rails-active-mcp 0.1.6 → 2.0.7

data/lib/generators/rails_active_mcp/install/templates/mcp.ru

@@ -1,7 +1,11 @@
 # frozen_string_literal: true
 
 require_relative 'config/environment'
-require 'rails_active_mcp'
+require 'rails_active_mcp/sdk/server'
 
-# Run the Rails Active MCP server
-run RailsActiveMcp::McpServer.new
+# Run the Rails Active MCP server using the official MCP Ruby SDK
+# Note: This file is primarily for reference. The recommended way to run
+# the server is using: bin/rails-active-mcp-server
+
+server = RailsActiveMcp::SDK::Server.new
+server.run

data/lib/rails_active_mcp/configuration.rb

@@ -1,119 +1,58 @@
+# frozen_string_literal: true
+
 require 'fileutils'
 
 module RailsActiveMcp
   class Configuration
-    attr_accessor :enabled, :safe_mode, :default_timeout, :max_results,
-                  :allowed_models, :blocked_models, :custom_safety_patterns,
-                  :log_executions, :audit_file, :enable_mutation_tools,
-                  :require_confirmation_for, :execution_environment, :server_mode,
-                  :server_host, :server_port
+    # Core configuration options
+    attr_accessor :allowed_commands, :command_timeout, :enable_logging, :log_level
+
+    # Safety and execution options
+    attr_accessor :safe_mode, :default_timeout, :max_results, :log_executions, :audit_file
+    attr_accessor :custom_safety_patterns, :allowed_models
 
     def initialize
-      @enabled = true
+      @allowed_commands = %w[
+        ls pwd cat head tail grep find wc
+        rails console rails runner
+        bundle exec rspec bundle exec test
+        git status git log git diff
+      ]
+      @command_timeout = 30
+      @enable_logging = true
+      @log_level = :info
+
+      # Safety and execution defaults
       @safe_mode = true
       @default_timeout = 30
       @max_results = 100
-      @allowed_models = [] # Empty means all models allowed
-      @blocked_models = []
+      @log_executions = false
+      @audit_file = nil
       @custom_safety_patterns = []
-      @log_executions = true
-      # Safe Rails.root access
-      if defined?(Rails) && Rails.respond_to?(:root) && Rails.root
-        @audit_file = rails_root_join('log',
-                                      'rails_active_mcp.log')
-      end
-      @enable_mutation_tools = false
-      @require_confirmation_for = %i[delete destroy update_all delete_all]
-      @execution_environment = :current # :current, :sandbox, :readonly_replica
-      @server_mode = :stdio # :stdio, :http
-      @server_host = 'localhost'
-      @server_port = 3001
-    end
-
-    # Safety configuration
-    def strict_mode!
-      @safe_mode = true
-      @enable_mutation_tools = false
-      @default_timeout = 15
-      @max_results = 50
-    end
-
-    def permissive_mode!
-      @safe_mode = false
-      @enable_mutation_tools = true
-      @default_timeout = 60
-      @max_results = 1000
-    end
-
-    def production_mode!
-      strict_mode!
-      @execution_environment = :readonly_replica
-      @log_executions = true
-      @require_confirmation_for = %i[delete destroy update create save]
-    end
-
-    # Model access configuration
-    def allow_models(*models)
-      @allowed_models.concat(models.map(&:to_s))
-    end
-
-    def block_models(*models)
-      @blocked_models.concat(models.map(&:to_s))
+      @allowed_models = []
     end
 
-    def add_safety_pattern(pattern, description = nil)
-      @custom_safety_patterns << { pattern: pattern, description: description }
-    end
-
-    # Server configuration
-    def stdio_mode!
-      @server_mode = :stdio
-    end
-
-    def http_mode!(host: 'localhost', port: 3001)
-      @server_mode = :http
-      @server_host = host
-      @server_port = port
-    end
-
-    def server_mode_valid?
-      %i[stdio http].include?(@server_mode)
-    end
-
-    # Validation
     def model_allowed?(model_name)
-      model_str = model_name.to_s
-
-      # Check if specifically blocked
-      return false if @blocked_models.include?(model_str)
-
-      # If allow list is empty, allow all (except blocked)
-      return true if @allowed_models.empty?
+      return true if @allowed_models.empty? # Allow all if none specified
 
-      # Check allow list
-      @allowed_models.include?(model_str)
+      @allowed_models.include?(model_name.to_s)
     end
 
-    def validate!
-      raise ArgumentError, 'timeout must be positive' if @default_timeout <= 0
-      raise ArgumentError, 'max_results must be positive' if @max_results <= 0
-      raise ArgumentError, "invalid server_mode: #{@server_mode}" unless server_mode_valid?
-      raise ArgumentError, 'server_port must be positive' if @server_port <= 0
-
-      return unless defined?(Rails) && @audit_file
-
-      audit_dir = File.dirname(@audit_file)
-      FileUtils.mkdir_p(audit_dir) unless File.directory?(audit_dir)
+    def valid?
+      allowed_commands.is_a?(Array) &&
+        command_timeout.is_a?(Numeric) && command_timeout > 0 &&
+        [true, false].include?(enable_logging) &&
+        %i[debug info warn error].include?(log_level) &&
+        [true, false].include?(safe_mode) &&
+        default_timeout.is_a?(Numeric) && default_timeout > 0 &&
+        max_results.is_a?(Numeric) && max_results > 0 &&
+        [true, false].include?(log_executions) &&
+        custom_safety_patterns.is_a?(Array) &&
+        allowed_models.is_a?(Array)
     end
 
-    private
-
-    def rails_root_join(*args)
-      if defined?(Rails) && Rails.respond_to?(:root) && Rails.root
-        Rails.root.join(*args)
-      else
-        File.join(Dir.pwd, *args)
-      end
+    def reset!
+      initialize
     end
   end
 end

data/lib/rails_active_mcp/console_executor.rb

@@ -5,9 +5,15 @@ require 'rails'
 
 module RailsActiveMcp
   class ConsoleExecutor
+    # Thread-safe execution errors
+    class ExecutionError < StandardError; end
+    class ThreadSafetyError < StandardError; end
+
     def initialize(config)
       @config = config
       @safety_checker = SafetyChecker.new(config)
+      # Thread-safe mutex for critical sections
+      @execution_mutex = Mutex.new
     end
 
     def execute(code, timeout: nil, safe_mode: nil, capture_output: true)
@@ -17,16 +23,14 @@ module RailsActiveMcp
       # Pre-execution safety check
       if safe_mode
         safety_analysis = @safety_checker.analyze(code)
-        unless safety_analysis[:safe]
-          raise SafetyError, "Code failed safety check: #{safety_analysis[:summary]}"
-        end
+        raise SafetyError, "Code failed safety check: #{safety_analysis[:summary]}" unless safety_analysis[:safe]
       end
 
       # Log execution if enabled
       log_execution(code) if @config.log_executions
 
-      # Execute with timeout and output capture
-      result = execute_with_timeout(code, timeout, capture_output)
+      # Execute with Rails 7.1 compatible thread safety
+      result = execute_with_rails_executor(code, timeout, capture_output)
 
       # Post-execution processing
       process_result(result)
@@ -36,16 +40,13 @@ module RailsActiveMcp
       limit ||= @config.max_results
 
       # Validate model access
-      unless @config.model_allowed?(model)
-        raise SafetyError, "Access to model '#{model}' is not allowed"
-      end
+      raise SafetyError, "Access to model '#{model}' is not allowed" unless @config.model_allowed?(model)
 
       # Validate method safety
-      unless safe_query_method?(method)
-        raise SafetyError, "Method '#{method}' is not allowed for safe queries"
-      end
+      raise SafetyError, "Method '#{method}' is not allowed for safe queries" unless safe_query_method?(method)
 
-      begin
+      # Execute with proper Rails executor and connection management
+      execute_with_rails_executor_and_connection do
         model_class = model.to_s.constantize
 
         # Build and execute query
@@ -56,9 +57,7 @@ module RailsActiveMcp
                 end
 
         # Apply limit for enumerable results
-        if query.respond_to?(:limit) && !count_method?(method)
-          query = query.limit(limit)
-        end
+        query = query.limit(limit) if query.respond_to?(:limit) && !count_method?(method)
 
         result = execute_query_with_timeout(query)
 
@@ -71,7 +70,7 @@ module RailsActiveMcp
           count: calculate_count(result),
           executed_at: Time.now
         }
-      rescue => e
+      rescue StandardError => e
         log_error(e, { model: model, method: method, args: args })
         {
           success: false,
@@ -99,6 +98,87 @@ module RailsActiveMcp
 
