mongo 2.12.0.rc0 → 2.12.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +2 -1
- data/lib/mongo/client.rb +23 -9
- data/lib/mongo/client_encryption.rb +1 -1
- data/lib/mongo/cluster.rb +6 -2
- data/lib/mongo/crypt/auto_decryption_context.rb +3 -5
- data/lib/mongo/crypt/auto_encrypter.rb +17 -7
- data/lib/mongo/crypt/binding.rb +446 -379
- data/lib/mongo/crypt/context.rb +4 -4
- data/lib/mongo/crypt/encryption_io.rb +16 -10
- data/lib/mongo/crypt/explicit_encrypter.rb +3 -3
- data/lib/mongo/crypt/explicit_encryption_context.rb +1 -1
- data/lib/mongo/crypt/handle.rb +26 -4
- data/lib/mongo/crypt/hooks.rb +1 -1
- data/lib/mongo/database.rb +11 -1
- data/lib/mongo/error/bulk_write_error.rb +16 -14
- data/lib/mongo/error/notable.rb +0 -15
- data/lib/mongo/error/parser.rb +1 -1
- data/lib/mongo/grid/file/info.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_check_out_failed.rb +1 -1
- data/lib/mongo/operation/insert/command.rb +3 -2
- data/lib/mongo/operation/insert/legacy.rb +2 -1
- data/lib/mongo/operation/insert/op_msg.rb +1 -1
- data/lib/mongo/operation/shared/executable.rb +9 -9
- data/lib/mongo/operation/shared/op_msg_or_command.rb +2 -2
- data/lib/mongo/operation/shared/read_preference_supported.rb +68 -19
- data/lib/mongo/operation/shared/response_handling.rb +1 -1
- data/lib/mongo/operation/shared/sessions_supported.rb +44 -3
- data/lib/mongo/protocol/bit_vector.rb +2 -1
- data/lib/mongo/protocol/message.rb +22 -7
- data/lib/mongo/protocol/msg.rb +2 -5
- data/lib/mongo/protocol/serializers.rb +32 -11
- data/lib/mongo/retryable.rb +1 -1
- data/lib/mongo/server/connection.rb +1 -1
- data/lib/mongo/server/connection_base.rb +9 -4
- data/lib/mongo/server/connection_pool/populator.rb +1 -1
- data/lib/mongo/session.rb +1 -1
- data/lib/mongo/srv/monitor.rb +73 -42
- data/lib/mongo/srv/result.rb +0 -1
- data/lib/mongo/uri.rb +1 -1
- data/lib/mongo/uri/srv_protocol.rb +1 -1
- data/lib/mongo/version.rb +1 -1
- data/mongo.gemspec +0 -2
- data/spec/README.md +106 -12
- data/spec/integration/client_construction_spec.rb +29 -5
- data/spec/integration/client_side_encryption/auto_encryption_bulk_writes_spec.rb +6 -4
- data/spec/integration/client_side_encryption/auto_encryption_command_monitoring_spec.rb +19 -17
- data/spec/integration/client_side_encryption/auto_encryption_mongocryptd_spawn_spec.rb +5 -4
- data/spec/integration/client_side_encryption/auto_encryption_old_wire_version_spec.rb +11 -8
- data/spec/integration/client_side_encryption/auto_encryption_reconnect_spec.rb +14 -9
- data/spec/integration/client_side_encryption/auto_encryption_spec.rb +46 -45
- data/spec/integration/client_side_encryption/bson_size_limit_spec.rb +11 -7
- data/spec/integration/client_side_encryption/bypass_mongocryptd_spawn_spec.rb +13 -9
- data/spec/integration/client_side_encryption/client_close_spec.rb +10 -6
- data/spec/integration/client_side_encryption/corpus_spec.rb +19 -14
- data/spec/integration/client_side_encryption/data_key_spec.rb +10 -8
- data/spec/integration/client_side_encryption/external_key_vault_spec.rb +12 -8
- data/spec/integration/client_side_encryption/views_spec.rb +6 -4
- data/spec/integration/client_update_spec.rb +36 -2
- data/spec/integration/crud_spec.rb +89 -0
- data/spec/integration/read_preference_spec.rb +26 -0
