@aliyun-rds/supabase-mcp-server 1.0.6 → 1.0.7

package/README.md

@@ -70,6 +70,23 @@ For example, when you ask an AI assistant "List all tables in my database", it w
 3. Execute the tool against your Supabase instance
 4. Present the results in a human-readable format
 
+## Authentication Modes & Permission Levels
+
+The server supports three authentication modes with automatic tool filtering:
+
+- **Mode 1 – Alibaba Cloud Multi-Instance (AuthMode `aliyun`, permission `full`)**  
+  Use `--aliyun-ak`, `--aliyun-sk`, and `--aliyun-region` to discover and manage multiple Aliyun RDS Supabase instances. Grants access to all tools, including Aliyun management tools.
+- **Mode 2 – Single Instance Admin (AuthMode `admin`, permission `admin`)**  
+  Use `--supabase-url`, `--supabase-anon-key`, and `--supabase-service-role-key` for a single project. Admin-only tools stay available; Aliyun management tools are hidden.
+- **Mode 3 – Single Instance User (AuthMode `user`, permission `user`)**  
+  Use `--supabase-url`, `--supabase-anon-key`, plus `--supabase-user-email` and `--supabase-user-password`. Runs under the user’s RLS scope; admin tools and Aliyun management tools are disabled.
+
+Tool visibility is enforced automatically:
+- **Aliyun-only tools** (e.g., `list_aliyun_supabase_instances`, `connect_to_supabase_instance`, `get_current_supabase_instance`, `disconnect_supabase_instance`) require `full` permissions.
+- **Admin-only tools** (auth management, `get_service_key`, `verify_jwt_secret`, `install_execute_sql_function`, `rebuild_hooks`) require `full` or `admin` permissions.
+
+Mode selection priority: if multiple configurations are provided, the server picks Aliyun first; if Aliyun is absent and user credentials are complete, user mode is selected; otherwise admin mode is used. A warning is logged when multiple modes are detected.
+
 ## Setup and Installation
 
 ### Alibaba Cloud Mode Setup
@@ -158,16 +175,87 @@ Or use environment variables:
 3. **Use tools**: Now you can use all Supabase tools (list_tables, execute_sql, etc.)
 4. **Disconnect** (optional): Use `disconnect_supabase_instance` to switch instances
 
-### Additional Installation Options
+### Single Instance Admin Mode Setup
+
+```bash
+npx @aliyun-rds/supabase-mcp-server \
+  --supabase-url https://<your-project>.supabase.co \
+  --supabase-anon-key <anon-key> \
+  --supabase-service-role-key <service-role-key> \
+  [--db-url <postgres-connection-string>] \
+  [--jwt-secret <jwt-secret>] \
+  [--enable-rag-agent]
+```
+
+Environment variable alternative:
+
+```bash
+SUPABASE_URL=https://<your-project>.supabase.co \
+SUPABASE_ANON_KEY=<anon-key> \
+SUPABASE_SERVICE_ROLE_KEY=<service-role-key> \
+supabase-mcp
+```
+
+Claude Desktop / Cursor JSON 示例：
+
+```json
+{
+  "mcpServers": {
+    "supabase-admin": {
+      "command": "npx",
+      "args": [
+        "@aliyun-rds/supabase-mcp-server",
+        "--supabase-url", "https://<your-project>.supabase.co",
+        "--supabase-anon-key", "<anon-key>",
+        "--supabase-service-role-key", "<service-role-key>"
+      ]
+    }
+  }
+}
+```
 
-#### Install via Smithery
+### Single Instance User Mode Setup (RLS Restricted)
 
-Install the Aliyun RDS Supabase MCP Server for Claude Desktop automatically via [Smithery](https://smithery.ai/server/@HenkDz/selfhosted-supabase-mcp):
+```bash
+npx @aliyun-rds/supabase-mcp-server \
+  --supabase-url https://<your-project>.supabase.co \
+  --supabase-anon-key <anon-key> \
+  --supabase-user-email <user-email> \
+  --supabase-user-password <user-password> \
+  [--enable-rag-agent]
+```
+
+Environment variable alternative:
 
 ```bash
-npx -y @smithery/cli install @HenkDz/selfhosted-supabase-mcp --client claude
+SUPABASE_URL=https://<your-project>.supabase.co \
+SUPABASE_ANON_KEY=<anon-key> \
+SUPABASE_USER_EMAIL=<user-email> \
+SUPABASE_USER_PASSWORD=<user-password> \
+supabase-mcp
+```
+
+Claude Desktop / Cursor JSON 示例：
+
+```json
+{
+  "mcpServers": {
+    "supabase-user": {
+      "command": "npx",
+      "args": [
+        "@aliyun-rds/supabase-mcp-server",
+        "--supabase-url", "https://<your-project>.supabase.co",
+        "--supabase-anon-key", "<anon-key>",
+        "--supabase-user-email", "<user-email>",
+        "--supabase-user-password", "<user-password>"
+      ]
+    }
+  }
+}
 ```
 
+### Additional Installation Options
+
 #### Global Installation
 
 ```bash
@@ -180,20 +268,45 @@ supabase-mcp \
 
 ## Configuration
 
-The server now relies exclusively on Alibaba Cloud credentials. Provide them via command-line arguments or environment variables (CLI arguments take precedence). Once authenticated, the MCP server automatically retrieves the Supabase URL, anon key, service key, database connection string, and JWT secret for the selected Aliyun RDS instance—no manual entry is needed.
+Choose one configuration path. CLI flags override environment variables.
+
+### Mode 1 — Alibaba Cloud Multi-Instance (permission: full)
+
+Required:
+- `--aliyun-ak <key>` or `ALIYUN_ACCESS_KEY_ID=<key>`
+- `--aliyun-sk <secret>` or `ALIYUN_ACCESS_KEY_SECRET=<secret>`
+- `--aliyun-region <region>` or `ALIYUN_REGION=<region>` (e.g., `cn-hangzhou`, `cn-beijing`; required for discovery)
+
+Behavior: pulls Supabase URL/keys/DB URL/JWT secret from Aliyun for the selected instance.
+
+### Mode 2 — Single Instance Admin (permission: admin)
+
+Required:
+- `--supabase-url <url>` or `SUPABASE_URL`
+- `--supabase-anon-key <key>` or `SUPABASE_ANON_KEY`
+- `--supabase-service-role-key <key>` or `SUPABASE_SERVICE_ROLE_KEY`
+
+Optional:
+- `--db-url <postgres-connection-string>` or `DB_URL`
+- `--jwt-secret <secret>` or `JWT_SECRET`
 
-### Required Parameters
+Legacy flag aliases are still accepted: `--url`, `--anon-key`, `--service-key`, `--db-url`, `--jwt-secret`.
 
-*   `--aliyun-ak <key>` or `ALIYUN_ACCESS_KEY_ID=<key>`: Alibaba Cloud Access Key ID.
-*   `--aliyun-sk <secret>` or `ALIYUN_ACCESS_KEY_SECRET=<secret>`: Alibaba Cloud Access Key Secret.
-*   `--aliyun-region <region>` or `ALIYUN_REGION=<region>`: **Mandatory** region where your Supabase instances live (e.g., `cn-hangzhou`, `cn-beijing`). Without this, the OpenAPI call cannot list instances. This value becomes the default region, but tools like `list_aliyun_supabase_instances` accept a `region_id` parameter so you can query other regions on demand.