     private
 
+    def execute_with_rails_executor(code, timeout, capture_output)
+      if defined?(Rails) && Rails.application
+        # Handle development mode reloading if needed
+        handle_development_reloading if Rails.env.development?
+
+        # Rails 7.1 compatible execution with proper dependency loading
+        if defined?(ActiveSupport::Dependencies) && ActiveSupport::Dependencies.respond_to?(:interlock)
+          ActiveSupport::Dependencies.interlock.permit_concurrent_loads do
+            Rails.application.executor.wrap do
+              execute_with_connection_pool(code, timeout, capture_output)
+            end
+          end
+        else
+          # Fallback for older Rails versions
+          Rails.application.executor.wrap do
+            execute_with_connection_pool(code, timeout, capture_output)
+          end
+        end
+      else
+        # Non-Rails execution
+        execute_with_timeout(code, timeout, capture_output)
+      end
+    rescue TimeoutError => e
+      # Re-raise timeout errors as-is
+      raise e
+    rescue StandardError => e
+      raise ThreadSafetyError, "Thread-safe execution failed: #{e.message}"
+    end
+
+    # Manage ActiveRecord connection pool properly
+    def execute_with_connection_pool(code, timeout, capture_output)
+      if defined?(ActiveRecord::Base)
+        ActiveRecord::Base.connection_pool.with_connection do
+          execute_with_timeout(code, timeout, capture_output)
+        end
+      else
+        execute_with_timeout(code, timeout, capture_output)
+      end
+    ensure
+      # Clean up connections to prevent pool exhaustion
+      if defined?(ActiveRecord::Base)
+        ActiveRecord::Base.clear_active_connections!
+        # Probabilistic garbage collection for long-running processes
+        GC.start if rand(100) < 5
+      end
+    end
+
+    # Helper method for safe queries with proper Rails executor and connection management
+    def execute_with_rails_executor_and_connection(&block)
+      if defined?(Rails) && Rails.application
+        if defined?(ActiveSupport::Dependencies) && ActiveSupport::Dependencies.respond_to?(:interlock)
+          ActiveSupport::Dependencies.interlock.permit_concurrent_loads do
+            Rails.application.executor.wrap do
+              if defined?(ActiveRecord::Base)
+                ActiveRecord::Base.connection_pool.with_connection(&block)
+              else
+                yield
+              end
+            end
+          end
+        else
+          Rails.application.executor.wrap do
+            if defined?(ActiveRecord::Base)
+              ActiveRecord::Base.connection_pool.with_connection(&block)
+            else
+              yield
+            end
+          end
+        end
+      else
+        yield
+      end
+    ensure
+      # Clean up connections
+      if defined?(ActiveRecord::Base)
+        ActiveRecord::Base.clear_active_connections!
+        # Probabilistic garbage collection for long-running processes
+        GC.start if rand(100) < 5
+      end
+    end
+
     def execute_with_timeout(code, timeout, capture_output)
       Timeout.timeout(timeout) do
         if capture_output
@@ -112,46 +192,62 @@ module RailsActiveMcp
     end
 
     def execute_with_captured_output(code)
-      # Capture both stdout and the return value
-      old_stdout = $stdout
-      captured_output = StringIO.new
-      $stdout = captured_output
-
-      # Create execution context
-      binding_context = create_console_binding
-
-      # Execute code
-      start_time = Time.now
-      return_value = binding_context.eval(code)
-      execution_time = Time.now - start_time
-
-      output = captured_output.string
-      $stdout = old_stdout
-
-      {
-        success: true,
-        return_value: return_value,
-        output: output,
-        return_value_string: safe_inspect(return_value),
-        execution_time: execution_time,
-        code: code
-      }
-    rescue => e
-      $stdout = old_stdout if old_stdout
-      execution_time = Time.now - start_time if defined?(start_time)
-
-      {
-        success: false,
-        error: e.message,
-        error_class: e.class.name,
-        backtrace: e.backtrace&.first(10),
-        execution_time: execution_time,
-        code: code
-      }
+      # Thread-safe output capture using mutex
+      @execution_mutex.synchronize do
+        # Capture both stdout and stderr to prevent any Rails output leakage
+        old_stdout = $stdout
+        old_stderr = $stderr
+        captured_output = StringIO.new
+        captured_errors = StringIO.new
+        $stdout = captured_output
+        $stderr = captured_errors
+
+        begin
+          # Create thread-safe execution context
+          binding_context = create_thread_safe_console_binding
+
+          # Execute code
+          start_time = Time.now
+          return_value = binding_context.eval(code)
+          execution_time = Time.now - start_time
+
+          output = captured_output.string
+          errors = captured_errors.string
+
+          # Combine output and errors for comprehensive result
+          combined_output = [output, errors].reject(&:empty?).join("\n")
+
+          {
+            success: true,
+            return_value: return_value,
+            output: combined_output,
+            return_value_string: safe_inspect(return_value),
+            execution_time: execution_time,
+            code: code
+          }
+        rescue StandardError => e
+          execution_time = Time.now - start_time if defined?(start_time)
+          errors = captured_errors.string
+
+          {
+            success: false,
+            error: e.message,
+            error_class: e.class.name,
+            backtrace: e.backtrace&.first(10),
+            execution_time: execution_time,
+            code: code,
+            stderr: errors.empty? ? nil : errors
+          }
+        ensure
+          $stdout = old_stdout if old_stdout
+          $stderr = old_stderr if old_stderr
+        end
+      end
     end
 
     def execute_direct(code)
-      binding_context = create_console_binding
+      # Create thread-safe binding context
+      binding_context = create_thread_safe_console_binding
       start_time = Time.now
 
       result = binding_context.eval(code)
@@ -163,7 +259,7 @@ module RailsActiveMcp
         execution_time: execution_time,
         code: code
       }
-    rescue => e
+    rescue StandardError => e
       execution_time = Time.now - start_time if defined?(start_time)
 
       {
@@ -186,35 +282,47 @@ module RailsActiveMcp
       end
     end
 
-    def create_console_binding
-      # Create a clean binding with Rails console helpers
+    # Thread-safe console binding creation
+    def create_thread_safe_console_binding
+      # Create a new binding context for each execution to avoid shared state
       console_context = Object.new
 
       console_context.instance_eval do
-        # Add Rails helpers if available
+        # Add Rails helpers if available (thread-safe)
         if defined?(Rails) && Rails.application
-          extend Rails.application.routes.url_helpers if Rails.application.routes
+          # Only extend if routes are available and it's safe to do so
+          extend Rails.application.routes.url_helpers if Rails.application.routes && !Rails.env.production?
 
           def reload!
-            Rails.application.reloader.reload!
-            "Reloaded!"
+            if defined?(Rails) && Rails.application && Rails.application.respond_to?(:reloader)
+              Rails.application.reloader.reload!
+              'Reloaded!'
+            else
+              'Reload not available'
+            end
           end
 
           def app
-            Rails.application
+            Rails.application if defined?(Rails)
           end
 
           def helper
-            ApplicationController.helpers if defined?(ApplicationController)
+            return unless defined?(ApplicationController) && ApplicationController.respond_to?(:helpers)
+
+            ApplicationController.helpers
           end
         end
 
-        # Add common console helpers
+        # Add common console helpers (thread-safe)
         def sql(query)
+          raise NoMethodError, 'ActiveRecord not available' unless defined?(ActiveRecord::Base)
+
           ActiveRecord::Base.connection.select_all(query).to_a
         end
 
         def schema(table_name)
+          raise NoMethodError, 'ActiveRecord not available' unless defined?(ActiveRecord::Base)
+
           ActiveRecord::Base.connection.columns(table_name)
         end
       end
@@ -222,6 +330,12 @@ module RailsActiveMcp
       console_context.instance_eval { binding }
     end
 
+    # Previous methods remain the same but are now called within thread-safe context
+    def create_console_binding
+      # Delegate to thread-safe version
+      create_thread_safe_console_binding
+    end
+
     def safe_query_method?(method)
       safe_methods = %w[
         find find_by find_each find_in_batches
@@ -274,18 +388,16 @@ module RailsActiveMcp
 
     def safe_inspect(object)
       object.inspect
-    rescue => e
+    rescue StandardError => e
       "#<#{object.class}:0x#{object.object_id.to_s(16)} (inspect failed: #{e.message})>"
     end
 
     def process_result(result)
       # Apply max results limit to output
-      if result[:success] && result[:return_value].is_a?(Array)
-        if result[:return_value].size > @config.max_results
-          result[:return_value] = result[:return_value].first(@config.max_results)
-          result[:truncated] = true
-          result[:note] = "Result truncated to #{@config.max_results} items"
-        end
+      if result[:success] && result[:return_value].is_a?(Array) && (result[:return_value].size > @config.max_results)
+        result[:return_value] = result[:return_value].first(@config.max_results)
+        result[:truncated] = true
+        result[:note] = "Result truncated to #{@config.max_results} items"
       end
 
       result
@@ -310,16 +422,16 @@ module RailsActiveMcp
       recommendations = []
 
       if safety_analysis[:violations].any?
-        recommendations << "Consider using read-only alternatives"
-        recommendations << "Review the code for unintended side effects"
+        recommendations << 'Consider using read-only alternatives'
+        recommendations << 'Review the code for unintended side effects'
 
         if safety_analysis[:violations].any? { |v| v[:severity] == :critical }
-          recommendations << "This code contains critical safety violations and should not be executed"
+          recommendations << 'This code contains critical safety violations and should not be executed'
         end
       end
 
