RubyGems - mongo - Versions diffs - 2.19.1 → 2.21.0 - Mend

mongo 2.19.1 → 2.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (356) hide show

data/spec/integration/client_side_encryption/corpus_spec.rb CHANGED Viewed

@@ -188,6 +188,15 @@ describe 'Client-Side Encryption' do
       key_vault_collection.insert_one(kmip_data_key)
     end
+    # This method compensates for an API change between BSON 4 and
+    # BSON 5.
+    def normalize_cse_value(a)
+      case a
+      when BSON::Decimal128 then a.to_d
+      else a
+      end
+    end
     shared_context 'with jsonSchema collection validator' do
       let(:local_schema_map) { nil }
@@ -228,12 +237,11 @@ describe 'Client-Side Encryption' do
           .find(_id: corpus_encrypted_id)
           .first
         corpus_encrypted_actual.each do |key, value|
           # If it was deterministically encrypted, test the encrypted values
           # for equality.
           if value['algo'] == 'det'
-            expect(value['value']).to eq(corpus_encrypted_expected[key]['value'])
+            expect(normalize_cse_value(value['value'])).to eq(normalize_cse_value(corpus_encrypted_expected[key]['value']))
           else
             # If the document was randomly encrypted, the two encrypted values
             # will not be equal. Ensure that they are equal when decrypted.

data/spec/integration/client_side_encryption/on_demand_aws_credentials_spec.rb CHANGED Viewed

@@ -37,7 +37,7 @@ describe 'On-demand AWS Credentials' do
     it 'raises an error' do
       expect_any_instance_of(
         Mongo::Auth::Aws::CredentialsRetriever
-      ).to receive(:credentials).with(no_args).once.and_raise(
+      ).to receive(:credentials).with(kind_of(Mongo::CsotTimeoutHolder)).once.and_raise(
         Mongo::Auth::Aws::CredentialsNotFound
       )

data/spec/integration/client_side_encryption/range_explicit_encryption_prose_spec.rb CHANGED Viewed

@@ -6,7 +6,8 @@ require 'spec_helper'
 # be revisited if these tests ever need to be significantly modified.
 # rubocop:disable RSpec/ExampleLength
 describe 'Range Explicit Encryption' do
-  min_server_version '7.0.0-rc0'
+  min_server_version '8.0.0-rc18'
   require_libmongocrypt
   include_context 'define shared FLE helpers'
@@ -53,7 +54,7 @@ describe 'Range Explicit Encryption' do
         value,
         {
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         }
@@ -73,8 +74,8 @@ describe 'Range Explicit Encryption' do
         expr,
         {
           key_id: key1_id,
-          algorithm: 'RangePreview',
-          query_type: 'rangePreview',
+          algorithm: 'Range',
+          query_type: 'range',
           contention_factor: 0,
           range_opts: range_opts
         }
@@ -97,8 +98,8 @@ describe 'Range Explicit Encryption' do
         expr,
         {
           key_id: key1_id,
-          algorithm: 'RangePreview',
-          query_type: 'rangePreview',
+          algorithm: 'Range',
+          query_type: 'range',
           contention_factor: 0,
           range_opts: range_opts
         }
@@ -120,8 +121,8 @@ describe 'Range Explicit Encryption' do
         expr,
         {
           key_id: key1_id,
-          algorithm: 'RangePreview',
-          query_type: 'rangePreview',
+          algorithm: 'Range',
+          query_type: 'range',
           contention_factor: 0,
           range_opts: range_opts
         }
@@ -137,8 +138,8 @@ describe 'Range Explicit Encryption' do
         expr,
         {
           key_id: key1_id,
-          algorithm: 'RangePreview',
-          query_type: 'rangePreview',
+          algorithm: 'Range',
+          query_type: 'range',
           contention_factor: 0,
           range_opts: range_opts
         }
@@ -160,7 +161,7 @@ describe 'Range Explicit Encryption' do
           value_converter.call(201),
           {
             key_id: key1_id,
-            algorithm: 'RangePreview',
+            algorithm: 'Range',
             contention_factor: 0,
             range_opts: range_opts
           }
@@ -180,7 +181,7 @@ describe 'Range Explicit Encryption' do
           value,
           {
             key_id: key1_id,
-            algorithm: 'RangePreview',
+            algorithm: 'Range',
             contention_factor: 0,
             range_opts: range_opts
           }
@@ -195,7 +196,7 @@ describe 'Range Explicit Encryption' do
           value_converter.call(6),
           {
             key_id: key1_id,
-            algorithm: 'RangePreview',
+            algorithm: 'Range',
             contention_factor: 0,
             range_opts: {
               min: value_converter.call(0),
@@ -241,7 +242,7 @@ describe 'Range Explicit Encryption' do
         insert_payload = client_encryption.encrypt(
           num,
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         )
@@ -287,7 +288,7 @@ describe 'Range Explicit Encryption' do
         insert_payload = client_encryption.encrypt(
           BSON::Int64.new(num),
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         )
@@ -334,7 +335,7 @@ describe 'Range Explicit Encryption' do
         insert_payload = client_encryption.encrypt(
           num,
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         )
@@ -378,7 +379,7 @@ describe 'Range Explicit Encryption' do
         insert_payload = client_encryption.encrypt(
           num,
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         )
@@ -424,7 +425,7 @@ describe 'Range Explicit Encryption' do
         insert_payload = client_encryption.encrypt(
           Time.new(num),
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         )
@@ -473,7 +474,7 @@ describe 'Range Explicit Encryption' do
         insert_payload = client_encryption.encrypt(
           BSON::Decimal128.new(num),
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         )
@@ -519,7 +520,7 @@ describe 'Range Explicit Encryption' do
         insert_payload = client_encryption.encrypt(
           BSON::Decimal128.new(num),
           key_id: key1_id,
-          algorithm: 'RangePreview',
+          algorithm: 'Range',
           contention_factor: 0,
           range_opts: range_opts
         )
@@ -532,5 +533,51 @@ describe 'Range Explicit Encryption' do
     include_examples 'common cases'
   end
+  describe 'Range Explicit Encryption applies defaults' do
+    let(:payload_defaults) do
+      client_encryption.encrypt(
+        123,
+        key_id: key1_id,
+        algorithm: 'Range',
+        contention_factor: 0,
+        range_opts: {
+          min: 0,
+          max: 1000
+        }
+      )
+    end
+    it 'uses libmongocrypt default' do
+      payload = client_encryption.encrypt(
+        123,
+        key_id: key1_id,
+        algorithm: 'Range',
+        contention_factor: 0,
+        range_opts: {
+          min: 0,
+          max: 1000,
+          sparsity: 2,
+          trim_factor: 6
+        }
+      )
+      expect(payload.to_s.size).to eq(payload_defaults.to_s.size)
+    end
+    it 'accepts trim_factor 0' do
+      payload = client_encryption.encrypt(
+        123,
+        key_id: key1_id,
+        algorithm: 'Range',
+        contention_factor: 0,
+        range_opts: {
+          min: 0,
+          max: 1000,
+          trim_factor: 0
+        }
+      )
+      expect(payload.to_s.size).to eq(payload_defaults.to_s.size)
+    end
+  end
 end
 # rubocop:enable RSpec/ExampleLength

data/spec/integration/client_side_operations_timeout/encryption_prose_spec.rb ADDED Viewed

@@ -0,0 +1,131 @@
+# frozen_string_literal: true
+require 'spec_helper'
+describe 'CSOT for encryption' do
+  require_libmongocrypt
+  require_no_multi_mongos
+  min_server_fcv '4.2'
+  include_context 'define shared FLE helpers'
+  include_context 'with local kms_providers'
+  let(:subscriber) { Mrss::EventSubscriber.new }
+  describe 'mongocryptd' do
+    before do
+      Process.spawn(
+        'mongocryptd',
+        '--pidfilepath=bypass-spawning-mongocryptd.pid', '--port=23000', '--idleShutdownTimeoutSecs=60',
+        %i[ out err ] => '/dev/null'
+      )
+    end
+    let(:client) do
+      Mongo::Client.new('mongodb://localhost:23000/?timeoutMS=1000').tap do |client|
+        client.subscribe(Mongo::Monitoring::COMMAND, subscriber)
+      end
+    end
+    let(:ping_command) do
+      subscriber.started_events.find do |event|
+        event.command_name == 'ping'
+      end&.command
+    end
+    after do
+      client.close
+    end
+    it 'does not set maxTimeMS for commands sent to mongocryptd' do
+      expect do
+        client.use('admin').command(ping: 1)
+      end.to raise_error(Mongo::Error::OperationFailure)
+      expect(ping_command).not_to have_key('maxTimeMS')
+    end
+  end
+  describe 'ClientEncryption' do
+    let(:key_vault_client) do
+      ClientRegistry.instance.new_local_client(
+        SpecConfig.instance.addresses,
+        SpecConfig.instance.test_options.merge(timeout_ms: 20)
+      )
+    end
+    let(:client_encryption) do
+      Mongo::ClientEncryption.new(
+        key_vault_client,
+        key_vault_namespace: key_vault_namespace,
+        kms_providers: local_kms_providers
+      )
+    end
+    describe '#createDataKey' do
+      before do
+        authorized_client.use(key_vault_db)[key_vault_coll].drop
+        authorized_client.use(key_vault_db)[key_vault_coll].create
+        authorized_client.use(:admin).command({
+                                                configureFailPoint: 'failCommand',
+                                                mode: {
+                                                  times: 1
+                                                },
+                                                data: {
+                                                  failCommands: [ 'insert' ],
+                                                  blockConnection: true,
+                                                  blockTimeMS: 30
+                                                }
+                                              })
+      end
+      after do
+        authorized_client.use(:admin).command({
+                                                configureFailPoint: 'failCommand',
+                                                mode: 'off',
+                                              })
+        key_vault_client.close
+      end
+      it 'fails with timeout error' do
+        expect do
+          client_encryption.create_data_key('local')
+        end.to raise_error(Mongo::Error::TimeoutError)
+      end
+    end
+    describe '#encrypt' do
+      let!(:data_key_id) do
+        client_encryption.create_data_key('local')
+      end
+      before do
+        authorized_client.use(:admin).command({
+                                                configureFailPoint: 'failCommand',
+                                                mode: {
+                                                  times: 1
+                                                },
+                                                data: {
+                                                  failCommands: [ 'find' ],
+                                                  blockConnection: true,
+                                                  blockTimeMS: 30
+                                                }
+                                              })
+      end
+      after do
+        authorized_client.use(:admin).command({
+                                                configureFailPoint: 'failCommand',
+                                                mode: 'off',
+                                              })
+      end
+      it 'fails with timeout error' do
+        expect do
+          client_encryption.encrypt('hello', key_id: data_key_id,
+                                             algorithm: 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic')
+        end.to raise_error(Mongo::Error::TimeoutError)
+      end
+    end
+  end
+end

