Managed Databases: Firewall and SQL Mode Management (#82)

* New endpoint to add/list firewall rules for databases

* New endpoints to configure/get sql_modes for MySQL databases
And endpoints to configure/get eviction_policy for Redis databases

Author: nicholi

DigitalOcean.API.Tests/Clients/DatabasesClientTest.cs

@@ -285,5 +285,74 @@ public void CorrectRequestForDeleteConnectionPool() {
             var parameters = Arg.Is<List<Parameter>>(list => (string)list[0].Value == "1" && (string)list[1].Value == "name");
             factory.Received().ExecuteRaw("databases/{id}/pools/{name}", parameters, null, Method.DELETE);
         }
+
+        [Fact]
+        public void CorrectRequestForUpdateFirewallRules() {
+            var factory = Substitute.For<IConnection>();
+            var client = new DatabasesClient(factory);
+
+            var body = new Models.Requests.UpdateDatabaseFirewallRules();
+            client.UpdateFirewallRules("1", body);
+
+            var parameters = Arg.Is<List<Parameter>>(list => (string)list[0].Value == "1");
+            factory.Received().ExecuteRaw("databases/{id}/firewall", parameters, body, Method.PUT);
+        }
+
+        [Fact]
+        public void CorrectRequestForListFirewallRules() {
+            var factory = Substitute.For<IConnection>();
+            var client = new DatabasesClient(factory);
+
+            client.ListFirewallRules("1");
+
+            var parameters = Arg.Is<List<Parameter>>(list => (string)list[0].Value == "1");
+            factory.Received().GetPaginated<DatabaseFirewallRule>("databases/{id}/firewall", parameters, "rules");
+        }
+
+        [Fact]
+        public void CorrectRequestForRetrieveRedisEviction() {
+            var factory = Substitute.For<IConnection>();
+            var client = new DatabasesClient(factory);
+
+            client.RetrieveEvictionPolicy("1");
+
+            var parameters = Arg.Is<List<Parameter>>(list => (string)list[0].Value == "1");
+            factory.Received().ExecuteRequest<RedisEvictionPolicy>("databases/{id}/eviction_policy", parameters, null, null);
+        }
+
+        [Fact]
+        public void CorrectRequestForConfigureRedisEviction() {
+            var factory = Substitute.For<IConnection>();
+            var client = new DatabasesClient(factory);
+
+            var body = new Models.Requests.RedisEvictionPolicy();
+            client.ConfigureEvictionPolicy("1", body);
+
+            var parameters = Arg.Is<List<Parameter>>(list => (string)list[0].Value == "1");
+            factory.Received().ExecuteRaw("databases/{id}/eviction_policy", parameters, body, Method.PUT);
+        }
+
+        [Fact]
+        public void CorrectRequestForRetrieveMySqlModes() {
+            var factory = Substitute.For<IConnection>();
+            var client = new DatabasesClient(factory);
+
+            client.RetrieveSqlModes("1");
+
+            var parameters = Arg.Is<List<Parameter>>(list => (string)list[0].Value == "1");
+            factory.Received().ExecuteRequest<MySqlModes>("databases/{id}/sql_mode", parameters, null, null);
+        }
+
+        [Fact]
+        public void CorrectRequestForConfigureMySqlModes() {
+            var factory = Substitute.For<IConnection>();
+            var client = new DatabasesClient(factory);
+
+            var body = new Models.Requests.MySqlModes();
+            client.ConfigureSqlModes("1", body);
+
+            var parameters = Arg.Is<List<Parameter>>(list => (string)list[0].Value == "1");
+            factory.Received().ExecuteRaw("databases/{id}/sql_mode", parameters, body, Method.PUT);
+        }
     }
 }

DigitalOcean.API/Clients/DatabasesClient.cs

@@ -285,6 +285,70 @@ public Task<DatabaseCluster> Restore(Models.Requests.DatabaseBackup backup) {
             return _connection.ExecuteRequest<DatabaseCluster>("databases", null, backup, "database", Method.POST);
         }
 