       unless safety_analysis[:read_only]
-        recommendations << "Consider using the safe_query tool for read-only operations"
+        recommendations << 'Consider using the safe_query tool for read-only operations'
       end
 
       recommendations
@@ -338,9 +450,9 @@ module RailsActiveMcp
       File.open(@config.audit_file, 'a') do |f|
         f.puts(JSON.generate(log_entry))
       end
-    rescue => e
+    rescue StandardError => e
       # Don't fail execution due to logging issues
-      Rails.logger.warn "Failed to log Rails Active MCP execution: #{e.message}" if defined?(Rails)
+      RailsActiveMcp.logger.warn "Failed to log Rails Active MCP execution: #{e.message}"
     end
 
     def log_error(error, context = {})
@@ -358,7 +470,7 @@ module RailsActiveMcp
       File.open(@config.audit_file, 'a') do |f|
         f.puts(JSON.generate(log_entry))
       end
-    rescue
+    rescue StandardError
       # Silently fail logging
     end
 
@@ -371,8 +483,20 @@ module RailsActiveMcp
       else
         { environment: Rails.env }
       end
-    rescue
+    rescue StandardError
       { unknown: true }
     end
+
+    # Handle development mode reloading safely
+    def handle_development_reloading
+      return unless Rails.env.development?
+      return unless defined?(Rails.application.reloader)
+
+      # Check if reloading is needed and safe to do
+      Rails.application.reloader.reload! if Rails.application.reloader.check!
+    rescue StandardError => e
+      # Log but don't fail execution due to reloading issues
+      RailsActiveMcp.logger.warn "Failed to reload in development: #{e.message}" if defined?(RailsActiveMcp.logger)
+    end
   end
 end

data/lib/rails_active_mcp/engine.rb

@@ -6,6 +6,37 @@ module RailsActiveMcp
 
     config.rails_active_mcp = ActiveSupport::OrderedOptions.new
 
+    # Ensure configuration is available very early
+    initializer 'rails_active_mcp.early_configuration', before: :load_config_initializers do
+      RailsActiveMcp.configure unless RailsActiveMcp.configuration
+    end
+
+    # Configure logging with Rails 7.1+ compatibility
+    initializer 'rails_active_mcp.logger', after: :initialize_logger, before: :set_clear_dependencies_hook do
+      # Only set logger if Rails logger is available and responds to logging methods
+      RailsActiveMcp.logger = if defined?(Rails.logger) && Rails.logger.respond_to?(:info)
+                                # Check if Rails logger is using semantic logger or other custom loggers
+                                if Rails.logger.class.name.include?('SemanticLogger')
+                                  # For semantic logger, we need to create a tagged logger
+                                  Rails.logger.tagged('RailsActiveMcp')
+                                else
+                                  # For standard Rails logger, use it directly
+                                  Rails.logger
+                                end
+                              else
+                                # Fallback to our own logger if Rails logger is not available
+                                Logger.new(STDERR).tap do |logger|
+                                  logger.level = Rails.env.production? ? Logger::WARN : Logger::INFO
+                                  logger.formatter = proc do |severity, datetime, progname, msg|
+                                    "[#{datetime}] #{severity} -- RailsActiveMcp: #{msg}\n"
+                                  end
+                                end
+                              end
+
+      # Log that the logger has been initialized
+      RailsActiveMcp.logger.info "Rails Active MCP logger initialized (#{RailsActiveMcp.logger.class.name})"
+    end
+
     # Add generators configuration
     config.generators do |g|
       g.test_framework :rspec, fixture: false
@@ -23,18 +54,15 @@ module RailsActiveMcp
         end
       end
 
-      # Set default audit file location
-      RailsActiveMcp.config.audit_file ||= Rails.root.join('log', 'rails_active_mcp.log')
-
       # Validate configuration
-      RailsActiveMcp.config.validate!
+      RailsActiveMcp.config.valid?
     end
 
-    # Add our tools directory to the load path
-    config.autoload_paths << root.join('lib', 'rails_active_mcp', 'tools')
+    # Add our SDK tools directory to the load path
+    config.autoload_paths << root.join('lib', 'rails_active_mcp', 'sdk', 'tools')
 
-    # Ensure our tools are eager loaded in production
-    config.eager_load_paths << root.join('lib', 'rails_active_mcp', 'tools')
+    # Ensure our SDK tools are eager loaded in production
+    config.eager_load_paths << root.join('lib', 'rails_active_mcp', 'sdk', 'tools')
 
     # Add rake tasks
     rake_tasks do