superadmin/agenticSystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MCP: bloquear escritura de records por accessList del usuario

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jordan Diaz
2026-04-06 21:52:13 +00:00
parent 5bfcee6918
commit 38ac9cecdc
4 changed files with 59 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
mcp-server/tools/records/addModuleToRecord.js
View File

@@ -3,6 +3,7 @@ import { withAuth, getSessionCredentials } from "../../auth/index.js";
import { handleApiResponse, handleToolError, validateRequired } from "../helpers/errorHandler.js";
import { AcaiHttpClient } from "../helpers/acaiHttpClient.js";
import { withAuthParams } from "../helpers/authSchema.js";
import { canAccessTable } from "../helpers/accessControl.js";
export function registerAddModuleToRecordTool(server) {
server.tool(
@@ -29,6 +30,12 @@ Response includes: sectionId, moduleId, position, totalModules`,
const validationError = validateRequired({ tableName, recordNum, moduleId }, ['tableName', 'recordNum', 'moduleId'], 'add_module_to_record');
if (validationError) return validationError;
// Check table access
const accessCheck = canAccessTable(tableName);
if (!accessCheck.allowed) {
return { content: [{ type: "text", text: JSON.stringify({ success: false, error: accessCheck.error }) }], isError: true };
}
const sessionId = extra.sessionId;
const credentials = await getSessionCredentials(sessionId);
const payload = {