DRIVERS-3213 add text search explicit encryption API and tests #1824
+366
−8
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There is no query type "textPreview". Use more generic term.
mdb-ad
changed the title
kevinAlbs
changed the title
kevinAlbs
reviewed
Aug 7, 2025
kevinAlbs
reviewed
Aug 7, 2025
baileympearson
requested changes
Aug 8, 2025
| "subType": "04" | ||
| } | ||
| }, | ||
| "path": "encrypted-textPreview", |
There was a problem hiding this comment.
The tests seem to be using the field encryptedText not encrypted-textPreview - should this be encryptedText?
| textOpts: TextOpts { | ||
| caseSensitive: true, | ||
| diacriticSensitive: true, | ||
| prefix: <PrefixOpts>, |
There was a problem hiding this comment.
suggest: moving PrefixOpts and SuffixOpts to this section
|
|
||
| #### Case 2: can find a document by suffix | ||
|
|
||
| Use `clientEncryption.encrypt()` to encrypt the string `"foo"`. Store the resulting payload in `findPayload`. |
There was a problem hiding this comment.
Suggested change
| Use `clientEncryption.encrypt()` to encrypt the string `"foo"`. Store the resulting payload in `findPayload`. | |
| Use `clientEncryption.encrypt()` to encrypt the string `"baz"`. Store the resulting payload in `findPayload`. |
| Use `encryptedClient` to run a "find" operation on the `db.prefix-suffix` collection with the following filter: | ||
|
|
||
| ```javascript | ||
| { "$expr": { "$encStrStartsWith": {"input": "$encryptedText", "prefix": <findPayload>}, } } |
There was a problem hiding this comment.
=
Suggested change
| { "$expr": { "$encStrStartsWith": {"input": "$encryptedText", "prefix": <findPayload>}, } } | |
| { $expr: { $encStrEndsWith: { input: '$encryptedText', suffix: <findPayload> } } } |
|
|
||
| #### Case 3: assert no document found by prefix | ||
|
|
||
| Use `clientEncryption.encrypt()` to encrypt the string `"foo"`. Store the resulting payload in `findPayload`. |
There was a problem hiding this comment.
Wouldn't this test find foobarbaz? Should we be encrypting a different value here?
Comment on lines
+3974
to
+3979
| Use `clientEncryption.encrypt()` to encrypt the string `"foo"`. Store the resulting payload in `findPayload`. | ||
|
|
||
| Use `encryptedClient` to run a "find" operation on the `db.substring` collection with the following filter: | ||
|
|
||
| ```javascript | ||
| { "$expr": { "$encStrStartsWith": {"input": "$encryptedText", "prefix": <findPayload>}, } } |
There was a problem hiding this comment.
This needs to be changed to test substring
Comment on lines
+3993
to
+3996
|
|
||
| ```javascript | ||
| { "$expr": { "$encStrStartsWith": {"input": "$encryptedText", "prefix": <findPayload>}, } } | ||
| ``` |
There was a problem hiding this comment.
same with this predicate
| "subType": "04" | ||
| } | ||
| }, | ||
| "path": "encrypted-textPreview", |
There was a problem hiding this comment.
Suggested change
| "path": "encrypted-textPreview", | |
| "path": "encryptedText", |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Background & Motivation
libmongocrypt
Driver bindings to libmongocrypt will need to pass explicit options through the new helper added in 1.15.0:
mongocrypt_ctx_setopt_algorithm_text.TextOpts
The structure of TextOpts resembles the placeholder created by query analysis (mongocryptd/crypt_shared): FLE2TextSearchInsertSpec. The repeated parameters (e.g.
suffix.strMaxQueryLengthandprefix.strMaxQueryLength) are to support a field with both prefix and suffix queries with different values.Please complete the following before merging:
clusters).
C driver implementation: https://spruce.mongodb.com/version/6894132fba56770007851f12