+### Mode 3 — Single Instance User (permission: user, RLS enforced)
 
-### Optional Parameters
+Required:
+- `--supabase-url <url>` or `SUPABASE_URL`
+- `--supabase-anon-key <key>` or `SUPABASE_ANON_KEY`
+- `--supabase-user-email <email>` or `SUPABASE_USER_EMAIL`
+- `--supabase-user-password <password>` or `SUPABASE_USER_PASSWORD`
 
-*   `--tools-config <path>`: JSON file specifying which tools to enable (whitelist). Format: `{"enabledTools": ["tool_name_1", "tool_name_2"]}`.
-*   `--enable-rag-agent` or `ENABLE_RAG_AGENT=true`: Enable RAG Agent MCP integration. When enabled, the server resolves the Supabase host/port from the selected instance and uses the retrieved anon key as the API key for rag-agent; no manual `--url` or `--anon-key` flags are needed.
+Behavior: operates under the provided user's RLS policies; admin-only and Aliyun management tools are filtered out.
 
-Legacy CLI options (`--url`, `--anon-key`, `--service-key`, `--db-url`, `--jwt-secret`) have been removed from the user-facing surface because Aliyun RDS now supplies those details automatically.
+### Common Options
+
+- `--tools-config <path>`: JSON file specifying which tools to enable (whitelist). Format: `{"enabledTools": ["tool_name_1", "tool_name_2"]}`.
+- `--enable-rag-agent` or `ENABLE_RAG_AGENT=true`: Enable RAG Agent MCP integration. When enabled, the server resolves the Supabase host/port from the selected instance and uses the retrieved anon key as the API key for rag-agent.
+- `--workspace-path <path>`: Workspace root for file operations (optional).
 
 ### RAG Agent Integration
 
@@ -234,7 +347,10 @@ npx @aliyun-rds/supabase-mcp-server \
 ### Cursor
 
 1.  Create or open the file `.cursor/mcp.json` in your project root.
-2.  Add the following configuration:
+2.  Add one of the following configurations based on your authentication mode:
+
+    **Mode 1 (Aliyun multi-instance, permission: full)**  
+    Grants all tools, including Aliyun management.
 
     ```json
     {
@@ -243,12 +359,9 @@ npx @aliyun-rds/supabase-mcp-server \
           "command": "npx",
           "args": [
             "@aliyun-rds/supabase-mcp-server",
-            "--aliyun-ak",
-            "<your-access-key-id>",
-            "--aliyun-sk",
-            "<your-access-key-secret>",
-            "--aliyun-region",
-            "cn-hangzhou",
+            "--aliyun-ak", "<your-access-key-id>",
+            "--aliyun-sk", "<your-access-key-secret>",
+            "--aliyun-region", "cn-hangzhou",
             "--enable-rag-agent"
           ],
           "env": {
@@ -261,6 +374,47 @@ npx @aliyun-rds/supabase-mcp-server \
     }
     ```
 
+    **Mode 2 (Single instance admin, permission: admin)**  
+    Admin tools available; Aliyun management tools hidden.
+
+    ```json
+    {
+      "mcpServers": {
+        "supabase-admin": {
+          "command": "npx",
+          "args": [
+            "@aliyun-rds/supabase-mcp-server",
+            "--supabase-url", "https://<your-project>.supabase.co",
+            "--supabase-anon-key", "<anon-key>",
+            "--supabase-service-role-key", "<service-role-key>",
+            "--enable-rag-agent"
+          ]
+        }
+      }
+    }
+    ```
+
+    **Mode 3 (Single instance user, permission: user, RLS enforced)**  
+    Runs under user RLS; admin/Aliyun tools disabled.
+
+    ```json
+    {
+      "mcpServers": {
+        "supabase-user": {
+          "command": "npx",
+          "args": [
+            "@aliyun-rds/supabase-mcp-server",
+            "--supabase-url", "https://<your-project>.supabase.co",
+            "--supabase-anon-key", "<anon-key>",
+            "--supabase-user-email", "<user-email>",
+            "--supabase-user-password", "<user-password>",
+            "--enable-rag-agent"
+          ]
+        }
+      }
+    }
+    ```
+
 **Important Notes for RAG Agent:**
 - RAG Agent tools stay inactive until you call `connect_to_supabase_instance` and select an Aliyun RDS Supabase project.
 - Switching instances automatically re-initializes the rag-agent connection with the new host/port.
@@ -268,27 +422,56 @@ npx @aliyun-rds/supabase-mcp-server \
 
 ### Claude for Desktop
 
-For Claude Desktop, you can add the following to your configuration:
+For Claude Desktop, open Settings → Developer → enable "Custom MCP Servers", then add one configuration matching your mode:
 
-1.  Open Claude Desktop Settings
-2.  Go to "Developer" and enable "Custom MCP Servers"
-3.  Add a new server with the following configuration:
+**Mode 1 (Aliyun, permission: full)**
 
-    ```json
-    {
-      "name": "Aliyun Supabase",
-      "command": "npx",
-      "args": [
-        "@aliyun-rds/supabase-mcp-server",
-        "--aliyun-ak",
-        "YOUR_ACCESS_KEY_ID",
-        "--aliyun-sk",
-        "YOUR_ACCESS_KEY_SECRET",
-        "--aliyun-region",
-        "cn-hangzhou"
-      ]
-    }
-    ```
+```json
+{
+  "name": "Aliyun Supabase",
+  "command": "npx",
+  "args": [
+    "@aliyun-rds/supabase-mcp-server",
+    "--aliyun-ak", "YOUR_ACCESS_KEY_ID",
+    "--aliyun-sk", "YOUR_ACCESS_KEY_SECRET",
+    "--aliyun-region", "cn-hangzhou",
+    "--enable-rag-agent"
+  ]
+}
+```
+
+**Mode 2 (Single instance admin, permission: admin)**
+
+```json
+{
+  "name": "Supabase Admin",
+  "command": "npx",
+  "args": [
+    "@aliyun-rds/supabase-mcp-server",
+    "--supabase-url", "https://<your-project>.supabase.co",
+    "--supabase-anon-key", "<anon-key>",
+    "--supabase-service-role-key", "<service-role-key>",
+    "--enable-rag-agent"
+  ]
+}
+```
+
+**Mode 3 (Single instance user, permission: user, RLS enforced)**
+
+```json
+{
+  "name": "Supabase User",
+  "command": "npx",
+  "args": [
+    "@aliyun-rds/supabase-mcp-server",
+    "--supabase-url", "https://<your-project>.supabase.co",
+    "--supabase-anon-key", "<anon-key>",
+    "--supabase-user-email", "<user-email>",
+    "--supabase-user-password", "<user-password>",
+    "--enable-rag-agent"
+  ]
+}
+```
 
 ### Other MCP-Compatible Tools
 

package/dist/index.js

@@ -12,14 +12,403 @@ import {
 } from "@modelcontextprotocol/sdk/types.js";
 
 // src/client/index.ts
-import { createClient } from "@supabase/supabase-js";
+import { createClient as createClient2 } from "@supabase/supabase-js";
 import { Pool } from "pg";
+
+// src/auth/user-auth-client.ts
+import { createClient } from "@supabase/supabase-js";
+var UserAuthClient = class _UserAuthClient {
+  supabase;
+  session = null;
+  refreshTimer = null;
+  config;
+  authStateCallbacks = [];
+  isDestroyed = false;
+  /**
+   * Private constructor - use create() factory method instead
+   */
+  constructor(config) {
+    this.config = config;
+    this.supabase = createClient(config.supabaseUrl, config.supabaseAnonKey, {