+        /// <summary>
+        /// To update a database cluster's firewall rules (known as "trusted sources" in the control panel).
+        /// Specify which resources should be able to open connections to the database.
+        /// You may limit connections to specific Droplets, Kubernetes clusters, or IP addresses.
+        /// When a tag is provided, any Droplet or Kubernetes node with that tag applied to it will have access.
+        /// </summary>
+        public Task UpdateFirewallRules(string databaseId, Models.Requests.UpdateDatabaseFirewallRules updateRules) {
+            var parameters = new List<Parameter> {
+                new Parameter("id", databaseId, ParameterType.UrlSegment)
+            };
+            return _connection.ExecuteRaw("databases/{id}/firewall", parameters, updateRules, Method.PUT);
+        }
+
+        /// <summary>
+        /// To list all of a database cluster's firewall rules (known as "trusted sources" in the control panel).
+        /// </summary>
+        public Task<IReadOnlyList<DatabaseFirewallRule>> ListFirewallRules(string databaseId) {
+            var parameters = new List<Parameter> {
+                new Parameter("id", databaseId, ParameterType.UrlSegment)
+            };
+            return _connection.GetPaginated<DatabaseFirewallRule>("databases/{id}/firewall", parameters, "rules");
+        }
+
+        /// <summary>
+        /// To retrieve the configured eviction policy for an existing Redis cluster.
+        /// </summary>
+        public Task<RedisEvictionPolicy> RetrieveEvictionPolicy(string databaseId) {
+            var parameters = new List<Parameter> {
+                new Parameter("id", databaseId, ParameterType.UrlSegment)
+            };
+            return _connection.ExecuteRequest<RedisEvictionPolicy>("databases/{id}/eviction_policy", parameters, null, null);
+        }
+
+        /// <summary>
+        /// To configure an eviction policy for an existing Redis cluster.
+        /// </summary>
+        public Task ConfigureEvictionPolicy(string databaseId, Models.Requests.RedisEvictionPolicy evictionPolicy) {
+            var parameters = new List<Parameter> {
+                new Parameter("id", databaseId, ParameterType.UrlSegment)
+            };
+            return _connection.ExecuteRaw("databases/{id}/eviction_policy", parameters, evictionPolicy, Method.PUT);
+        }
+
+        /// <summary>
+        /// To retrieve the configured SQL modes for an existing MySQL cluster.
+        /// </summary>
+        public Task<MySqlModes> RetrieveSqlModes(string databaseId) {
+            var parameters = new List<Parameter> {
+                new Parameter("id", databaseId, ParameterType.UrlSegment)
+            };
+            return _connection.ExecuteRequest<MySqlModes>("databases/{id}/sql_mode", parameters, null, null);
+        }
+
+        /// <summary>
+        /// To configure the SQL modes for an existing MySQL cluster.
+        /// See the official MySQL 8 documentation for a full list of supported SQL modes.
+        /// </summary>
+        public Task ConfigureSqlModes(string databaseId, Models.Requests.MySqlModes sqlModes) {
+            var parameters = new List<Parameter> {
+                new Parameter("id", databaseId, ParameterType.UrlSegment)
+            };
+            return _connection.ExecuteRaw("databases/{id}/sql_mode", parameters, sqlModes, Method.PUT);
+        }
+
         #endregion
     }
 }

DigitalOcean.API/Clients/IDatabasesClient.cs

@@ -139,5 +139,39 @@ public interface IDatabasesClient {
         /// Delete a specific connection pool
         /// </summary>
         Task DeleteConnectionPool(string databaseId, string poolName);
+
+        /// <summary>
+        /// To update a database cluster's firewall rules (known as "trusted sources" in the control panel).
+        /// Specify which resources should be able to open connections to the database.
+        /// You may limit connections to specific Droplets, Kubernetes clusters, or IP addresses.
+        /// When a tag is provided, any Droplet or Kubernetes node with that tag applied to it will have access.
+        /// </summary>
+        Task UpdateFirewallRules(string databaseId, Models.Requests.UpdateDatabaseFirewallRules updateRules);
+
+        /// <summary>
+        /// To list all of a database cluster's firewall rules (known as "trusted sources" in the control panel).
+        /// </summary>
+        Task<IReadOnlyList<DatabaseFirewallRule>> ListFirewallRules(string databaseId);
+
+        /// <summary>
+        /// To retrieve the configured eviction policy for an existing Redis cluster.
+        /// </summary>
+        Task<RedisEvictionPolicy> RetrieveEvictionPolicy(string databaseId);
+
+        /// <summary>
+        /// To configure an eviction policy for an existing Redis cluster.
+        /// </summary>
+        Task ConfigureEvictionPolicy(string databaseId, Models.Requests.RedisEvictionPolicy evictionPolicy);
+
+        /// <summary>
+        /// To retrieve the configured SQL modes for an existing MySQL cluster.
+        /// </summary>
+        Task<MySqlModes> RetrieveSqlModes(string databaseId);
+
+        /// <summary>
+        /// To configure the SQL modes for an existing MySQL cluster.
+        /// See the official MySQL 8 documentation for a full list of supported SQL modes.
+        /// </summary>
+        Task ConfigureSqlModes(string databaseId, Models.Requests.MySqlModes sqlModes);
     }
 }

