mongodb-js · blva · Sep 18, 2025 · Sep 18, 2025 · Sep 18, 2025 · Oct 2, 2025
@@ -18,6 +18,7 @@ export const ALLOWED_CLUSTER_NAME_CHARACTERS_ERROR =
 const ALLOWED_PROJECT_NAME_CHARACTERS_REGEX = /^[a-zA-Z0-9\s()@&+:._',-]+$/;
 export const ALLOWED_PROJECT_NAME_CHARACTERS_ERROR =
     "Project names can't be longer than 64 characters and can only contain letters, numbers, spaces, and the following symbols: ( ) @ & + : . _ - ' ,";
+
 export const CommonArgs = {
     string: (): ZodString => z.string().regex(NO_UNICODE_REGEX, NO_UNICODE_ERROR),
 
@@ -30,7 +31,7 @@ export const CommonArgs = {
 };
 
 export const AtlasArgs = {
-    projectId: (): z.ZodString => CommonArgs.objectId("projectId"),
+    projectId: (): z.ZodString => CommonArgs.objectId("projectId").describe("Atlas project ID"),
 
     organizationId: (): z.ZodString => CommonArgs.objectId("organizationId"),
 
@@ -70,6 +71,15 @@ export const AtlasArgs = {
         z.string().min(1, "Password is required").max(100, "Password must be 100 characters or less"),
 };
 
+export const ProjectArgs = {
+    projectId: AtlasArgs.projectId(),
+};
+
+export const ProjectAndClusterArgs = {
+    ...ProjectArgs,
+    clusterName: AtlasArgs.clusterName().describe("Atlas cluster name"),
+};
+
 function toEJSON<T extends object | undefined>(value: T): T {
     if (!value) {
         return value;

@@ -7,7 +7,7 @@ import { inspectCluster } from "../../../common/atlas/cluster.js";
 import { ensureCurrentIpInAccessList } from "../../../common/atlas/accessListUtils.js";
 import type { AtlasClusterConnectionInfo } from "../../../common/connectionManager.js";
 import { getDefaultRoleFromConfig } from "../../../common/atlas/roles.js";
-import { AtlasArgs } from "../../args.js";
+import { ProjectAndClusterArgs } from "../../args.js";
 
 const addedIpAccessListMessage =
     "Note: Your current IP address has been added to the Atlas project's IP access list to enable secure connection.";
@@ -20,8 +20,7 @@ function sleep(ms: number): Promise<void> {
 }
 
 export const ConnectClusterArgs = {
-    projectId: AtlasArgs.projectId().describe("Atlas project ID"),
-    clusterName: AtlasArgs.clusterName().describe("Atlas cluster name"),
+    ...ProjectAndClusterArgs,
 };
 
 export class ConnectClusterTool extends AtlasToolBase {

@@ -3,10 +3,10 @@ import { type OperationType, type ToolArgs } from "../../tool.js";
 import type { CallToolResult } from "@modelcontextprotocol/sdk/types.js";
 import { AtlasToolBase } from "../atlasTool.js";
 import { makeCurrentIpAccessListEntry, DEFAULT_ACCESS_LIST_COMMENT } from "../../../common/atlas/accessListUtils.js";
-import { AtlasArgs, CommonArgs } from "../../args.js";
+import { AtlasArgs, CommonArgs, ProjectArgs } from "../../args.js";
 
 export const CreateAccessListArgs = {
-    projectId: AtlasArgs.projectId().describe("Atlas project ID"),
+    ...ProjectArgs,
     ipAddresses: z.array(AtlasArgs.ipAddress()).describe("IP addresses to allow access from").optional(),
     cidrBlocks: z.array(AtlasArgs.cidrBlock()).describe("CIDR blocks to allow access from").optional(),
     currentIpAddress: z.boolean().describe("Add the current IP address").default(false),

@@ -8,7 +8,7 @@ import { ensureCurrentIpInAccessList } from "../../../common/atlas/accessListUti
 import { AtlasArgs, CommonArgs } from "../../args.js";
 
 export const CreateDBUserArgs = {
-    projectId: AtlasArgs.projectId().describe("Atlas project ID"),
+    projectId: AtlasArgs.projectId(),
     username: AtlasArgs.username().describe("Username for the new user"),
     // Models will generate overly simplistic passwords like SecurePassword123 or
     // AtlasPassword123, which are easily guessable and exploitable. We're instructing
@@ -26,7 +26,7 @@ export const CreateDBUserArgs = {
                 collectionName: CommonArgs.string().describe("Collection name").optional(),
             })
         )
-        .describe("Roles for the new user"),
+        .describe("Roles for the new database user"),
     clusters: z
         .array(AtlasArgs.clusterName())
         .describe("Clusters to assign the user to, leave empty for access to all clusters")
@@ -35,7 +35,7 @@ export const CreateDBUserArgs = {
 
 export class CreateDBUserTool extends AtlasToolBase {
     public name = "atlas-create-db-user";
-    protected description = "Create an MongoDB Atlas database user";
+    protected description = "Create a MongoDB Atlas database user";
     public operationType: OperationType = "create";
     protected argsShape = {
         ...CreateDBUserArgs,

@@ -3,22 +3,25 @@ import { type ToolArgs, type OperationType } from "../../tool.js";
 import { AtlasToolBase } from "../atlasTool.js";
 import type { ClusterDescription20240805 } from "../../../common/atlas/openapi.js";
 import { ensureCurrentIpInAccessList } from "../../../common/atlas/accessListUtils.js";
-import { AtlasArgs } from "../../args.js";
+import { ProjectAndClusterArgs, AtlasArgs } from "../../args.js";
 
 export class CreateFreeClusterTool extends AtlasToolBase {
     public name = "atlas-create-free-cluster";
     protected description = "Create a free MongoDB Atlas cluster";
     public operationType: OperationType = "create";
     protected argsShape = {
-        projectId: AtlasArgs.projectId().describe("Atlas project ID to create the cluster in"),
-        name: AtlasArgs.clusterName().describe("Name of the cluster"),
+        ...ProjectAndClusterArgs,
         region: AtlasArgs.region().describe("Region of the cluster").default("US_EAST_1"),
     };
 
-    protected async execute({ projectId, name, region }: ToolArgs<typeof this.argsShape>): Promise<CallToolResult> {
+    protected async execute({
+        projectId,
+        clusterName,
+        region,
+    }: ToolArgs<typeof this.argsShape>): Promise<CallToolResult> {
         const input = {
             groupId: projectId,
-            name,
+            name: clusterName,
             clusterType: "REPLICASET",
             replicationSpecs: [
                 {
@@ -50,7 +53,7 @@ export class CreateFreeClusterTool extends AtlasToolBase {
 
         return {
             content: [
-                { type: "text", text: `Cluster "${name}" has been created in region "${region}".` },
+                { type: "text", text: `Cluster "${clusterName}" has been created in region "${region}".` },
                 { type: "text", text: `Double check your access lists to enable your current IP.` },
             ],
         };

@@ -4,7 +4,7 @@ import { AtlasToolBase } from "../atlasTool.js";
 import { AtlasArgs } from "../../args.js";
 
 export const InspectAccessListArgs = {
-    projectId: AtlasArgs.projectId().describe("Atlas project ID"),
+    projectId: AtlasArgs.projectId(),
 };
 
 export class InspectAccessListTool extends AtlasToolBase {

@@ -3,19 +3,14 @@ import { type OperationType, type ToolArgs, formatUntrustedData } from "../../to
 import { AtlasToolBase } from "../atlasTool.js";
 import type { Cluster } from "../../../common/atlas/cluster.js";
 import { inspectCluster } from "../../../common/atlas/cluster.js";
-import { AtlasArgs } from "../../args.js";
-
-export const InspectClusterArgs = {
-    projectId: AtlasArgs.projectId().describe("Atlas project ID"),
-    clusterName: AtlasArgs.clusterName().describe("Atlas cluster name"),
-};
+import { ProjectAndClusterArgs } from "../../args.js";
 
 export class InspectClusterTool extends AtlasToolBase {
     public name = "atlas-inspect-cluster";
     protected description = "Inspect MongoDB Atlas cluster";
     public operationType: OperationType = "read";
     protected argsShape = {
-        ...InspectClusterArgs,
+        ...ProjectAndClusterArgs,
     };
 
     protected async execute({ projectId, clusterName }: ToolArgs<typeof this.argsShape>): Promise<CallToolResult> {

@@ -103,7 +103,7 @@ export function setupIntegrationTest(
             keychain: new Keychain(),
         });
 
-        // Mock hasValidAccessToken for tests
+        // Mock API Client for tests
         if (!userConfig.apiClientId && !userConfig.apiClientSecret) {
             const mockFn = vi.fn().mockResolvedValue(true);
             session.apiClient.validateAccessToken = mockFn;
@@ -242,6 +242,16 @@ export const databaseCollectionParameters: ParameterInfo[] = [
     { name: "collection", type: "string", description: "Collection name", required: true },
 ];
 
+export const projectIdParameters: ParameterInfo[] = [
+    { name: "projectId", type: "string", description: "Atlas project ID", required: true },
+];
+
+export const createClusterParameters: ParameterInfo[] = [
+    { name: "projectId", type: "string", description: "Atlas project ID", required: true },
+    { name: "clusterName", type: "string", description: "Atlas cluster name", required: true },
+    { name: "region", type: "string", description: "Region of the cluster", required: false },
+];
+
 export const databaseCollectionInvalidArgs = [
     {},
     { database: "test" },
@@ -252,6 +262,53 @@ export const databaseCollectionInvalidArgs = [
     { database: "test", collection: [] },
 ];
 
+export const projectIdInvalidArgs = [
+    {},
+    { projectId: 123 },
+    { projectId: [] },
+    { projectId: "!✅invalid" },
+    { projectId: "invalid-test-project-id" },
+];
+
+export const clusterNameInvalidArgs = [
+    { clusterName: 123 },
+    { clusterName: [] },
+    { clusterName: "!✅invalid" },
+    { clusterName: "a".repeat(65) }, // too long
+];
+
+export const projectAndClusterInvalidArgs = [
+    {},
+    { projectId: "507f1f77bcf86cd799439011" }, // missing clusterName
+    { clusterName: "testCluster" }, // missing projectId
+    { projectId: 123, clusterName: "testCluster" },
+    { projectId: "507f1f77bcf86cd799439011", clusterName: 123 },
+    { projectId: "invalid", clusterName: "testCluster" },
+    { projectId: "507f1f77bcf86cd799439011", clusterName: "!✅invalid" },
+];
+
+export const organizationIdInvalidArgs = [
+    { organizationId: 123 },
+    { organizationId: [] },
+    { organizationId: "!✅invalid" },
+    { organizationId: "invalid-test-org-id" },
+];
+
+export const orgIdInvalidArgs = [
+    { orgId: 123 },
+    { orgId: [] },
+    { orgId: "!✅invalid" },
+    { orgId: "invalid-test-org-id" },
+];
+
+export const usernameInvalidArgs = [
+    {},
+    { username: 123 },
+    { username: [] },
+    { username: "!✅invalid" },
+    { username: "a".repeat(101) }, // too long
+];
+
 export const databaseInvalidArgs = [{}, { database: 123 }, { database: [] }];
 
 export function validateToolMetadata(

@@ -1,5 +1,11 @@
 import { describeWithAtlas, withProject } from "./atlasHelpers.js";
-import { expectDefined, getResponseElements } from "../../helpers.js";
+import {
+    expectDefined,
+    getResponseElements,
+    projectIdInvalidArgs,
+    validateThrowsForInvalidArguments,
+    validateToolMetadata,
+} from "../../helpers.js";
 import { afterAll, beforeAll, describe, expect, it } from "vitest";
 import { ensureCurrentIpInAccessList } from "../../../../src/common/atlas/accessListUtils.js";
 
@@ -12,6 +18,25 @@ function generateRandomIp(): string {
 }
 
 describeWithAtlas("ip access lists", (integration) => {
+    describe("should have correct metadata and validate invalid arguments", () => {
+        validateToolMetadata(
+            integration,
+            "atlas-inspect-access-list",
+            "Inspect Ip/CIDR ranges with access to your MongoDB Atlas clusters.",
+            [
+                {
+                    name: "projectId",
+                    type: "string",
+                    description: "Atlas project ID",
+                    required: true,
+                },
+            ]
+        );
+
+        validateThrowsForInvalidArguments(integration, "atlas-inspect-access-list", projectIdInvalidArgs);
+        validateThrowsForInvalidArguments(integration, "atlas-create-access-list", projectIdInvalidArgs);
+    });
+
     withProject(integration, ({ getProjectId }) => {
         const ips = [generateRandomIp(), generateRandomIp()];
         const cidrBlocks = [generateRandomIp() + "/16", generateRandomIp() + "/24"];

@@ -1,15 +1,24 @@
-import { expectDefined, getResponseElements } from "../../helpers.js";
+import {
+    getResponseElements,
+    projectIdInvalidArgs,
+    validateThrowsForInvalidArguments,
+    validateToolMetadata,
+} from "../../helpers.js";
 import { parseTable, describeWithAtlas, withProject } from "./atlasHelpers.js";
-import { expect, it } from "vitest";
+import { expect, it, describe } from "vitest";
 
 describeWithAtlas("atlas-list-alerts", (integration) => {
-    it("should have correct metadata", async () => {
-        const { tools } = await integration.mcpClient().listTools();
-        const listAlerts = tools.find((tool) => tool.name === "atlas-list-alerts");
-        expectDefined(listAlerts);
-        expect(listAlerts.inputSchema.type).toBe("object");
-        expectDefined(listAlerts.inputSchema.properties);
-        expect(listAlerts.inputSchema.properties).toHaveProperty("projectId");
+    describe("should have correct metadata and validate invalid arguments", () => {
+        validateToolMetadata(integration, "atlas-list-alerts", "List MongoDB Atlas alerts", [
+            {
+                name: "projectId",
+                type: "string",
+                description: "Atlas project ID to list alerts for",
+                required: true,
+            },
+        ]);
+
+        validateThrowsForInvalidArguments(integration, "atlas-list-alerts", projectIdInvalidArgs);
     });
 
     withProject(integration, ({ getProjectId }) => {

@@ -9,16 +9,12 @@ import { afterAll, beforeAll, describe } from "vitest";
 export type IntegrationTestFunction = (integration: IntegrationTest) => void;
 
 export function describeWithAtlas(name: string, fn: IntegrationTestFunction): void {
-    const describeFn =
-        !process.env.MDB_MCP_API_CLIENT_ID?.length || !process.env.MDB_MCP_API_CLIENT_SECRET?.length
-            ? describe.skip
-            : describe;
-    describeFn(name, () => {
+    describe(name, () => {
         const integration = setupIntegrationTest(
             () => ({
                 ...defaultTestConfig,
-                apiClientId: process.env.MDB_MCP_API_CLIENT_ID,
-                apiClientSecret: process.env.MDB_MCP_API_CLIENT_SECRET,
+                apiClientId: process.env.MDB_MCP_API_CLIENT_ID || "test-client",
+                apiClientSecret: process.env.MDB_MCP_API_CLIENT_SECRET || "test-secret",
                 apiBaseUrl: process.env.MDB_MCP_API_BASE_URL ?? "https://cloud-dev.mongodb.com",
             }),
             () => defaultDriverOptions
@@ -34,8 +30,23 @@ interface ProjectTestArgs {
 
 type ProjectTestFunction = (args: ProjectTestArgs) => void;
 
