@hexabot-ai/api 3.2.2-alpha.9 → 3.2.2-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/actions/actions.service.d.ts +1 -0
- package/dist/actions/actions.service.js +19 -1
- package/dist/actions/actions.service.js.map +1 -1
- package/dist/actions/types.d.ts +3 -1
- package/dist/app.controller.d.ts +1 -0
- package/dist/app.controller.js +1 -0
- package/dist/app.controller.js.map +1 -1
- package/dist/app.module.js +13 -1
- package/dist/app.module.js.map +1 -1
- package/dist/config/index.js +14 -2
- package/dist/config/index.js.map +1 -1
- package/dist/config/types.d.ts +9 -0
- package/dist/extensions/actions/ai/agent.action.d.ts +1 -1
- package/dist/extensions/actions/ai/agent.action.js +6 -3
- package/dist/extensions/actions/ai/agent.action.js.map +1 -1
- package/dist/extensions/actions/ai/ai-base.action.d.ts +1 -1
- package/dist/extensions/actions/ai/ai-base.action.js +18 -5
- package/dist/extensions/actions/ai/ai-base.action.js.map +1 -1
- package/dist/extensions/actions/ai/generate-object.base.action.d.ts +1 -1
- package/dist/extensions/actions/ai/generate-object.base.action.js +3 -2
- package/dist/extensions/actions/ai/generate-object.base.action.js.map +1 -1
- package/dist/extensions/actions/ai/generate-text.base.action.d.ts +1 -1
- package/dist/extensions/actions/ai/generate-text.base.action.js +3 -2
- package/dist/extensions/actions/ai/generate-text.base.action.js.map +1 -1
- package/dist/extensions/actions/ai/mcp.binding.js +2 -0
- package/dist/extensions/actions/ai/mcp.binding.js.map +1 -1
- package/dist/extensions/actions/ai/memory.binding.js +2 -0
- package/dist/extensions/actions/ai/memory.binding.js.map +1 -1
- package/dist/extensions/actions/ai/retrieve-content-rag.action.js +2 -0
- package/dist/extensions/actions/ai/retrieve-content-rag.action.js.map +1 -1
- package/dist/extensions/actions/messaging/list.action.d.ts +2 -2
- package/dist/extensions/actions/messaging/list.action.js +7 -0
- package/dist/extensions/actions/messaging/list.action.js.map +1 -1
- package/dist/extensions/actions/subscriber/update-labels.action.js +3 -0
- package/dist/extensions/actions/subscriber/update-labels.action.js.map +1 -1
- package/dist/extensions/actions/web/http-request.action.js +12 -1
- package/dist/extensions/actions/web/http-request.action.js.map +1 -1
- package/dist/extensions/actions/workflow/call-workflow.action.d.ts +19 -0
- package/dist/extensions/actions/workflow/call-workflow.action.js +83 -0
- package/dist/extensions/actions/workflow/call-workflow.action.js.map +1 -0
- package/dist/extensions/actions/workflow/i18n/en.translations.json +9 -0
- package/dist/extensions/actions/workflow/i18n/fr.translations.json +9 -0
- package/dist/extensions/index.d.ts +1 -0
- package/dist/extensions/index.js +1 -0
- package/dist/extensions/index.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/mcp/controllers/mcp-token.controller.d.ts +47 -0
- package/dist/mcp/controllers/mcp-token.controller.js +70 -0
- package/dist/mcp/controllers/mcp-token.controller.js.map +1 -0
- package/dist/mcp/decorators/mcp-permission.decorator.d.ts +8 -0
- package/dist/mcp/decorators/mcp-permission.decorator.js +11 -0
- package/dist/mcp/decorators/mcp-permission.decorator.js.map +1 -0
- package/dist/mcp/dto/mcp-token.dto.d.ts +17 -0
- package/dist/mcp/dto/mcp-token.dto.js +40 -0
- package/dist/mcp/dto/mcp-token.dto.js.map +1 -0
- package/dist/mcp/entities/mcp-token.entity.d.ts +111 -0
- package/dist/mcp/entities/mcp-token.entity.js +69 -0
- package/dist/mcp/entities/mcp-token.entity.js.map +1 -0
- package/dist/mcp/guards/hexabot-mcp-token.guard.d.ts +9 -0
- package/dist/mcp/guards/hexabot-mcp-token.guard.js +49 -0
- package/dist/mcp/guards/hexabot-mcp-token.guard.js.map +1 -0
- package/dist/mcp/guards/mcp-permission.guard.d.ts +9 -0
- package/dist/mcp/guards/mcp-permission.guard.js +47 -0
- package/dist/mcp/guards/mcp-permission.guard.js.map +1 -0
- package/dist/mcp/mcp-api.module.d.ts +2 -0
- package/dist/mcp/mcp-api.module.js +65 -0
- package/dist/mcp/mcp-api.module.js.map +1 -0
- package/dist/mcp/repositories/mcp-token.repository.d.ts +8 -0
