activerecord-mcp 0.1.0

data/test/unit/auth/token_validator_test.rb

@@ -0,0 +1,100 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class TokenValidatorTest < ActiveSupport::TestCase
+  def app
+    inner = ->(_env) { [200, { "Content-Type" => "application/json" }, ["ok"]] }
+    RailsMcp::Auth::TokenValidator.new(inner)
+  end
+
+  test "allows OPTIONS requests without token" do
+    status, = app.call(env("OPTIONS", "/mcp"))
+    assert_equal 200, status
+  end
+
+  test "allows /.well-known/ without token" do
+    status, = app.call(env("GET", "/.well-known/oauth-authorization-server"))
+    assert_equal 200, status
+  end
+
+  test "rejects request with no Authorization header" do
+    status, _, body = app.call(env("POST", "/mcp"))
+    assert_equal 401, status
+    assert_match "Bearer token required", body.join
+  end
+
+  test "rejects invalid token" do
+    status, _, body = app.call(env("POST", "/mcp", token: "bogus"))
+    assert_equal 401, status
+    assert_match "Invalid or expired token", body.join
+  end
+
+  test "rejects expired token" do
+    token = create_valid_token(expires_in: -1)
+    status, = app.call(env("POST", "/mcp", token: token.token))
+    assert_equal 401, status
+  end
+
+  test "rejects revoked token" do
+    token = create_valid_token
+    token.revoke
+    status, = app.call(env("POST", "/mcp", token: token.token))
+    assert_equal 401, status
+  end
+
+  test "passes valid token through and sets env key" do
+    token = create_valid_token
+    rack_env = env("POST", "/mcp", token: token.token)
+    status, = app.call(rack_env)
+    assert_equal 200, status
+    assert_equal token.id, rack_env["rails_mcp.access_token"].id
+  end
+
+  test "rejects token missing required scope" do
+    token = create_valid_token(scopes: "")
+    status, _, body = app.call(env("POST", "/mcp", token: token.token))
+    assert_equal 403, status
+    assert_match "insufficient_scope", body.join
+    assert_match "mcp", body.join
+  end
+
+  test "rejects token with different scope" do
+    token = create_valid_token(scopes: "read")
+    status, headers, = app.call(env("POST", "/mcp", token: token.token))
+    assert_equal 403, status
+    assert_match "mcp", headers["WWW-Authenticate"]
+  end
+
+  test "scope check skipped when scope config is nil" do
+    RailsMcp.configuration.scope = nil
+    token = create_valid_token(scopes: "")
+    status, = app.call(env("POST", "/mcp", token: token.token))
+    assert_equal 200, status
+  end
+
+  test "scope check skipped when scope config is empty string" do
+    RailsMcp.configuration.scope = ""
+    token = create_valid_token(scopes: "")
+    status, = app.call(env("POST", "/mcp", token: token.token))
+    assert_equal 200, status
+  end
+
+  private
+
+  def env(method, path, token: nil)
+    e = Rack::MockRequest.env_for(path, method: method)
+    e["HTTP_AUTHORIZATION"] = "Bearer #{token}" if token
+    e
+  end
+
+  def create_valid_token(expires_in: 3600, scopes: "mcp")
+    app_record = Doorkeeper::Application.create!(
+      name: "test-#{SecureRandom.hex(4)}",
+      redirect_uri: "urn:ietf:wg:oauth:2.0:oob",
+      confidential: false,
+      scopes: "mcp read"
+    )
+    Doorkeeper::AccessToken.create!(application: app_record, expires_in: expires_in, scopes: scopes)
+  end
+end

