From 16046d58ea90aafb8c74450a67adaaae13636844 Mon Sep 17 00:00:00 2001
From: Filipe C Menezes <filipe.menezes@mongodb.com>
Date: Thu, 10 Apr 2025 17:12:06 +0100
Subject: [PATCH 1/3] feat: add currentIp option atlas-create-access-list tool

---
 src/common/atlas/apiClient.ts       | 24 ++++++++++++++++++++++++
 src/tools/atlas/createAccessList.ts | 16 ++++++++++++++--
 src/tools/atlas/tools.ts            |  2 ++
 3 files changed, 40 insertions(+), 2 deletions(-)

diff --git a/src/common/atlas/apiClient.ts b/src/common/atlas/apiClient.ts
index e87e7048..9850d628 100644
--- a/src/common/atlas/apiClient.ts
+++ b/src/common/atlas/apiClient.ts
@@ -252,6 +252,30 @@ export class ApiClient {
         }
     }
 
+    async getIpInfo() {
+        await this.validateToken();
+
+        const endpoint = "api/private/ipinfo";
+        const url = new URL(endpoint, config.apiBaseUrl);
+        const response = await fetch(url, {
+            method: "GET",
+            headers: {
+                Accept: "application/json",
+                Authorization: `Bearer ${this.token?.access_token}`,
+                "User-Agent": config.userAgent,
+            },
+        });
+
+        if (!response.ok) {
+            throw await ApiClientError.fromResponse(response);
+        }
+
+        const responseBody = await response.json();
+        return responseBody as {
+            currentIpv4Address: string;
+        };
+    }
+
     async listProjects(options?: FetchOptions<operations["listProjects"]>) {
         const { data } = await this.client.GET(`/api/atlas/v2/groups`, options);
         return data;
diff --git a/src/tools/atlas/createAccessList.ts b/src/tools/atlas/createAccessList.ts
index fad14a16..baaecec1 100644
--- a/src/tools/atlas/createAccessList.ts
+++ b/src/tools/atlas/createAccessList.ts
@@ -15,6 +15,7 @@ export class CreateAccessListTool extends AtlasToolBase {
             .describe("IP addresses to allow access from")
             .optional(),
         cidrBlocks: z.array(z.string().cidr()).describe("CIDR blocks to allow access from").optional(),
+        currentIpAddress: z.boolean().describe("Add the current IP address").default(false),
         comment: z.string().describe("Comment for the access list entries").default(DEFAULT_COMMENT).optional(),
     };
 
@@ -23,11 +24,12 @@ export class CreateAccessListTool extends AtlasToolBase {
         ipAddresses,
         cidrBlocks,
         comment,
+        currentIpAddress,
     }: ToolArgs<typeof this.argsShape>): Promise<CallToolResult> {
         await this.ensureAuthenticated();
 
-        if (!ipAddresses?.length && !cidrBlocks?.length) {
-            throw new Error("Either ipAddresses or cidrBlocks must be provided.");
+        if (!ipAddresses?.length && !cidrBlocks?.length && !currentIpAddress) {
+            throw new Error("One of  ipAddresses, cidrBlocks, currentIpAddress must be provided.");
         }
 
         const ipInputs = (ipAddresses || []).map((ipAddress) => ({
@@ -36,6 +38,16 @@ export class CreateAccessListTool extends AtlasToolBase {
             comment: comment || DEFAULT_COMMENT,
         }));
 
+        if (currentIpAddress) {
+            const currentIp = await this.apiClient!.getIpInfo();
+            const input = {
+                groupId: projectId,
+                ipAddress: currentIp.currentIpv4Address,
+                comment: comment || DEFAULT_COMMENT,
+            };
+            ipInputs.push(input);
+        }
+
         const cidrInputs = (cidrBlocks || []).map((cidrBlock) => ({
             groupId: projectId,
             cidrBlock,
diff --git a/src/tools/atlas/tools.ts b/src/tools/atlas/tools.ts
index 15c48738..fd88226b 100644
--- a/src/tools/atlas/tools.ts
+++ b/src/tools/atlas/tools.ts
@@ -11,6 +11,7 @@ import { CreateAccessListTool } from "./createAccessList.js";
 import { InspectAccessListTool } from "./inspectAccessList.js";
 import { ListDBUsersTool } from "./listDBUsers.js";
 import { CreateDBUserTool } from "./createDBUser.js";
+import { InspectCurrentIPTool } from "./inspectCurrentIP.js";
 