- package/dist/mcp/repositories/mcp-token.repository.js +41 -0
- package/dist/mcp/repositories/mcp-token.repository.js.map +1 -0
- package/dist/mcp/services/mcp-token.service.d.ts +24 -0
- package/dist/mcp/services/mcp-token.service.js +106 -0
- package/dist/mcp/services/mcp-token.service.js.map +1 -0
- package/dist/mcp/tools/catalog-mcp.tools.d.ts +63 -0
- package/dist/mcp/tools/catalog-mcp.tools.js +135 -0
- package/dist/mcp/tools/catalog-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/cms-mcp.tools.d.ts +128 -0
- package/dist/mcp/tools/cms-mcp.tools.js +242 -0
- package/dist/mcp/tools/cms-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/credential-mcp.tools.d.ts +19 -0
- package/dist/mcp/tools/credential-mcp.tools.js +82 -0
- package/dist/mcp/tools/credential-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp-tool.base.d.ts +22 -0
- package/dist/mcp/tools/hexabot-mcp-tool.base.js +48 -0
- package/dist/mcp/tools/hexabot-mcp-tool.base.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp.schemas.d.ts +41 -0
- package/dist/mcp/tools/hexabot-mcp.schemas.js +36 -0
- package/dist/mcp/tools/hexabot-mcp.schemas.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp.tools.d.ts +1 -0
- package/dist/mcp/tools/hexabot-mcp.tools.js +18 -0
- package/dist/mcp/tools/hexabot-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp.utils.d.ts +2 -0
- package/dist/mcp/tools/hexabot-mcp.utils.js +21 -0
- package/dist/mcp/tools/hexabot-mcp.utils.js.map +1 -0
- package/dist/mcp/tools/index.d.ts +22 -0
- package/dist/mcp/tools/index.js +50 -0
- package/dist/mcp/tools/index.js.map +1 -0
- package/dist/mcp/tools/mcp-server-mcp.tools.d.ts +77 -0
- package/dist/mcp/tools/mcp-server-mcp.tools.js +130 -0
- package/dist/mcp/tools/mcp-server-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/memory-definition-mcp.tools.d.ts +57 -0
- package/dist/mcp/tools/memory-definition-mcp.tools.js +128 -0
- package/dist/mcp/tools/memory-definition-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/workflow-mcp.helper.d.ts +156 -0
- package/dist/mcp/tools/workflow-mcp.helper.js +128 -0
- package/dist/mcp/tools/workflow-mcp.helper.js.map +1 -0
- package/dist/mcp/tools/workflow-mcp.tools.d.ts +790 -0
- package/dist/mcp/tools/workflow-mcp.tools.js +227 -0
- package/dist/mcp/tools/workflow-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/workflow-run-mcp.tools.d.ts +349 -0
- package/dist/mcp/tools/workflow-run-mcp.tools.js +242 -0
- package/dist/mcp/tools/workflow-run-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/workflow-version-mcp.tools.d.ts +238 -0
- package/dist/mcp/tools/workflow-version-mcp.tools.js +368 -0
- package/dist/mcp/tools/workflow-version-mcp.tools.js.map +1 -0
- package/dist/mcp/types.d.ts +7 -0
- package/dist/mcp/types.js +3 -0
- package/dist/mcp/types.js.map +1 -0
- package/dist/static/assets/{browser-ponyfill-Qk7qpw-i.js → browser-ponyfill-D1dKqhtP.js} +2 -2
- package/dist/static/assets/{cssMode-CdhvY6oD.js → cssMode-DplazEqd.js} +1 -1
- package/dist/static/assets/{freemarker2-BPoURZH1.js → freemarker2-oSA1bGAm.js} +1 -1
- package/dist/static/assets/{handlebars-C4oubER1.js → handlebars-CcC7EgN2.js} +1 -1
- package/dist/static/assets/{html-CDE5RgVN.js → html-CcFTB7eP.js} +1 -1
- package/dist/static/assets/{htmlMode-C8edIUUq.js → htmlMode-g5g2wCUD.js} +1 -1
- package/dist/static/assets/{index-C1NxBXuS.js → index-CMp45yDR.js} +2379 -2330
- package/dist/static/assets/{index-BI1BtkYv.css → index-D-b9KTZd.css} +1 -1
- package/dist/static/assets/{javascript-Wp5m7adK.js → javascript-Dv0J7ioP.js} +1 -1
- package/dist/static/assets/{jsonMode-0eww5Srr.js → jsonMode-CzBkKOe4.js} +1 -1
- package/dist/static/assets/{liquid-DTktXITv.js → liquid-CptRs_ZU.js} +1 -1
- package/dist/static/assets/{lspLanguageFeatures-BzIRlKhn.js → lspLanguageFeatures-DXNU_upS.js} +1 -1
- package/dist/static/assets/{mdx-D508emqD.js → mdx-af00eMTm.js} +1 -1
- package/dist/static/assets/{python-BfhIq2kX.js → python-CNcx7i3L.js} +1 -1
- package/dist/static/assets/{razor-C7F8fOds.js → razor-BL_MSmP7.js} +1 -1