+      auth: {
+        autoRefreshToken: true,
+        persistSession: false,
+        // Don't persist to localStorage in server environment
+        detectSessionInUrl: false
+      }
+    });
+    this.supabase.auth.onAuthStateChange((event, session) => {
+      this.session = session;
+      this.notifyAuthStateChange(event, session);
+      if (event === "TOKEN_REFRESHED" && session) {
+        console.error("[UserAuthClient] Token refreshed successfully");
+        this.scheduleTokenRefresh(session);
+      }
+    });
+  }
+  /**
+   * Factory method to create and initialize UserAuthClient
+   * 
+   * @throws Error if authentication fails
+   */
+  static async create(config) {
+    const client = new _UserAuthClient(config);
+    await client.signIn();
+    return client;
+  }
+  /**
+   * Sign in with email and password
+   * 
+   * @throws Error if authentication fails
+   */
+  async signIn() {
+    if (this.isDestroyed) {
+      throw new Error("UserAuthClient has been destroyed");
+    }
+    console.error(`[UserAuthClient] Signing in as ${this.config.userEmail}...`);
+    const { data, error } = await this.supabase.auth.signInWithPassword({
+      email: this.config.userEmail,
+      password: this.config.userPassword
+    });
+    if (error) {
+      console.error(`[UserAuthClient] Sign in failed: ${error.message}`);
+      throw new Error(`Authentication failed: ${error.message}`);
+    }
+    if (!data.session) {
+      throw new Error("Authentication succeeded but no session returned");
+    }
+    this.session = data.session;
+    console.error(`[UserAuthClient] Successfully signed in as ${data.user?.email} (ID: ${data.user?.id})`);
+    this.scheduleTokenRefresh(data.session);
+  }
+  /**
+   * Manually refresh the current session
+   * 
+   * @throws Error if refresh fails
+   */
+  async refreshToken() {
+    if (this.isDestroyed) {
+      throw new Error("UserAuthClient has been destroyed");
+    }
+    if (!this.session?.refresh_token) {
+      console.error("[UserAuthClient] No refresh token available, re-authenticating...");
+      await this.signIn();
+      return;
+    }
+    console.error("[UserAuthClient] Refreshing token...");
+    const { data, error } = await this.supabase.auth.refreshSession({
+      refresh_token: this.session.refresh_token
+    });
+    if (error) {
+      console.error(`[UserAuthClient] Token refresh failed: ${error.message}`);
+      console.error("[UserAuthClient] Attempting to re-authenticate...");
+      await this.signIn();
+      return;
+    }
+    if (data.session) {
+      this.session = data.session;
+      this.scheduleTokenRefresh(data.session);
+    }
+  }
+  /**
+   * Schedule automatic token refresh before expiry
+   */
+  scheduleTokenRefresh(session) {
+    if (this.refreshTimer) {
+      clearTimeout(this.refreshTimer);
+      this.refreshTimer = null;
+    }
+    if (!session.expires_at) {
+      console.error("[UserAuthClient] Session has no expiry time, skipping auto-refresh scheduling");
+      return;
+    }
+    const expiresAt = session.expires_at * 1e3;
+    const now = Date.now();
+    const refreshBeforeExpiry = this.config.refreshBeforeExpiry || 6e4;
+    const refreshIn = expiresAt - now - refreshBeforeExpiry;
+    if (refreshIn <= 0) {
+      console.error("[UserAuthClient] Token near expiry, refreshing immediately...");
+      this.refreshToken().catch((err) => {
+        console.error("[UserAuthClient] Auto-refresh failed:", err);
+      });
+      return;
+    }
+    console.error(`[UserAuthClient] Token refresh scheduled in ${Math.round(refreshIn / 1e3)} seconds`);
+    this.refreshTimer = setTimeout(() => {
+      if (!this.isDestroyed) {
+        this.refreshToken().catch((err) => {
+          console.error("[UserAuthClient] Scheduled token refresh failed:", err);
+        });
+      }
+    }, refreshIn);
+  }
+  /**
+   * Get the current access token
+   */
+  getAccessToken() {
+    return this.session?.access_token || null;
+  }
+  /**
+   * Get the current user ID
+   */
+  getUserId() {
+    return this.session?.user?.id || null;
+  }
+  /**
+   * Get the current user email
+   */
+  getUserEmail() {
+    return this.session?.user?.email || null;
+  }
+  /**
+   * Check if the client is currently authenticated
+   */
+  isAuthenticated() {
+    if (!this.session) return false;
+    if (this.session.expires_at) {
+      const expiresAt = this.session.expires_at * 1e3;
+      if (Date.now() >= expiresAt) {
+        return false;
+      }
+    }
+    return true;
+  }
+  /**
+   * Get the current session
+   */
+  getSession() {
+    return this.session;
+  }
+  /**
+   * Get the underlying Supabase client
+   * 
+   * Note: This client uses the authenticated user's session,
+   * so all operations are subject to RLS policies.
+   */
+  getSupabaseClient() {
+    return this.supabase;
+  }
+  /**
+   * Register a callback for auth state changes
+   */
+  onAuthStateChange(callback) {
+    this.authStateCallbacks.push(callback);
+    return () => {
+      const index = this.authStateCallbacks.indexOf(callback);
+      if (index > -1) {
+        this.authStateCallbacks.splice(index, 1);
+      }
+    };
+  }
+  /**
+   * Notify all registered callbacks of auth state change
+   */
+  notifyAuthStateChange(event, session) {
+    for (const callback of this.authStateCallbacks) {
+      try {
+        callback(event, session);
+      } catch (err) {
+        console.error("[UserAuthClient] Auth state callback error:", err);
+      }
+    }
+  }
+  /**
+   * Sign out and clean up resources
+   */
+  async signOut() {
+    if (this.refreshTimer) {
+      clearTimeout(this.refreshTimer);
+      this.refreshTimer = null;
+    }
+    if (this.session) {
+      try {
+        await this.supabase.auth.signOut();
+      } catch (err) {
+        console.error("[UserAuthClient] Sign out error:", err);
+      }
+    }
+    this.session = null;
+  }
+  /**
+   * Destroy the client and clean up all resources
+   */
+  async destroy() {
+    this.isDestroyed = true;
+    await this.signOut();
+    this.authStateCallbacks = [];
+  }
+};
+
+// src/config/types.ts
+var ConfigValidationError = class extends Error {
+  constructor(message, missingParams, conflictingModes) {
+    super(message);
+    this.missingParams = missingParams;
+    this.conflictingModes = conflictingModes;
+    this.name = "ConfigValidationError";
+  }
+};
+function isAliyunConfig(config) {
+  return config.mode === "aliyun" /* ALIYUN_MULTI_INSTANCE */;
+}
+function isSingleInstanceAdminConfig(config) {
+  return config.mode === "admin" /* SINGLE_INSTANCE_ADMIN */;
+}
+function isSingleInstanceUserConfig(config) {
+  return config.mode === "user" /* SINGLE_INSTANCE_USER */;
+}
+function getPermissionLevel(mode) {
+  switch (mode) {
+    case "aliyun" /* ALIYUN_MULTI_INSTANCE */:
+      return "full" /* FULL */;
+    case "admin" /* SINGLE_INSTANCE_ADMIN */:
+      return "admin" /* ADMIN */;
+    case "user" /* SINGLE_INSTANCE_USER */:
+      return "user" /* USER */;
+  }
+}
+
+// src/config/parser.ts
+function detectModes(options) {
+  const supabaseUrl = options.supabaseUrl || options.url;
+  const supabaseAnonKey = options.supabaseAnonKey || options.anonKey;
+  const supabaseServiceRoleKey = options.supabaseServiceRoleKey || options.serviceKey;
+  return {
+    aliyun: {
+      hasRequired: !!(options.aliyunAk && options.aliyunSk),
+      hasAny: !!(options.aliyunAk || options.aliyunSk || options.aliyunRegion)
+    },
+    admin: {
+      hasRequired: !!(supabaseUrl && supabaseAnonKey && supabaseServiceRoleKey),
+      hasAny: !!(supabaseUrl || supabaseAnonKey || supabaseServiceRoleKey)
+    },
+    user: {
+      hasRequired: !!(supabaseUrl && supabaseAnonKey && options.supabaseUserEmail && options.supabaseUserPassword),
+      hasAny: !!(options.supabaseUserEmail || options.supabaseUserPassword)
+    }
+  };
+}
+function generateHelpMessage(modes, options) {
+  const lines = [
+    "Error: No valid authentication configuration found.",
+    "",
+    "Please provide ONE of the following configurations:",
+    ""
+  ];
+  lines.push("Mode 1 - Alibaba Cloud Multi-Instance Management:");
+  lines.push("  --aliyun-ak <key> --aliyun-sk <secret> [--aliyun-region <region>]");
+  lines.push("  Or: ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET");
+  if (modes.aliyun.hasAny && !modes.aliyun.hasRequired) {
+    const missing = [];
+    if (!options.aliyunAk) missing.push("--aliyun-ak");
+    if (!options.aliyunSk) missing.push("--aliyun-sk");
+    lines.push(`  \u26A0\uFE0F  Missing: ${missing.join(", ")}`);
+  }
+  lines.push("");
+  const supabaseUrl = options.supabaseUrl || options.url;
+  const supabaseAnonKey = options.supabaseAnonKey || options.anonKey;
+  const supabaseServiceRoleKey = options.supabaseServiceRoleKey || options.serviceKey;
+  lines.push("Mode 2 - Single Instance Admin Access:");
+  lines.push("  --supabase-url <url> --supabase-anon-key <key> --supabase-service-role-key <key>");
+  lines.push("  Or: SUPABASE_URL, SUPABASE_ANON_KEY, SUPABASE_SERVICE_ROLE_KEY");
+  if (modes.admin.hasAny && !modes.admin.hasRequired) {
+    const missing = [];
+    if (!supabaseUrl) missing.push("--supabase-url");
+    if (!supabaseAnonKey) missing.push("--supabase-anon-key");
+    if (!supabaseServiceRoleKey) missing.push("--supabase-service-role-key");
+    lines.push(`  \u26A0\uFE0F  Missing: ${missing.join(", ")}`);
+  }
+  lines.push("");
+  lines.push("Mode 3 - Single Instance User Access (RLS restricted):");
+  lines.push("  --supabase-url <url> --supabase-anon-key <key> --supabase-user-email <email> --supabase-user-password <password>");
+  lines.push("  Or: SUPABASE_URL, SUPABASE_ANON_KEY, SUPABASE_USER_EMAIL, SUPABASE_USER_PASSWORD");
+  if (modes.user.hasAny && !modes.user.hasRequired) {
+    const missing = [];
+    if (!supabaseUrl) missing.push("--supabase-url");
+    if (!supabaseAnonKey) missing.push("--supabase-anon-key");
+    if (!options.supabaseUserEmail) missing.push("--supabase-user-email");
+    if (!options.supabaseUserPassword) missing.push("--supabase-user-password");
+    lines.push(`  \u26A0\uFE0F  Missing: ${missing.join(", ")}`);
+  }
+  return lines.join("\n");
+}
+function parseConfig(options) {
+  const modes = detectModes(options);
+  const supabaseUrl = options.supabaseUrl || options.url;
+  const supabaseAnonKey = options.supabaseAnonKey || options.anonKey;
+  const supabaseServiceRoleKey = options.supabaseServiceRoleKey || options.serviceKey;
+  const completeModes = [];
+  if (modes.aliyun.hasRequired) completeModes.push("aliyun" /* ALIYUN_MULTI_INSTANCE */);
+  if (modes.admin.hasRequired) completeModes.push("admin" /* SINGLE_INSTANCE_ADMIN */);
+  if (modes.user.hasRequired) completeModes.push("user" /* SINGLE_INSTANCE_USER */);
+  if (completeModes.length > 1) {
+    console.error(`Warning: Multiple authentication modes detected: ${completeModes.join(", ")}`);
+    console.error("Using highest priority mode based on: Aliyun > Admin > User");
+  }
+  if (modes.aliyun.hasRequired) {
+    const config = {
+      mode: "aliyun" /* ALIYUN_MULTI_INSTANCE */,
+      accessKeyId: options.aliyunAk,
+      accessKeySecret: options.aliyunSk,
+      regionId: options.aliyunRegion,
+      enableRagAgent: options.enableRagAgent,
+      workspacePath: options.workspacePath,
+      toolsConfig: options.toolsConfig
+    };
+    return config;
+  }
+  if (modes.user.hasRequired) {
+    const config = {
+      mode: "user" /* SINGLE_INSTANCE_USER */,
+      supabaseUrl,
+      supabaseAnonKey,
+      userEmail: options.supabaseUserEmail,
+      userPassword: options.supabaseUserPassword,
+      enableRagAgent: options.enableRagAgent,
+      workspacePath: options.workspacePath,
+      toolsConfig: options.toolsConfig
+    };
+    return config;
+  }
+  if (modes.admin.hasRequired) {
+    const config = {
+      mode: "admin" /* SINGLE_INSTANCE_ADMIN */,
+      supabaseUrl,
+      supabaseAnonKey,
+      supabaseServiceRoleKey,
+      databaseUrl: options.dbUrl,
+      jwtSecret: options.jwtSecret,
+      enableRagAgent: options.enableRagAgent,
+      workspacePath: options.workspacePath,
+      toolsConfig: options.toolsConfig
+    };
+    return config;
+  }
+  const helpMessage = generateHelpMessage(modes, options);
+  throw new ConfigValidationError(helpMessage);
+}
+function getAuthModeDescription(mode) {
+  switch (mode) {
+    case "aliyun" /* ALIYUN_MULTI_INSTANCE */:
+      return "Alibaba Cloud Multi-Instance Management";
+    case "admin" /* SINGLE_INSTANCE_ADMIN */:
+      return "Single Instance Admin Access";
+    case "user" /* SINGLE_INSTANCE_USER */:
+      return "Single Instance User Access (RLS restricted)";
+  }
+}
+
+// src/client/index.ts
 var SelfhostedSupabaseClient = class _SelfhostedSupabaseClient {
   options;
   supabase;
   pgPool = null;
   // Lazy initialized pool for direct DB access
   rpcFunctionExists = false;
+  /** The authentication mode this client was created with */
+  authMode;
+  /** User authentication client (only set for AuthMode.SINGLE_INSTANCE_USER) */
+  userAuthClient = null;
   // SQL definition for the helper function
   static CREATE_EXECUTE_SQL_FUNCTION = `
         CREATE OR REPLACE FUNCTION public.execute_sql(query text, read_only boolean DEFAULT false)
@@ -53,24 +442,81 @@ var SelfhostedSupabaseClient = class _SelfhostedSupabaseClient {
    * Creates an instance of SelfhostedSupabaseClient.
