Adds unit tests for vcore quickstart feature code (#1618)

* Safety checkin * Adding vcoremongo to Main * Safety checkin * Adding vcoremongo to Main * Safety commit * Safety checkin * Adding vcoremongo to Main * Safety commit * Integrating mongo shell * Safety checkin * Adding vcoremongo to Main * Safety commit * Integrating mongo shell * Safety checkin * Safety commit * Enable mongo shell in its own tab * Safety checkin * Adding vcoremongo to Main * Safety commit * Integrating mongo shell * Safety checkin * Safety commit * Safety commit * Integrating mongo shell * Safety checkin * Safety commit * Enable mongo shell in its own tab * Adding message * Integrated mongo shell * Moving Juno endpoint back to prod * Fixed command bar unit tests * Fixing spelling * Adds unit tests for vcore quickstart feature code * Fix lint
2025-12-20 09:20:16 +00:00 · 2023-09-19 17:12:41 -07:00
parent ae5811306b
commit 754354dbf9
9 changed files with 335 additions and 12 deletions
--- a/src/Utils/EndpointValidation.ts
+++ b/src/Utils/EndpointValidation.ts
@@ -55,6 +55,17 @@ export const defaultAllowedBackendEndpoints: ReadonlyArray<string> = [
  "https://localhost:1234",
 ];

+export const PortalBackendIPs: { [key: string]: string[] } = {
+  "https://main.documentdb.ext.azure.com": ["104.42.195.92", "40.76.54.131"],
+  // DE doesn't talk to prod2 (main2) but it might be added
+  //"https://main2.documentdb.ext.azure.com": ["104.42.196.69"],
+  "https://main.documentdb.ext.azure.cn": ["139.217.8.252"],
+  "https://main.documentdb.ext.azure.us": ["52.244.48.71"],
+  // Add ussec and usnat when endpoint address is known:
+  //ussec: ["29.26.26.67", "29.26.26.66"],
+  //usnat: ["7.28.202.68"],
+};
+
 export const allowedMongoProxyEndpoints: ReadonlyArray<string> = [
  "https://main.documentdb.ext.azure.com",
  "https://main.documentdb.ext.azure.cn",
--- a/src/Utils/JestUtils.ts
+++ b/src/Utils/JestUtils.ts
@@ -0,0 +1,4 @@
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export function mockFunction<T extends (...args: any[]) => any>(fn: T): jest.MockedFunction<T> {
+  return fn as jest.MockedFunction<T>;
+}
--- a/src/Utils/NetworkUtility.test.ts
+++ b/src/Utils/NetworkUtility.test.ts
@@ -0,0 +1,106 @@
+import { resetConfigContext, updateConfigContext } from "ConfigContext";
+import { DatabaseAccount, IpRule } from "Contracts/DataModels";
+import { updateUserContext } from "UserContext";
+import { PortalBackendIPs } from "Utils/EndpointValidation";
+import { getNetworkSettingsWarningMessage } from "./NetworkUtility";
+
+describe("NetworkUtility tests", () => {
+  describe("getNetworkSettingsWarningMessage", () => {
+    const publicAccessMessagePart = "Please enable public access to proceed";
+    const accessMessagePart = "Please allow access from Azure Portal to proceed";
+    // validEnpoints are a subset of those from Utils/EndpointValidation/PortalBackendIPs
+    const validEndpoints = [
+      "https://main.documentdb.ext.azure.com",
+      "https://main.documentdb.ext.azure.cn",
+      "https://main.documentdb.ext.azure.us",
+    ];
+
+    let warningMessageResult: string;
+    const warningMessageFunc = (msg: string) => (warningMessageResult = msg);
+
+    beforeEach(() => {
+      warningMessageResult = undefined;
+    });
+
+    afterEach(() => {
+      resetConfigContext();
+    });
+
+    it("should return no message when publicNetworkAccess is enabled", async () => {
+      updateUserContext({
+        databaseAccount: {
+          properties: {
+            publicNetworkAccess: "Enabled",
+          },
+        } as DatabaseAccount,
+      });
+
+      await getNetworkSettingsWarningMessage(warningMessageFunc);
+      expect(warningMessageResult).toBeUndefined();
+    });
+
+    it("should return publicAccessMessage when publicNetworkAccess is disabled", async () => {
+      updateUserContext({
+        databaseAccount: {
+          properties: {
+            publicNetworkAccess: "Disabled",
+          },
+        } as DatabaseAccount,
+      });
+
+      await getNetworkSettingsWarningMessage(warningMessageFunc);
+      expect(warningMessageResult).toContain(publicAccessMessagePart);
+    });
+
+    it(`should return no message when the appropriate ip rules are added to mongo/cassandra account per endpoint`, () => {
+      validEndpoints.forEach(async (endpoint) => {
+        updateUserContext({
+          databaseAccount: {
+            kind: "MongoDB",
+            properties: {
+              ipRules: PortalBackendIPs[endpoint].map((ip: string) => ({ ipAddressOrRange: ip } as IpRule)),
+              publicNetworkAccess: "Enabled",
+            },
+          } as DatabaseAccount,
+        });
+
+        updateConfigContext({
+          BACKEND_ENDPOINT: endpoint,
+        });
+
+        let asyncWarningMessageResult: string;
+        const asyncWarningMessageFunc = (msg: string) => (asyncWarningMessageResult = msg);
+
+        await getNetworkSettingsWarningMessage(asyncWarningMessageFunc);
+        expect(asyncWarningMessageResult).toBeUndefined();
+      });
+    });
+
+    it("should return accessMessage when incorrent ip rule is added to mongo/cassandra account per endpoint", () => {
+      validEndpoints.forEach(async (endpoint) => {
+        updateUserContext({
+          databaseAccount: {
+            kind: "MongoDB",
+            properties: {
+              ipRules: [{ ipAddressOrRange: "1.1.1.1" }],
+              publicNetworkAccess: "Enabled",
+            },
+          } as DatabaseAccount,
+        });
+
+        updateConfigContext({
+          BACKEND_ENDPOINT: endpoint,
+        });
+
+        let asyncWarningMessageResult: string;
+        const asyncWarningMessageFunc = (msg: string) => (asyncWarningMessageResult = msg);
+
+        await getNetworkSettingsWarningMessage(asyncWarningMessageFunc);
+        expect(asyncWarningMessageResult).toContain(accessMessagePart);
+      });
+    });
+
+    // Postgres and vcore mongo account checks basically pass through to CheckFirewallRules so those
+    // tests are omitted here and included in CheckFirewallRules.test.ts
+  });
+});
--- a/src/Utils/NetworkUtility.ts
+++ b/src/Utils/NetworkUtility.ts
@@ -1,15 +1,7 @@
+import { configContext } from "ConfigContext";
 import { checkFirewallRules } from "Explorer/Tabs/Shared/CheckFirewallRules";
 import { userContext } from "UserContext";
-
-const PortalIPs: { [key: string]: string[] } = {
-  prod1: ["104.42.195.92", "40.76.54.131"],
-  prod2: ["104.42.196.69"],
-  mooncake: ["139.217.8.252"],
-  blackforest: ["51.4.229.218"],
-  fairfax: ["52.244.48.71"],
-  ussec: ["29.26.26.67", "29.26.26.66"],
-  usnat: ["7.28.202.68"],
-};
+import { PortalBackendIPs } from "Utils/EndpointValidation";

