mongo 2.12.0.rc0 → 2.12.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +2 -1
- data/lib/mongo/client.rb +23 -9
- data/lib/mongo/client_encryption.rb +1 -1
- data/lib/mongo/cluster.rb +6 -2
- data/lib/mongo/crypt/auto_decryption_context.rb +3 -5
- data/lib/mongo/crypt/auto_encrypter.rb +17 -7
- data/lib/mongo/crypt/binding.rb +446 -379
- data/lib/mongo/crypt/context.rb +4 -4
- data/lib/mongo/crypt/encryption_io.rb +16 -10
- data/lib/mongo/crypt/explicit_encrypter.rb +3 -3
- data/lib/mongo/crypt/explicit_encryption_context.rb +1 -1
- data/lib/mongo/crypt/handle.rb +26 -4
- data/lib/mongo/crypt/hooks.rb +1 -1
- data/lib/mongo/database.rb +11 -1
- data/lib/mongo/error/bulk_write_error.rb +16 -14
- data/lib/mongo/error/notable.rb +0 -15
- data/lib/mongo/error/parser.rb +1 -1
- data/lib/mongo/grid/file/info.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_check_out_failed.rb +1 -1
- data/lib/mongo/operation/insert/command.rb +3 -2
- data/lib/mongo/operation/insert/legacy.rb +2 -1
- data/lib/mongo/operation/insert/op_msg.rb +1 -1
- data/lib/mongo/operation/shared/executable.rb +9 -9
- data/lib/mongo/operation/shared/op_msg_or_command.rb +2 -2
- data/lib/mongo/operation/shared/read_preference_supported.rb +68 -19
- data/lib/mongo/operation/shared/response_handling.rb +1 -1
- data/lib/mongo/operation/shared/sessions_supported.rb +44 -3
- data/lib/mongo/protocol/bit_vector.rb +2 -1
- data/lib/mongo/protocol/message.rb +22 -7
- data/lib/mongo/protocol/msg.rb +2 -5
- data/lib/mongo/protocol/serializers.rb +32 -11
- data/lib/mongo/retryable.rb +1 -1
- data/lib/mongo/server/connection.rb +1 -1
- data/lib/mongo/server/connection_base.rb +9 -4
- data/lib/mongo/server/connection_pool/populator.rb +1 -1
- data/lib/mongo/session.rb +1 -1
- data/lib/mongo/srv/monitor.rb +73 -42
- data/lib/mongo/srv/result.rb +0 -1
- data/lib/mongo/uri.rb +1 -1
- data/lib/mongo/uri/srv_protocol.rb +1 -1
- data/lib/mongo/version.rb +1 -1
- data/mongo.gemspec +0 -2
- data/spec/README.md +106 -12
- data/spec/integration/client_construction_spec.rb +29 -5
- data/spec/integration/client_side_encryption/auto_encryption_bulk_writes_spec.rb +6 -4
- data/spec/integration/client_side_encryption/auto_encryption_command_monitoring_spec.rb +19 -17
- data/spec/integration/client_side_encryption/auto_encryption_mongocryptd_spawn_spec.rb +5 -4
- data/spec/integration/client_side_encryption/auto_encryption_old_wire_version_spec.rb +11 -8
- data/spec/integration/client_side_encryption/auto_encryption_reconnect_spec.rb +14 -9
- data/spec/integration/client_side_encryption/auto_encryption_spec.rb +46 -45
- data/spec/integration/client_side_encryption/bson_size_limit_spec.rb +11 -7
- data/spec/integration/client_side_encryption/bypass_mongocryptd_spawn_spec.rb +13 -9
- data/spec/integration/client_side_encryption/client_close_spec.rb +10 -6
- data/spec/integration/client_side_encryption/corpus_spec.rb +19 -14
- data/spec/integration/client_side_encryption/data_key_spec.rb +10 -8
- data/spec/integration/client_side_encryption/external_key_vault_spec.rb +12 -8