DigitalOcean.API/Models/Requests/DatabaseFirewallRule.cs

@@ -0,0 +1,30 @@
+using Newtonsoft.Json;
+
+namespace DigitalOcean.API.Models.Requests {
+    public class DatabaseFirewallRule {
+        /// <summary>
+        /// The type of resource that the firewall rule allows to access the database cluster.
+        /// The possible values are: 'droplet', 'k8s', 'ip_addr', or 'tag'.
+        /// </summary>
+        [JsonProperty("type")]
+        public string Type { get; set; }
+
+        /// <summary>
+        /// The ID of the specific resource, the name of a tag applied to a group of resources, or the IP address that the firewall rule allows to access the database cluster.
+        /// </summary>
+        [JsonProperty("value")]
+        public string Value { get; set; }
+
+        /// <summary>
+        /// A unique ID for the firewall rule itself when updating an existing rule.
+        /// </summary>
+        [JsonProperty("uuid")]
+        public string Uuid { get; set; }
+
+        /// <summary>
+        /// A unique ID for the database cluster to which the rule is applied.
+        /// </summary>
+        [JsonProperty("cluster_uuid")]
+        public string ClusterUuid { get; set; }
+    }
+}

DigitalOcean.API/Models/Requests/MySqlModes.cs

@@ -0,0 +1,11 @@
+using Newtonsoft.Json;
+
+namespace DigitalOcean.API.Models.Requests {
+    public class MySqlModes {
+        /// <summary>
+        /// A single string specifying the desired SQL modes for the MySQL cluster separated by commas.
+        /// </summary>
+        [JsonProperty("sql_mode")]
+        public string SqlMode { get; set; }
+    }
+}

DigitalOcean.API/Models/Requests/RedisEvictionPolicy.cs

@@ -0,0 +1,12 @@
+using Newtonsoft.Json;
+
+namespace DigitalOcean.API.Models.Requests {
+    public class RedisEvictionPolicy {
+        /// <summary>
+        /// A string specifying the desired eviction policy for the Redis cluster.
+        /// Valid vaules are: noeviction, allkeys_lru, allkeys_random, volatile_lru, volatile_random, or volatile_ttl.
+        /// </summary>
+        [JsonProperty("eviction_policy")]
+        public string EvictionPolicy { get; set; }
+    }
+}

DigitalOcean.API/Models/Requests/UpdateDatabaseFirewallRules.cs

@@ -0,0 +1,12 @@
+using System.Collections.Generic;
+using Newtonsoft.Json;
+
+namespace DigitalOcean.API.Models.Requests {
+    public class UpdateDatabaseFirewallRules {
+        /// <summary>
+        /// Firewall rules to update.
+        /// </summary>
+        [JsonProperty("rules")]
+        public List<DatabaseFirewallRule> Rules { get; set; }
+    }
+}

DigitalOcean.API/Models/Responses/DatabaseFirewallRule.cs

@@ -0,0 +1,37 @@
+using System;
+using Newtonsoft.Json;
+
+namespace DigitalOcean.API.Models.Responses {
+    public class DatabaseFirewallRule {
+        /// <summary>
+        /// A unique ID for the firewall rule itself.
+        /// </summary>
+        [JsonProperty("uuid")]
+        public string Uuid { get; set; }
+
+        /// <summary>
+        /// A unique ID for the database cluster to which the rule is applied.
+        /// </summary>
+        [JsonProperty("cluster_uuid")]
+        public string ClusterUuid { get; set; }
+
+        /// <summary>
+        /// The type of resource that the firewall rule allows to access the database cluster.
+        /// The possible values are: 'droplet', 'k8s', 'ip_addr', or 'tag'
+        /// </summary>
+        [JsonProperty("type")]
+        public string Type { get; set; }
+
+        /// <summary>
+        /// The ID of the specific resource, the name of a tag applied to a group of resources, or the IP address that the firewall rule allows to access the database cluster.
+        /// </summary>
+        [JsonProperty("value")]
+        public string Value { get; set; }
+
+        /// <summary>
+        /// A time value given in ISO8601 combined date and time format that represents when the firewall rule was created.
+        /// </summary>
+        [JsonProperty("created_at")]
+        public DateTime CreatedAt { get; set; }
+    }
+}

DigitalOcean.API/Models/Responses/MySqlModes.cs

@@ -0,0 +1,11 @@
+using Newtonsoft.Json;
+
+namespace DigitalOcean.API.Models.Responses {
+    public class MySqlModes {
+        /// <summary>
+        /// A string specifying the configured SQL modes for the MySQL cluster.
+        /// </summary>
+        [JsonProperty("sql_mode")]
+        public string SqlMode { get; set; }
+    }
+}

DigitalOcean.API/Models/Responses/RedisEvictionPolicy.cs

@@ -0,0 +1,11 @@
+using Newtonsoft.Json;
+
+namespace DigitalOcean.API.Models.Responses {
+    public class RedisEvictionPolicy {
+        /// <summary>
+        /// A string specifying the desired eviction policy for the Redis cluster.
+        /// </summary>
+        [JsonProperty("eviction_policy")]
+        public string EvictionPolicy { get; set; }
+    }
+}