SERVER-34421: isMaster saslSupportedMechs shouldn't error on UserNotFound

3 files changed, 21 insertions, 10 deletions

diff --git a/jstests/auth/sasl_mechanism_discovery.js b/jstests/auth/sasl_mechanism_discovery.js
index 2d5404178fd..b21fe2e7c38 100644
--- a/jstests/auth/sasl_mechanism_discovery.js
+++ b/jstests/auth/sasl_mechanism_discovery.js
@@ -13,10 +13,12 @@
         var db = conn.getDB("admin");
         var externalDB = conn.getDB("$external");
 
-        // Check that unknown or invalid users produce the correct errors.
-        assert.commandFailedWithCode(db.runCommand({isMaster: 1, saslSupportedMechs: "test.bogus"}),
-                                     ErrorCodes.UserNotFound);
+        // Check that unknown users do not interrupt isMaster
+        let res =
+            assert.commandWorked(db.runCommand({isMaster: 1, saslSupportedMechs: "test.bogus"}));
+        assert.eq(undefined, res.saslSupportedMechs);
 
+        // Check that invalid usernames produce the correct error code
         assert.commandFailedWithCode(db.runCommand({isMaster: 1, saslSupportedMechs: "bogus"}),
                                      ErrorCodes.BadValue);
 
diff --git a/src/mongo/db/auth/sasl_mechanism_registry.cpp b/src/mongo/db/auth/sasl_mechanism_registry.cpp
index 69c5f495e25..6bd5417b288 100644
--- a/src/mongo/db/auth/sasl_mechanism_registry.cpp
+++ b/src/mongo/db/auth/sasl_mechanism_registry.cpp
@@ -25,6 +25,7 @@
  *    exception statement from all source files in the program, then also delete
  *    it in the license file.
  */
+#define MONGO_LOG_DEFAULT_COMPONENT ::mongo::logger::LogComponent::kAccessControl
 
 #include "mongo/platform/basic.h"
 
@@ -34,6 +35,7 @@
 #include "mongo/db/auth/sasl_options.h"
 #include "mongo/db/auth/user.h"
 #include "mongo/util/icu.h"
+#include "mongo/util/log.h"
 #include "mongo/util/net/sock.h"
 #include "mongo/util/scopeguard.h"
 #include "mongo/util/sequence_util.h"
@@ -89,7 +91,14 @@ void SASLServerMechanismRegistry::advertiseMechanismNamesForUser(OperationContex
                 authManager->releaseUser(user);
             }
         });
-        uassertStatusOK(status);
+        if (!status.isOK()) {
+            if (status.code() == ErrorCodes::UserNotFound) {
+                log() << "Supported SASL mechanisms requested for unknown user '" << userName
+                      << "'";
+                return;
+            }
+            uassertStatusOK(status);
+        }
 
         BSONArrayBuilder mechanismsBuilder;
         auto& map = _getMapRef(userName.getDB());
diff --git a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp
index 1fdea125852..fba7482b033 100644
--- a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp
+++ b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp
@@ -229,12 +229,12 @@ TEST_F(MechanismRegistryTest, invalidUserCantAdvertiseMechs) {
 
     BSONObjBuilder builder;
 
-    ASSERT_THROWS(
-        registry.advertiseMechanismNamesForUser(opCtx.get(),
-                                                BSON("isMaster" << 1 << "saslSupportedMechs"
-                                                                << "test.noSuchUser"),
-                                                &builder),
-        AssertionException);
+    registry.advertiseMechanismNamesForUser(opCtx.get(),
+                                            BSON("isMaster" << 1 << "saslSupportedMechs"
+                                                            << "test.noSuchUser"),
+                                            &builder);
+
+    ASSERT_BSONOBJ_EQ(BSONObj(), builder.obj());
 }
 
 TEST_F(MechanismRegistryTest, strongMechCanAdvertise) {