remcode
Version:
Turn your AI assistant into a codebase expert. Intelligent code analysis, semantic search, and software engineering guidance through MCP integration.
106 lines (105 loc) • 4.38 kB
JavaScript
;
/**
* MCP Validation Guard
* Ensures all MCP tools validate permissions before executing
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.MCPValidationGuard = void 0;
const permission_validator_1 = require("./permission-validator");
const logger_1 = require("../../utils/logger");
const logger = (0, logger_1.getLogger)('MCPValidationGuard');
/**
* Validation guard for all MCP operations
* Implements one-shot validation approach
*/
class MCPValidationGuard {
/**
* Execute MCP operation with validation guard
*/
static async executeWithValidation(operation, operationName, requiresRepositoryAccess) {
logger.info(`🛡️ Validating permissions for ${operationName}...`);
try {
// Get or refresh validation
const validation = await this.getValidation();
// Check if all permissions are valid
if (!validation.allValid) {
logger.warn(`❌ Permission validation failed for ${operationName}`);
const guidance = permission_validator_1.PermissionValidator.generateSetupGuidance(validation);
return {
success: false,
setupRequired: true,
setupGuidance: {
github: validation.setupUrls.github,
huggingface: validation.setupUrls.huggingface,
pinecone: validation.setupUrls.pinecone,
message: validation.message
},
error: 'Setup required - missing permissions'
};
}
// Additional repository-specific validation if needed
if (requiresRepositoryAccess) {
const repoPermissions = await permission_validator_1.PermissionValidator.validateRepositoryAccess(requiresRepositoryAccess.owner, requiresRepositoryAccess.repo);
if (!repoPermissions.hasAdmin) {
logger.warn(`❌ Insufficient repository permissions for ${operationName}`);
return {
success: false,
setupRequired: true,
error: `Admin access required for repository ${requiresRepositoryAccess.owner}/${requiresRepositoryAccess.repo}`,
setupGuidance: {
message: `You need admin permissions on ${requiresRepositoryAccess.owner}/${requiresRepositoryAccess.repo} to use remcode features that modify repository settings.`
}
};
}
}
logger.info(`✅ All permissions validated for ${operationName}`);
// Execute the actual operation
const result = await operation();
return {
success: true,
data: result
};
}
catch (error) {
logger.error(`❌ ${operationName} failed: ${error.message}`);
return {
success: false,
error: error.message
};
}
}
/**
* Get validation results with caching
*/
static async getValidation() {
const now = Date.now();
// Return cached validation if still valid
if (this.validationCache && (now - this.cacheTimestamp) < this.CACHE_DURATION) {
logger.debug('Using cached validation results');
return this.validationCache;
}
// Perform fresh validation
logger.debug('Performing fresh validation...');
this.validationCache = await permission_validator_1.PermissionValidator.validateAllPermissions();
this.cacheTimestamp = now;
return this.validationCache;
}
/**
* Clear validation cache (force re-validation)
*/
static clearCache() {
this.validationCache = null;
this.cacheTimestamp = 0;
logger.info('Validation cache cleared');
}
/**
* Quick validation check without full operation execution
*/
static async validateOnly() {
return await this.getValidation();
}
}
exports.MCPValidationGuard = MCPValidationGuard;
MCPValidationGuard.validationCache = null;
MCPValidationGuard.cacheTimestamp = 0;
MCPValidationGuard.CACHE_DURATION = 5 * 60 * 1000; // 5 minutes