 export const getNetworkSettingsWarningMessage = async (
  setStateFunc: (warningMessage: string) => void
@@ -28,6 +20,7 @@ export const getNetworkSettingsWarningMessage = async (
      setStateFunc,
      accessMessage
    );
+    return;
  } else if (userContext.apiType === "VCoreMongo") {
    checkFirewallRules(
      "2023-03-01-preview",
@@ -38,6 +31,7 @@ export const getNetworkSettingsWarningMessage = async (
      setStateFunc,
      accessMessage
    );
+    return;
  } else if (accountProperties) {
    // public network access is disabled
    if (
@@ -45,13 +39,14 @@ export const getNetworkSettingsWarningMessage = async (
      accountProperties.publicNetworkAccess !== "SecuredByPerimeter"
    ) {
      setStateFunc(publicAccessMessage);
+      return;
    }

    const ipRules = accountProperties.ipRules;
    // public network access is NOT set to "All networks"
-    if (ipRules.length > 0) {
+    if (ipRules?.length > 0) {
      if (userContext.apiType === "Cassandra" || userContext.apiType === "Mongo") {
-        const portalIPs = PortalIPs[userContext.portalEnv];
+        const portalIPs = PortalBackendIPs[configContext.BACKEND_ENDPOINT];
        let numberOfMatches = 0;
        ipRules.forEach((ipRule) => {
          if (portalIPs.indexOf(ipRule.ipAddressOrRange) !== -1) {