Skip to content

feat: complete MCP traffic isolation — add missing endpoints, remove leaky path routing#620

Merged
liuwei08 merged 2 commits into
masterfrom
feat/mcp-full-isolation
Jul 1, 2026
Merged

feat: complete MCP traffic isolation — add missing endpoints, remove leaky path routing#620
liuwei08 merged 2 commits into
masterfrom
feat/mcp-full-isolation

Conversation

@sap-yuan

@sap-yuan sap-yuan commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator

Summary

Phase 2 of DIARCHERS-1396: fully isolate MCP token traffic to /api/v1/mcp/*.

The original implementation used a client-side mcpPath() regex translation layer that only covered 6 paths. Any tool method not in that mapping would silently fall through to /api/v1/* regular traffic, defeating the isolation goal.

Backend — 6 new MCP endpoints

All new endpoints carry the full middleware stack: mcp_auth_required@mcp_rate_limitcheck_project_access_mcp → handler → audit_mcp.

Endpoint File
GET /api/v1/mcp/projects/<id> projects.py
GET /api/v1/mcp/projects/<id>/builds/<bid> builds.py
GET /api/v1/mcp/projects/<id>/jobs/<jid> jobs.py
GET /api/v1/mcp/projects/<id>/jobs/<jid>/stats jobs.py
GET /api/v1/mcp/projects/<id>/jobs/<jid>/testruns jobs.py
GET /api/v1/mcp/projects/<id>/jobs/<jid>/manifest jobs.py

Also extracted _ACCESS_DENIED and _JOB_BY_PROJECT constants in jobs.py to eliminate string duplication.

Test plan

  • All 6 new endpoints return data with a valid ib_mcp_* token
  • All 6 new endpoints return 403 for a token without project scope
  • Existing endpoints (list_projects, list_builds, list_jobs, get_job_log, list_job_artifacts, trigger) still work
  • mcp_access_log contains entries for all new endpoint calls

…leaky path routing

Backend (DIARCHERS-1396 Phase 2):
- projects.py: add GET /api/v1/mcp/projects/<id> (getProject)
- builds.py: add GET /api/v1/mcp/projects/<id>/builds/<bid> (getBuild)
- jobs.py: add GET .../jobs/<jid> (getJob), .../stats, .../testruns, .../manifest
- All 6 new endpoints carry full middleware: mcp_auth_required + mcp_rate_limit +
  check_project_access_mcp + audit_mcp
- Extract _ACCESS_DENIED and _JOB_BY_PROJECT constants to eliminate string duplication
@sap-yuan sap-yuan self-assigned this Jul 1, 2026

@liuwei08 liuwei08 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two must-fix issues found. See inline comments for details.

Comment thread src/api/handlers/mcp/routes/builds.py Outdated
Comment thread src/api/handlers/mcp/routes/jobs.py Outdated
@sap-yuan

sap-yuan commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator Author

Fixed both review findings in 15038b1:

[Blocker] Duplicate class definitions in builds.py — Confirmed valid. The old MCPBuilds, MCPTrigger, and _build_dict definitions (lines 170–275) were left over from the original file and not removed when the new code was added at the top. Deleted all duplicate definitions. Each class is now defined exactly once.

[High] Silent stats parse failure in jobs.py — Confirmed valid. Added import logging + logger = logging.getLogger('mcp_jobs'), replaced except Exception: pass with a warning log + audit_mcp(..., outcome='partial', error=...) so parse failures are observable in both application logs and the audit trail.

@liuwei08 liuwei08 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@liuwei08 liuwei08 merged commit 14022e3 into master Jul 1, 2026
2 checks passed
@liuwei08 liuwei08 deleted the feat/mcp-full-isolation branch July 1, 2026 08:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants