<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 03:29:17 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-12693] Inserting an invalid doc into new_users and setting authSchemaVersion to 2 makes auth fail after authSchemaUpgrade</title>
                <link>https://jira.mongodb.org/browse/SERVER-12693</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;See &lt;a href=&quot;https://github.com/10gen/QA/blob/master/QA-424/sharded_upgrade_invalid_new_users.js&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/QA/blob/master/QA-424/sharded_upgrade_invalid_new_users.js&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Essentially what this test does is:&lt;/p&gt;

&lt;p&gt;1) Set up a 2.4 sharded cluster with 2 users&lt;br/&gt;
2) Manually insert a bad document into admin.system.new_users&lt;br/&gt;
3) Upgrade to 2.5.x&lt;br/&gt;
4) Set authSchema currentVersion to 2&lt;br/&gt;
5) Run authSchemaUpgrade&lt;/p&gt;

&lt;p&gt;What ends up happening is that the auth schema version is 3, but I&apos;m unable to log in after the upgrade. Any ideas what&apos;s going on here?&lt;/p&gt;</description>
                <environment></environment>
        <key id="110512">SERVER-12693</key>
            <summary>Inserting an invalid doc into new_users and setting authSchemaVersion to 2 makes auth fail after authSchemaUpgrade</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="2">Won&apos;t Fix</resolution>
                                        <assignee username="schwerin@mongodb.com">Andy Schwerin</assignee>
                                    <reporter username="valeri.karpov@mongodb.com">Valeri Karpov</reporter>
                        <labels>
                    </labels>
                <created>Wed, 12 Feb 2014 15:54:23 +0000</created>
                <updated>Wed, 10 Dec 2014 23:15:38 +0000</updated>
                            <resolved>Wed, 26 Feb 2014 21:41:06 +0000</resolved>
                                                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="506008" author="valeri.karpov" created="Wed, 26 Feb 2014 21:36:41 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=schwerin&quot; class=&quot;user-hover&quot; rel=&quot;schwerin&quot;&gt;schwerin&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Sorry it took me so long to get back to you. At a glance, it looks like everything works just fine if you omit step 4 above. I don&apos;t see this as a huge issue because it requires a concerted effort at breaking things, but it may be worth taking a look at.&lt;/p&gt;</comment>
                            <comment id="501888" author="schwerin" created="Wed, 19 Feb 2014 21:39:38 +0000"  >&lt;p&gt;If you&apos;d skipped step 4, &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=valeri.karpov&quot; class=&quot;user-hover&quot; rel=&quot;valeri.karpov&quot;&gt;valeri.karpov&lt;/a&gt;, would you have been able to log in after step 5?&lt;/p&gt;</comment>
                            <comment id="501234" author="spencer" created="Wed, 19 Feb 2014 01:51:07 +0000"  >&lt;p&gt;Assigning to Andy for triage&lt;/p&gt;</comment>
                            <comment id="499630" author="valeri.karpov" created="Fri, 14 Feb 2014 20:43:29 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=schwerin&quot; class=&quot;user-hover&quot; rel=&quot;schwerin&quot;&gt;schwerin&lt;/a&gt; I&apos;m not logging in after setting currentVersion to 2, I&apos;m logging in after running authSchemaUpgrade with the currentVersion set to 2 with invalid new_users. Do you think its worth adding some validation to scrap invalid new_users? Also, perhaps its worth adding some validation to make sure that all criteria for being in authSchemaVersion=2 are met if you&apos;re running an authSchemaUpgradeStep and you see that authSchemaVersion is 2?&lt;/p&gt;</comment>
                            <comment id="497856" author="schwerin" created="Wed, 12 Feb 2014 16:35:01 +0000"  >&lt;p&gt;There&apos;s no validation of documents in &lt;tt&gt;admin.system.new_users&lt;/tt&gt; when transferring them to &lt;tt&gt;admin.system.users&lt;/tt&gt;.&lt;/p&gt;

&lt;p&gt;I&apos;m surprised you were able to log in after you set currentVersion to 2, since when currentVersion is 2, the contents of &lt;tt&gt;new_users&lt;/tt&gt; are used for access control and authentication.&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 12 Feb 2014 16:35:01 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        9 years, 51 weeks ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>ramon.fernandez@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            9 years, 51 weeks ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10000" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Old_Backport</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10000"><![CDATA[No]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10032" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Operating System</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10026"><![CDATA[ALL]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>schwerin@mongodb.com</customfieldvalue>
            <customfieldvalue>spencer@mongodb.com</customfieldvalue>
            <customfieldvalue>valeri.karpov@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hrm1s7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrfmun:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3538</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10750" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Steps To Reproduce</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;See above. Code available at &lt;a href=&quot;https://github.com/10gen/QA/blob/master/QA-424/sharded_upgrade_invalid_new_users.js&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/QA/blob/master/QA-424/sharded_upgrade_invalid_new_users.js&lt;/a&gt;&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hs9yvj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>