PHPLIB-1702: Always consult server encryptedFieldsMap when dropping collections

jmikola · jmikola · commit 9d66a377f7a0 · 2025-08-08T14:02:59.000-04:00
diff --git a/src/Collection.php b/src/Collection.php
@@ -513,7 +513,7 @@ public function drop(array $options = []): void
 
         if (! isset($options['encryptedFields'])) {
             $options['encryptedFields'] = get_encrypted_fields_from_driver($this->databaseName, $this->collectionName, $this->manager)
-                ?? get_encrypted_fields_from_server($this->databaseName, $this->collectionName, $this->manager, $server);
+                ?? get_encrypted_fields_from_server($this->databaseName, $this->collectionName, $server);
         }
 
         $operation = isset($options['encryptedFields'])
diff --git a/src/Database.php b/src/Database.php
@@ -374,7 +374,7 @@ public function dropCollection(string $collectionName, array $options = []): voi
 
         if (! isset($options['encryptedFields'])) {
             $options['encryptedFields'] = get_encrypted_fields_from_driver($this->databaseName, $collectionName, $this->manager)
-                ?? get_encrypted_fields_from_server($this->databaseName, $collectionName, $this->manager, $server);
+                ?? get_encrypted_fields_from_server($this->databaseName, $collectionName, $server);
         }
 
         $operation = isset($options['encryptedFields'])
diff --git a/src/functions.php b/src/functions.php
@@ -198,13 +198,8 @@ function get_encrypted_fields_from_driver(string $databaseName, string $collecti
  * @see Collection::drop()
  * @see Database::dropCollection()
  */
-function get_encrypted_fields_from_server(string $databaseName, string $collectionName, Manager $manager, Server $server): array|object|null
+function get_encrypted_fields_from_server(string $databaseName, string $collectionName, Server $server): array|object|null
 {
-    // No-op if the encryptedFieldsMap autoEncryption driver option was omitted
-    if ($manager->getEncryptedFieldsMap() === null) {
-        return null;
-    }
-
     $collectionInfoIterator = (new ListCollections($databaseName, ['filter' => ['name' => $collectionName]]))->execute($server);
 