    * Note: Call initialize() after creating the instance to check for RPC functions.
    * @param options - Configuration options for the client.
+   * @param authMode - The authentication mode (defaults to SINGLE_INSTANCE_ADMIN)
+   * @param userAuthClient - Optional UserAuthClient for user-level authentication
    */
-  constructor(options) {
+  constructor(options, authMode = "admin" /* SINGLE_INSTANCE_ADMIN */, userAuthClient = null) {
     this.options = options;
-    const apiKey = options.supabaseServiceRoleKey || options.supabaseAnonKey;
-    this.supabase = createClient(options.supabaseUrl, apiKey, options.supabaseClientOptions);
+    this.authMode = authMode;
+    this.userAuthClient = userAuthClient;
     if (!options.supabaseUrl || !options.supabaseAnonKey) {
       throw new Error("Supabase URL and Anon Key are required.");
     }
+    if (userAuthClient) {
+      this.supabase = userAuthClient.getSupabaseClient();
+    } else {
+      const apiKey = options.supabaseServiceRoleKey || options.supabaseAnonKey;
+      this.supabase = createClient2(options.supabaseUrl, apiKey, options.supabaseClientOptions);
+    }
   }
   /**
    * Factory function to create and asynchronously initialize the client.
    * Checks for the existence of the helper RPC function.
+   * 
+   * @param options - Configuration options for the client
+   * @param authMode - The authentication mode (defaults to SINGLE_INSTANCE_ADMIN for backward compatibility)
    */
-  static async create(options) {
-    const client = new _SelfhostedSupabaseClient(options);
+  static async create(options, authMode = "admin" /* SINGLE_INSTANCE_ADMIN */) {
+    const client = new _SelfhostedSupabaseClient(options, authMode);
     await client.initialize();
     return client;
   }
+  /**
+   * Factory function to create a client with user-level authentication.
+   * This creates a client that operates under the user's RLS permissions.
+   * 
+   * @param config - User authentication configuration
+   * @returns A SelfhostedSupabaseClient using the authenticated user's session
+   * @throws Error if user authentication fails
+   */
+  static async createWithUserAuth(config) {
+    const userAuthClient = await UserAuthClient.create(config);
+    const options = {
+      supabaseUrl: config.supabaseUrl,
+      supabaseAnonKey: config.supabaseAnonKey
+      // Note: No service role key for user-level auth
+    };
+    const client = new _SelfhostedSupabaseClient(
+      options,
+      "user" /* SINGLE_INSTANCE_USER */,
+      userAuthClient
+    );
+    await client.initializeForUserAuth();
+    return client;
+  }
+  /**
+   * Initialize client for user-level authentication.
+   * Skips RPC function creation since user doesn't have admin permissions.
+   */
+  async initializeForUserAuth() {
+    console.error("Initializing SelfhostedSupabaseClient for user-level authentication...");
+    try {
+      const { error } = await this.supabase.rpc("execute_sql", {
+        query: "SELECT 1",
+        read_only: true
+      });
+      this.rpcFunctionExists = !error;
+      if (error) {
+        console.error("RPC function not available for user auth mode:", error.message);
+      } else {
+        console.error("RPC function available for user auth mode.");
+      }
+    } catch (err) {
+      console.error("RPC function check failed:", err);
+      this.rpcFunctionExists = false;
+    }
+    console.error("User auth initialization complete.");
+  }
   /**
    * Initializes the client by checking for the required RPC function.
    * Attempts to create the function if it doesn't exist and a service role key is provided.
@@ -367,6 +813,48 @@ var SelfhostedSupabaseClient = class _SelfhostedSupabaseClient {
   isRpcAvailable() {
     return this.rpcFunctionExists;
   }
+  /**
+   * Gets the authentication mode this client was created with.
+   */
+  getAuthMode() {
+    return this.authMode;
+  }
+  /**
+   * Checks if this client is using user-level authentication.
+   */
+  isUserAuth() {
+    return this.authMode === "user" /* SINGLE_INSTANCE_USER */;
+  }
+  /**
+   * Gets the user ID if using user-level authentication.
+   */
+  getUserId() {
+    return this.userAuthClient?.getUserId() || null;
+  }
+  /**
+   * Gets the user email if using user-level authentication.
+   */
+  getUserEmail() {
+    return this.userAuthClient?.getUserEmail() || null;
+  }
+  /**
+   * Gets the UserAuthClient if using user-level authentication.
+   */
+  getUserAuthClient() {
+    return this.userAuthClient;
+  }
+  /**
+   * Cleanup resources when done with the client.
+   */
+  async destroy() {
+    if (this.userAuthClient) {
+      await this.userAuthClient.destroy();
+    }
+    if (this.pgPool) {
+      await this.pgPool.end();
+      this.pgPool = null;
+    }
+  }
 };
 
 // src/tools/list_tables.ts
@@ -1475,6 +1963,48 @@ var updateAuthUserTool = {
 // src/index.ts
 import { z as z30 } from "zod";
 
+// src/tools/types.ts
+var ADMIN_ONLY_TOOLS = /* @__PURE__ */ new Set([
+  // Auth management tools
+  "create_auth_user",
+  "delete_auth_user",
+  "update_auth_user",
+  "list_auth_users",
+  "get_auth_user",
+  // Admin configuration tools
+  "get_service_key",
+  "verify_jwt_secret",
+  "install_execute_sql_function",
+  "rebuild_hooks"
+]);
+var ALIYUN_ONLY_TOOLS = /* @__PURE__ */ new Set([
+  "list_aliyun_supabase_instances",
+  "connect_to_supabase_instance",
+  "get_current_supabase_instance",
+  "disconnect_supabase_instance"
+]);
+function isToolAllowed(toolName, permissionLevel) {
+  switch (permissionLevel) {
+    case "full" /* FULL */:
+      return true;
+    case "admin" /* ADMIN */:
+      return !ALIYUN_ONLY_TOOLS.has(toolName);
+    case "user" /* USER */:
+      return !ALIYUN_ONLY_TOOLS.has(toolName) && !ADMIN_ONLY_TOOLS.has(toolName);
+    default:
+      return false;
+  }
+}
+function getToolNotAllowedMessage(toolName, permissionLevel) {
+  if (ALIYUN_ONLY_TOOLS.has(toolName)) {
+    return `Tool "${toolName}" is only available in Alibaba Cloud multi-instance management mode. Please use --aliyun-ak and --aliyun-sk to enable this mode.`;
+  }
+  if (ADMIN_ONLY_TOOLS.has(toolName) && permissionLevel === "user" /* USER */) {
+    return `Tool "${toolName}" requires admin permissions and is not available in user-level access mode. Please use --supabase-service-role-key for admin access.`;
+  }
+  return `Tool "${toolName}" is not allowed for the current permission level (${permissionLevel}).`;
+}
+
 // src/tools/list_storage_buckets.ts
 import { z as z20 } from "zod";
 var BucketSchema = z20.object({
@@ -1707,14 +2237,18 @@ SET search_path = public
 AS $$
 DECLARE
     result jsonb;
+    cleaned_query text;
 BEGIN
+    -- Remove trailing semicolons and whitespace from query
+    cleaned_query := regexp_replace(trim(query), ';\\s*$', '');
+    
     -- Execute query and convert result to JSON
     IF read_only THEN
         -- Read-only query
-        EXECUTE 'SELECT COALESCE(jsonb_agg(row_to_json(t)), ''[]''::jsonb) FROM (' || query || ') t' INTO result;
+        EXECUTE 'SELECT COALESCE(jsonb_agg(row_to_json(t)), ''[]''::jsonb) FROM (' || cleaned_query || ') t' INTO result;
     ELSE
         -- Write query (INSERT/UPDATE/DELETE)
-        EXECUTE query;
+        EXECUTE cleaned_query;
         result := '[]'::jsonb;
     END IF;
     
@@ -1722,10 +2256,7 @@ BEGIN
 EXCEPTION
     WHEN OTHERS THEN
         -- Return error information
-        RETURN jsonb_build_object(
-            'error', SQLERRM,
-            'code', SQLSTATE
-        );
+        RAISE EXCEPTION 'Error executing SQL (SQLSTATE: %): %', SQLSTATE, SQLERRM;
 END;
 $$;
 `;
@@ -1947,18 +2478,30 @@ import * as path from "node:path";
 // src/integrations/rag-agent-client.ts
 import { Client } from "@modelcontextprotocol/sdk/client/index.js";
 import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
+function isUserConfig(config) {
+  return "userEmail" in config && "userPassword" in config;
+}
 var RagAgentClient = class {
   config;
   client = null;
   tools = [];
+  authMode;
   constructor(config) {
     this.config = config;
+    this.authMode = isUserConfig(config) ? "jwt" /* JWT */ : "service_key" /* SERVICE_KEY */;
+  }
+  /**
+   * Get the authentication mode being used
+   */
+  getAuthMode() {
+    return this.authMode;
   }
   /**
    * Initialize connection to rag-agent MCP server and fetch tools
    */
   async initialize() {
-    console.error("Initializing RAG Agent MCP client...");
+    const modeDescription = this.authMode === "jwt" /* JWT */ ? "JWT mode (user-level access)" : "Service Key mode (admin access)";
+    console.error(`Initializing RAG Agent MCP client in ${modeDescription}...`);
     try {
       this.client = new Client(
         {
@@ -1977,19 +2520,45 @@ var RagAgentClient = class {
       }
       env.NO_PROXY = "*";
       env.no_proxy = "*";
+      const args = [
+        "--from",
+        "rag-agent-mcp",
+        "rag-agent",
+        "--host",
+        this.config.host,
+        "--api-key",
+        this.config.apiKey
+      ];
+      console.error("[RAG Agent] Configuration:");
+      console.error(`  Host: ${this.config.host}`);
+      console.error(`  API Key: ${this.config.apiKey.substring(0, 20)}...${this.config.apiKey.substring(this.config.apiKey.length - 10)}`);
+      console.error(`  API Key length: ${this.config.apiKey.length}`);
+      try {
+        const payloadBase64 = this.config.apiKey.split(".")[1];
+        if (payloadBase64) {
+          const payload = JSON.parse(Buffer.from(payloadBase64, "base64").toString("utf-8"));
+          console.error(`  JWT Role: ${payload.role || "unknown"}`);
+          console.error(`  JWT Issuer: ${payload.iss || "unknown"}`);
+        }
+      } catch (e) {
+        console.error(`  (Could not decode API key as JWT)`);
+      }
+      if (this.authMode === "jwt" /* JWT */ && isUserConfig(this.config)) {
+        args.push("--user", this.config.userEmail);
+        args.push("--user-password", this.config.userPassword);
+        console.error(`  User: ${this.config.userEmail}`);
+        console.error(`  Password: ${"*".repeat(this.config.userPassword.length)}`);
+      }
+      const maskedArgs = args.map((arg, i) => {
+        if (args[i - 1] === "--api-key") return "<API_KEY>";
+        if (args[i - 1] === "--user-password") return "<PASSWORD>";
+        return arg;
+      });
+      console.error(`[RAG Agent] Command: uvx ${maskedArgs.join(" ")}`);
+      console.error(`[RAG Agent] Auth mode: ${this.authMode}`);
       const transport = new StdioClientTransport({
         command: "uvx",
-        args: [
-          "--from",
-          "rag-agent-mcp",
-          "rag-agent",
-          "--host",
-          this.config.host,
-          "--port",
-          this.config.port.toString(),
-          "--api-key",
-          this.config.apiKey
-        ],
+        args,
         env
       });
       await this.client.connect(transport);
@@ -2410,42 +2979,63 @@ var disconnect_instance_default = disconnectSupabaseInstanceTool;
 // src/index.ts
 async function main() {
   const program = new Command();
-  program.name("self-hosted-supabase-mcp").description("MCP Server for self-hosted Supabase instances").option("--url <url>", "Supabase project URL (legacy mode)", process.env.SUPABASE_URL).option("--anon-key <key>", "Supabase anonymous key (legacy mode)", process.env.SUPABASE_ANON_KEY).option("--service-key <key>", "Supabase service role key (legacy mode, optional)", process.env.SUPABASE_SERVICE_ROLE_KEY).option("--db-url <url>", "Direct database connection string (optional, for pg fallback)", process.env.DATABASE_URL).option("--jwt-secret <secret>", "Supabase JWT secret (legacy mode, optional)", process.env.SUPABASE_AUTH_JWT_SECRET).option("--aliyun-ak <key>", "Alibaba Cloud Access Key ID", process.env.ALIYUN_ACCESS_KEY_ID).option("--aliyun-sk <secret>", "Alibaba Cloud Access Key Secret", process.env.ALIYUN_ACCESS_KEY_SECRET).option("--aliyun-region <region>", "Alibaba Cloud region (optional)", process.env.ALIYUN_REGION).option("--workspace-path <path>", "Workspace root path (for file operations)", process.cwd()).option("--tools-config <path>", 'Path to a JSON file specifying which tools to enable (e.g., { "enabledTools": ["tool1", "tool2"] }). If omitted, all tools are enabled.').option("--enable-rag-agent", "Enable RAG Agent MCP integration (uses --url host:port and --anon-key as API key)", process.env.ENABLE_RAG_AGENT === "true").parse(process.argv);
+  program.name("self-hosted-supabase-mcp").description("MCP Server for self-hosted Supabase instances with three-tier authentication").option("--url <url>", "Supabase project URL (alias for --supabase-url)", process.env.SUPABASE_URL).option("--anon-key <key>", "Supabase anonymous key (alias for --supabase-anon-key)", process.env.SUPABASE_ANON_KEY).option("--service-key <key>", "Supabase service role key (alias for --supabase-service-role-key)", process.env.SUPABASE_SERVICE_ROLE_KEY).option("--supabase-url <url>", "Supabase project URL", process.env.SUPABASE_URL).option("--supabase-anon-key <key>", "Supabase anonymous key", process.env.SUPABASE_ANON_KEY).option("--supabase-service-role-key <key>", "Supabase service role key", process.env.SUPABASE_SERVICE_ROLE_KEY).option("--supabase-user-email <email>", "User email for Supabase Auth login", process.env.SUPABASE_USER_EMAIL).option("--supabase-user-password <password>", "User password for Supabase Auth login", process.env.SUPABASE_USER_PASSWORD).option("--db-url <url>", "Direct database connection string (optional, for pg fallback)", process.env.DATABASE_URL).option("--jwt-secret <secret>", "Supabase JWT secret (optional)", process.env.SUPABASE_AUTH_JWT_SECRET).option("--aliyun-ak <key>", "Alibaba Cloud Access Key ID", process.env.ALIYUN_ACCESS_KEY_ID).option("--aliyun-sk <secret>", "Alibaba Cloud Access Key Secret", process.env.ALIYUN_ACCESS_KEY_SECRET).option("--aliyun-region <region>", "Alibaba Cloud region (optional)", process.env.ALIYUN_REGION).option("--workspace-path <path>", "Workspace root path (for file operations)", process.cwd()).option("--tools-config <path>", 'Path to a JSON file specifying which tools to enable (e.g., { "enabledTools": ["tool1", "tool2"] }). If omitted, all tools are enabled.').option("--enable-rag-agent", "Enable RAG Agent MCP integration", process.env.ENABLE_RAG_AGENT === "true").parse(process.argv);
   const options = program.opts();