+export function withCredentials(integration: IntegrationTest, fn: IntegrationTestFunction): SuiteCollector<object> {
+    const describeFn =
+        !process.env.MDB_MCP_API_CLIENT_ID?.length || !process.env.MDB_MCP_API_CLIENT_SECRET?.length
+            ? describe.skip
+            : describe;
+    return describeFn("with credentials", () => {
+        fn(integration);
+    });
+}
+
 export function withProject(integration: IntegrationTest, fn: ProjectTestFunction): SuiteCollector<object> {
-    return describe("with project", () => {
+    const describeFn =
+        !process.env.MDB_MCP_API_CLIENT_ID?.length || !process.env.MDB_MCP_API_CLIENT_SECRET?.length
+            ? describe.skip
+            : describe;
+
+    return describeFn("with project", () => {
         let projectId: string = "";
         let ipAddress: string = "";
 

@@ -1,5 +1,14 @@
 import type { Session } from "../../../../src/common/session.js";
-import { expectDefined, getDataFromUntrustedContent, getResponseElements, sleep } from "../../helpers.js";
+import {
+    expectDefined,
+    getResponseElements,
+    getDataFromUntrustedContent,
+    createClusterParameters,
+    projectAndClusterInvalidArgs,
+    validateThrowsForInvalidArguments,
+    validateToolMetadata,
+    sleep,
+} from "../../helpers.js";
 import { describeWithAtlas, withProject, randomId, parseTable } from "./atlasHelpers.js";
 import type { ClusterDescription20240805 } from "../../../../src/common/atlas/openapi.js";
 import { afterAll, beforeAll, describe, expect, it } from "vitest";
@@ -63,6 +72,19 @@
 }
 
 describeWithAtlas("clusters", (integration) => {
+    describe("should have correct metadata and validate invalid arguments", () => {
+        validateToolMetadata(
+            integration,
+            "atlas-create-free-cluster",
+            "Create a free MongoDB Atlas cluster",
+            createClusterParameters
+        );
+
+        expect(() => {
+            validateThrowsForInvalidArguments(integration, "atlas-create-free-cluster", projectAndClusterInvalidArgs);
+        }).not.toThrow();
+    });
+
     withProject(integration, ({ getProjectId, getIpAddress }) => {
         const clusterName = "ClusterTest-" + randomId;
 
@@ -83,7 +105,7 @@
                expect(createFreeCluster.inputSchema.type).toBe("object");
                expectDefined(createFreeCluster.inputSchema.properties);
                expect(createFreeCluster.inputSchema.properties).toHaveProperty("projectId");
                expect(createFreeCluster.inputSchema.properties).toHaveProperty("name");
                expect(createFreeCluster.inputSchema.properties).toHaveProperty("region");
            });

@@ -132,7 +154,7 @@
                    arguments: { projectId, clusterName: clusterName },
                });
                const elements = getResponseElements(response.content);
                expect(elements).toHaveLength(2);
                expect(elements[0]?.text).toContain("Cluster details:");
                expect(elements[1]?.text).toContain("<untrusted-user-data-");
                expect(elements[1]?.text).toContain(`${clusterName} | `);
@@ -157,7 +179,7 @@
                    .callTool({ name: "atlas-list-clusters", arguments: { projectId } });

                const elements = getResponseElements(response);
                expect(elements).toHaveLength(2);

                expect(elements[1]?.text).toContain("<untrusted-user-data-");
                expect(elements[1]?.text).toContain(`${clusterName} | `);