- data/spec/integration/client_side_encryption/views_spec.rb +6 -4
- data/spec/integration/client_update_spec.rb +36 -2
- data/spec/integration/crud_spec.rb +89 -0
- data/spec/integration/read_preference_spec.rb +26 -0
- data/spec/integration/srv_monitoring_spec.rb +2 -2
- data/spec/kerberos/kerberos_spec.rb +87 -0
- data/spec/lite_spec_helper.rb +4 -8
- data/spec/mongo/bulk_write/result_spec.rb +11 -7
- data/spec/mongo/client_encryption_spec.rb +3 -6
- data/spec/mongo/crypt/auto_encrypter_spec.rb +8 -3
- data/spec/mongo/crypt/handle_spec.rb +38 -4
- data/spec/mongo/error/bulk_write_error_spec.rb +49 -0
- data/spec/mongo/error/notable_spec.rb +59 -0
- data/spec/mongo/operation/find/legacy_spec.rb +1 -0
- data/spec/mongo/operation/read_preference_legacy_spec.rb +351 -0
- data/spec/mongo/operation/read_preference_op_msg_spec.rb +194 -0
- data/spec/mongo/srv/monitor_spec.rb +88 -69
- data/spec/runners/transactions.rb +5 -7
- data/spec/spec_tests/client_side_encryption_spec.rb +0 -5
- data/spec/spec_tests/data/client_side_encryption/bulk.yml +3 -0
- data/spec/spec_tests/data/client_side_encryption/replaceOne.yml +4 -1
- data/spec/spec_tests/data/client_side_encryption/updateOne.yml +3 -0
- data/spec/support/cluster_tools.rb +6 -1
- data/spec/support/crypt.rb +14 -0
- data/spec/support/lite_constraints.rb +3 -1
- data/spec/support/spec_config.rb +10 -0
- data/spec/support/utils.rb +9 -1
- metadata +15 -14
- metadata.gz.sig +0 -0
- data/lib/mongo/cluster/srv_monitor.rb +0 -127
- data/lib/mongo/srv/warning_result.rb +0 -35
- data/spec/enterprise_auth/kerberos_spec.rb +0 -58
- data/spec/mongo/cluster/srv_monitor_spec.rb +0 -214
- data/spec/mongo/operation/read_preference_spec.rb +0 -245
@@ -20,7 +20,9 @@ describe 'Auto Encryption' do
|
|
20
20
|
# Must use local schema map because server versions older than 4.2
|
21
21
|
# do not support jsonSchema collection validator.
|
22
22
|
schema_map: { 'auto_encryption.users' => schema_map },
|
23
|
-
bypass_auto_encryption: bypass_auto_encryption
|
23
|
+
bypass_auto_encryption: bypass_auto_encryption,
|
24
|
+
# Spawn mongocryptd on non-default port for sharded cluster tests
|
25
|
+
extra_options: extra_options,
|
24
26
|
},
|
25
27
|
database: 'auto_encryption'
|
26
28
|
),
|
@@ -28,7 +30,7 @@ describe 'Auto Encryption' do
|
|
28
30
|
end
|
29
31
|
|
30
32
|
let(:bypass_auto_encryption) { false }
|
31
|
-
let(:client) { authorized_client.use(
|
33
|
+
let(:client) { authorized_client.use('auto_encryption') }
|
32
34
|
|
33
35
|
let(:encrypted_ssn_binary) do
|
34
36
|
BSON::Binary.new(Base64.decode64(encrypted_ssn), :ciphertext)
|
@@ -36,15 +38,16 @@ describe 'Auto Encryption' do
|
|
36
38
|
|
37
39
|
shared_examples 'it decrypts but does not encrypt on wire version < 8' do
|
38
40
|
before do
|
39
|
-
client[
|
41
|
+
client['users'].drop
|
42
|
+
client['users'].insert_one(ssn: encrypted_ssn_binary)
|
40
43
|
|
41
|
-
|
42
|
-
|
44
|
+
key_vault_collection.drop
|
45
|
+
key_vault_collection.insert_one(data_key)