- package/dist/static/assets/{tsMode-B8zPu6Wl.js → tsMode-BWD4nt2F.js} +1 -1
- package/dist/static/assets/{typescript-Dew3VavZ.js → typescript-BbKUic6G.js} +1 -1
- package/dist/static/assets/{xml-B_2tc6Mh.js → xml-DFx6l4N0.js} +1 -1
- package/dist/static/assets/{yaml-pHcw4KrS.js → yaml-BNuTzPxo.js} +1 -1
- package/dist/static/index.html +2 -2
- package/dist/static/locales/en/translation.json +89 -4
- package/dist/static/locales/fr/translation.json +90 -5
- package/dist/transfer/adapters/content-type-transfer.adapter.d.ts +14 -0
- package/dist/transfer/adapters/content-type-transfer.adapter.js +102 -0
- package/dist/transfer/adapters/content-type-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/credential-transfer.adapter.d.ts +13 -0
- package/dist/transfer/adapters/credential-transfer.adapter.js +110 -0
- package/dist/transfer/adapters/credential-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/label-transfer.adapter.d.ts +15 -0
- package/dist/transfer/adapters/label-transfer.adapter.js +189 -0
- package/dist/transfer/adapters/label-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/mcp-server-transfer.adapter.d.ts +16 -0
- package/dist/transfer/adapters/mcp-server-transfer.adapter.js +169 -0
- package/dist/transfer/adapters/mcp-server-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/memory-definition-transfer.adapter.d.ts +14 -0
- package/dist/transfer/adapters/memory-definition-transfer.adapter.js +111 -0
- package/dist/transfer/adapters/memory-definition-transfer.adapter.js.map +1 -0
- package/dist/transfer/index.d.ts +7 -0
- package/dist/transfer/index.js +24 -0
- package/dist/transfer/index.js.map +1 -0
- package/dist/transfer/workflow-transfer-adapter.registry.d.ts +27 -0
- package/dist/transfer/workflow-transfer-adapter.registry.js +164 -0
- package/dist/transfer/workflow-transfer-adapter.registry.js.map +1 -0
- package/dist/transfer/workflow-transfer-definition.service.d.ts +40 -0
- package/dist/transfer/workflow-transfer-definition.service.js +353 -0
- package/dist/transfer/workflow-transfer-definition.service.js.map +1 -0
- package/dist/transfer/workflow-transfer-resource-adapter.d.ts +33 -0
- package/dist/transfer/workflow-transfer-resource-adapter.js +81 -0
- package/dist/transfer/workflow-transfer-resource-adapter.js.map +1 -0
- package/dist/transfer/workflow-transfer.controller.d.ts +9 -0
- package/dist/transfer/workflow-transfer.controller.js +63 -0
- package/dist/transfer/workflow-transfer.controller.js.map +1 -0
- package/dist/transfer/workflow-transfer.module.d.ts +2 -0
- package/dist/transfer/workflow-transfer.module.js +47 -0
- package/dist/transfer/workflow-transfer.module.js.map +1 -0
- package/dist/transfer/workflow-transfer.service.d.ts +51 -0
- package/dist/transfer/workflow-transfer.service.js +509 -0
- package/dist/transfer/workflow-transfer.service.js.map +1 -0
- package/dist/transfer/workflow-transfer.types.d.ts +31 -0
- package/dist/transfer/workflow-transfer.types.js +35 -0
- package/dist/transfer/workflow-transfer.types.js.map +1 -0
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/dist/types/event-emitter.d.ts +12 -5
- package/dist/user/dto/user.dto.d.ts +1 -1
- package/dist/user/guards/ability.guard.js +12 -2
- package/dist/user/guards/ability.guard.js.map +1 -1
- package/dist/utils/test/fixtures/label-group.d.ts +1 -1
- package/dist/utils/test/fixtures/label.d.ts +1 -1
- package/dist/utils/test/fixtures/subscriber.d.ts +1 -1
- package/dist/utils/test/fixtures/workflow-run.js +4 -1
- package/dist/utils/test/fixtures/workflow-run.js.map +1 -1
- package/dist/utils/test/port.d.ts +8 -0
- package/dist/utils/test/port.js +34 -0
- package/dist/utils/test/port.js.map +1 -0
- package/dist/websocket/websocket.gateway.d.ts +2 -1
- package/dist/websocket/websocket.gateway.js.map +1 -1
- package/dist/workflow/contexts/workflow-runtime.context.d.ts +3 -1
- package/dist/workflow/contexts/workflow-runtime.context.js +5 -0
- package/dist/workflow/contexts/workflow-runtime.context.js.map +1 -1
- package/dist/workflow/controllers/workflow-run.controller.js +2 -0