data/test/unit/database/denied_columns_test.rb

@@ -0,0 +1,154 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class DeniedColumnsTest < ActiveSupport::TestCase
+  setup do
+    User.create!(name: "Alice", email: "alice@example.com", age: 30)
+  end
+
+  teardown do
+    User.delete_all
+  end
+
+  # --- exact string match ---
+
+  test "denied column by exact string cannot be used in fields" do
+    RailsMcp.configuration.denied_columns = ["age"]
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, fields: ["age"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+  end
+
+  test "denied column by exact string cannot be used in conditions" do
+    RailsMcp.configuration.denied_columns = ["age"]
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, conditions: { "age" => 30 }).execute
+    end
+    assert_match "Unknown column(s) in conditions", err.message
+  end
+
+  test "denied column by exact string cannot be used in order" do
+    RailsMcp.configuration.denied_columns = ["age"]
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, order: "age DESC").execute
+    end
+    assert_match "Unknown order column", err.message
+  end
+
+  test "denied column does not appear in default results" do
+    RailsMcp.configuration.denied_columns = ["age"]
+    RailsMcp.configuration.default_fields = %i[id age created_at]
+    results = build(User).execute
+    refute results.first.key?("age")
+    assert results.first.key?("id")
+  end
+
+  # --- regex match ---
+
+  test "denied column by regex cannot be used in fields" do
+    RailsMcp.configuration.denied_columns = [/password/i]
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, fields: ["password_digest"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+  end
+
+  test "regex matches multiple columns" do
+    RailsMcp.configuration.denied_columns = [/\Aactive\z/]
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, fields: ["active"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+    # other columns still work
+    results = build(User, fields: ["name"]).execute
+    assert results.first.key?("name")
+  end
+
+  # --- mix of strings and regexes ---
+
+  test "accepts a mix of strings and regexes" do
+    RailsMcp.configuration.denied_columns = ["age", /email/i]
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, fields: ["age"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, fields: ["email"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+
+    # non-denied columns still work
+    results = build(User, fields: ["name"]).execute
+    assert results.first.key?("name")
+  end
+
+  # --- interaction with schema_file ---
+
+  test "denied_columns applies on top of schema_file" do
+    fixture = File.expand_path("../../fixtures/rails_mcp.yml", __dir__)
+    RailsMcp.configure do |c|
+      c.schema_file    = fixture
+      c.denied_columns = ["email"] # email is in the schema but denied here
+    end
+
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, fields: ["email"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+
+    # name is still accessible
+    results = build(User, fields: ["name"]).execute
+    assert results.first.key?("name")
+  end
+
+  # --- describe_model does not leak denied columns ---
+
+  test "describe_model hides denied columns from schema output" do
+    RailsMcp.configuration.denied_columns = [/age/]
+    response = RailsMcp::Tools::DescribeModel.call(model: "User", server_context: {})
+    result   = JSON.parse(response.content.first[:text])
+    col_names = result["columns"].map { |c| c["name"] }
+    refute_includes col_names, "age"
+    assert_includes col_names, "name"
+  end
+
+  test "describe_model hides denied columns matched by regex" do
+    RailsMcp.configuration.denied_columns = [/email/i]
+    response = RailsMcp::Tools::DescribeModel.call(model: "User", server_context: {})
+    result   = JSON.parse(response.content.first[:text])
+    col_names = result["columns"].map { |c| c["name"] }
+    refute_includes col_names, "email"
+  end
+
+  # --- count oracle blocked ---
+
+  test "count_records cannot use denied column as condition" do
+    RailsMcp.configuration.denied_columns = ["email"]
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      RailsMcp::Tools::CountRecords.call(
+        model: "User",
+        conditions: { "email" => "alice@example.com" },
+        server_context: {}
+      )
+    end
+    assert_match "Unknown column(s)", err.message
+  end
+
+  # --- non-denied columns are unaffected ---
+
+  test "non-denied columns are still accessible" do
+    RailsMcp.configuration.denied_columns = ["age"]
+    results = build(User, fields: %w[name email]).execute
+    assert results.first.key?("name")
+    assert results.first.key?("email")
+  end
+
+  private
+
+  def build(klass, **opts)
+    RailsMcp::Database::QueryBuilder.new(klass, **opts)
+  end
+end

