search

kopecmaciej / vi-mongo

MongoDB TUI manager designed to simplify data visualization and quick manipulation
https://vi-mongo.com
Apache License 2.0
24 stars 0 forks source link

Error: Failed to list databases and collections error="(Unauthorized) not authorized on <database_name> to execute command" #29

Open benjamindburke opened 1 day ago

benjamindburke commented 1 day ago

After #25 and #26 were merged and deployed as version v0.1.14, I updated Vi-mongo to v0.1.14 and successfully connected to my sharded cluster.

After connecting I was greeted by a missing database pane and no databases or collections. My enterprise restricts access to some databases so queries to enumerate collections do not work, and no content is rendered in the pane even for sucessfully-queried databases.

Suggestion: when a database cannot be read because of restricted access, do not list that database in the databases list and do not attempt to enumerate collections for that database. Skip it and only render the databases whose collections can be enumerated.

Expected Behavior

I connect to my sharded cluster and see Databases listed with collections at a nested indentation level.

Observed Behavior

Vi-mongo version:

$ vi-mongo --version

 __      ___   __  __
 \ \    / (_) |  \/  |
  \ \  / / _  | \  / | ___  _ __   __ _  ___
   \ \/ / | | | |\/| |/ _ \| '_ \ / _` |/ _ \
    \  /  | | | |  | | (_) | | | | (_| | (_) |
     \/   |_| |_|  |_|\___/|_| |_|\__, |\___/
                                   __/ |
                                  |___/
Version v0.1.14

TUI:

screenshot

Logs:

Small security nitpick: the vi-mongo.log logfile contained my password in plaintext, can you anonymize before logging to file?

$ tail -f /opt/bin/priv/vi-mongo.log
1:03PM ERR github.com/kopecmaciej/vi-mongo/internal/tui/modal/error.go:16 > Failed to list databases and collections error="(Unauthorized) not authorized on config to execute command { listCollections: 1, filter: {}, nameOnly: true, cursor: {}, lsid: { id: UUID(\"fake-uuid-000\") }, $clusterTime: { clusterTime: Timestamp(1730307830, 1), signature: { hash: BinData(0, 0123456789ABCDEF), keyId: 012345 } }, $db: \"config\" }"
1:04PM ERR github.com/kopecmaciej/vi-mongo/internal/tui/page/main.go:212 > Failed to render server info modal error="(Unauthorized) not authorized on admin to execute command { serverStatus: 1, lsid: { id: UUID(\"fake-uuid-000\") }, $clusterTime: { clusterTime: Timestamp(1730307840, 1), signature: { hash: BinData(0, 0123456789ABCDEF), keyId: 012345 } }, $db: \"admin\" }"
1:04PM INF github.com/kopecmaciej/vi-mongo/cmd/cmd.go:104 > Mongo UI started
1:04PM INF github.com/kopecmaciej/vi-mongo/internal/mongo/setup.go:38 > Connected to mongodb://USER:PASS@shard-00.mongodb.net:27017,shard-01.mongodb.net:27017,shard-02.mongodb.net:27017/admin?ssl=true&retryWrites=false&loadBalanced=false&replicaSet=replica-set-key&readPreference=primary&connectTimeoutMS=10000&authSource=admin&authMechanism=SCRAM-SHA-1
1:04PM ERR github.com/kopecmaciej/vi-mongo/internal/tui/modal/error.go:16 > Failed to list databases and collections error="(Unauthorized) not authorized on config to execute command { listCollections: 1, filter: {}, nameOnly: true, cursor: {}, lsid: { id: UUID(\"fake-uuid-001\") }, $clusterTime: { clusterTime: Timestamp(1730307870, 1), signature: { hash: BinData(0, 0123456789ABCDEF), keyId: 012345 } }, $db: \"config\" }"
1:04PM ERR github.com/kopecmaciej/vi-mongo/internal/tui/modal/error.go:16 > Failed to list databases and collections error="(Unauthorized) not authorized on config to execute command { listCollections: 1, filter: {}, nameOnly: true, cursor: {}, lsid: { id: UUID(\"fake-uuid-001\") }, $clusterTime: { clusterTime: Timestamp(1730307870, 1), signature: { hash: BinData(0, 0123456789ABCDEF), keyId: 012345 } }, $db: \"config\" }"
1:04PM ERR github.com/kopecmaciej/vi-mongo/internal/tui/page/main.go:212 > Failed to render server info modal error="(Unauthorized) not authorized on admin to execute command { serverStatus: 1, lsid: { id: UUID(\"fake-uuid-001\") }, $clusterTime: { clusterTime: Timestamp(1730307870, 1), signature: { hash: BinData(0, 0123456789ABCDEF), keyId: 012345 } }, $db: \"admin\" }"
1:04PM INF github.com/kopecmaciej/vi-mongo/cmd/cmd.go:104 > Mongo UI started
1:04PM INF github.com/kopecmaciej/vi-mongo/internal/mongo/setup.go:38 > Connected to mongodb://USER:PASS@shard-00.mongodb.net:27017,shard-01.mongodb.net:27017,shard-02.mongodb.net:27017/admin?ssl=true&retryWrites=false&loadBalanced=false&replicaSet=replica-set-key&readPreference=primary&connectTimeoutMS=10000&authSource=admin&authMechanism=SCRAM-SHA-1
1:05PM ERR github.com/kopecmaciej/vi-mongo/internal/tui/modal/error.go:16 > Failed to list databases and collections error="(Unauthorized) not authorized on config to execute command { listCollections: 1, filter: {}, nameOnly: true, cursor: {}, lsid: { id: UUID(\"fake-uuid-002\") }, $clusterTime: { clusterTime: Timestamp(1730307890, 1), signature: { hash: BinData(0, 0123456789ABCDEF), keyId: 012345 } }, $db: \"config\" }"
kopecmaciej commented 1 day ago

Great, thanks for finding another bug, I will create a PR for this one and fix it as soon as possible (especially the visibility of the password in the logs).