Merge pull request #1369 from metabase/mongo-ssl-support

Mongo SSL Support #1312

Merge pull request #1369 from metabase/mongo-ssl-support
a96841e9 · Cam Saül · 8f90a38a · d98cc368 · a96841e9 · a96841e9
Commit a96841e9 authored 9 years ago by Cam Saül
--- a/frontend/src/lib/core.js
+++ b/frontend/src/lib/core.js
@@ -262,4 +262,5 @@ import _ from "underscore";
            });
        });
    };
+
 }).apply(exports);
--- a/src/metabase/driver/mongo.clj
+++ b/src/metabase/driver/mongo.clj
@@ -125,7 +125,7 @@
  {:driver-name                       "MongoDB"
   :details-fields                    [{:name         "host"
                                        :display-name "Host"
-                                        :default "localhost"}
+                                        :default      "localhost"}
                                       {:name         "port"
                                        :display-name "Port"
                                        :type         :integer
@@ -140,7 +140,11 @@
                                       {:name         "pass"
                                        :display-name "Database password"
                                        :type         :password
-                                        :placeholder  "******"}]
+                                        :placeholder  "******"}
+                                       {:name         "ssl"
+                                        :display-name "Use a secure connection (SSL)?"
+                                        :type         :boolean
+                                        :default      false}]
   :features                          #{:nested-fields}
   :can-connect?                      can-connect?
   :active-table-names                active-table-names

--- a/src/metabase/driver/mongo/util.clj
+++ b/src/metabase/driver/mongo/util.clj
@@ -22,12 +22,16 @@
   Bound by top-level `with-mongo-connection` so it may be reused within its body."
  nil)

-(def ^:private mongo-connection-options
-  ;; Have to use the Java builder directly since monger's wrapper method doesn't support .serverSelectionTimeout :unamused:
+(defn- build-connection-options
+  "Build connection options for Mongo.
+   We have to use `MongoClientOptions.Builder` directly to configure our Mongo connection
+   since Monger's wrapper method doesn't support `.serverSelectionTimeout` or `.sslEnabled`."
+  [& {:keys [ssl?]}]
  (-> (com.mongodb.MongoClientOptions$Builder.)
      (.connectTimeout connection-timeout-ms)
      (.serverSelectionTimeout connection-timeout-ms)
-      (.build)))
+      (.sslEnabled ssl?)
+      .build))

 ;; The arglists metadata for mg/connect are actually *WRONG* -- the function additionally supports a 3-arg airity where you can pass
 ;; options and credentials, as we'd like to do. We need to go in and alter the metadata of this function ourselves because otherwise
@@ -40,12 +44,13 @@
  "Run F with a new connection (bound to `*mongo-connection*`) to DATABASE.
   Don't use this directly; use `with-mongo-connection`."
  [f database]
-  (let [{:keys [dbname host port user pass]
-         :or   {port 27017, pass ""}} (cond
-                                        (string? database)            {:dbname database}
-                                        (:dbname (:details database)) (:details database) ; entire Database obj
-                                        (:dbname database)            database            ; connection details map only
-                                        :else                         (throw (Exception. (str "with-mongo-connection failed: bad connection details:" (:details database)))))
+  ;; The Mongo SSL detail is keyed by :use-ssl because the frontend has accidentally been saving all of the Mongo DBs with {:ssl true}
+  (let [{:keys [dbname host port user pass use-ssl]
+         :or   {port 27017, pass "", use-ssl false}} (cond
+                                                       (string? database)            {:dbname database}
+                                                       (:dbname (:details database)) (:details database) ; entire Database obj
+                                                       (:dbname database)            database            ; connection details map only
+                                                       :else                         (throw (Exception. (str "with-mongo-connection failed: bad connection details:" (:details database)))))
        user             (when (seq user) ; ignore empty :user and :pass strings
                           user)
        pass             (when (seq pass)
@@ -53,7 +58,7 @@
        server-address   (mg/server-address host port)
        credentials      (when user
                           (mcred/create user dbname pass))
-        connect          (partial mg/connect server-address mongo-connection-options)
+        connect          (partial mg/connect server-address (build-connection-options :ssl? use-ssl))
        conn             (if credentials
                           (connect credentials)
                           (connect))