data/test/unit/database/model_resolver_test.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class ModelResolverTest < ActiveSupport::TestCase
+  test "resolves a valid model name" do
+    assert_equal User, RailsMcp::Database::ModelResolver.resolve("User")
+  end
+
+  test "raises UnknownModel for non-existent constant" do
+    assert_raises(RailsMcp::Database::ModelResolver::UnknownModel) do
+      RailsMcp::Database::ModelResolver.resolve("Nonexistent")
+    end
+  end
+
+  test "raises UnknownModel for non-AR class" do
+    assert_raises(RailsMcp::Database::ModelResolver::UnknownModel) do
+      RailsMcp::Database::ModelResolver.resolve("String")
+    end
+  end
+
+  test "raises UnknownModel for path traversal attempt" do
+    assert_raises(RailsMcp::Database::ModelResolver::UnknownModel) do
+      RailsMcp::Database::ModelResolver.resolve("../../etc/passwd")
+    end
+  end
+
+  test "raises UnknownModel for lowercase name" do
+    assert_raises(RailsMcp::Database::ModelResolver::UnknownModel) do
+      RailsMcp::Database::ModelResolver.resolve("user")
+    end
+  end
+
+  test "denied_models blocks access" do
+    RailsMcp.configuration.denied_models = ["User"]
+    assert_raises(RailsMcp::Database::ModelResolver::AccessDenied) do
+      RailsMcp::Database::ModelResolver.resolve("User")
+    end
+  end
+
+  test "allowed_models restricts access" do
+    RailsMcp.configuration.allowed_models = ["Post"]
+    assert_raises(RailsMcp::Database::ModelResolver::AccessDenied) do
+      RailsMcp::Database::ModelResolver.resolve("User")
+    end
+    assert_equal Post, RailsMcp::Database::ModelResolver.resolve("Post")
+  end
+
+  test "empty allowed_models permits all" do
+    RailsMcp.configuration.allowed_models = []
+    assert_equal User, RailsMcp::Database::ModelResolver.resolve("User")
+  end
+
+  test "all_accessible returns AR models respecting config" do
+    RailsMcp.configuration.denied_models = ["Post"]
+    models = RailsMcp::Database::ModelResolver.all_accessible.map(&:name)
+    assert_includes models, "User"
+    refute_includes models, "Post"
+  end
+end

data/test/unit/database/query_builder_test.rb

@@ -0,0 +1,132 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class QueryBuilderTest < ActiveSupport::TestCase
+  setup do
+    User.create!(name: "Alice", email: "alice@example.com", age: 30, active: true)
+    User.create!(name: "Bob",   email: "bob@example.com",   age: 25, active: false)
+  end
+
+  test "returns default fields when none specified" do
+    results = build(User).execute
+    assert_equal %w[id created_at updated_at].sort, results.first.keys.sort
+  end
+
+  test "returns requested fields" do
+    results = build(User, fields: %w[name email]).execute
+    assert_equal %w[email name], results.first.keys.sort
+  end
+
+  test "filters by conditions" do
+    results = build(User, conditions: { "active" => true }, fields: ["name"]).execute
+    assert_equal 1, results.length
+    assert_equal "Alice", results.first["name"]
+  end
+
+  test "respects limit" do
+    results = build(User, limit: 1).execute
+    assert_equal 1, results.length
+  end
+
+  test "caps limit at max_limit" do
+    RailsMcp.configuration.max_limit = 1
+    results = build(User, limit: 999).execute
+    assert_equal 1, results.length
+  end
+
+  test "respects offset" do
+    all    = build(User, fields: ["name"], limit: 10).execute
+    offset = build(User, fields: ["name"], limit: 10, offset: 1).execute
+    assert_equal all.length - 1, offset.length
+  end
+
+  test "orders results" do
+    results = build(User, fields: ["name"], order: "name ASC").execute
+    assert_equal "Alice", results.first["name"]
+
+    results = build(User, fields: ["name"], order: "name DESC").execute
+    assert_equal "Bob", results.first["name"]
+  end
+
+  test "raises on unknown condition column" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, conditions: { "nonexistent" => 1 }).execute
+    end
+    assert_match "Unknown column(s) in conditions", err.message
+  end
+
+  test "raises on unknown field" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, fields: ["nonexistent"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+  end
+
+  test "raises on unknown order column" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, order: "nonexistent DESC").execute
+    end
+    assert_match "Unknown order column", err.message
+  end
+
+  test "raises on invalid order direction" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, order: "name DROPTABLE").execute
+    end
+    assert_match "Invalid order direction", err.message
+  end
+
+  test "SQL injection in order column is rejected" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, order: "name; DROP TABLE users").execute
+    end
+    # "name;" is not a valid column name, so the column check fires first
+    assert_match(/Unknown order column/, err.message)
+  end
+
+  test "hash value in conditions is rejected" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, conditions: { "name" => { "starts_with" => "Al" } }).execute
+    end
+    assert_match "Invalid condition value(s)", err.message
+  end
+
+  test "array of scalars in conditions is accepted" do
+    results = build(User, conditions: { "name" => %w[Alice Bob] }, fields: ["name"]).execute
+    assert_equal 2, results.length
+  end
+
+  test "raises when offset exceeds max_offset" do
+    RailsMcp.configuration.max_offset = 500
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, offset: 501).execute
+    end
+    assert_match "exceeds maximum allowed offset", err.message
+    assert_match "500", err.message
+  end
+
+  test "offset at exactly max_offset is accepted" do
+    RailsMcp.configuration.max_offset = 500
+    assert_nothing_raised { build(User, offset: 500).execute }
+  end
+
+  test "negative offset is treated as zero" do
+    results_zero = build(User, fields: ["name"]).execute
+    results_negative = build(User, fields: ["name"], offset: -10).execute
+    assert_equal results_zero, results_negative
+  end
+
+  test "array containing hash in conditions is rejected" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      build(User, conditions: { "name" => [{ "starts_with" => "Al" }] }).execute
+    end
+    assert_match "Invalid condition value(s)", err.message
+  end
+
+  private
+
+  def build(klass, **opts)
+    RailsMcp::Database::QueryBuilder.new(klass, **opts)
+  end
+end