-  const isAliyunMode = !!(options.aliyunAk && options.aliyunSk);
-  const isLegacyMode = !!(options.url && options.anonKey);
-  if (!isAliyunMode && !isLegacyMode) {
-    console.error("Error: Either Alibaba Cloud credentials (--aliyun-ak, --aliyun-sk) or legacy Supabase credentials (--url, --anon-key) are required.");
-    throw new Error("Missing required credentials.");
-  }
-  if (isAliyunMode && isLegacyMode) {
-    console.error("Warning: Both Alibaba Cloud and legacy credentials provided. Using Alibaba Cloud mode.");
+  let config;
+  try {
+    config = parseConfig(options);
+  } catch (error) {
+    if (error instanceof ConfigValidationError) {
+      console.error(error.message);
+      process.exit(1);
+    }
+    throw error;
   }
-  console.error("Initializing Self-Hosted Supabase MCP Server...");
+  const authMode = config.mode;
+  const permissionLevel = getPermissionLevel(authMode);
+  console.error(`Initializing Self-Hosted Supabase MCP Server in ${getAuthModeDescription(authMode)} mode...`);
   try {
     let aliyunClient = null;
-    if (isAliyunMode) {
+    let selfhostedClient = null;
+    let userInfo;
+    let currentInstanceName = null;
+    let currentSupabaseClient = null;
+    if (isAliyunConfig(config)) {
       console.error("Alibaba Cloud mode enabled, initializing client...");
       aliyunClient = createAliyunClient({
-        accessKeyId: options.aliyunAk,
-        accessKeySecret: options.aliyunSk,
-        regionId: options.aliyunRegion
+        accessKeyId: config.accessKeyId,
+        accessKeySecret: config.accessKeySecret,
+        regionId: config.regionId
       });
       console.error("Alibaba Cloud client initialized successfully.");
-    }
-    let selfhostedClient = null;
-    if (isLegacyMode && !isAliyunMode) {
-      selfhostedClient = await SelfhostedSupabaseClient.create({
-        supabaseUrl: options.url,
-        supabaseAnonKey: options.anonKey,
-        supabaseServiceRoleKey: options.serviceKey,
-        databaseUrl: options.dbUrl,
-        jwtSecret: options.jwtSecret
+    } else if (isSingleInstanceUserConfig(config)) {
+      console.error("Single Instance User mode enabled, authenticating...");
+      selfhostedClient = await SelfhostedSupabaseClient.createWithUserAuth({
+        supabaseUrl: config.supabaseUrl,
+        supabaseAnonKey: config.supabaseAnonKey,
+        userEmail: config.userEmail,
+        userPassword: config.userPassword
       });
-      console.error("Supabase client initialized successfully (legacy mode).");
+      currentSupabaseClient = selfhostedClient;
+      const userId = selfhostedClient.getUserId();
+      const email = selfhostedClient.getUserEmail();
+      if (userId && email) {
+        userInfo = { userId, email };
+      }
+      console.error(`Authenticated as user: ${email} (ID: ${userId})`);
+      console.error("Note: Access is restricted by Row Level Security (RLS) policies.");
+    } else if (isSingleInstanceAdminConfig(config)) {
+      console.error("Single Instance Admin mode enabled, initializing client...");
+      selfhostedClient = await SelfhostedSupabaseClient.create({
+        supabaseUrl: config.supabaseUrl,
+        supabaseAnonKey: config.supabaseAnonKey,
+        supabaseServiceRoleKey: config.supabaseServiceRoleKey,
+        databaseUrl: config.databaseUrl,
+        jwtSecret: config.jwtSecret
+      }, "admin" /* SINGLE_INSTANCE_ADMIN */);
+      currentSupabaseClient = selfhostedClient;
+      console.error("Supabase client initialized successfully (admin mode).");
     }
-    let currentInstanceName = null;
-    let currentSupabaseClient = selfhostedClient;
     const getCurrentInstanceName = () => currentInstanceName;
     const setCurrentInstance = (instanceName, client) => {
       currentInstanceName = instanceName;
@@ -2462,25 +3052,53 @@ async function main() {
         supabaseServiceRoleKey: serviceKey,
         databaseUrl: options.dbUrl,
         jwtSecret
-      });
+      }, "aliyun" /* ALIYUN_MULTI_INSTANCE */);
     };
     let ragAgentClient = null;
     const initializeRagAgent = async (supabaseClient) => {
-      if (!options.enableRagAgent) {
+      if (!config.enableRagAgent) {
         return null;
       }
       try {
         console.error("Initializing RAG Agent client...");
-        const urlToUse = supabaseClient.getSupabaseUrl();
-        const anonKeyToUse = supabaseClient.getAnonKey();
-        const urlObj = new URL(urlToUse);
-        const host = urlObj.hostname;
+        const supabaseUrl = supabaseClient.getSupabaseUrl();
+        const urlObj = new URL(supabaseUrl);
         const port = urlObj.port ? parseInt(urlObj.port, 10) : urlObj.protocol === "https:" ? 443 : 80;
-        const client = await createRagAgentClient({
-          host,
-          port,
-          apiKey: anonKeyToUse
-        });
+        const hostUrl = `${urlObj.protocol}//${urlObj.hostname}:${port}`;
+        console.error(`RAG Agent host: ${hostUrl}`);
+        let client;
+        if (isSingleInstanceUserConfig(config)) {
+          const anonKey = supabaseClient.getAnonKey();
+          console.error("[initializeRagAgent] Tier 3: User mode detected");
+          console.error(`[initializeRagAgent] Using anon key for JWT auth`);
+          console.error(`[initializeRagAgent] Anon key preview: ${anonKey.substring(0, 20)}...`);
+          console.error(`[initializeRagAgent] User email: ${config.userEmail}`);
+          client = await createRagAgentClient({
+            host: hostUrl,
+            apiKey: anonKey,
+            userEmail: config.userEmail,
+            userPassword: config.userPassword
+          });
+        } else {
+          const serviceKey = supabaseClient.getServiceRoleKey();
+          const anonKey = supabaseClient.getAnonKey();
+          console.error("[initializeRagAgent] Tier 1/2: Admin mode detected");
+          console.error(`[initializeRagAgent] Service key available: ${!!serviceKey}`);
+          if (serviceKey) {
+            console.error(`[initializeRagAgent] Service key preview: ${serviceKey.substring(0, 20)}...`);
+          }
+          console.error(`[initializeRagAgent] Anon key preview: ${anonKey.substring(0, 20)}...`);
+          if (!serviceKey) {
+            console.error("[initializeRagAgent] WARNING: Service role key not available!");
+            console.error("[initializeRagAgent] This may cause 401 errors if RAG Agent requires admin access");
+          }
+          const apiKey = serviceKey || anonKey;
+          console.error(`[initializeRagAgent] Using: ${serviceKey ? "service_role key" : "anon key (fallback)"}`);
+          client = await createRagAgentClient({
+            host: hostUrl,
+            apiKey
+          });
+        }
         console.error("RAG Agent client initialized successfully.");
         return client;
       } catch (error) {
@@ -2489,14 +3107,14 @@ async function main() {
         return null;
       }
     };
-    if (options.enableRagAgent && isLegacyMode && selfhostedClient) {
-      ragAgentClient = await initializeRagAgent(selfhostedClient);
-    } else if (options.enableRagAgent && isAliyunMode) {
+    if (config.enableRagAgent && currentSupabaseClient) {
