ac2bd862e2410e399fefd8df
Branch: master
https://github.com/mongodb/mongo/commit/4672aef660652d63da9e590b15cb7d9d65b98ed0

Generated at Thu Feb 08 06:48:46 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.