data/test/unit/generators/install_generator_test.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+require "test_helper"
+require "rails/generators/test_case"
+require "generators/rails_mcp/install/install_generator"
+
+class InstallGeneratorTest < Rails::Generators::TestCase
+  tests RailsMcp::Generators::InstallGenerator
+  destination File.expand_path("../../tmp/generator_output", __dir__)
+  setup :prepare_destination
+
+  test "creates the initializer file" do
+    run_generator
+    assert_file "config/initializers/rails_mcp.rb"
+  end
+
+  test "initializer contains all config keys commented out" do
+    run_generator
+    assert_file "config/initializers/rails_mcp.rb" do |content|
+      %w[
+        database_role
+        default_fields
+        allowed_models
+        denied_models
+        denied_columns
+        max_limit
+        max_offset
+        schema_file
+        scope
+      ].each do |key|
+        assert_match(/#\s*config\.#{key}/, content, "Expected #{key} to be present and commented out")
+      end
+    end
+  end
+
+  test "initializer wraps config in RailsMcp.configure block" do
+    run_generator
+    assert_file "config/initializers/rails_mcp.rb" do |content|
+      assert_match "RailsMcp.configure do |config|", content
+    end
+  end
+
+  test "does not overwrite an existing initializer by default" do
+    FileUtils.mkdir_p File.join(destination_root, "config/initializers")
+    File.write(File.join(destination_root, "config/initializers/rails_mcp.rb"), "# existing content")
+
+    run_generator [], behavior: :skip
+    assert_file "config/initializers/rails_mcp.rb" do |content|
+      assert_match "# existing content", content
+    end
+  end
+end