- package/dist/workflow/controllers/workflow-run.controller.js.map +1 -1
- package/dist/workflow/dto/workflow-run.dto.d.ts +1 -0
- package/dist/workflow/dto/workflow-run.dto.js +11 -0
- package/dist/workflow/dto/workflow-run.dto.js.map +1 -1
- package/dist/workflow/entities/memory-record.entity.d.ts +2 -0
- package/dist/workflow/entities/workflow-run.entity.d.ts +62 -0
- package/dist/workflow/entities/workflow-run.entity.js +15 -1
- package/dist/workflow/entities/workflow-run.entity.js.map +1 -1
- package/dist/workflow/index.d.ts +7 -0
- package/dist/workflow/index.js +7 -0
- package/dist/workflow/index.js.map +1 -1
- package/dist/workflow/repositories/workflow-run.repository.js +7 -1
- package/dist/workflow/repositories/workflow-run.repository.js.map +1 -1
- package/dist/workflow/resource-refs.d.ts +17 -0
- package/dist/workflow/resource-refs.js +15 -0
- package/dist/workflow/resource-refs.js.map +1 -0
- package/dist/workflow/services/agentic.service.d.ts +9 -2
- package/dist/workflow/services/agentic.service.js +142 -19
- package/dist/workflow/services/agentic.service.js.map +1 -1
- package/dist/workflow/services/workflow-run.service.d.ts +3 -0
- package/dist/workflow/services/workflow-run.service.js +75 -3
- package/dist/workflow/services/workflow-run.service.js.map +1 -1
- package/dist/workflow/services/workflow-version.service.d.ts +2 -0
- package/dist/workflow/services/workflow-version.service.js +19 -0
- package/dist/workflow/services/workflow-version.service.js.map +1 -1
- package/dist/workflow/services/workflow.service.d.ts +13 -9
- package/dist/workflow/services/workflow.service.js +64 -35
- package/dist/workflow/services/workflow.service.js.map +1 -1
- package/dist/workflow/types.d.ts +31 -0
- package/dist/workflow/types.js +2 -1
- package/dist/workflow/types.js.map +1 -1
- package/dist/workflow/workflow.module.js +3 -0
- package/dist/workflow/workflow.module.js.map +1 -1
- package/package.json +8 -6
- package/src/actions/actions.service.ts +34 -4
- package/src/actions/types.ts +6 -5
- package/src/app.controller.ts +1 -0
- package/src/app.module.ts +17 -1
- package/src/config/index.ts +17 -2
- package/src/config/types.ts +9 -0
- package/src/extensions/actions/ai/agent.action.ts +6 -1
- package/src/extensions/actions/ai/ai-base.action.ts +39 -5
- package/src/extensions/actions/ai/generate-object.base.action.ts +3 -0
- package/src/extensions/actions/ai/generate-text.base.action.ts +3 -0
- package/src/extensions/actions/ai/mcp.binding.ts +2 -0
- package/src/extensions/actions/ai/memory.binding.ts +2 -0
- package/src/extensions/actions/ai/retrieve-content-rag.action.ts +2 -0
- package/src/extensions/actions/messaging/list.action.ts +7 -0
- package/src/extensions/actions/subscriber/update-labels.action.ts +3 -0
- package/src/extensions/actions/web/http-request.action.ts +17 -1
- package/src/extensions/actions/workflow/call-workflow.action.ts +112 -0
- package/src/extensions/actions/workflow/i18n/en.translations.json +9 -0
- package/src/extensions/actions/workflow/i18n/fr.translations.json +9 -0
- package/src/extensions/index.ts +2 -0
- package/src/index.ts +2 -0
- package/src/mcp/README.md +277 -0
- package/src/mcp/controllers/mcp-token.controller.ts +64 -0
- package/src/mcp/decorators/mcp-permission.decorator.ts +23 -0
- package/src/mcp/dto/mcp-token.dto.ts +48 -0
- package/src/mcp/entities/mcp-token.entity.ts +60 -0
- package/src/mcp/guards/hexabot-mcp-token.guard.ts +55 -0
- package/src/mcp/guards/mcp-permission.guard.ts +61 -0
- package/src/mcp/mcp-api.module.ts +61 -0
- package/src/mcp/repositories/mcp-token.repository.ts +34 -0
- package/src/mcp/services/mcp-token.service.ts +138 -0
- package/src/mcp/tools/catalog-mcp.tools.ts +122 -0
- package/src/mcp/tools/cms-mcp.tools.ts +239 -0
- package/src/mcp/tools/credential-mcp.tools.ts +81 -0
- package/src/mcp/tools/hexabot-mcp-tool.base.ts +74 -0
- package/src/mcp/tools/hexabot-mcp.schemas.ts +55 -0
- package/src/mcp/tools/hexabot-mcp.tools.ts +7 -0
- package/src/mcp/tools/hexabot-mcp.utils.ts +29 -0
- package/src/mcp/tools/index.ts +51 -0
