wip

mongodb · blink1073 · Jun 30, 2022 · Jun 2, 2022 · Jun 2, 2022 · Jun 3, 2022
commit 64bf8966718f5f4aee084449ab0e6844d4dfc246
@@ -840,11 +840,30 @@ def remove_key_alt_name(self, id: Binary, key_alt_name: str) -> Any:
  :Returns:
  The removal result.
  """
- update = {"$pull": {"keyAltNames": key_alt_name}}
- reply = self._key_vault_coll.find_one_and_update({"_id": id}, update)
+ pipeline = [
+ {
+ "$set": {
+ "keyAltNames": {
+ "$cond": [
+ {"$eq": ["$keyAltNames", [key_alt_name]]},
+ "$$REMOVE",
+ {
+ "$filter": {
+ "input": "$keyAltNames",
+ "cond": {"$ne": ["$$this", key_alt_name]},
+ }
+ },
+ ]
+ }
+ }
+ }
+ ]
+ reply = self._key_vault_coll.find_one_and_update({"_id": id}, pipeline)
  # Ensure keyAltNames field is removed if it would otherwise be empty.
- if reply:
- pass
+ if reply and not reply["keyAltNames"]:
+ update = {"$unset": {"keyAltNames": True}}
+ reply = self._key_vault_coll.find_one_and_update({"_id": id}, update)
+ return reply
 
  def get_key_by_alt_name(self, key_alt_name: str) -> Any:
  """Get a key document in the key vault collection that has the given ``key_alt_name``.

@@ -39,7 +39,14 @@
  unittest,
 )
 from test.test_bulk import BulkTestBase
-from test.unified_format import generate_test_classes
+from test.unified_format import (
+ AWS_CREDS,
+ AZURE_CREDS,
+ GCP_CREDS,
+ KMIP,
+ KMS_PROVIDERS,
+ generate_test_classes,
+)
 from test.utils import (
  AllowListEventListener,
  OvertCommandListener,
@@ -79,9 +86,6 @@ def get_client_opts(client):
  return client._MongoClient__options
 
 
-KMS_PROVIDERS = {"local": {"key": b"\x00" * 96}}
-
-
 class TestAutoEncryptionOpts(PyMongoTestCase):
  @unittest.skipUnless(_HAVE_PYMONGOCRYPT, "pymongocrypt is not installed")
  @unittest.skipUnless(os.environ.get("TEST_CRYPT_SHARED"), "crypt_shared lib is not installed")
@@ -547,11 +551,6 @@ def test_with_statement(self):
 
 
 # Spec tests
-AWS_CREDS = {
- "accessKeyId": os.environ.get("FLE_AWS_KEY", ""),
- "secretAccessKey": os.environ.get("FLE_AWS_SECRET", ""),
-}
-
 AWS_TEMP_CREDS = {
  "accessKeyId": os.environ.get("CSFLE_AWS_TEMP_ACCESS_KEY_ID", ""),
  "secretAccessKey": os.environ.get("CSFLE_AWS_TEMP_SECRET_ACCESS_KEY", ""),
@@ -562,19 +561,6 @@ def test_with_statement(self):
  "accessKeyId": os.environ.get("CSFLE_AWS_TEMP_ACCESS_KEY_ID", ""),
  "secretAccessKey": os.environ.get("CSFLE_AWS_TEMP_SECRET_ACCESS_KEY", ""),
 }
-
-AZURE_CREDS = {
- "tenantId": os.environ.get("FLE_AZURE_TENANTID", ""),
- "clientId": os.environ.get("FLE_AZURE_CLIENTID", ""),
- "clientSecret": os.environ.get("FLE_AZURE_CLIENTSECRET", ""),
-}
-
-GCP_CREDS = {
- "email": os.environ.get("FLE_GCP_EMAIL", ""),
- "privateKey": os.environ.get("FLE_GCP_PRIVATEKEY", ""),
-}
-
-KMIP = {"endpoint": os.environ.get("FLE_KMIP_ENDPOINT", "localhost:5698")}
 KMS_TLS_OPTS = {"kmip": {"tlsCAFile": CA_PEM, "tlsCertificateKeyFile": CLIENT_PEM}}
 
 

@@ -97,8 +97,36 @@
 IS_INTERRUPTED = False
 
 
+# Shared KMS data.
+KMS_PROVIDERS = {"local": {"key": b"\x00" * 96}}
+AWS_CREDS = {
+ "accessKeyId": os.environ.get("FLE_AWS_KEY", ""),
+ "secretAccessKey": os.environ.get("FLE_AWS_SECRET", ""),
+}
+AZURE_CREDS = {
+ "tenantId": os.environ.get("FLE_AZURE_TENANTID", ""),
+ "clientId": os.environ.get("FLE_AZURE_CLIENTID", ""),
+ "clientSecret": os.environ.get("FLE_AZURE_CLIENTSECRET", ""),
+}
+
+GCP_CREDS = {
+ "email": os.environ.get("FLE_GCP_EMAIL", ""),
+ "privateKey": os.environ.get("FLE_GCP_PRIVATEKEY", ""),
+}
+KMIP = {"endpoint": os.environ.get("FLE_KMIP_ENDPOINT", "localhost:5698")}
+
+
 PLACEHOLDER_MAP = {
- "/clientEncryptionOpts/kmsProviders/local/key": b"\x00" * 96,
+ "/clientEncryptionOpts/kmsProviders/local/key": KMS_PROVIDERS["local"]["key"],
+ "/clientEncryptionOpts/kmsProviders/aws/accessKeyId": AWS_CREDS["accessKeyId"],
+ "/clientEncryptionOpts/kmsProviders/aws/secretAccessKey": AWS_CREDS["secretAccessKey"],
+ "/clientEncryptionOpts/kmsProviders/azure/tenantId": AZURE_CREDS["tenantId"],
+ "/clientEncryptionOpts/kmsProviders/azure/tenantId": AZURE_CREDS["tenantId"],
+ "/clientEncryptionOpts/kmsProviders/azure/clientId": AZURE_CREDS["clientId"],
+ "/clientEncryptionOpts/kmsProviders/azure/clientSecret": AZURE_CREDS["clientSecret"],
+ "/clientEncryptionOpts/kmsProviders/gcp/email": GCP_CREDS["email"],
+ "/clientEncryptionOpts/kmsProviders/gcp/privateKey": GCP_CREDS["privateKey"],
+ "/clientEncryptionOpts/kmsProviders/kmip/endpoint": KMIP["endpoint"],
 }