data/test/unit/schema_config_test.rb

@@ -0,0 +1,142 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class SchemaConfigTest < ActiveSupport::TestCase
+  FIXTURE = File.expand_path("../fixtures/rails_mcp.yml", __dir__)
+
+  test "loads model names from YAML" do
+    schema = RailsMcp::SchemaConfig.new(FIXTURE)
+    assert_includes schema.model_names, "User"
+    assert_includes schema.model_names, "Post"
+  end
+
+  test "accessible? returns true for listed models" do
+    schema = RailsMcp::SchemaConfig.new(FIXTURE)
+    assert schema.accessible?("User")
+    assert schema.accessible?("Post")
+  end
+
+  test "accessible? returns false for unlisted models" do
+    schema = RailsMcp::SchemaConfig.new(FIXTURE)
+    refute schema.accessible?("Order")
+  end
+
+  test "allowed_columns returns columns for a model" do
+    schema = RailsMcp::SchemaConfig.new(FIXTURE)
+    assert_equal %w[name email], schema.allowed_columns("User")
+  end
+
+  test "allowed_columns returns empty array for unknown model" do
+    schema = RailsMcp::SchemaConfig.new(FIXTURE)
+    assert_equal [], schema.allowed_columns("Ghost")
+  end
+
+  test "raises when file does not exist" do
+    assert_raises(RailsMcp::SchemaConfig::Error) do
+      RailsMcp::SchemaConfig.new("/nonexistent/path.yml")
+    end
+  end
+
+  test "raises when file is not a mapping" do
+    Tempfile.create(["schema", ".yml"]) do |f|
+      f.write("- just_a_list\n")
+      f.flush
+      assert_raises(RailsMcp::SchemaConfig::Error) do
+        RailsMcp::SchemaConfig.new(f.path)
+      end
+    end
+  end
+
+  test "raises when model name is invalid" do
+    Tempfile.create(["schema", ".yml"]) do |f|
+      f.write("lowercase:\n  - id\n")
+      f.flush
+      assert_raises(RailsMcp::SchemaConfig::Error) do
+        RailsMcp::SchemaConfig.new(f.path)
+      end
+    end
+  end
+
+  test "raises when columns are not an array of strings" do
+    Tempfile.create(["schema", ".yml"]) do |f|
+      f.write("User: not_an_array\n")
+      f.flush
+      assert_raises(RailsMcp::SchemaConfig::Error) do
+        RailsMcp::SchemaConfig.new(f.path)
+      end
+    end
+  end
+end
+
+class SchemaConfigIntegrationTest < ActiveSupport::TestCase
+  FIXTURE = File.expand_path("../fixtures/rails_mcp.yml", __dir__)
+
+  setup do
+    RailsMcp.configure { |c| c.schema_file = FIXTURE }
+    User.create!(name: "Alice", email: "alice@example.com")
+  end
+
+  teardown do
+    User.delete_all
+  end
+
+  test "ModelResolver only exposes listed models" do
+    assert_equal User, RailsMcp::Database::ModelResolver.resolve("User")
+    assert_raises(RailsMcp::Database::ModelResolver::AccessDenied) do
+      # Doorkeeper models are not in the schema
+      RailsMcp::Database::ModelResolver.resolve("Doorkeeper::Application")
+    end
+  end
+
+  test "ModelResolver.all_accessible respects schema" do
+    names = RailsMcp::Database::ModelResolver.all_accessible.map(&:name)
+    assert_includes names, "User"
+    assert_includes names, "Post"
+    refute(names.any? { |n| n.start_with?("Doorkeeper") })
+  end
+
+  test "id and timestamps are returned by default even when not listed in schema" do
+    results = RailsMcp::Database::QueryBuilder.new(User).execute
+    assert results.first.key?("id")
+    assert results.first.key?("created_at")
+    assert results.first.key?("updated_at")
+    refute results.first.key?("name")
+  end
+
+  test "id and timestamps are queryable in conditions even when not listed in schema" do
+    user    = User.first
+    results = RailsMcp::Database::QueryBuilder.new(User, conditions: { "id" => user.id },
+                                                         fields: ["name"]).execute
+    assert_equal 1, results.length
+  end
+
+  test "QueryBuilder allows schema-listed columns" do
+    results = RailsMcp::Database::QueryBuilder.new(User, fields: ["name"]).execute
+    assert results.first.key?("name")
+  end
+
+  test "QueryBuilder rejects columns not in schema and not in default_fields" do
+    # 'age' is on the User table but not in the schema or default_fields
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      RailsMcp::Database::QueryBuilder.new(User, fields: ["age"]).execute
+    end
+    assert_match "Unknown field(s)", err.message
+  end
+
+  test "QueryBuilder rejects conditions on columns not in schema or default_fields" do
+    err = assert_raises(RailsMcp::Database::QueryBuilder::Error) do
+      RailsMcp::Database::QueryBuilder.new(User, conditions: { "age" => 30 }).execute
+    end
+    assert_match "Unknown column(s) in conditions", err.message
+  end
+
+  test "schema_file takes precedence over allowed_models config" do
+    RailsMcp.configure do |c|
+      c.schema_file    = FIXTURE
+      c.allowed_models = ["Post"] # would normally block User
+    end
+    # schema_file wins — User is accessible because it's in the YAML
+    assert_equal User, RailsMcp::Database::ModelResolver.resolve("User")
+  end
+end