|
43
46
|
end
|
44
47
|
|
45
48
|
it 'raises an exception when trying to encrypt' do
|
46
49
|
expect do
|
47
|
-
encryption_client[
|
50
|
+
encryption_client['users'].find(ssn: ssn).first
|
48
51
|
end.to raise_error(Mongo::Error::CryptError, /Auto-encryption requires a minimum MongoDB version of 4.2/)
|
49
52
|
end
|
50
53
|
|
@@ -52,12 +55,12 @@ describe 'Auto Encryption' do
|
|
52
55
|
let(:bypass_auto_encryption) { true }
|
53
56
|
|
54
57
|
it 'does not raise an exception but doesn\'t encrypt' do
|
55
|
-
document = encryption_client[
|
58
|
+
document = encryption_client['users'].find(ssn: ssn).first
|
56
59
|
expect(document).to be_nil
|
57
60
|
end
|
58
61
|
|
59
62
|
it 'still decrypts' do
|
60
|
-
document = encryption_client[
|
63
|
+
document = encryption_client['users'].find(ssn: encrypted_ssn_binary).first
|
61
64
|
# ssn field is still decrypted
|
62
65
|
expect(document['ssn']).to eq(ssn)
|
63
66
|
end
|
@@ -20,7 +20,9 @@ describe 'Client with auto encryption #reconnect' do
|
|
20
20
|
kms_providers: kms_providers,
|
21
21
|
key_vault_namespace: key_vault_namespace,
|
22
22
|
key_vault_client: key_vault_client_option,
|
23
|
-
schema_map: { 'auto_encryption.users': schema_map }
|
23
|
+
schema_map: { 'auto_encryption.users': schema_map },
|
24
|
+
# Spawn mongocryptd on non-default port for sharded cluster tests
|
25
|
+
extra_options: extra_options,
|
24
26
|
},
|
25
27
|
database: 'auto_encryption'
|
26
28
|
}
|
@@ -28,7 +30,7 @@ describe 'Client with auto encryption #reconnect' do
|
|
28
30
|
)
|
29
31
|
end
|
30
32
|
|
31
|
-
let(:unencrypted_client) { authorized_client.use(
|
33
|
+
let(:unencrypted_client) { authorized_client.use('auto_encryption') }
|
32
34
|
|
33
35
|
let(:mongocryptd_client) { client.encrypter.mongocryptd_client }
|
34
36
|
let(:key_vault_client) { client.encrypter.key_vault_client }
|
@@ -36,7 +38,7 @@ describe 'Client with auto encryption #reconnect' do
|
|
36
38
|
|
37
39
|
shared_examples 'a functioning client' do
|
38
40
|
it 'can perform an encrypted find command' do
|
39
|
-
doc = client[
|
41
|
+
doc = client['users'].find(ssn: ssn).first
|
40
42
|
expect(doc).not_to be_nil
|
41
43
|
expect(doc['ssn']).to eq(ssn)
|
42
44
|
end
|
@@ -65,7 +67,7 @@ describe 'Client with auto encryption #reconnect' do
|
|
65
67
|
|
66
68
|
shared_examples 'a functioning key vault client' do
|
67
69
|
it 'can perform a find command' do
|
68
|
-
doc = key_vault_client.use(key_vault_db)[key_vault_coll].find(_id: data_key_id).first
|
70
|
+
doc = key_vault_client.use(key_vault_db)[key_vault_coll, read_concern: { level: :majority}].find(_id: data_key_id).first
|
69
71
|
expect(doc).not_to be_nil
|
70
72
|
expect(doc['_id']).to eq(data_key_id)
|
71
73
|
end
|
@@ -73,15 +75,15 @@ describe 'Client with auto encryption #reconnect' do
|
|
73
75
|
|
74
76
|
shared_examples 'an auto-encryption client that reconnects properly' do
|
75
77
|
before do
|
76
|
-
|
77
|
-
|
78
|
+
key_vault_collection.drop
|
79
|
+
key_vault_collection.insert_one(data_key)
|
78
80
|
|
79
|
-
unencrypted_client[
|
81
|
+
unencrypted_client['users'].drop
|
80
82
|
# Use a client without auto_encryption_options to insert an
|
81
83
|
# encrypted document into the collection; this ensures that the
|
82
84
|
# client with auto_encryption_options must perform decryption
|
83
85
|
# to properly read the document.
|
84
|
-
unencrypted_client[
|
86
|
+
unencrypted_client['users'].insert_one(
|
85
87
|
ssn: BSON::Binary.new(Base64.decode64(encrypted_ssn), :ciphertext)
|
86
88
|
)
|
87
89
|
end
|
@@ -200,7 +202,10 @@ describe 'Client with auto encryption #reconnect' do
|
|
200
202
|
|
201
203
|
context 'with custom key vault client option' do
|
202
204
|
let(:key_vault_client_option) do
|
203
|
-
|
205
|
+
new_local_client(
|
206
|
+
SpecConfig.instance.addresses,
|
207
|
+
SpecConfig.instance.test_options
|
208
|
+
)
|
204
209
|
end
|
205
210
|
|
206
211
|
context 'with AWS KMS providers' do
|
@@ -21,15 +21,16 @@ describe 'Auto Encryption' do
|
|
21
21
|
kms_providers: kms_providers,
|
22
22
|
key_vault_namespace: key_vault_namespace,
|
23
23
|
schema_map: local_schema,
|
24
|
-
bypass_auto_encryption: bypass_auto_encryption
|
24
|
+
bypass_auto_encryption: bypass_auto_encryption,
|
25
|
+
# Spawn mongocryptd on non-default port for sharded cluster tests
|
26
|
+
extra_options: extra_options,
|
25
27
|
},
|
26
28
|
database: 'auto_encryption'
|
27
29
|
),
|
28
30
|
)
|
29
31
|
end
|
30
32
|
|
31
|
-
let(:client) { authorized_client.use(
|
32
|
-
let(:admin_client) { authorized_client.use(:admin) }
|
33
|
+
let(:client) { authorized_client.use('auto_encryption') }
|
33
34
|
|
34
35
|
let(:bypass_auto_encryption) { false }
|
35
36
|
|
@@ -45,7 +46,7 @@ describe 'Auto Encryption' do
|
|
45
46
|
let(:local_schema) { nil }
|
46
47
|
|
47
48
|
before do
|
48
|
-
client[
|
49
|
+
client['users',
|
49
50
|
{
|
50
51
|
'validator' => { '$jsonSchema' => schema_map }
|
51
52
|
}
|
@@ -57,27 +58,27 @@ describe 'Auto Encryption' do
|
|
57
58
|
let(:local_schema) { { "auto_encryption.users" => schema_map } }
|
58
59
|
|
59
60
|
before do
|
60
|
-
client[
|
61
|
+
client['users'].create
|
61
62
|
end
|
62
63
|
end
|
63
64
|
|
64
65
|
shared_context 'encrypted document in collection' do
|
65
66
|
before do
|
66
|
-
client[
|
67
|
+
client['users'].insert_one(ssn: encrypted_ssn_binary)
|
67
68
|
end
|
68
69
|
end
|
69
70
|
|
70
71
|
shared_context 'multiple encrypted documents in collection' do
|
71
72
|
before do
|
72
|
-
client[
|
73
|
-
client[
|
73
|
+
client['users'].insert_one(ssn: encrypted_ssn_binary)
|
74
|
+
client['users'].insert_one(ssn: encrypted_ssn_binary)
|
74
75
|
end
|
75
76
|
end
|
76
77
|
|
77
78
|
before(:each) do
|
78
|
-
client[
|
79
|
-
|
80
|
-
|
79
|
+
client['users'].drop
|
80
|
+
key_vault_collection.drop
|
81
|
+
key_vault_collection.insert_one(data_key)
|
81
82
|
end
|
82
83
|
|
83
84
|
shared_examples 'an encrypted command' do
|
@@ -115,7 +116,7 @@ describe 'Auto Encryption' do
|
|
115
116
|
include_context 'encrypted document in collection'
|
116
117
|
|
117
118
|
let(:result) do
|
118
|
-
encryption_client[
|
119
|
+
encryption_client['users'].aggregate([
|
119
120
|
{ '$match' => { 'ssn' => ssn } }
|
120
121
|
]).first
|
121
122
|
end
|
@@ -133,7 +134,7 @@ describe 'Auto Encryption' do
|
|
133
134
|
end
|
134
135
|
|
135
136
|
it 'does auto decrypt the response' do
|
136
|
-
result = encryption_client[
|
137
|
+
result = encryption_client['users'].aggregate([
|
137
138
|
{ '$match' => { 'ssn' => encrypted_ssn_binary } }
|
138
139
|
]).first
|
139
140
|
|
@@ -150,7 +151,7 @@ describe 'Auto Encryption' do
|
|
150
151
|
shared_examples 'it performs an encrypted command' do
|
151
152
|
include_context 'multiple encrypted documents in collection'
|
152
153
|
|
153
|
-
let(:result) { encryption_client[
|
154
|
+
let(:result) { encryption_client['users'].count(ssn: ssn) }
|
154
155
|
|
155
156
|
it 'encrypts the command and finds the documents' do
|
156
157
|
expect(result).to eq(2)
|
@@ -172,7 +173,7 @@ describe 'Auto Encryption' do
|
|
172
173
|
shared_examples 'it performs an encrypted command' do
|
173
174
|
include_context 'encrypted document in collection'
|
174
175
|
|
175
|
-
let(:result) { encryption_client[
|
176
|
+
let(:result) { encryption_client['users'].distinct(:ssn) }
|
176
177
|
|
177
178
|
it 'decrypts the SSN field' do
|
178
179
|
expect(result.length).to eq(1)
|
@@ -196,7 +197,7 @@ describe 'Auto Encryption' do
|
|
196
197
|
shared_examples 'it performs an encrypted command' do
|
197
198
|
include_context 'encrypted document in collection'
|
198
199
|
|
199
|
-
let(:result) { encryption_client[
|
200
|
+
let(:result) { encryption_client['users'].delete_one(ssn: ssn) }
|
200
201
|
|
201
202
|
it 'encrypts the SSN field' do
|
202
203
|
expect(result.deleted_count).to eq(1)
|
@@ -218,7 +219,7 @@ describe 'Auto Encryption' do
|
|
218
219
|
shared_examples 'it performs an encrypted command' do
|
219
220
|
include_context 'multiple encrypted documents in collection'
|
220
221
|
|
221
|
-
let(:result) { encryption_client[
|
222
|
+
let(:result) { encryption_client['users'].delete_many(ssn: ssn) }
|
222
223
|
|
223
224
|
it 'decrypts the SSN field' do
|
224
225
|
expect(result.deleted_count).to eq(2)
|
@@ -240,7 +241,7 @@ describe 'Auto Encryption' do
|
|
240
241
|
shared_examples 'it performs an encrypted command' do
|
241
242
|
include_context 'encrypted document in collection'
|
242
243
|
|
243
|
-
let(:result) { encryption_client[
|
244
|
+
let(:result) { encryption_client['users'].find(ssn: ssn).first }
|
244
245
|
|
245
246
|
it 'encrypts the command and decrypts the response' do
|
246
247
|
result.should_not be_nil
|
@@ -263,7 +264,7 @@ describe 'Auto Encryption' do
|
|
263
264
|
shared_examples 'it performs an encrypted command' do
|
264
265
|
include_context 'encrypted document in collection'
|
265
266
|
|
266
|
-
let(:result) { encryption_client[
|
267
|
+
let(:result) { encryption_client['users'].find_one_and_delete(ssn: ssn) }
|
267
268
|
|
268
269
|
it 'encrypts the command and decrypts the response' do
|
269
270
|
expect(result['ssn']).to eq(ssn)
|
@@ -277,7 +278,7 @@ describe 'Auto Encryption' do
|
|
277
278
|
end
|
278
279
|
|
279
280
|
it 'still decrypts the command' do
|
280
|
-
result = encryption_client[
|
281
|
+
result = encryption_client['users'].find_one_and_delete(ssn: encrypted_ssn_binary)
|
281
282
|
expect(result['ssn']).to eq(ssn)
|
282
283
|
end
|
283
284
|
end
|
@@ -294,7 +295,7 @@ describe 'Auto Encryption' do
|
|
294
295
|
include_context 'encrypted document in collection'
|
295
296
|
|
296
297
|
let(:result) do
|
297
|
-
encryption_client[
|
298
|
+
encryption_client['users'].find_one_and_replace(
|
298
299
|
{ ssn: ssn },
|
299
300
|
{ name: name },
|
300
301
|
return_document: :before
|
@@ -304,7 +305,7 @@ describe 'Auto Encryption' do
|
|
304
305
|
it 'encrypts the command and decrypts the response, returning original document' do
|
305
306
|
expect(result['ssn']).to eq(ssn)
|
306
307
|
|
307
|
-
documents = client[
|
308
|
+
documents = client['users'].find
|
308
309
|
expect(documents.count).to eq(1)
|
309
310
|
expect(documents.first['ssn']).to be_nil
|
310
311
|
end
|
@@ -312,11 +313,11 @@ describe 'Auto Encryption' do
|
|
312
313
|
|
313
314
|
context 'with :return_document => :after' do
|
314
315
|
before do
|
315
|
-
client[
|
316
|
+
client['users'].insert_one(name: name)
|
316
317
|
end
|
317
318
|
|
318
319
|
let(:result) do
|
319
|
-
encryption_client[
|
320
|
+
encryption_client['users'].find_one_and_replace(
|
320
321
|
{ name: name },
|
321
322
|
{ ssn: ssn },
|
322
323
|
return_document: :after
|
@@ -326,7 +327,7 @@ describe 'Auto Encryption' do
|
|
326
327
|
it 'encrypts the command and decrypts the response, returning new document' do
|
327
328
|
expect(result['ssn']).to eq(ssn)
|
328
329
|
|
329
|
-
documents = client[
|
330
|
+
documents = client['users'].find
|
330
331
|
expect(documents.count).to eq(1)
|
331
332
|
expect(documents.first['ssn']).to eq(encrypted_ssn_binary)
|
332
333
|
end
|
@@ -337,7 +338,7 @@ describe 'Auto Encryption' do
|
|
337
338
|
include_context 'encrypted document in collection'
|
338
339
|
|
339
340
|
let(:result) do
|
340
|
-
encryption_client[
|
341
|
+
encryption_client['users'].find_one_and_replace(
|
341
342
|
{ ssn: encrypted_ssn_binary },
|
342
343
|
{ name: name },
|
343
344
|
:return_document => :before
|
@@ -347,7 +348,7 @@ describe 'Auto Encryption' do
|
|
347
348
|
it 'does not encrypt the command but still decrypts the response, returning original document' do
|
348
349
|
expect(result['ssn']).to eq(ssn)
|
349
350
|
|
350
|
-
documents = client[
|
351
|
+
documents = client['users'].find
|
351
352
|
expect(documents.count).to eq(1)
|
352
353
|
expect(documents.first['ssn']).to be_nil
|
353
354
|
end
|
@@ -364,7 +365,7 @@ describe 'Auto Encryption' do
|
|
364
365
|
let(:name) { 'Alan Turing' }
|
365
366
|
|
366
367
|
let(:result) do
|
367
|
-
encryption_client[
|
368
|
+
encryption_client['users'].find_one_and_update(
|
368
369
|
{ ssn: ssn },
|
369
370
|
{ name: name }
|
370
371
|
)
|
@@ -373,7 +374,7 @@ describe 'Auto Encryption' do
|
|
373
374
|
it 'encrypts the command and decrypts the response' do
|
374
375
|
expect(result['ssn']).to eq(ssn)
|
375
376
|
|
376
|
-
documents = client[
|
377
|
+
documents = client['users'].find
|
377
378
|
expect(documents.count).to eq(1)
|
378
379
|
expect(documents.first['ssn']).to be_nil
|
379
380
|
end
|
@@ -387,7 +388,7 @@ describe 'Auto Encryption' do
|
|
387
388
|
|
388
389
|
it 'still decrypts the response' do
|
389
390
|
# Query using the encrypted ssn value so the find will succeed
|
390
|
-
result = encryption_client[
|
391
|
+
result = encryption_client['users'].find_one_and_update(
|
391
392
|
{ ssn: encrypted_ssn_binary },
|
392
393
|
{ name: name }
|
393
394
|
)
|
@@ -402,7 +403,7 @@ describe 'Auto Encryption' do
|
|
402
403
|
|
403
404
|
describe '#insert_one' do
|
404
405
|
let(:query) { { ssn: ssn } }
|
405
|
-
let(:result) { encryption_client[
|
406
|
+
let(:result) { encryption_client['users'].insert_one(query) }
|
406
407
|
|
407
408
|
shared_examples 'it performs an encrypted command' do
|
408
409
|
it 'encrypts the ssn field' do
|
@@ -411,7 +412,7 @@ describe 'Auto Encryption' do
|
|
411
412
|
|
412
413
|
id = result.inserted_ids.first
|
413
414
|
|
414
|
-
document = client[
|
415
|
+
document = client['users'].find(_id: id).first
|
415
416
|
document.should_not be_nil
|
416
417
|
expect(document['ssn']).to eq(encrypted_ssn_binary)
|
417
418
|
end
|
@@ -421,13 +422,13 @@ describe 'Auto Encryption' do
|
|
421
422
|
include_context 'bypass auto encryption'
|
422
423
|
|
423
424
|
it 'does not encrypt the command' do
|
424
|
-
result = encryption_client[
|
425
|
+
result = encryption_client['users'].insert_one(ssn: ssn)
|
425
426
|
expect(result).to be_ok
|
426
427
|
expect(result.inserted_ids.length).to eq(1)
|
427
428
|
|
428
429
|
id = result.inserted_ids.first
|
429
430
|
|
430
|
-
document = client[
|
431
|
+
document = client['users'].find(_id: id).first
|
431
432
|
expect(document['ssn']).to eq(ssn)
|
432
433
|
end
|
433
434
|
end
|
@@ -461,7 +462,7 @@ describe 'Auto Encryption' do
|
|
461
462
|
expect(result).to be_ok
|
462
463
|
id = result.inserted_ids.first
|
463
464
|
|
464
|
-
document = client[
|
465
|
+
document = client['users'].find(_id: id).first
|
465
466
|
document.should_not be_nil
|
466
467
|
# Document was not encrypted
|
467
468
|
expect(document['ssn']).to eq(ssn)