- data/spec/integration/srv_monitoring_spec.rb +2 -2
- data/spec/kerberos/kerberos_spec.rb +87 -0
- data/spec/lite_spec_helper.rb +4 -8
- data/spec/mongo/bulk_write/result_spec.rb +11 -7
- data/spec/mongo/client_encryption_spec.rb +3 -6
- data/spec/mongo/crypt/auto_encrypter_spec.rb +8 -3
- data/spec/mongo/crypt/handle_spec.rb +38 -4
- data/spec/mongo/error/bulk_write_error_spec.rb +49 -0
- data/spec/mongo/error/notable_spec.rb +59 -0
- data/spec/mongo/operation/find/legacy_spec.rb +1 -0
- data/spec/mongo/operation/read_preference_legacy_spec.rb +351 -0
- data/spec/mongo/operation/read_preference_op_msg_spec.rb +194 -0
- data/spec/mongo/srv/monitor_spec.rb +88 -69
- data/spec/runners/transactions.rb +5 -7
- data/spec/spec_tests/client_side_encryption_spec.rb +0 -5
- data/spec/spec_tests/data/client_side_encryption/bulk.yml +3 -0
- data/spec/spec_tests/data/client_side_encryption/replaceOne.yml +4 -1
- data/spec/spec_tests/data/client_side_encryption/updateOne.yml +3 -0
- data/spec/support/cluster_tools.rb +6 -1
- data/spec/support/crypt.rb +14 -0
- data/spec/support/lite_constraints.rb +3 -1
- data/spec/support/spec_config.rb +10 -0
- data/spec/support/utils.rb +9 -1
- metadata +15 -14
- metadata.gz.sig +0 -0
- data/lib/mongo/cluster/srv_monitor.rb +0 -127
- data/lib/mongo/srv/warning_result.rb +0 -35
- data/spec/enterprise_auth/kerberos_spec.rb +0 -58
- data/spec/mongo/cluster/srv_monitor_spec.rb +0 -214
- data/spec/mongo/operation/read_preference_spec.rb +0 -245
data/lib/mongo/srv/result.rb
CHANGED
data/lib/mongo/uri.rb
CHANGED
@@ -17,7 +17,7 @@ module Mongo
|
|
17
17
|
class URI
|
18
18
|
|
19
19
|
# Parser for a URI using the mongodb+srv protocol, which specifies a DNS to query for SRV records.
|
20
|
-
# The driver will query the DNS server for SRV records on
|
20
|
+
# The driver will query the DNS server for SRV records on <hostname>.<domainname>,
|
21
21
|
# prefixed with _mongodb._tcp
|
22
22
|
# The SRV records can then be used as the seedlist for a Mongo::Client.
|
23
23
|
# The driver also queries for a TXT record providing default connection string options.
|
data/lib/mongo/version.rb
CHANGED
data/mongo.gemspec
CHANGED
@@ -8,7 +8,6 @@ Gem::Specification.new do |s|
|
|
8
8
|
s.platform = Gem::Platform::RUBY
|
9
9
|
|
10
10
|
s.authors = ['Tyler Brock', 'Emily Stolfo', 'Durran Jordan']
|
11
|
-
s.email = 'mongodb-dev@googlegroups.com'
|
12
11
|
s.homepage = 'https://docs.mongodb.com/ruby-driver/'
|
13
12
|
s.summary = 'Ruby driver for MongoDB'
|
14
13
|
s.description = 'A Ruby driver for MongoDB'
|
@@ -19,7 +18,6 @@ Gem::Specification.new do |s|
|
|
19
18
|
'changelog_uri' => 'https://github.com/mongodb/mongo-ruby-driver/releases',
|
20
19
|
'documentation_uri' => 'https://docs.mongodb.com/ruby-driver/',
|
21
20
|
'homepage_uri' => 'https://docs.mongodb.com/ruby-driver/',
|
22
|
-
'mailing_list_uri' => 'https://groups.google.com/group/mongodb-user',
|
23
21
|
'source_code_uri' => 'https://github.com/mongodb/mongo-ruby-driver',
|
24
22
|
}
|
25
23
|
|
data/spec/README.md
CHANGED
@@ -272,22 +272,72 @@ To run the test suite against such a server, run:
|
|
272
272
|
## Kerberos
|
273
273
|
|
274
274
|
The Kerberos-related functionality is packaged in a separate gem,
|
275
|
-
`mongo_kerberos`.
|
276
|
-
|
277
|
-
provided gemfile as follows:
|
275
|
+
`mongo_kerberos`. To run any of the Kerberos tests, a special gemfile must
|
276
|
+
be used that references `mongo_kerberos`:
|
278
277
|
|
279
278
|
export BUNDLE_GEMFILE=gemfiles/mongo_kerberos.gemfile
|
280
279
|
bundle install
|
281
|
-
|
280
|
+
|
281
|
+
Ensure that BUNDLE_GEMFILE is set in the environment for both the
|
282
|
+
`bundle install` invocation and the `rake` / `rspec` invocation.
|
283
|
+
|
284
|
+
### Unit Tests
|
285
|
+
|
286
|
+
The driver test suite includes a number of Kerberos-related unit tests that
|
287
|
+
are skipped by default. To run them as part of the test suite, set the
|
288
|
+
`MONGO_RUBY_DRIVER_KERBEROS` environment variable to `1`, `yes` or `true`
|
289
|
+
as follows:
|
290
|
+
|
291
|
+
export MONGO_RUBY_DRIVER_KERBEROS=1
|
282
292
|
rake
|
283
293
|
|
284
294
|
Note that running the full test suite requires a MongoDB deployment. It is
|
285
295
|
possible to run just the Kerberos-related unit tests without provisioning a
|
286
|
-
MongoDB deployment; consult
|
287
|
-
full list of relevant test files.
|
296
|
+
MongoDB deployment; consult the `.evergreen/run-tests-kerberos-unit.sh` file
|
297
|
+
for the full list of relevant test files.
|
298
|
+
|
299
|
+
### Integration Tests
|
300
|
+
|
301
|
+
The driver test suite includes a number of Kerberos-related integration tests
|
302
|
+
in the `spec/kerberos` directory. These require a provisioned Kerberos
|
303
|
+
deployment and appropriately configured MongoDB deployment. One such deployment
|
304
|
+
is provided internally by MongoDB and is used in the driver's Evergreen
|
305
|
+
configuration; it is also possible to provision a test deployment locally.
|
306
|
+
|
307
|
+
The following additional environment variables must be set to run the
|
308
|
+
Kerberos integration tests:
|
309
|
+
|
310
|
+
- `MONGO_RUBY_DRIVER_KERBEROS_INTEGRATION=1`
|
311
|
+
- `SASL_HOST`: the host name of the MongoDB server that is configured to
|
312
|
+
use Kerberos. Note that this is NOT the Kerberos domain controller (KDC).
|
313
|
+
- `SASL_PORT`: the port number that the Kerberized MongoDB server is
|
314
|
+
listenin on.
|
315
|
+
- `SASL_USER`: the username to provide to MongoDB for authentication.
|
316
|
+
- `SASL_PASS`: the password to provide to MongoDB for authentication.
|
317
|
+
- `SASL_DB`: the database that stores the user used for authentication. This
|
318
|
+
is the "auth soure" in MongoDB parlance. Normally this should be `$external`.
|
319
|
+
- `PRINCIPAL`: the Kerberos principal to use for authentication, in the
|
320
|
+
form of `username@realm`. Note that the realm is commonly uppercased.
|
321
|
+
- `KERBEROS_DB`: the database that the user has access to.
|
322
|
+
- `KEYTAB_BASE64`: Base64 encoded keytab for the user. Used instead of the
|
323
|
+
password.
|
324
|
+
|
325
|
+
There are several steps that must be taken in order to set up Kerberos on
|
326
|
+
the client side before it is usable by the driver for authentication against
|
327
|
+
a Kerberized server. Consult the `.evergreen/run-tests-kerberos-integration.sh`
|
328
|
+
file for details.
|
288
329
|
|
289
330
|
## Client-Side Encryption
|
290
331
|
|
332
|
+
NOTE: Client-side encryption tests require an enterprise build of MongoDB
|
333
|
+
server version 4.2 or higher. These builds of the MongoDB server come packaged with
|
334
|
+
mongocryptd, a daemon that is spawned by the driver during automatic encryption.