- package/src/mcp/tools/mcp-server-mcp.tools.ts +135 -0
- package/src/mcp/tools/memory-definition-mcp.tools.ts +125 -0
- package/src/mcp/tools/workflow-mcp.helper.ts +219 -0
- package/src/mcp/tools/workflow-mcp.tools.ts +271 -0
- package/src/mcp/tools/workflow-run-mcp.tools.ts +292 -0
- package/src/mcp/tools/workflow-version-mcp.tools.ts +459 -0
- package/src/mcp/types.ts +14 -0
- package/src/transfer/adapters/content-type-transfer.adapter.ts +154 -0
- package/src/transfer/adapters/credential-transfer.adapter.ts +158 -0
- package/src/transfer/adapters/label-transfer.adapter.ts +291 -0
- package/src/transfer/adapters/mcp-server-transfer.adapter.ts +255 -0
- package/src/transfer/adapters/memory-definition-transfer.adapter.ts +167 -0
- package/src/transfer/index.ts +19 -0
- package/src/transfer/workflow-transfer-adapter.registry.ts +250 -0
- package/src/transfer/workflow-transfer-definition.service.ts +587 -0
- package/src/transfer/workflow-transfer-resource-adapter.ts +132 -0
- package/src/transfer/workflow-transfer.controller.ts +86 -0
- package/src/transfer/workflow-transfer.module.ts +46 -0
- package/src/transfer/workflow-transfer.service.ts +858 -0
- package/src/transfer/workflow-transfer.types.ts +98 -0
- package/src/user/guards/ability.guard.ts +15 -3
- package/src/utils/test/fixtures/workflow-run.ts +4 -1
- package/src/utils/test/port.ts +48 -0
- package/src/websocket/websocket.gateway.ts +2 -1
- package/src/workflow/contexts/workflow-runtime.context.ts +12 -1
- package/src/workflow/controllers/workflow-run.controller.ts +2 -0
- package/src/workflow/dto/workflow-run.dto.ts +10 -0
- package/src/workflow/entities/workflow-run.entity.ts +22 -1
- package/src/workflow/index.ts +14 -0
- package/src/workflow/repositories/workflow-run.repository.ts +7 -1
- package/src/workflow/resource-refs.ts +44 -0
- package/src/workflow/services/agentic.service.ts +271 -30
- package/src/workflow/services/workflow-run.service.ts +120 -7
- package/src/workflow/services/workflow-version.service.ts +33 -0
- package/src/workflow/services/workflow.service.ts +86 -31
- package/src/workflow/types.ts +52 -0
- package/src/workflow/workflow.module.ts +3 -0
- package/types/event-emitter.d.ts +12 -5
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Hexabot — Fair Core License (FCL-1.0-ALv2)
|
|
3
|
+
* Copyright (c) 2026 Hexastack.
|
|
4
|
+
* Full terms: see LICENSE.md.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
import { createHash, randomBytes } from 'crypto';
|
|
8
|
+
|
|
9
|
+
import type { McpToken, User } from '@hexabot-ai/types';
|
|
10
|
+
import {
|
|
11
|
+
BadRequestException,
|
|
12
|
+
Injectable,
|
|
13
|
+
NotFoundException,
|
|
14
|
+
UnauthorizedException,
|
|
15
|
+
} from '@nestjs/common';
|
|
16
|
+
import { FindManyOptions } from 'typeorm';
|
|
17
|
+
|
|
18
|
+
import { UserOrmEntity } from '@/user/entities/user.entity';
|
|
19
|
+
import { BaseOrmService } from '@/utils/generics/base-orm.service';
|
|
20
|
+
|
|
21
|
+
import { McpTokenCreateDto } from '../dto/mcp-token.dto';
|
|
22
|
+
import { McpTokenOrmEntity } from '../entities/mcp-token.entity';
|
|
23
|
+
import { McpTokenRepository } from '../repositories/mcp-token.repository';
|
|
24
|
+
|
|
25
|
+
export const MCP_PERSONAL_TOKEN_PREFIX = 'hbt_mcp_';
|
|
26
|
+
|
|
27
|
+
@Injectable()
|
|
28
|
+
export class McpTokenService extends BaseOrmService<McpTokenOrmEntity> {
|
|
29
|
+
constructor(readonly repository: McpTokenRepository) {
|
|
30
|
+
super(repository);
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
async createPersonalToken(
|
|
34
|
+
ownerId: string,
|
|
35
|
+
dto: McpTokenCreateDto,
|
|
36
|
+
): Promise<{ token: string; record: McpToken }> {
|
|
37
|
+
const token = this.generateToken();
|
|
38
|
+
const expiresAt = this.parseOptionalExpiry(dto.expiresAt);
|
|
39
|
+
const record = await this.repository.create({
|
|
40
|
+
name: dto.name,
|
|
41
|
+
owner: ownerId,
|
|
42
|
+
tokenHash: this.hashToken(token),
|
|
43
|
+
tokenPrefix: this.getTokenPrefix(token),
|
|
44
|
+
expiresAt,
|
|
45
|
+
lastUsedAt: null,
|
|
46
|
+