 export function registerAtlasTools(server: McpServer, state: State, apiClient: ApiClient) {
     const tools: ToolBase[] = [
@@ -23,6 +24,7 @@ export function registerAtlasTools(server: McpServer, state: State, apiClient: A
         new InspectAccessListTool(state, apiClient),
         new ListDBUsersTool(state, apiClient),
         new CreateDBUserTool(state, apiClient),
+        new InspectCurrentIPTool(state, apiClient),
     ];
 
     for (const tool of tools) {

From f1e5d9e8a6c2943259ec486782771ba49c56fbb7 Mon Sep 17 00:00:00 2001
From: Filipe C Menezes <filipe.menezes@mongodb.com>
Date: Thu, 10 Apr 2025 17:13:25 +0100
Subject: [PATCH 2/3] fix: compilation error

---
 src/tools/atlas/tools.ts | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/tools/atlas/tools.ts b/src/tools/atlas/tools.ts
index fd88226b..15c48738 100644
--- a/src/tools/atlas/tools.ts
+++ b/src/tools/atlas/tools.ts
@@ -11,7 +11,6 @@ import { CreateAccessListTool } from "./createAccessList.js";
 import { InspectAccessListTool } from "./inspectAccessList.js";
 import { ListDBUsersTool } from "./listDBUsers.js";
 import { CreateDBUserTool } from "./createDBUser.js";
-import { InspectCurrentIPTool } from "./inspectCurrentIP.js";
 
 export function registerAtlasTools(server: McpServer, state: State, apiClient: ApiClient) {
     const tools: ToolBase[] = [
@@ -24,7 +23,6 @@ export function registerAtlasTools(server: McpServer, state: State, apiClient: A
         new InspectAccessListTool(state, apiClient),
         new ListDBUsersTool(state, apiClient),
         new CreateDBUserTool(state, apiClient),
-        new InspectCurrentIPTool(state, apiClient),
     ];
 
     for (const tool of tools) {

From cc5996148c46d21f82452c7ebc5975adc7f31def Mon Sep 17 00:00:00 2001
From: Filipe C Menezes <filipe.menezes@mongodb.com>
Date: Thu, 10 Apr 2025 18:03:58 +0100
Subject: [PATCH 3/3] fix: address comments

---
 src/common/atlas/apiClient.ts       | 8 +++++---
 src/tools/atlas/createAccessList.ts | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/common/atlas/apiClient.ts b/src/common/atlas/apiClient.ts
index 9850d628..0c6615d7 100644
--- a/src/common/atlas/apiClient.ts
+++ b/src/common/atlas/apiClient.ts
@@ -64,7 +64,7 @@ export class ApiClient {
                 return undefined;
             }
             if (await apiClient.validateToken()) {
-                request.headers.set("Authorization", `Bearer ${apiClient.token?.access_token}`);
+                request.headers.set("Authorization", `Bearer ${apiClient.token!.access_token}`);
                 return request;
             }
         },
@@ -253,7 +253,9 @@ export class ApiClient {
     }
 
     async getIpInfo() {
-        await this.validateToken();
+        if (!(await this.validateToken())) {
+            throw new Error("Not Authenticated");
+        }
 
         const endpoint = "api/private/ipinfo";
         const url = new URL(endpoint, config.apiBaseUrl);
@@ -261,7 +263,7 @@ export class ApiClient {
             method: "GET",
             headers: {
                 Accept: "application/json",
-                Authorization: `Bearer ${this.token?.access_token}`,
+                Authorization: `Bearer ${this.token!.access_token}`,
                 "User-Agent": config.userAgent,
             },
         });
diff --git a/src/tools/atlas/createAccessList.ts b/src/tools/atlas/createAccessList.ts
index baaecec1..7bcc4979 100644
--- a/src/tools/atlas/createAccessList.ts
+++ b/src/tools/atlas/createAccessList.ts
@@ -39,7 +39,7 @@ export class CreateAccessListTool extends AtlasToolBase {
         }));
 
         if (currentIpAddress) {
-            const currentIp = await this.apiClient!.getIpInfo();
+            const currentIp = await this.apiClient.getIpInfo();
             const input = {
                 groupId: projectId,
                 ipAddress: currentIp.currentIpv4Address,