|
335
|
+
The client-side encryption tests require the mongocryptd binary to be in the
|
336
|
+
system path.
|
337
|
+
|
338
|
+
Download enterprise versions of MongoDB here: https://www.mongodb.com/download-center/enterprise
|
339
|
+
Read more about installing mongocryptd here: https://docs.mongodb.com/manual/reference/security-client-side-encryption-appendix/#mongocryptd
|
340
|
+
|
291
341
|
Install libmongocrypt on your machine:
|
292
342
|
|
293
343
|
Option 1: Download a pre-built binary
|
@@ -357,12 +407,6 @@ https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying.html
|
|
357
407
|
|
358
408
|
In one terminal, launch MongoDB:
|
359
409
|
|
360
|
-
NOTE: You must be running MongoDB 4.2 or higher. All auto-encryption features
|
361
|
-
require an enterprise build of MongoDB, but you can still run
|
362
|
-
explicit encryption tests using the community edition of MongoDB.
|
363
|
-
|
364
|
-
Download different versions of MongoDB here: https://www.mongodb.com/download-center/enterprise
|
365
|
-
|
366
410
|
```
|
367
411
|
mkdir /tmp/mdb
|
368
412
|
mongod --dbpath /tmp/mdb --setParameter enableTestCommands=1
|
@@ -374,6 +418,22 @@ environment variable to the full path to the .so/.dll/.dylib
|
|
374
418
|
LIBMONGOCRYPT_PATH=/path/to/your/libmongocrypt/nocrypto/libmongocrypt.so bundle exec rake
|
375
419
|
```
|
376
420
|
|
421
|
+
If you would like to run the client-side encryption tests on a replica set or
|
422
|
+
sharded cluster, be aware that the driver will try to spawn the mongocryptd daemon on
|
423
|
+
port 27020 by default. If port 27020 is already in use by a mongod or mongos
|
424
|
+
process, spawning mongocryptd will fail, causing the tests to fail as well.
|
425
|
+
|
426
|
+
To avoid this problem, set the MONGO_RUBY_DRIVER_MONGOCRYPTD_PORT environment
|
427
|
+
variable to the port at which you would like the driver to spawn mongocryptd.
|
428
|
+
For example, to always have the mongocryptd process listen on port 27090:
|
429
|
+
|
430
|
+
```
|
431
|
+
export MONGO_RUBY_DRIVER_MONGOCRYPTD_PORT=27090
|
432
|
+
```
|
433
|
+
|
434
|
+
Keep in mind that this will only impact the behavior of the Ruby Driver test suite,
|
435
|
+
not the behavior of the driver itself.
|
436
|
+
|
377
437
|
## Compression
|
378
438
|
|
379
439
|
To test compression, set the `compressors` URI option:
|
@@ -487,3 +547,37 @@ with color, use the `-R` option:
|
|
487
547
|
|
488
548
|
rake 2>&1 | tee rake.log
|
489
549
|
less -R rake.log
|
550
|
+
|
551
|
+
## Debugging
|
552
|
+
|
553
|
+
The test suite is configured to use [Byebug](https://github.com/deivid-rodriguez/byebug)
|
554
|
+
for debugging on MRI and [ruby-debug](https://github.com/jruby/jruby/wiki/UsingTheJRubyDebugger)
|
555
|
+
on JRuby.
|
556
|
+
|
557
|
+
### MRI
|
558
|
+
|
559
|
+
Call `byebug` anywhere in the test suite to break into Byebug.
|
560
|
+
|
561
|
+
### JRuby
|
562
|
+
|
563
|
+
To debug on JRuby, the test suite must be started with the `--debug` argument
|
564
|
+
to `jruby`. This can be achieved by starting the test suite as follows:
|
565
|
+
|
566
|
+
jruby --debug -S rspec [rspec args...]
|
567
|
+
|
568
|
+
Call `debugger` anywhere in the test suite to break into the debugger.