revokedAt: null,
|
|
47
|
+
} as any);
|
|
48
|
+
|
|
49
|
+
return { token, record };
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
async findOwnedTokens(ownerId: string): Promise<McpToken[]> {
|
|
53
|
+
return await this.repository.find({
|
|
54
|
+
where: { owner: { id: ownerId } },
|
|
55
|
+
order: { createdAt: 'DESC' },
|
|
56
|
+
} as FindManyOptions<McpTokenOrmEntity>);
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
async revokeOwnedToken(ownerId: string, id: string): Promise<McpToken> {
|
|
60
|
+
const token = await this.repository.findOne({
|
|
61
|
+
where: { id, owner: { id: ownerId } },
|
|
62
|
+
} as any);
|
|
63
|
+
|
|
64
|
+
if (!token) {
|
|
65
|
+
throw new NotFoundException(`MCP token ${id} not found`);
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
return await this.repository.updateOne(
|
|
69
|
+
{
|
|
70
|
+
where: { id, owner: { id: ownerId } },
|
|
71
|
+
} as any,
|
|
72
|
+
{ revokedAt: new Date() } as any,
|
|
73
|
+
);
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
async authenticateBearerToken(
|
|
77
|
+
token: string,
|
|
78
|
+
): Promise<{ user: User; tokenId: string }> {
|
|
79
|
+
if (!token.startsWith(MCP_PERSONAL_TOKEN_PREFIX)) {
|
|
80
|
+
throw new UnauthorizedException('Invalid MCP token');
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
const record = await this.repository.findOneByHash(this.hashToken(token));
|
|
84
|
+
|
|
85
|
+
if (!record) {
|
|
86
|
+
throw new UnauthorizedException('Invalid MCP token');
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
if (record.revokedAt) {
|
|
90
|
+
throw new UnauthorizedException('MCP token has been revoked');
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
if (record.expiresAt && record.expiresAt <= new Date()) {
|
|
94
|
+
throw new UnauthorizedException('MCP token has expired');
|
|
95
|
+
}
|
|
96
|
+
|
|
97
|
+
const owner = record.owner as UserOrmEntity | undefined;
|
|
98
|
+
if (!owner?.state) {
|
|
99
|
+
throw new UnauthorizedException('MCP token owner is inactive');
|
|
100
|
+
}
|
|
101
|
+
|
|
102
|
+
await this.repository.touchLastUsedAt(record.id);
|
|
103
|
+
|
|
104
|
+
return {
|
|
105
|
+
user: owner.toPlainCls() as User,
|
|
106
|
+
tokenId: record.id,
|
|
107
|
+
};
|
|
108
|
+
}
|
|
109
|
+
|
|
110
|
+
private generateToken(): string {
|
|
111
|
+
return `${MCP_PERSONAL_TOKEN_PREFIX}${randomBytes(32).toString('base64url')}`;
|
|
112
|
+
}
|
|
113
|
+
|
|
114
|
+
private hashToken(token: string): string {
|
|
115
|
+
return createHash('sha256').update(token).digest('hex');
|
|
116
|
+
}
|
|
117
|
+
|
|
118
|
+
private getTokenPrefix(token: string): string {
|
|
119
|
+
return token.slice(0, MCP_PERSONAL_TOKEN_PREFIX.length + 8);
|
|
120
|
+
}
|
|
121
|
+
|
|
122
|
+
private parseOptionalExpiry(value?: string | null): Date | null {
|
|
123
|
+
if (!value) {
|
|
124
|
+
return null;
|
|
125
|
+
}
|
|
126
|
+
|
|
127
|
+
const expiresAt = new Date(value);
|
|
128
|
+
if (Number.isNaN(expiresAt.getTime())) {
|
|
129
|
+
throw new BadRequestException('Invalid MCP token expiry date');
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
if (expiresAt <= new Date()) {
|
|
133
|
+
throw new BadRequestException('MCP token expiry must be in the future');
|
|
134
|
+
}
|
|
135
|
+
|
|
136
|
+
return expiresAt;
|
|
137
|
+
}
|
|
138
|
+
}
|
|
@@ -0,0 +1,122 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Hexabot — Fair Core License (FCL-1.0-ALv2)
|
|
3
|
+
* Copyright (c) 2026 Hexastack.
|
|
4
|
+
* Full terms: see LICENSE.md.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
import { Action } from '@hexabot-ai/types';
|
|
8
|
+
import { Injectable, NotFoundException } from '@nestjs/common';
|
|
9
|
+
import { Tool, ToolGuards } from '@rekog/mcp-nest';
|
|
10
|
+
import { z } from 'zod';
|
|
11
|
+
|
|
12
|
+
import { ActionService } from '@/actions/actions.service';
|
|
13
|
+
import { RuntimeBindingsService } from '@/bindings/runtime-bindings.service';
|
|
14
|
+
import { WorkflowType } from '@/workflow/types';
|
|
15
|
+
|
|
16
|
+
