Text file src/go.mongodb.org/mongo-driver/testdata/client-side-encryption/legacy/fle2v2-FindOneAndUpdate.yml

Documentation: go.mongodb.org/mongo-driver/testdata/client-side-encryption/legacy

     1# Requires libmongocrypt 1.8.0.
     2runOn:
     3  - minServerVersion: "7.0.0"
     4    # Skip QEv2 (also referred to as FLE2v2) tests on Serverless. Unskip once Serverless enables the QEv2 protocol.
     5    # FLE 2 Encrypted collections are not supported on standalone.
     6    topology: [ "replicaset", "sharded", "load-balanced" ]
     7database_name: &database_name "default"
     8collection_name: &collection_name "default"
     9data: []
    10encrypted_fields: &encrypted_fields {'fields': [{'keyId': {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedIndexed', 'bsonType': 'string', 'queries': {'queryType': 'equality', 'contention': {'$numberLong': '0'}}}, {'keyId': {'$binary': {'base64': 'q83vqxI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedUnindexed', 'bsonType': 'string'}]}
    11key_vault_data: [ {'_id': {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'keyMaterial': {'$binary': {'base64': 'sHe0kz57YW7v8g9VP9sf/+K1ex4JqKc5rf/URX3n3p8XdZ6+15uXPaSayC6adWbNxkFskuMCOifDoTT+rkqMtFkDclOy884RuGGtUysq3X7zkAWYTKi8QAfKkajvVbZl2y23UqgVasdQu3OVBQCrH/xY00nNAs/52e958nVjBuzQkSb1T8pKJAyjZsHJ60+FtnfafDZSTAIBJYn7UWBCwQ==', 'subType': '00'}}, 'creationDate': {'$date': {'$numberLong': '1648914851981'}}, 'updateDate': {'$date': {'$numberLong': '1648914851981'}}, 'status': {'$numberInt': '0'}, 'masterKey': {'provider': 'local'}} ]
    12tests:
    13  - description: "findOneAndUpdate can query an FLE2 indexed field"
    14    clientOptions:
    15      autoEncryptOpts:
    16        kmsProviders:
    17          local: {'key': {'$binary': {'base64': 'Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk', 'subType': '00'}}}
    18    operations:
    19      - name: insertOne
    20        arguments:
    21          document: {"_id": 1, "encryptedIndexed": "value123" }
    22      - name: findOneAndUpdate
    23        arguments:
    24          filter: { "encryptedIndexed": "value123" }
    25          update: { "$set": { "foo": "bar"}}
    26          returnDocument: Before
    27        result: { "_id": 1, "encryptedIndexed": "value123" }
    28    expectations:
    29      - command_started_event:
    30          command:
    31            listCollections: 1
    32            filter:
    33              name: *collection_name
    34          command_name: listCollections
    35      - command_started_event:
    36          command:
    37            find: datakeys
    38            filter: {
    39                  "$or": [
    40                      {
    41                          "_id": {
    42                              "$in": [
    43                                  {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}
    44                              ]
    45                          }
    46                      },
    47                      {
    48                          "keyAltNames": {
    49                              "$in": []
    50                          }
    51                      }
    52                  ]
    53              }
    54            $db: keyvault
    55            readConcern: { level: "majority" }
    56          command_name: find
    57      - command_started_event:
    58          command:
    59            insert: *collection_name
    60            documents:
    61              - { "_id": 1, "encryptedIndexed": { $$type: "binData" } }
    62            ordered: true
    63            encryptionInformation:
    64              type: 1
    65              schema:
    66                "default.default":
    67                  # libmongocrypt applies escCollection and ecocCollection to outgoing command.
    68                  escCollection: "enxcol_.default.esc"
    69                  ecocCollection: "enxcol_.default.ecoc"
    70                  <<: *encrypted_fields
    71
    72          command_name: insert
    73      - command_started_event:
    74          command:
    75            findAndModify: *collection_name
    76            query: {
    77                "encryptedIndexed": { 
    78                  "$eq": {
    79                    "$binary": {
    80                        "base64": "DIkAAAAFZAAgAAAAAPtVteJQAlgb2YMa/+7YWH00sbQPyt7L6Rb8OwBdMmL2BXMAIAAAAAAd44hgVKnEnTFlwNVC14oyc9OZOTspeymusqkRQj57nAVsACAAAAAAaZ9s3G+4znfxStxeOZwcZy1OhzjMGc5hjmdMN+b/w6kSY20AAAAAAAAAAAAA",
    81                        "subType": "06"
    82                    }
    83                  }
    84                }
    85              }
    86            update: { "$set": { "foo": "bar"} }
    87            encryptionInformation:
    88                type: 1
    89                schema:
    90                  "default.default":
    91                    # libmongocrypt applies escCollection and ecocCollection to outgoing command.
    92                    escCollection: "enxcol_.default.esc"
    93                    ecocCollection: "enxcol_.default.ecoc"
    94                    <<: *encrypted_fields
    95
    96          command_name: findAndModify
    97    outcome:
    98      collection:
    99        data:
   100          - { "_id": 1, "encryptedIndexed": { "$$type": "binData" }, "foo": "bar", "__safeContent__": [{ "$binary" : { "base64" : "ThpoKfQ8AkOzkFfNC1+9PF0pY2nIzfXvRdxQgjkNbBw=", "subType" : "00" } }] }
   101
   102  - description: "findOneAndUpdate can modify an FLE2 indexed field"
   103    clientOptions:
   104      autoEncryptOpts:
   105        kmsProviders:
   106          local: {'key': {'$binary': {'base64': 'Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk', 'subType': '00'}}}
   107    operations:
   108      - name: insertOne
   109        arguments:
   110          document: {"_id": 1, "encryptedIndexed": "value123" }
   111      - name: findOneAndUpdate
   112        arguments:
   113          filter: { "encryptedIndexed": "value123" }
   114          update: { "$set": { "encryptedIndexed": "value456"}}
   115          returnDocument: Before
   116        result: { "_id": 1, "encryptedIndexed": "value123" }
   117      - name: find
   118        arguments:
   119          filter: { "_id": 1}
   120        result:
   121          [ "encryptedIndexed": "value456" ]
   122    expectations:
   123      - command_started_event:
   124          command:
   125            listCollections: 1
   126            filter:
   127              name: *collection_name
   128          command_name: listCollections
   129      - command_started_event:
   130          command:
   131            find: datakeys
   132            filter: {
   133                  "$or": [
   134                      {
   135                          "_id": {
   136                              "$in": [
   137                                  {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}
   138                              ]
   139                          }
   140                      },
   141                      {
   142                          "keyAltNames": {
   143                              "$in": []
   144                          }
   145                      }
   146                  ]
   147              }
   148            $db: keyvault
   149            readConcern: { level: "majority" }
   150          command_name: find
   151      - command_started_event:
   152          command:
   153            insert: *collection_name
   154            documents:
   155              - { "_id": 1, "encryptedIndexed": { $$type: "binData" } }
   156            ordered: true
   157            encryptionInformation:
   158                type: 1
   159                schema:
   160                  "default.default":
   161                    # libmongocrypt applies escCollection and ecocCollection to outgoing command.
   162                    escCollection: "enxcol_.default.esc"
   163                    ecocCollection: "enxcol_.default.ecoc"
   164                    <<: *encrypted_fields
   165
   166          command_name: insert
   167          
   168      - command_started_event:
   169          command:
   170            findAndModify: *collection_name
   171            query: {
   172                    "encryptedIndexed": { 
   173                      "$eq": {
   174                        "$binary": {
   175                            "base64": "DIkAAAAFZAAgAAAAAPtVteJQAlgb2YMa/+7YWH00sbQPyt7L6Rb8OwBdMmL2BXMAIAAAAAAd44hgVKnEnTFlwNVC14oyc9OZOTspeymusqkRQj57nAVsACAAAAAAaZ9s3G+4znfxStxeOZwcZy1OhzjMGc5hjmdMN+b/w6kSY20AAAAAAAAAAAAA",
   176                            "subType": "06"
   177                        }
   178                      }
   179                    }
   180                  }
   181            update: { "$set": { "encryptedIndexed": { "$$type": "binData" }} }
   182            encryptionInformation:
   183                type: 1
   184                schema:
   185                  "default.default":
   186                    # libmongocrypt applies escCollection and ecocCollection to outgoing command.
   187                    escCollection: "enxcol_.default.esc"
   188                    ecocCollection: "enxcol_.default.ecoc"
   189                    <<: *encrypted_fields
   190
   191          command_name: findAndModify
   192      - command_started_event:
   193          command:
   194            find: *collection_name
   195            filter: { "_id": { "$eq": 1 }}
   196          command_name: find
   197    outcome:
   198      collection:
   199        data:
   200          - { "_id": 1, "encryptedIndexed": { "$$type": "binData" }, "__safeContent__": [{ "$binary" : { "base64" : "rhe7/w8Ob8Unl44rGr/moScx6m5VODQnscDhF4Nkn6g=", "subType" : "00" } }] }

View as plain text