|
569
|
+
|
570
|
+
### Docker
|
571
|
+
|
572
|
+
By default, when the test suite is running in a CI environment the debuggers
|
573
|
+
are not loaded. The Docker runner emulates the CI environment, therefore
|
574
|
+
to debug in Docker the debugger must be explicitly loaded first. To break
|
575
|
+
into the debugger on MRI, call:
|
576
|
+
|
577
|
+
require 'byebug'
|
578
|
+
byebug
|
579
|
+
|
580
|
+
To break into the debugger on JRuby, call:
|
581
|
+
|
582
|
+
require 'ruby-debug'
|
583
|
+
debugger
|
@@ -152,16 +152,40 @@ describe 'Client construction' do
|
|
152
152
|
{
|
153
153
|
key_vault_client: key_vault_client,
|
154
154
|
key_vault_namespace: key_vault_namespace,
|
155
|
-
kms_providers: kms_providers
|
155
|
+
kms_providers: kms_providers,
|
156
|
+
# Spawn mongocryptd on non-default port for sharded cluster tests
|
157
|
+
extra_options: extra_options,
|
156
158
|
}
|
157
159
|
end
|
158
160
|
|
159
|
-
|
160
|
-
|
161
|
+
let(:client) do
|
162
|
+
ClientRegistry.instance.new_local_client([SpecConfig.instance.addresses.first], options)
|
163
|
+
end
|
164
|
+
|
165
|
+
context 'with AWS kms providers with empty string credentials' do
|
166
|
+
let(:auto_encryption_options) do
|
167
|
+
{
|
168
|
+
key_vault_namespace: key_vault_namespace,
|
169
|
+
kms_providers: {
|
170
|
+
aws: {
|
171
|
+
access_key_id: '',
|
172
|
+
secret_access_key: '',
|
173
|
+
}
|
174
|
+
},
|
175
|
+
# Spawn mongocryptd on non-default port for sharded cluster tests
|
176
|
+
extra_options: extra_options,
|
177
|
+
}
|
178
|
+
end
|
161
179
|
|
162
|
-
|
163
|
-
|
180
|
+
it 'raises an exception' do
|
181
|
+
expect do
|
182
|
+
client
|
183
|
+
end.to raise_error(ArgumentError, /The aws access_key_id option must be a String with at least one character; it is currently an empty string/)
|
164
184
|
end
|
185
|
+
end
|
186
|
+
|
187
|
+
context 'with default key vault client' do
|
188
|
+
let(:key_vault_client) { nil }
|
165
189
|
|
166
190
|
it 'creates a working key vault client' do
|
167
191
|
key_vault_client = client.encrypter.key_vault_client
|
@@ -18,6 +18,8 @@ describe 'Bulk writes with auto-encryption enabled' do
|
|
18
18
|
kms_providers: kms_providers,
|
19
19
|
key_vault_namespace: key_vault_namespace,
|
20
20
|
schema_map: { "auto_encryption.users" => schema_map },
|
21
|
+
# Spawn mongocryptd on non-default port for sharded cluster tests
|
22
|
+
extra_options: extra_options,
|
21
23
|
},
|
22
24
|
database: 'auto_encryption'
|
23
25
|
),
|
@@ -31,8 +33,8 @@ describe 'Bulk writes with auto-encryption enabled' do
|
|
31
33
|
before do
|
32
34
|
authorized_client.use('auto_encryption')['users'].drop
|
33
35
|
|
34
|
-
|
35
|
-
|
36
|
+
key_vault_collection.drop
|
37
|
+
key_vault_collection.insert_one(data_key)
|
36
38
|
end
|
37
39
|
|
38
40
|
let(:command_succeeded_events) do
|
@@ -49,7 +51,7 @@ describe 'Bulk writes with auto-encryption enabled' do
|
|
49
51
|
end
|
50
52
|
|
51
53
|
it 'executes an encrypted bulk write' do
|
52
|
-
documents = authorized_client.use(
|
54
|
+
documents = authorized_client.use('auto_encryption')['users'].find
|
53
55
|
ssns = documents.map { |doc| doc['ssn'] }
|
54
56
|
expect(ssns).to all(be_ciphertext)
|
55
57
|
end
|
@@ -295,7 +297,7 @@ describe 'Bulk writes with auto-encryption enabled' do
|
|
295
297
|
|
296
298
|
context '#insert_many' do
|
297
299
|
let(:perform_bulk_write) do
|
298
|
-
client[
|
300
|
+
client['users'].insert_many(documents)
|
299
301
|
end
|
300
302
|
|
301
303
|
let(:command_name) { 'insert' }
|
@@ -23,6 +23,8 @@ describe 'Auto Encryption' do
|
|
23
23
|
kms_providers: kms_providers,
|
24
24
|
key_vault_namespace: key_vault_namespace,
|
25
25
|
schema_map: { "auto_encryption.users" => schema_map },
|
26
|
+
# Spawn mongocryptd on non-default port for sharded cluster tests
|
27
|
+
extra_options: extra_options,
|
26
28
|
},
|
27
29
|
database: db_name
|
28
30
|
),
|
@@ -32,11 +34,11 @@ describe 'Auto Encryption' do
|
|
32
34
|
end
|
33
35
|
|
34
36
|
before(:each) do
|
35
|
-
|
36
|
-
|
37
|
+
key_vault_collection.drop
|
38
|
+
key_vault_collection.insert_one(data_key)
|
37
39
|
|
38
|
-
encryption_client[
|
39
|
-
result = encryption_client[
|
40
|
+
encryption_client['users'].drop
|
41
|
+
result = encryption_client['users'].insert_one(ssn: ssn, age: 23)
|
40
42
|
end
|
41
43
|
|
42
44
|
let(:started_event) do
|
@@ -68,7 +70,7 @@ describe 'Auto Encryption' do
|
|
68
70
|
let(:command_name) { 'aggregate' }
|
69
71
|
|
70
72
|
before do
|
71
|
-
encryption_client[
|
73
|
+
encryption_client['users'].aggregate([{ '$match' => { 'ssn' => ssn } }]).first
|
72
74
|
end
|
73
75
|
|
74
76
|
it 'has encrypted data in command monitoring' do
|
@@ -88,7 +90,7 @@ describe 'Auto Encryption' do
|
|
88
90
|
let(:command_name) { 'count' }
|
89
91
|
|
90
92
|
before do
|
91
|
-
encryption_client[
|
93
|
+
encryption_client['users'].count(ssn: ssn)
|
92
94
|
end
|
93
95
|
|
94
96
|
it 'has encrypted data in command monitoring' do
|
@@ -104,7 +106,7 @@ describe 'Auto Encryption' do
|
|
104
106
|
let(:command_name) { 'distinct' }
|
105
107
|
|
106
108
|
before do
|
107
|
-
encryption_client[
|
109
|
+
encryption_client['users'].distinct(:ssn)
|
108
110
|
end
|
109
111
|
|
110
112
|
it 'has encrypted data in command monitoring' do
|
@@ -120,7 +122,7 @@ describe 'Auto Encryption' do
|
|
120
122
|
let(:command_name) { 'delete' }
|
121
123
|
|
122
124
|
before do
|
123
|
-
encryption_client[
|
125
|
+
encryption_client['users'].delete_one(ssn: ssn)
|
124
126
|
end
|
125
127
|
|
126
128
|
it 'has encrypted data in command monitoring' do
|
@@ -136,7 +138,7 @@ describe 'Auto Encryption' do
|
|
136
138
|
let(:command_name) { 'delete' }
|
137
139
|
|
138
140
|
before do
|
139
|
-
encryption_client[
|
141
|
+
encryption_client['users'].delete_many(ssn: ssn)
|
140
142
|
end
|
141
143
|
|
142
144
|
it 'has encrypted data in command monitoring' do
|
@@ -152,7 +154,7 @@ describe 'Auto Encryption' do
|
|
152
154
|
let(:command_name) { 'find' }
|
153
155
|
|
154
156
|
before do
|
155
|
-
encryption_client[
|
157
|
+
encryption_client['users'].find(ssn: ssn).first
|
156
158
|
end
|
157
159
|
|
158
160
|
it 'has encrypted data in command monitoring' do
|
@@ -170,7 +172,7 @@ describe 'Auto Encryption' do
|
|
170
172
|
let(:command_name) { 'findAndModify' }
|
171
173
|
|
172
174
|