+      ragAgentClient = await initializeRagAgent(currentSupabaseClient);
+    } else if (config.enableRagAgent && isAliyunConfig(config)) {
       console.error("RAG Agent integration enabled.");
       console.error("RAG Agent tools will be available after connecting to a Supabase instance.");
     }
     const wrappedAliyunTools = {};
-    if (isAliyunMode) {
+    if (isAliyunConfig(config)) {
       wrappedAliyunTools[list_instances_default.name] = {
         ...list_instances_default,
         execute: async (input, context) => {
@@ -2517,7 +3135,7 @@ async function main() {
             setCurrentInstance,
             context.log
           );
-          if (result.success && currentSupabaseClient && options.enableRagAgent && !ragAgentClient) {
+          if (result.success && currentSupabaseClient && config.enableRagAgent && !ragAgentClient) {
             ragAgentClient = await initializeRagAgent(currentSupabaseClient);
           }
           return result;
@@ -2573,17 +3191,16 @@ async function main() {
       [install_execute_sql_function_default.name]: install_execute_sql_function_default,
       [searchDocsTool.name]: searchDocsTool
     };
-    if (options.enableRagAgent) {
+    if (config.enableRagAgent) {
       if (ragAgentClient) {
         const ragTools = wrapAllRagAgentTools(ragAgentClient);
         Object.assign(availableTools, ragTools);
         console.error(`Added ${Object.keys(ragTools).length} RAG Agent tools to available tools.`);
-      } else if (isAliyunMode) {
+      } else if (isAliyunConfig(config)) {
         const dummyRagTools = await (async () => {
           try {
             const tempClient = await createRagAgentClient({
-              host: "localhost",
-              port: 80,
+              host: "http://localhost:80",
               apiKey: "dummy"
             });
             const tools = wrapAllRagAgentTools(tempClient);
@@ -2609,8 +3226,16 @@ async function main() {
         console.error(`Added ${Object.keys(dummyRagTools).length} RAG Agent tools (will be initialized after connection).`);
       }
     }
-    let registeredTools = { ...availableTools };
-    const toolsConfigPath = options.toolsConfig;
+    const permissionFilteredTools = {};
+    for (const [toolName, tool] of Object.entries(availableTools)) {
+      if (isToolAllowed(toolName, permissionLevel)) {
+        permissionFilteredTools[toolName] = tool;
+      } else {
+        console.error(`Tool ${toolName} disabled (not allowed for ${permissionLevel} permission level).`);
+      }
+    }
+    let registeredTools = { ...permissionFilteredTools };
+    const toolsConfigPath = config.toolsConfig;
     let enabledToolNames = null;
     if (toolsConfigPath) {
       try {
@@ -2631,27 +3256,31 @@ async function main() {
         enabledToolNames = new Set(toolNames.map((name) => name.trim()).filter((name) => name.length > 0));
       } catch (error) {
         console.error(`Error loading or parsing tool config file '${toolsConfigPath}':`, error instanceof Error ? error.message : String(error));
-        console.error("Falling back to enabling all tools due to config error.");
+        console.error("Falling back to enabling all permission-allowed tools due to config error.");
         enabledToolNames = null;
       }
     }
     if (enabledToolNames !== null) {
       console.error(`Whitelisting tools based on config: ${Array.from(enabledToolNames).join(", ")}`);
       registeredTools = {};
-      for (const toolName in availableTools) {
+      for (const toolName in permissionFilteredTools) {
         if (enabledToolNames.has(toolName)) {
-          registeredTools[toolName] = availableTools[toolName];
+          registeredTools[toolName] = permissionFilteredTools[toolName];
         } else {
           console.error(`Tool ${toolName} disabled (not in config whitelist).`);
         }
       }
       for (const requestedName of enabledToolNames) {
-        if (!availableTools[requestedName]) {
-          console.warn(`Warning: Tool "${requestedName}" specified in config file not found.`);
+        if (!permissionFilteredTools[requestedName]) {
+          if (availableTools[requestedName]) {
+            console.warn(`Warning: Tool "${requestedName}" is not available for the current permission level.`);
+          } else {
+            console.warn(`Warning: Tool "${requestedName}" specified in config file not found.`);
+          }
         }
       }
     } else {
-      console.error("No valid --tools-config specified or error loading config, enabling all available tools.");
+      console.error("No valid --tools-config specified or error loading config, enabling all permission-allowed tools.");
     }
     const capabilitiesTools = {};
     for (const tool of Object.values(registeredTools)) {
@@ -2666,6 +3295,7 @@ async function main() {
       };
     }
     const capabilities = { tools: capabilitiesTools };
+    console.error(`Registered ${Object.keys(registeredTools).length} tools.`);
     console.error("Initializing MCP Server...");
     const server = new Server(
       {
@@ -2684,6 +3314,10 @@ async function main() {
       const tool = registeredTools[toolName];
       if (!tool) {
         if (availableTools[toolName]) {
+          const message = getToolNotAllowedMessage(toolName, permissionLevel);
+          throw new McpError(ErrorCode.MethodNotFound, message);
+        }
+        if (permissionFilteredTools[toolName]) {
           throw new McpError(ErrorCode.MethodNotFound, `Tool "${toolName}" is available but not enabled by the current server configuration.`);
         }
         throw new McpError(ErrorCode.MethodNotFound, `Unknown tool: ${toolName}`);
@@ -2709,7 +3343,7 @@ async function main() {
           "get_current_supabase_instance",
           "disconnect_supabase_instance"
         ].includes(toolName);
-        if (isAliyunMode && !isAliyunManagementTool && !currentSupabaseClient) {
+        if (isAliyunConfig(config) && !isAliyunManagementTool && !currentSupabaseClient) {
           throw new McpError(
             ErrorCode.InvalidRequest,
             "Not connected to any Supabase instance. Please use connect_to_supabase_instance tool first."
@@ -2717,7 +3351,10 @@ async function main() {
         }
         const context = {
           selfhostedClient: currentSupabaseClient,
-          workspacePath: options.workspacePath,
+          workspacePath: config.workspacePath || process.cwd(),
+          authMode,
+          permissionLevel,
+          userInfo,
           log: (message, level = "info") => {
             console.error(`[${level.toUpperCase()}] ${message}`);
           }
@@ -2756,6 +3393,9 @@ async function main() {
       if (ragAgentClient) {
         await ragAgentClient.close();
       }
+      if (selfhostedClient) {
+        await selfhostedClient.destroy();
+      }
     };
     process.on("SIGINT", async () => {
       await cleanup();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aliyun-rds/supabase-mcp-server",
-  "version": "1.0.6",
+  "version": "1.0.7",
   "description": "MCP (Model Context Protocol) server for self-hosted Supabase instances. Allows AI assistants to interact with your self-hosted Supabase database.",
   "main": "dist/index.js",
   "bin": {