Detect metadata collections only when auto encryption is enabled on the client

Author: GromNaN

src/Client.php

@@ -83,6 +83,8 @@ class Client
 
     private WriteConcern $writeConcern;
 
+    private bool $autoEncryptionEnabled;
+
     /**
      * Constructs a new Client instance.
      *
@@ -134,6 +136,7 @@ public function __construct(?string $uri = null, array $uriOptions = [], array $
         $this->uri = $uri ?? self::DEFAULT_URI;
         $this->builderEncoder = $driverOptions['builderEncoder'] ?? new BuilderEncoder();
         $this->typeMap = $driverOptions['typeMap'];
+        $this->autoEncryptionEnabled = isset($driverOptions['autoEncryption']['keyVaultNamespace']);
 
         $driverOptions = array_diff_key($driverOptions, ['builderEncoder' => 1, 'typeMap' => 1]);
 
@@ -258,7 +261,7 @@ public function dropDatabase(string $databaseName, array $options = [])
      */
     public function getCollection(string $databaseName, string $collectionName, array $options = []): Collection
     {
-        $options += ['typeMap' => $this->typeMap, 'builderEncoder' => $this->builderEncoder];
+        $options += ['typeMap' => $this->typeMap, 'builderEncoder' => $this->builderEncoder, 'autoEncryptionEnabled' => $this->autoEncryptionEnabled];
 
         return new Collection($this->manager, $databaseName, $collectionName, $options);
     }
@@ -273,7 +276,7 @@ public function getCollection(string $databaseName, string $collectionName, arra
      */
     public function getDatabase(string $databaseName, array $options = []): Database
     {
-        $options += ['typeMap' => $this->typeMap, 'builderEncoder' => $this->builderEncoder];
+        $options += ['typeMap' => $this->typeMap, 'builderEncoder' => $this->builderEncoder, 'autoEncryptionEnabled' => $this->autoEncryptionEnabled];
 
         return new Database($this->manager, $databaseName, $options);
     }

src/Collection.php

@@ -77,6 +77,7 @@
 use function array_key_exists;
 use function current;
 use function is_array;
+use function is_bool;
 use function sprintf;
 use function strlen;
 use function trigger_error;
@@ -106,6 +107,8 @@ class Collection
 
     private WriteConcern $writeConcern;
 
+    private bool $autoEncryptionEnabled;
+
     /**
      * Constructs new Collection instance.
      *
@@ -173,12 +176,17 @@ public function __construct(private Manager $manager, private string $databaseNa
             throw InvalidArgumentException::invalidType('"writeConcern" option', $options['writeConcern'], WriteConcern::class);
         }
 
+        if (isset($options['autoEncryptionEnabled']) && ! is_bool($options['autoEncryptionEnabled'])) {
+            throw InvalidArgumentException::invalidType('"autoEncryptionEnabled" option', $options['autoEncryptionEnabled'], 'boolean');
+        }
+
         $this->builderEncoder = $options['builderEncoder'] ?? new BuilderEncoder();
         $this->codec = $options['codec'] ?? null;
         $this->readConcern = $options['readConcern'] ?? $this->manager->getReadConcern();
         $this->readPreference = $options['readPreference'] ?? $this->manager->getReadPreference();
         $this->typeMap = $options['typeMap'] ?? self::DEFAULT_TYPE_MAP;
         $this->writeConcern = $options['writeConcern'] ?? $this->manager->getWriteConcern();
+        $this->autoEncryptionEnabled = $options['autoEncryptionEnabled'] ?? false;
     }
 
     /**
@@ -528,7 +536,7 @@ public function drop(array $options = [])
 
         $server = select_server_for_write($this->manager, $options);
 
-        if (! isset($options['encryptedFields'])) {
+        if ($this->autoEncryptionEnabled && ! isset($options['encryptedFields'])) {
             $options['encryptedFields'] = get_encrypted_fields_from_driver($this->databaseName, $this->collectionName, $this->manager)
                 ?? get_encrypted_fields_from_server($this->databaseName, $this->collectionName, $server);
         }

src/Database.php

@@ -55,6 +55,7 @@
 use Traversable;
 
 use function is_array;
+use function is_bool;
 use function sprintf;
 use function strlen;
 use function trigger_error;
@@ -82,6 +83,8 @@ class Database
 
     private WriteConcern $writeConcern;
 
+    private bool $autoEncryptionEnabled;
+
     /**
      * Constructs new Database instance.
      *
@@ -138,11 +141,16 @@ public function __construct(private Manager $manager, private string $databaseNa
             throw InvalidArgumentException::invalidType('"writeConcern" option', $options['writeConcern'], WriteConcern::class);
         }
 
+        if (isset($options['autoEncryptionEnabled']) && ! is_bool($options['autoEncryptionEnabled'])) {
+            throw InvalidArgumentException::invalidType('"autoEncryptionEnabled" option', $options['autoEncryptionEnabled'], 'boolean');
+        }
+
         $this->builderEncoder = $options['builderEncoder'] ?? new BuilderEncoder();
         $this->readConcern = $options['readConcern'] ?? $this->manager->getReadConcern();
         $this->readPreference = $options['readPreference'] ?? $this->manager->getReadPreference();
         $this->typeMap = $options['typeMap'] ?? self::DEFAULT_TYPE_MAP;
         $this->writeConcern = $options['writeConcern'] ?? $this->manager->getWriteConcern();
+        $this->autoEncryptionEnabled = $options['autoEncryptionEnabled'] ?? false;
     }
 
     /**
@@ -410,7 +418,7 @@ public function dropCollection(string $collectionName, array $options = [])
             $options['writeConcern'] = $this->writeConcern;
         }
 
-        if (! isset($options['encryptedFields'])) {
+        if ($this->autoEncryptionEnabled && ! isset($options['encryptedFields'])) {
             $options['encryptedFields'] = get_encrypted_fields_from_driver($this->databaseName, $collectionName, $this->manager)
                 ?? get_encrypted_fields_from_server($this->databaseName, $collectionName, $server);
         }
@@ -439,6 +447,7 @@ public function getCollection(string $collectionName, array $options = []): Coll
             'readPreference' => $this->readPreference,
             'typeMap' => $this->typeMap,
             'writeConcern' => $this->writeConcern,
+            'autoEncryptionEnabled' => $this->autoEncryptionEnabled,
         ];
 
         return new Collection($this->manager, $this->databaseName, $collectionName, $options);

tests/Functions/GetEncryptedFieldsFromServerFunctionalTest.php

@@ -3,13 +3,14 @@
 namespace MongoDB\Tests\Functions;
 
 use MongoDB\BSON\Binary;
+use MongoDB\BSON\Regex;
 use MongoDB\Collection;
 use MongoDB\Database;
 use MongoDB\Driver\ClientEncryption;
 use MongoDB\Driver\WriteConcern;
 use MongoDB\Tests\FunctionalTestCase;
 
-use function iterator_count;
+use function preg_quote;
 use function str_repeat;
 
 class GetEncryptedFieldsFromServerFunctionalTest extends FunctionalTestCase
@@ -30,30 +31,33 @@ public function setUp(): void
 
         $this->skipIfServerVersion('<', '7.0.0', 'Queryable encryption requires MongoDB 7.0 or later');
 
-        $client = static::createTestClient();
+        $encryptionOptions = [
+            'keyVaultNamespace' => 'keyvault.datakeys',
+            'kmsProviders' => [
+                'local' => [
+                    'key' => new Binary(str_repeat("\0", 96)), // 96-byte local master key
+                ],
+            ],
+        ];
+        $client = static::createTestClient(driverOptions: ['autoEncryption' => $encryptionOptions]);
 
         // Ensure the key vault collection is dropped before each test
         $this->keyVaultCollection = $client->getCollection('keyvault', 'datakeys', ['writeConcern' => new WriteConcern(WriteConcern::MAJORITY)]);
         $this->keyVaultCollection->drop();
 
-        $this->clientEncryption = $client->createClientEncryption([
-            'keyVaultNamespace' => $this->keyVaultCollection->getNamespace(),
-            'kmsProviders' => ['local' => ['key' => new Binary(str_repeat("\0", 96)) ]],
-        ]);
+        $this->clientEncryption = $client->createClientEncryption($encryptionOptions);
 
         $this->database = $client->getDatabase($this->getDatabaseName());
     }
 
     public function tearDown(): void
     {
-        $this->keyVaultCollection->drop();
+        $this->keyVaultCollection?->drop();
     }
 
     /** @see https://jira.mongodb.org/browse/PHPLIB-1702 */
     public function testDatabaseDropCollectionConsultsEncryptedFieldsFromServer(): void
     {
-        $originalNumCollections = iterator_count($this->database->listCollectionNames());
-
         $this->database->createEncryptedCollection(
             $this->getCollectionName(),
             $this->clientEncryption,
@@ -62,19 +66,16 @@ public function testDatabaseDropCollectionConsultsEncryptedFieldsFromServer(): v
             ['encryptedFields' => ['fields' => []]],
         );
 
-        // createEncryptedCollection should create three collections
-        $this->assertCount($originalNumCollections + 3, $this->database->listCollectionNames());
+        $this->assertCountCollections(3, $this->getCollectionName(), 'createEncryptedCollection should create three collections');
 
         $this->database->dropCollection($this->getCollectionName());
 
-        $this->assertCount($originalNumCollections, $this->database->listCollectionNames());
+        $this->assertCountCollections(0, $this->getCollectionName());
     }
 
     /** @see https://jira.mongodb.org/browse/PHPLIB-1702 */
     public function testCollectionDropConsultsEncryptedFieldsFromServer(): void
     {
-        $originalNumCollections = iterator_count($this->database->listCollectionNames());
-
         $this->database->createEncryptedCollection(
             $this->getCollectionName(),
             $this->clientEncryption,
@@ -83,11 +84,18 @@ public function testCollectionDropConsultsEncryptedFieldsFromServer(): void
             ['encryptedFields' => ['fields' => []]],
         );
 
-        // createEncryptedCollection should create three collections
-        $this->assertCount($originalNumCollections + 3, $this->database->listCollectionNames());
+        $this->assertCountCollections(3, $this->getCollectionName(), 'createEncryptedCollection should create three collections');
 
         $this->database->getCollection($this->getCollectionName())->drop();
 
-        $this->assertCount($originalNumCollections, $this->database->listCollectionNames());
+        $this->assertCountCollections(0, $this->getCollectionName());
+    }
+
+    private function assertCountCollections(int $expected, $collectionName, string $message = ''): void
+    {
+        $collectionNames = $this->database->listCollectionNames([
+            'filter' => ['name' => new Regex(preg_quote($collectionName))],
+        ]);
+        $this->assertCount($expected, $collectionNames, $message);
     }
 }