data/spec/integration/connection_pool_populator_spec.rb CHANGED Viewed

@@ -26,6 +26,8 @@ describe 'Connection pool populator integration' do
   declare_topology_double
+  retry_test
   let(:app_metadata) do
     Mongo::Server::AppMetadata.new(options)
   end

data/spec/integration/cursor_pinning_spec.rb CHANGED Viewed

@@ -52,73 +52,28 @@ describe 'Cursor pinning' do
   context 'lb' do
     require_topology :load_balanced
-    # In load-balanced topology, we cannot create new connections to a
-    # particular service.
+    # In load-balanced topology, a cursor retains the connection used to create
+    # it until the cursor is closed.
-    context 'when no connection is available' do
+    context 'when connection is available' do
+      require_multi_mongos
-      it 'raises ConnectionCheckOutTimeout' do
-        server.pool.size.should == 0
+      let(:client) { authorized_client.with(max_pool_size: 2) }
+      it 'does not return connection to the pool if cursor not drained' do
+        expect(server.pool).not_to receive(:check_in)
         enum = collection.find({}, batch_size: 1).to_enum
-        # Still zero because we haven't iterated
-        server.pool.size.should == 0
+        # Get the first element only; cursor is not drained, so there should
+        # be no check_in of the connection.
         enum.next
-        server.pool.size.should == 1
-        # Grab the connection that was used
-        server.with_connection do
-          # This requires a new connection, but we cannot make one.
-          lambda do
-            enum.next
-          end.should raise_error(Mongo::Error::ConnectionCheckOutTimeout)
-          server.pool.size.should == 1
-        end
       end
-    end
-    context 'when connection is available' do
-      require_multi_mongos
-      let(:client) { authorized_client.with(max_pool_size: 4) }
-      it 'uses the available connection' do
-        server.pool.size.should == 0
-        # Create 4 connections.
-        enums = []
-        connections = []
-        connection_ids = []
-        4.times do
-          view = collection.find({}, batch_size: 1)
-          enum = view.to_enum
-          enum.next
-          enums << enum
-          connection_ids << view.cursor.initial_result.connection_global_id
-          connections << server.pool.check_out
-        end
-        connection_ids.uniq.length.should be > 1
-        server.pool.size.should == 4
-        connections.each do |c|
-          server.pool.check_in(c)
-        end
-        # At this point, in theory, all connections are equally likely to
-        # be chosen, but we have cursors referencing more than one
-        # distinct service.
-        # Iterate each cursor to ensure they all continue to work.
-        enums.each do |enum|
-          enum.next
-        end
+      it 'returns connection to the pool when cursor is drained' do
+        view = collection.find({}, batch_size: 1)
+        enum = view.to_enum
+        expect_any_instance_of(Mongo::Cursor).to receive(:check_in_connection)
+        # Drain the cursor
+        enum.each { |it| it.nil? }
       end
     end
   end

data/spec/integration/cursor_reaping_spec.rb CHANGED Viewed

@@ -24,7 +24,7 @@ describe 'Cursor reaping' do
   let(:subscriber) { Mrss::EventSubscriber.new }
   let(:client) do
-    authorized_client.tap do |client|
+    authorized_client.with(max_pool_size: 10).tap do |client|
       client.subscribe(Mongo::Monitoring::COMMAND, subscriber)
     end
   end

data/spec/integration/docs_examples_spec.rb CHANGED Viewed

@@ -9,7 +9,7 @@ describe 'aggregation examples in Ruby' do
     # the tests in this file.
     begin
       ClientRegistry.instance.global_client('authorized')['_placeholder'].create
-    rescue Mongo::Error::OperationFailure => e
+    rescue Mongo::Error::OperationFailure::Family => e
       # Collection already exists
       if e.code != 48
         raise