diff options
author | Jordi Serra Torrens <jordi.serra-torrens@mongodb.com> | 2023-01-13 08:31:41 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2023-01-16 15:08:06 +0000 |
commit | 203f87300db1fd5f5499418428d3efa0892535d5 (patch) | |
tree | 8caf792423563ac03edacf6183a6198b75fea57b | |
parent | 92f6cdfee3e12ecfd9483b2aa6d655061978aee9 (diff) | |
download | mongo-203f87300db1fd5f5499418428d3efa0892535d5.tar.gz |
SERVER-72535 Disallow creating the 'admin', 'local', and 'config' databases with alternative casings on sharded clusters
(cherry picked from commit 93dba70eb3d2f94e8afb076da9482854b97be397)
3 files changed, 108 insertions, 2 deletions
diff --git a/src/mongo/db/s/SConscript b/src/mongo/db/s/SConscript index 90958b0ef0f..860149f4f36 100644 --- a/src/mongo/db/s/SConscript +++ b/src/mongo/db/s/SConscript @@ -674,6 +674,7 @@ env.CppUnitTest( 'config/sharding_catalog_manager_clear_jumbo_flag_test.cpp', 'config/sharding_catalog_manager_commit_chunk_migration_test.cpp', 'config/sharding_catalog_manager_config_initialization_test.cpp', + 'config/sharding_catalog_manager_database_operations_test.cpp', 'config/sharding_catalog_manager_ensure_chunk_version_is_greater_than_test.cpp', 'config/sharding_catalog_manager_merge_chunks_test.cpp', 'config/sharding_catalog_manager_remove_shard_from_zone_test.cpp', diff --git a/src/mongo/db/s/config/sharding_catalog_manager_database_operations.cpp b/src/mongo/db/s/config/sharding_catalog_manager_database_operations.cpp index c2489780880..6a8e082b77e 100644 --- a/src/mongo/db/s/config/sharding_catalog_manager_database_operations.cpp +++ b/src/mongo/db/s/config/sharding_catalog_manager_database_operations.cpp @@ -94,9 +94,14 @@ DatabaseType ShardingCatalogManager::createDatabase(OperationContext* opCtx, dbName.toString(), ShardId::kConfigServerId, DatabaseVersion::makeFixed()); } + // It is not allowed to create the 'admin' or 'local' databases, including any alternative + // casing. It is allowed to create the 'config' database (handled by the early return above), + // but only with that exact casing. uassert(ErrorCodes::InvalidOptions, - str::stream() << "Cannot manually create database'" << dbName << "'", - dbName != NamespaceString::kAdminDb && dbName != NamespaceString::kLocalDb); + str::stream() << "Cannot manually create database '" << dbName << "'", + !dbName.equalCaseInsensitive(NamespaceString::kAdminDb) && + !dbName.equalCaseInsensitive(NamespaceString::kLocalDb) && + !dbName.equalCaseInsensitive(NamespaceString::kConfigDb)); uassert(ErrorCodes::InvalidNamespace, str::stream() << "Invalid db name specified: " << dbName, diff --git a/src/mongo/db/s/config/sharding_catalog_manager_database_operations_test.cpp b/src/mongo/db/s/config/sharding_catalog_manager_database_operations_test.cpp new file mode 100644 index 00000000000..029a229d73f --- /dev/null +++ b/src/mongo/db/s/config/sharding_catalog_manager_database_operations_test.cpp @@ -0,0 +1,100 @@ +/** + * Copyright (C) 2023-present MongoDB, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the Server Side Public License, version 1, + * as published by MongoDB, Inc. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Server Side Public License for more details. + * + * You should have received a copy of the Server Side Public License + * along with this program. If not, see + * <http://www.mongodb.com/licensing/server-side-public-license>. + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the Server Side Public License in all respects for + * all of the code used other than as permitted herein. If you modify file(s) + * with this exception, you may extend this exception to your version of the + * file(s), but you are not obligated to do so. If you do not wish to do so, + * delete this exception statement from your version. If you delete this + * exception statement from all source files in the program, then also delete + * it in the license file. + */ + +#include "mongo/db/s/config/config_server_test_fixture.h" +#include "mongo/db/s/config/sharding_catalog_manager.h" + +namespace mongo { +namespace { + +class ShardingCatalogManagerDatabaseOperationsTest : public ConfigServerTestFixture { +public: + void setUp() override { + ConfigServerTestFixture::setUp(); + _opCtx = operationContext(); + } + +protected: + OperationContext* _opCtx; +}; + +TEST_F(ShardingCatalogManagerDatabaseOperationsTest, CreateDatabaseAdminFails) { + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "admin"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); + + // Alternative capitalizations are also invalid + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "Admin"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); + + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "aDmIn"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); +} + +TEST_F(ShardingCatalogManagerDatabaseOperationsTest, CreateDatabaseLocalFails) { + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "local"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); + + // Alternative capitalizations are also invalid + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "Local"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); + + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "lOcAl"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); +} + +TEST_F(ShardingCatalogManagerDatabaseOperationsTest, CreateDatabaseConfig) { + // It is allowed to create the "config" database. + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "config"_sd, boost::none); + + // But alternative capitalizations are invalid. + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "Config"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); + + ASSERT_THROWS_CODE( + ShardingCatalogManager::get(_opCtx)->createDatabase(_opCtx, "cOnFiG"_sd, boost::none), + DBException, + ErrorCodes::InvalidOptions); +} + +} // namespace +} // namespace mongo |