|
@@ -481,7 +482,7 @@ describe 'Auto Encryption' do
|
|
481
482
|
|
482
483
|
id = result.inserted_ids.first
|
483
484
|
|
484
|
-
document = client[
|
485
|
+
document = client['users'].find(_id: id).first
|
485
486
|
document.should_not be_nil
|
486
487
|
# Auto-encryption with key alt names only works with random encryption,
|
487
488
|
# so it will not generate the same result on every test run.
|
@@ -497,7 +498,7 @@ describe 'Auto Encryption' do
|
|
497
498
|
|
498
499
|
id = result.inserted_ids.first
|
499
500
|
|
500
|
-
document = client[
|
501
|
+
document = client['users'].find(_id: id).first
|
501
502
|
document.should_not be_nil
|
502
503
|
# Auto-encryption with key alt names only works with random encryption,
|
503
504
|
# so it will not generate the same result on every test run.
|
@@ -514,7 +515,7 @@ describe 'Auto Encryption' do
|
|
514
515
|
let(:replacement_ssn) { '098-765-4321' }
|
515
516
|
|
516
517
|
let(:result) do
|
517
|
-
encryption_client[
|
518
|
+
encryption_client['users'].replace_one(
|
518
519
|
{ ssn: ssn },
|
519
520
|
{ ssn: replacement_ssn }
|
520
521
|
)
|
@@ -523,7 +524,7 @@ describe 'Auto Encryption' do
|
|
523
524
|
it 'encrypts the ssn field' do
|
524
525
|
expect(result.modified_count).to eq(1)
|
525
526
|
|
526
|
-
find_result = encryption_client[
|
527
|
+
find_result = encryption_client['users'].find(ssn: '098-765-4321')
|
527
528
|
expect(find_result.count).to eq(1)
|
528
529
|
end
|
529
530
|
|
@@ -544,13 +545,13 @@ describe 'Auto Encryption' do
|
|
544
545
|
include_context 'encrypted document in collection'
|
545
546
|
|
546
547
|
let(:result) do
|
547
|
-
encryption_client[
|
548
|
+
encryption_client['users'].update_one({ ssn: ssn }, { ssn: '098-765-4321' })
|
548
549
|
end
|
549
550
|
|
550
551
|
it 'encrypts the ssn field' do
|
551
552
|
expect(result.n).to eq(1)
|
552
553
|
|
553
|
-
find_result = encryption_client[
|
554
|
+
find_result = encryption_client['users'].find(ssn: '098-765-4321')
|
554
555
|
expect(find_result.count).to eq(1)
|
555
556
|
end
|
556
557
|
|
@@ -569,18 +570,18 @@ describe 'Auto Encryption' do
|
|
569
570
|
describe '#update_many' do
|
570
571
|
shared_examples 'it performs an encrypted command' do
|
571
572
|
before do
|
572
|
-
client[
|
573
|
-
client[
|
573
|
+
client['users'].insert_one(ssn: encrypted_ssn_binary, age: 25)
|
574
|
+
client['users'].insert_one(ssn: encrypted_ssn_binary, age: 43)
|
574
575
|
end
|
575
576
|
|
576
577
|
let(:result) do
|
577
|
-
encryption_client[
|
578
|
+
encryption_client['users'].update_many({ ssn: ssn }, { "$inc" => { :age => 1 } })
|
578
579
|
end
|
579
580
|
|
580
581
|
it 'encrypts the ssn field' do
|
581
582
|
expect(result.n).to eq(2)
|
582
583
|
|
583
|
-
updated_documents = encryption_client[
|
584
|
+
updated_documents = encryption_client['users'].find(ssn: ssn)
|
584
585
|
ages = updated_documents.map { |doc| doc['age'] }
|
585
586
|
expect(ages).to include(26)
|
586
587
|
expect(ages).to include(44)
|