before do
|
173
|
-
encryption_client[
|
175
|
+
encryption_client['users'].find_one_and_delete(ssn: ssn)
|
174
176
|
end
|
175
177
|
|
176
178
|
it 'has encrypted data in command monitoring' do
|
@@ -188,7 +190,7 @@ describe 'Auto Encryption' do
|
|
188
190
|
let(:command_name) { 'findAndModify' }
|
189
191
|
|
190
192
|
before do
|
191
|
-
encryption_client[
|
193
|
+
encryption_client['users'].find_one_and_replace(
|
192
194
|
{ ssn: ssn },
|
193
195
|
{ ssn: '555-555-5555' }
|
194
196
|
)
|
@@ -210,7 +212,7 @@ describe 'Auto Encryption' do
|
|
210
212
|
let(:command_name) { 'findAndModify' }
|
211
213
|
|
212
214
|
before do
|
213
|
-
encryption_client[
|
215
|
+
encryption_client['users'].find_one_and_update(
|
214
216
|
{ ssn: ssn },
|
215
217
|
{ ssn: '555-555-5555' }
|
216
218
|
)
|
@@ -233,7 +235,7 @@ describe 'Auto Encryption' do
|
|
233
235
|
let(:command_name) { 'insert' }
|
234
236
|
|
235
237
|
before do
|
236
|
-
encryption_client[
|
238
|
+
encryption_client['users'].insert_one(ssn: ssn)
|
237
239
|
end
|
238
240
|
|
239
241
|
it 'has encrypted data in command monitoring' do
|
@@ -249,7 +251,7 @@ describe 'Auto Encryption' do
|
|
249
251
|
let(:command_name) { 'update' }
|
250
252
|
|
251
253
|
before do
|
252
|
-
encryption_client[
|
254
|
+
encryption_client['users'].replace_one(
|
253
255
|
{ ssn: ssn },
|
254
256
|
{ ssn: '555-555-5555' }
|
255
257
|
)
|
@@ -269,7 +271,7 @@ describe 'Auto Encryption' do
|
|
269
271
|
let(:command_name) { 'update' }
|
270
272
|
|
271
273
|
before do
|
272
|
-
encryption_client[
|
274
|
+
encryption_client['users'].update_one({ ssn: ssn }, { ssn: '555-555-5555' })
|
273
275
|
end
|
274
276
|
|
275
277
|
it 'has encrypted data in command monitoring' do
|
@@ -287,7 +289,7 @@ describe 'Auto Encryption' do
|
|
287
289
|
|
288
290
|
before do
|
289
291
|
# update_many does not support replacement-style updates
|
290
|
-
encryption_client[
|
292
|
+
encryption_client['users'].update_many({ ssn: ssn }, { "$inc" => { :age => 1 } })
|
291
293
|
end
|
292
294
|
|
293
295
|
it 'has encrypted data in command monitoring' do
|
@@ -31,8 +31,8 @@ describe 'Auto Encryption' do
|
|
31
31
|
let(:cluster) { double("Cluster") }
|
32
32
|
|
33
33
|
before do
|
34
|
-
|
35
|
-
|
34
|
+
key_vault_collection.drop
|
35
|
+
key_vault_collection.insert_one(data_key)
|
36
36
|
|
37
37
|
allow(server_selector).to receive(:name)
|
38
38
|
allow(server_selector).to receive(:server_selection_timeout)
|
@@ -54,14 +54,15 @@ describe 'Auto Encryption' do
|
|
54
54
|
'documents' => kind_of(Array),
|
55
55
|
'jsonSchema' => kind_of(Hash),
|
56
56
|
'isRemoteSchema' => false,
|
57
|
-
)
|
57
|
+
),
|
58
|
+
{ execution_options: { deserialize_as_bson: true } },
|
58
59
|
)
|
59
60
|
.and_raise(Mongo::Error::NoServerAvailable.new(server_selector, cluster))
|
60
61
|
end
|
61
62
|
|
62
63
|
it 'raises an exception when trying to perform auto encryption' do
|
63
64
|
expect do
|
64
|
-
client[
|
65
|
+
client['users'].insert_one(ssn: ssn)
|
65
66
|
end.to raise_error(
|
66
67
|
Mongo::Error::MongocryptdSpawnError,
|
67
68
|
/Failed to spawn mongocryptd at the path "echo hello world" with arguments/
|