diff options
author | Erwin Pe <erwin.pe@mongodb.com> | 2022-03-15 22:33:23 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2022-03-15 23:02:58 +0000 |
commit | 30f48983c02e18b8af6303526582d05c8bff865b (patch) | |
tree | c9b36f247a240af222e737e0f0cbc51809286aaa /src/mongo/shell | |
parent | 14260eebf4af2deff898f5ee203c582a0e668590 (diff) | |
download | mongo-30f48983c02e18b8af6303526582d05c8bff865b.tar.gz |
SERVER-63467 Create a shell helper that can be used to call compact encryption data
Diffstat (limited to 'src/mongo/shell')
-rw-r--r-- | src/mongo/shell/SConscript | 1 | ||||
-rw-r--r-- | src/mongo/shell/collection.js | 4 | ||||
-rw-r--r-- | src/mongo/shell/encrypted_dbclient_base.cpp | 42 | ||||
-rw-r--r-- | src/mongo/shell/encrypted_dbclient_base.h | 5 |
4 files changed, 52 insertions, 0 deletions
diff --git a/src/mongo/shell/SConscript b/src/mongo/shell/SConscript index 9bdfdad9c17..aaa9e39f54a 100644 --- a/src/mongo/shell/SConscript +++ b/src/mongo/shell/SConscript @@ -205,6 +205,7 @@ if get_option('ssl') == 'on': LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/client/clientdriver_minimal', '$BUILD_DIR/mongo/crypto/aead_encryption', + '$BUILD_DIR/mongo/crypto/encrypted_field_config', '$BUILD_DIR/mongo/crypto/fle_crypto', '$BUILD_DIR/mongo/crypto/fle_fields', '$BUILD_DIR/mongo/crypto/symmetric_crypto', diff --git a/src/mongo/shell/collection.js b/src/mongo/shell/collection.js index 13e83d59855..85c6b92c09d 100644 --- a/src/mongo/shell/collection.js +++ b/src/mongo/shell/collection.js @@ -13,6 +13,10 @@ if ((typeof DBCollection) == "undefined") { }; } +DBCollection.prototype.compact = function() { + return this._db.getMongo().compact(this._fullName); +}; + DBCollection.prototype.verify = function() { assert(this._fullName, "no fullName"); assert(this._shortName, "no shortName"); diff --git a/src/mongo/shell/encrypted_dbclient_base.cpp b/src/mongo/shell/encrypted_dbclient_base.cpp index c38a8df258b..137d0c482ab 100644 --- a/src/mongo/shell/encrypted_dbclient_base.cpp +++ b/src/mongo/shell/encrypted_dbclient_base.cpp @@ -515,6 +515,48 @@ void EncryptedDBClientBase::decrypt(mozjs::MozJSImplScope* scope, } } +boost::optional<EncryptedFieldConfig> EncryptedDBClientBase::getEncryptedFieldConfig( + const NamespaceString& nss) { + auto collsList = _conn->getCollectionInfos(nss.db().toString(), BSON("name" << nss.coll())); + uassert(ErrorCodes::BadValue, + str::stream() << "Namespace not found: " << nss.toString(), + !collsList.empty()); + auto info = collsList.front(); + auto opts = info.getField("options"); + if (opts.eoo() || !opts.isABSONObj()) { + return boost::none; + } + auto efc = opts.Obj().getField("encryptedFields"); + if (efc.eoo() || !efc.isABSONObj()) { + return boost::none; + } + return EncryptedFieldConfig::parse(IDLParserErrorContext("encryptedFields"), efc.Obj()); +} + +void EncryptedDBClientBase::compact(JSContext* cx, JS::CallArgs args) { + if (args.length() != 1) { + uasserted(ErrorCodes::BadValue, "compact requires 1 arg"); + } + if (!args.get(0).isString()) { + uasserted(ErrorCodes::BadValue, "1st param to compact has to be a string"); + } + std::string fullName = mozjs::ValueWriter(cx, args.get(0)).toString(); + NamespaceString nss(fullName); + uassert( + ErrorCodes::BadValue, str::stream() << "Invalid namespace: " << fullName, nss.isValid()); + + auto efc = getEncryptedFieldConfig(nss); + BSONObjBuilder builder; + builder.append("compactStructuredEncryptionData", nss.coll()); + builder.append("compactionTokens", + efc ? FLEClientCrypto::generateCompactionTokens(*efc, this) : BSONObj()); + + BSONObj reply; + runCommand(nss.db().toString(), builder.obj(), reply, 0); + reply = reply.getOwned(); + mozjs::ValueReader(cx, args.rval()).fromBSON(reply, nullptr, false); +} + void EncryptedDBClientBase::trace(JSTracer* trc) { JS::TraceEdge(trc, &_collection, "collection object"); } diff --git a/src/mongo/shell/encrypted_dbclient_base.h b/src/mongo/shell/encrypted_dbclient_base.h index 838d110a477..8a6bab60f59 100644 --- a/src/mongo/shell/encrypted_dbclient_base.h +++ b/src/mongo/shell/encrypted_dbclient_base.h @@ -118,6 +118,9 @@ public: using EncryptionCallbacks::decrypt; void decrypt(mozjs::MozJSImplScope* scope, JSContext* cx, JS::CallArgs args) final; + using EncryptionCallbacks::compact; + void compact(JSContext* cx, JS::CallArgs args) final; + using EncryptionCallbacks::trace; void trace(JSTracer* trc) final; @@ -201,6 +204,8 @@ private: std::shared_ptr<SymmetricKey> getDataKeyFromDisk(const UUID& uuid); SecureVector<uint8_t> getKeyMaterialFromDisk(const UUID& uuid); + boost::optional<EncryptedFieldConfig> getEncryptedFieldConfig(const NamespaceString& nss); + protected: std::unique_ptr<DBClientBase> _conn; ClientSideFLEOptions _encryptionOptions; |