     foreach ($collectionInfoIterator as $collectionInfo) {
diff --git a/tests/Collection/DropEncryptedCollectionFunctionalTest.php b/tests/Collection/DropEncryptedCollectionFunctionalTest.php
@@ -0,0 +1,64 @@
+<?php
+
+namespace MongoDB\Tests\Collection;
+
+use MongoDB\BSON\Binary;
+use MongoDB\Database;
+use MongoDB\Driver\ClientEncryption;
+use MongoDB\Driver\WriteConcern;
+
+use function iterator_count;
+use function str_repeat;
+
+class DropEncryptedCollectionFunctionalTest extends FunctionalTestCase
+{
+    protected ClientEncryption $clientEncryption;
+    protected Database $database;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        $this->skipIfClientSideEncryptionIsNotSupported();
+
+        if ($this->isStandalone()) {
+            $this->markTestSkipped('Queryable encryption requires replica sets');
+        }
+
+        $this->skipIfServerVersion('<', '7.0.0', 'Queryable encryption requires MongoDB 7.0 or later');
+
+        $client = static::createTestClient();
+
+        // Ensure the key vault collection is dropped before each test
+        $collection = $client->selectCollection('keyvault', 'datakeys', ['writeConcern' => new WriteConcern(WriteConcern::MAJORITY)]);
+        $collection->drop();
+
+        $this->clientEncryption = $client->createClientEncryption([
+            'keyVaultNamespace' => 'keyvault.datakeys',
+            'kmsProviders' => ['local' => ['key' => new Binary(str_repeat("\0", 96)) ]],
+        ]);
+
+        $this->database = $client->getDatabase($this->getDatabaseName());
+    }
+
+    /** @see https://jira.mongodb.org/browse/PHPLIB-1702 */
+    public function testDropConsultsEncryptedFieldsFromServer(): void
+    {
+        $originalNumCollections = iterator_count($this->database->listCollectionNames());
+
+        $this->database->createEncryptedCollection(
+            $this->getCollectionName(),
+            $this->clientEncryption,
+            'local',
+            null,
+            ['encryptedFields' => ['fields' => []]],
+        );
+
+        // createEncryptedCollection should create three collections
+        $this->assertCount($originalNumCollections + 3, $this->database->listCollectionNames());
+
+        $this->collection->drop();
+
+        $this->assertCount($originalNumCollections, $this->database->listCollectionNames());
+    }
+}
diff --git a/tests/Database/DropEncryptedCollectionFunctionalTest.php b/tests/Database/DropEncryptedCollectionFunctionalTest.php
@@ -0,0 +1,60 @@
+<?php
+
+namespace MongoDB\Tests\Database;
+
+use MongoDB\BSON\Binary;
+use MongoDB\Driver\ClientEncryption;
+use MongoDB\Driver\WriteConcern;
+
+use function iterator_count;
+use function str_repeat;
+
+class DropEncryptedCollectionFunctionalTest extends FunctionalTestCase
+{
+    protected ClientEncryption $clientEncryption;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        $this->skipIfClientSideEncryptionIsNotSupported();
+
+        if ($this->isStandalone()) {
+            $this->markTestSkipped('Queryable encryption requires replica sets');
+        }
+
+        $this->skipIfServerVersion('<', '7.0.0', 'Queryable encryption requires MongoDB 7.0 or later');
+
+        $client = static::createTestClient();
+
+        // Ensure the key vault collection is dropped before each test
+        $collection = $client->selectCollection('keyvault', 'datakeys', ['writeConcern' => new WriteConcern(WriteConcern::MAJORITY)]);
+        $collection->drop();
+
+        $this->clientEncryption = $client->createClientEncryption([
+            'keyVaultNamespace' => 'keyvault.datakeys',
+            'kmsProviders' => ['local' => ['key' => new Binary(str_repeat("\0", 96)) ]],
+        ]);
+    }
+
+    /** @see https://jira.mongodb.org/browse/PHPLIB-1702 */
+    public function testDropCollectionConsultsEncryptedFieldsFromServer(): void
+    {
+        $originalNumCollections = iterator_count($this->database->listCollectionNames());
+
+        $this->database->createEncryptedCollection(
+            $this->getCollectionName(),
+            $this->clientEncryption,
+            'local',
+            null,
+            ['encryptedFields' => ['fields' => []]],
+        );
+
+        // createEncryptedCollection should create three collections
+        $this->assertCount($originalNumCollections + 3, $this->database->listCollectionNames());
+
+        $this->database->dropCollection($this->getCollectionName());
+
+        $this->assertCount($originalNumCollections, $this->database->listCollectionNames());
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -513,7 +513,7 @@ public function drop(array $options = []): void`
`513`	`513`
`514`	`514`	`if (! isset($options['encryptedFields'])) {`
`515`	`515`	`$options['encryptedFields'] = get_encrypted_fields_from_driver($this->databaseName, $this->collectionName, $this->manager)`
`516`		`- ?? get_encrypted_fields_from_server($this->databaseName, $this->collectionName, $this->manager, $server);`
	`516`	`+ ?? get_encrypted_fields_from_server($this->databaseName, $this->collectionName, $server);`
`517`	`517`	`}`
`518`	`518`
`519`	`519`	`$operation = isset($options['encryptedFields'])`
Original file line number	Diff line number	Diff line change
`@@ -374,7 +374,7 @@ public function dropCollection(string $collectionName, array $options = []): voi`
`374`	`374`
`375`	`375`	`if (! isset($options['encryptedFields'])) {`
`376`	`376`	`$options['encryptedFields'] = get_encrypted_fields_from_driver($this->databaseName, $collectionName, $this->manager)`
`377`		`- ?? get_encrypted_fields_from_server($this->databaseName, $collectionName, $this->manager, $server);`
	`377`	`+ ?? get_encrypted_fields_from_server($this->databaseName, $collectionName, $server);`
`378`	`378`	`}`
`379`	`379`
`380`	`380`	`$operation = isset($options['encryptedFields'])`