summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downgrade.js4
-rw-r--r--jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downlevel_nocreate.js46
-rw-r--r--src/mongo/db/commands/create_command.cpp4
3 files changed, 52 insertions, 2 deletions
diff --git a/jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downgrade.js b/jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downgrade.js
index 0808e2be307..670d8afa572 100644
--- a/jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downgrade.js
+++ b/jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downgrade.js
@@ -44,8 +44,8 @@ function runTest(targetFCV) {
assert.commandWorked(db.adminCommand({setFeatureCompatibilityVersion: latestFCV}));
}
-targetFCV(lastLTSFCV);
-targetFCV(lastContinuousFCV);
+runTest(lastLTSFCV);
+runTest(lastContinuousFCV);
rst.stopSet();
}()); \ No newline at end of file
diff --git a/jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downlevel_nocreate.js b/jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downlevel_nocreate.js
new file mode 100644
index 00000000000..b34933ac7a3
--- /dev/null
+++ b/jstests/multiVersion/targetedTestsLastLtsFeatures/fle2_downlevel_nocreate.js
@@ -0,0 +1,46 @@
+/**
+ * Tests that the cluster cannot be downgraded when encrypted fields present
+ *
+ * @tags: [
+ * requires_fcv_60
+ * ]
+ */
+
+load("jstests/fle2/libs/encrypted_client_util.js");
+
+(function() {
+"use strict";
+
+const rst = new ReplSetTest({nodes: 1});
+rst.startSet();
+rst.initiate();
+rst.awaitReplication();
+
+let dbName = 'downgrade_test';
+let conn = rst.getPrimary();
+let db = conn.getDB("admin");
+let client = new EncryptedClient(conn, dbName);
+let dbTest = db.getSiblingDB('create_encrypted_collection_db');
+
+const sampleEncryptedFields = {
+ "fields": [
+ {
+ "path": "firstName",
+ "keyId": UUID("11d58b8a-0c6c-4d69-a0bd-70c6d9befae9"),
+ "bsonType": "string",
+ "queries": {"queryType": "equality"} // allow single object or array
+ },
+ ]
+};
+
+assert.commandWorked(db.adminCommand({setFeatureCompatibilityVersion: lastLTSFCV}));
+assert.commandFailedWithCode(
+ dbTest.createCollection("basic2", {encryptedFields: sampleEncryptedFields}),
+ 6662201,
+ "Create in 5.0 FCV passed");
+
+assert.commandWorked(db.adminCommand({setFeatureCompatibilityVersion: latestFCV}));
+assert.commandWorked(dbTest.createCollection("basic", {encryptedFields: sampleEncryptedFields}));
+
+rst.stopSet();
+}());
diff --git a/src/mongo/db/commands/create_command.cpp b/src/mongo/db/commands/create_command.cpp
index ebe478ca160..59c4f31ad32 100644
--- a/src/mongo/db/commands/create_command.cpp
+++ b/src/mongo/db/commands/create_command.cpp
@@ -176,6 +176,10 @@ public:
}
if (cmd.getEncryptedFields()) {
+ uassert(6662201,
+ "Queryable Encryption is only supported when FCV supports 6.0",
+ gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
+
uassert(6367301,
"Encrypted fields cannot be used with capped collections",
!cmd.getCapped());
View Lorry Controller Status