Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-57558

listCollections with {nameOnly: true, authorizedCollections: true} does not return timeseries collections

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 5.0.0-rc3, 5.1.0-rc0
    • Affects Version/s: 5.0.0-rc0
    • Component/s: None
    • None
    • Fully Compatible
    • ALL
    • v5.0
    • Hide

      1. Start mongod with --auth
      2. There are two scripts a setup.js that needs to be run only once. And a repro.js script that can be run many times.
      //////////////
      Setup.js
      ////////////////////
      function createTestRoleAndUser(db, roleName, privs) {
      const admin = db.getSiblingDB("admin");
      assert.commandWorked(admin.runCommand(

      {createRole: roleName, roles: [], privileges: privs}

      ));

      const userName = "user|" + roleName;
      assert.commandWorked(
      db.runCommand({createUser: userName, pwd: "pwd", roles: [

      {role: roleName, db: "admin"}

      ]}));
      }

      const dbName = "list_collections_own_collections";

      const admin = db.getSiblingDB("admin");
      assert.commandWorked(admin.runCommand(

      {createUser: "root", pwd: "root", roles: ["root"]}

      ));
      assert(admin.auth("root", "root"));

      const db2 = db.getSiblingDB(dbName);

      createTestRoleAndUser(db2, "roleWithExactNamespacePrivilegesBuckets", [
      {resource:

      {db: dbName, collection: "foo"}

      , actions: ["find"]},
      ]);

      // Create the collection and view used by the tests.
      assert.commandWorked(db2.dropDatabase());
      assert.commandWorked(db2.createCollection("foo", {timeseries: {timeField: "date"}}));
      ///////////////////
      Repro.js
      //////////////

      const userName = "user|roleWithExactNamespacePrivilegesBuckets";
      const dbName = "list_collections_own_collections";

      const db2 = db.getSiblingDB(dbName);

      const admin = db.getSiblingDB("admin");

      assert(db2.auth(userName, "pwd"));

      let res = db2.runCommand(

      {listCollections: 1, nameOnly: true, authorizedCollections: true}

      );
      assert.commandWorked(res);
      print(tojson(res));
      // Bug is that res is empty, it should have the foo collection.

      Show
      1. Start mongod with --auth 2. There are two scripts a setup.js that needs to be run only once. And a repro.js script that can be run many times. ////////////// Setup.js //////////////////// function createTestRoleAndUser(db, roleName, privs) { const admin = db.getSiblingDB("admin"); assert.commandWorked(admin.runCommand( {createRole: roleName, roles: [], privileges: privs} )); const userName = "user|" + roleName; assert.commandWorked( db.runCommand({createUser: userName, pwd: "pwd", roles: [ {role: roleName, db: "admin"} ]})); } const dbName = "list_collections_own_collections"; const admin = db.getSiblingDB("admin"); assert.commandWorked(admin.runCommand( {createUser: "root", pwd: "root", roles: ["root"]} )); assert(admin.auth("root", "root")); const db2 = db.getSiblingDB(dbName); createTestRoleAndUser(db2, "roleWithExactNamespacePrivilegesBuckets", [ {resource: {db: dbName, collection: "foo"} , actions: ["find"] }, ]); // Create the collection and view used by the tests. assert.commandWorked(db2.dropDatabase()); assert.commandWorked(db2.createCollection("foo", {timeseries: {timeField: "date"}})); /////////////////// Repro.js ////////////// const userName = "user|roleWithExactNamespacePrivilegesBuckets"; const dbName = "list_collections_own_collections"; const db2 = db.getSiblingDB(dbName); const admin = db.getSiblingDB("admin"); assert(db2.auth(userName, "pwd")); let res = db2.runCommand( {listCollections: 1, nameOnly: true, authorizedCollections: true} ); assert.commandWorked(res); print(tojson(res)); // Bug is that res is empty, it should have the foo collection.
    • Execution Team 2021-06-28

      As a result of SERVER-56933, when a user has privileges on timeseries example_db.example_coll, and the user runs listCollections: 1, nameOnly: true, authorizedCollections: true, the listCollections command does not return the time series collection in the results.

      This is the result of an early exit in a lambda function here.

            Assignee:
            gregory.noma@mongodb.com Gregory Noma
            Reporter:
            mark.benvenuto@mongodb.com Mark Benvenuto
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: