@gohcltech/bitbucket-mcp/dist/auth-capabilities.d.ts

Bitbucket integration for Claude via Model Context Protocol

/**
 * @fileoverview Authentication capabilities and scope management for Bitbucket MCP server.
 *
 * This module defines the capability scopes available for different authentication methods
 * and maps them to tool categories. It allows the server to dynamically determine which
 * tools should be available based on the authenticated user's capabilities.
 *
 * ## Authentication Methods and Capabilities
 *
 * **API Token (username + token)**
 * - User-account level access
 * - Can access all workspaces and repositories the user has permission to
 * - Full scope support for all tool categories
 *
 * **Repository Token (bearer token)**
 * - Single repository access only
 * - Limited to the specific repository it was created for
 * - Cannot access workspace management or issues
 *
 * ## Scope Definitions
 *
 * Capabilities are organized by Bitbucket API scope:
 * - `workspace:read` - Read workspace data (list workspaces, get workspace info)
 * - `workspace:admin` - Manage workspace (create, update, delete workspaces)
 * - `repository:read` - Read repository data
 * - `repository:write` - Write to repositories (create, update)
 * - `repository:admin` - Administer repositories (delete, settings)
 * - `pullrequest:read` - Read pull request data
 * - `pullrequest:write` - Create and manage pull requests
 * - `issue:read` - Read issues and issue tracking data
 * - `issue:write` - Create and manage issues
 * - `issue:admin` - Administer issue tracking
 */
import { AuthMethod, AuthConfig } from './types.js';
/**
 * Individual capability scope names that map to Bitbucket API permissions.
 */
export declare enum Capability {
    WORKSPACE_READ = "workspace:read",
    WORKSPACE_ADMIN = "workspace:admin",
    REPOSITORY_READ = "repository:read",
    REPOSITORY_WRITE = "repository:write",
    REPOSITORY_ADMIN = "repository:admin",
    PULLREQUEST_READ = "pullrequest:read",
    PULLREQUEST_WRITE = "pullrequest:write",
    ISSUE_READ = "issue:read",
    ISSUE_WRITE = "issue:write",
    ISSUE_ADMIN = "issue:admin"
}
/**
 * Tool categories that require specific capabilities to function.
 */
export declare enum ToolCategory {
    WORKSPACE = "workspace",
    REPOSITORY = "repository",
    BRANCH = "branch",
    PULL_REQUEST = "pull_request",
    COMMIT = "commit",
    ISSUE = "issue"
}
/**
 * Represents the set of capabilities available to the current authentication.
 */
export declare class AuthCapabilities {
    private capabilities;
    private authMethod;
    /**
     * Creates a new AuthCapabilities instance from authentication config.
     *
     * @param authConfig - The authentication configuration
     */
    constructor(authConfig: AuthConfig);
    /**
     * Gets the authentication method used.
     *
     * @returns The authentication method
     */
    getAuthMethod(): AuthMethod;
    /**
     * Checks if a specific capability is available.
     *
     * @param capability - The capability to check
     * @returns True if the capability is available
     */
    hasCapability(capability: Capability): boolean;
    /**
     * Checks if all required capabilities are available.
     *
     * @param capabilities - Array of capabilities to check
     * @returns True if all capabilities are available
     */
    hasAllCapabilities(capabilities: Capability[]): boolean;
    /**
     * Gets all available capabilities.
     *
     * @returns Array of available capabilities
     */
    getAvailableCapabilities(): Capability[];
    /**
     * Checks if a tool category is available based on current capabilities.
     *
     * @param category - The tool category to check
     * @returns True if the tool category's requirements are met
     */
    isToolCategoryAvailable(category: ToolCategory): boolean;
    /**
     * Gets all available tool categories.
     *
     * @returns Array of available tool categories
     */
    getAvailableToolCategories(): ToolCategory[];
    /**
     * Gets tool categories that are NOT available (filtered out).
     *
     * @returns Array of unavailable tool categories
     */
    getUnavailableToolCategories(): ToolCategory[];
    /**
     * Gets a detailed description of why a tool category is unavailable.
     *
     * @param category - The tool category to check
     * @returns String describing missing capabilities, or empty string if available
     */
    getUnavailabilityReason(category: ToolCategory): string;
}
/**
 * Creates an AuthCapabilities instance from authentication config.
 *
 * @param authConfig - The authentication configuration
 * @returns AuthCapabilities instance
 */
export declare function createAuthCapabilities(authConfig: AuthConfig): AuthCapabilities;
//# sourceMappingURL=auth-capabilities.d.ts.map