import { McpPermission } from '../decorators/mcp-permission.decorator';
|
|
17
|
+
import { McpPermissionGuard } from '../guards/mcp-permission.guard';
|
|
18
|
+
|
|
19
|
+
@Injectable()
|
|
20
|
+
export class HexabotCatalogMcpTools {
|
|
21
|
+
constructor(
|
|
22
|
+
private readonly actionService: ActionService,
|
|
23
|
+
private readonly runtimeBindingsService: RuntimeBindingsService,
|
|
24
|
+
) {}
|
|
25
|
+
|
|
26
|
+
@McpPermission('workflow', Action.READ)
|
|
27
|
+
@ToolGuards([McpPermissionGuard])
|
|
28
|
+
@Tool({
|
|
29
|
+
name: 'hexabot_action_search',
|
|
30
|
+
description: 'Search available workflow actions and their schemas.',
|
|
31
|
+
parameters: z.object({
|
|
32
|
+
query: z.string().optional(),
|
|
33
|
+
workflowType: z.enum(WorkflowType).optional(),
|
|
34
|
+
}),
|
|
35
|
+
})
|
|
36
|
+
async searchActions(args: { query?: string; workflowType?: WorkflowType }) {
|
|
37
|
+
const query = args.query?.toLowerCase();
|
|
38
|
+
const actions = this.actionService.getAllSchemaDefinitions(
|
|
39
|
+
args.workflowType,
|
|
40
|
+
);
|
|
41
|
+
|
|
42
|
+
return {
|
|
43
|
+
items: query
|
|
44
|
+
? actions.filter((action) =>
|
|
45
|
+
[
|
|
46
|
+
action.name,
|
|
47
|
+
action.description,
|
|
48
|
+
action.group,
|
|
49
|
+
...(action.workflowTypes ?? []),
|
|
50
|
+
]
|
|
51
|
+
.filter(Boolean)
|
|
52
|
+
.some((value) => `${value}`.toLowerCase().includes(query)),
|
|
53
|
+
)
|
|
54
|
+
: actions,
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
@McpPermission('workflow', Action.READ)
|
|
59
|
+
@ToolGuards([McpPermissionGuard])
|
|
60
|
+
@Tool({
|
|
61
|
+
name: 'hexabot_action_get',
|
|
62
|
+
description: 'Read schema metadata for one workflow action.',
|
|
63
|
+
parameters: z.object({
|
|
64
|
+
name: z.string().min(1),
|
|
65
|
+
}),
|
|
66
|
+
})
|
|
67
|
+
async getAction(args: { name: string }) {
|
|
68
|
+
const action = this.actionService
|
|
69
|
+
.getAllSchemaDefinitions()
|
|
70
|
+
.find((entry) => entry.name === args.name);
|
|
71
|
+
if (!action) {
|
|
72
|
+
throw new NotFoundException(`Action ${args.name} not found`);
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
return action;
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
@McpPermission('workflow', Action.READ)
|
|
79
|
+
@ToolGuards([McpPermissionGuard])
|
|
80
|
+
@Tool({
|
|
81
|
+
name: 'hexabot_binding_search',
|
|
82
|
+
description: 'Search workflow runtime binding kind schemas.',
|
|
83
|
+
parameters: z.object({
|
|
84
|
+
query: z.string().optional(),
|
|
85
|
+
}),
|
|
86
|
+
})
|
|
87
|
+
async searchBindings(args: { query?: string }) {
|
|
88
|
+
const query = args.query?.toLowerCase();
|
|
89
|
+
const entries = Object.entries(
|
|
90
|
+
this.runtimeBindingsService.getAllSchemaDefinitions(),
|
|
91
|
+
).map(([kind, definition]) => ({ kind, ...definition }));
|
|
92
|
+
|
|
93
|
+
return {
|
|
94
|
+
items: query
|
|
95
|
+
? entries.filter((entry) =>
|
|
96
|
+
[entry.kind, entry.icon, entry.color]
|
|
97
|
+
.filter(Boolean)
|
|
98
|
+
.some((value) => `${value}`.toLowerCase().includes(query)),
|
|
99
|
+
)
|
|
100
|
+
: entries,
|
|
101
|
+
};
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
@McpPermission('workflow', Action.READ)
|
|
105
|
+
@ToolGuards([McpPermissionGuard])
|
|
106
|
+
@Tool({
|
|
107
|
+
name: 'hexabot_binding_get',
|
|
108
|
+
description: 'Read schema metadata for one workflow runtime binding kind.',
|
|
109
|
+
parameters: z.object({
|
|
110
|
+
kind: z.string().min(1),
|
|
111
|
+
}),
|
|
112
|
+
})
|
|
113
|
+
async getBinding(args: { kind: string }) {
|
|
114
|
+
const bindings = this.runtimeBindingsService.getAllSchemaDefinitions();
|
|
115
|
+
const binding = bindings[args.kind];
|
|
116
|
+
if (!binding) {
|
|
117
|
+
throw new NotFoundException(`Binding kind ${args.kind} not found`);
|
|
118
|
+
}
|
|
119
|
+
|
|
120
|
+
return { kind: args.kind, ...binding };
|
|
121
|
+
}
|
|
122
|
+
}
|
|
@@ -0,0 +1,239 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Hexabot — Fair Core License (FCL-1.0-ALv2)
|
|
3
|
+
* Copyright (c) 2026 Hexastack.
|
|
4
|
+
* Full terms: see LICENSE.md.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
import { Action } from '@hexabot-ai/types';
|
|
8
|
+
import { Injectable, NotFoundException } from '@nestjs/common';
|
|
9
|
+
import { Tool, ToolGuards } from '@rekog/mcp-nest';
|
|
10
|
+
import { z } from 'zod';
|
|
11
|
+
|
|
12
|
+
import { ContentTypeOrmEntity } from '@/cms/entities/content-type.entity';
|
|
13
|
+
import { ContentOrmEntity } from '@/cms/entities/content.entity';
|
|
14
|
+
import { ContentTypeService } from '@/cms/services/content-type.service';
|
|
15
|
+
import { ContentService } from '@/cms/services/content.service';
|
|
16
|
+
|
|
17
|
+
import { McpPermission } from '../decorators/mcp-permission.decorator';
|
|
18
|
+
import { McpPermissionGuard } from '../guards/mcp-permission.guard';
|
|
19
|
+
|
|
20
|
+
import { HexabotMcpToolBase } from './hexabot-mcp-tool.base';
|
|
21
|
+
import {
|
|
22
|
+
jsonObjectSchema,
|
|
23
|
+
PaginationArgs,
|
|
24
|
+
paginationSchema,
|
|
25
|
+
uuidSchema,
|
|
26
|
+
} from './hexabot-mcp.schemas';
|
|
27
|
+
|
|
28
|
+
@Injectable()
|
|
29
|
+
export class HexabotCmsMcpTools extends HexabotMcpToolBase {
|
|
30
|
+
constructor(
|
|
31
|
+
private readonly contentTypeService: ContentTypeService,
|
|
32
|
+
private readonly contentService: ContentService,
|
|
33
|
+
) {
|
|
34
|
+
super();
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
@McpPermission('contenttype', Action.READ)
|
|
38
|
+
@ToolGuards([McpPermissionGuard])
|
|
39
|
+
@Tool({
|
|
40
|
+
name: 'hexabot_content_type_search',
|
|
41
|
+
description: 'Search CMS content types.',
|
|
42
|
+
parameters: z.object({
|
|
43
|
+
query: z.string().optional(),
|
|
44
|
+
...paginationSchema,
|
|
45
|
+
}),
|
|
46
|
+
})
|
|
47
|
+
async searchContentTypes(args: { query?: string } & PaginationArgs) {
|
|
48
|
+
const where = args.query ? { name: this.contains(args.query) } : {};
|
|
49
|
+
|
|
50
|
+
return await this.listWithCount(
|
|
51
|
+
this.contentTypeService,
|
|
52
|
+
this.findOptions<ContentTypeOrmEntity>(args, where),
|
|
53
|
+
);
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
@McpPermission('contenttype', Action.READ)
|
|
57
|
+
@ToolGuards([McpPermissionGuard])
|
|
58
|
+
@Tool({
|
|
59
|
+
name: 'hexabot_content_type_get',
|
|
60
|
+
description: 'Read one CMS content type.',
|
|
61
|
+
parameters: z.object({
|
|
62
|
+
id: uuidSchema,
|
|
63
|
+
}),
|
|
64
|
+
})
|
|
65
|
+
async getContentType(args: { id: string }) {
|
|
66
|
+
const contentType = await this.contentTypeService.findOne(args.id);
|
|
67
|
+
if (!contentType) {
|
|
68
|
+
throw new NotFoundException(`Content type ${args.id} not found`);
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
return contentType;
|
|
72
|
+
}
|
|
73
|
+
|
|
74
|
+
@McpPermission('contenttype', Action.CREATE)
|
|
75
|
+
@ToolGuards([McpPermissionGuard])
|
|
76
|
+
@Tool({
|
|
77
|
+
name: 'hexabot_content_type_create',
|
|
78
|
+
description: 'Create a CMS content type.',
|
|
79
|
+
parameters: z.object({
|
|
80
|
+
name: z.string().min(1),
|
|
81
|
+
schema: jsonObjectSchema,
|
|
82
|
+
}),
|
|
83
|
+
})
|
|
84
|
+
async createContentType(args: {
|
|
85
|
+
name: string;
|
|
86
|
+
schema: Record<string, unknown>;
|
|
87
|
+
}) {
|
|
88
|
+
return await this.contentTypeService.create(args as any);
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
@McpPermission('contenttype', Action.UPDATE)
|
|
92
|
+
@ToolGuards([McpPermissionGuard])
|
|
93
|
+
@Tool({
|
|
94
|
+
name: 'hexabot_content_type_update',
|
|
95
|
+
description: 'Update a CMS content type.',
|
|
96
|
+
parameters: z.object({
|
|
97
|
+
id: uuidSchema,
|
|
98
|
+
name: z.string().min(1).optional(),
|
|
99
|
+
schema: jsonObjectSchema.optional(),
|
|
100
|
+
}),
|
|
101
|
+
})
|
|
102
|
+
async updateContentType(args: { id: string } & Record<string, unknown>) {
|
|
103
|
+
const { id, ...updates } = args;
|
|
104
|
+
|
|
105
|
+
return await this.contentTypeService.updateOne(id, updates as any);
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
@McpPermission('content', Action.READ)
|
|
109
|
+
@ToolGuards([McpPermissionGuard])
|
|
110
|
+
@Tool({
|
|
111
|
+
name: 'hexabot_content_search',
|
|
112
|
+
description: 'Search CMS content records.',
|
|
113
|
+
parameters: z.object({
|
|
114
|
+
query: z.string().optional(),
|
|
115
|
+
contentTypeId: uuidSchema.optional(),
|
|
116
|
+
status: z.boolean().optional(),
|
|
117
|
+
...paginationSchema,
|
|
118
|
+
}),
|
|
119
|
+
})
|
|
120
|
+
async searchContent(
|
|
121
|
+
args: {
|
|
122
|
+
query?: string;
|
|
123
|
+
contentTypeId?: string;
|
|
124
|
+
status?: boolean;
|
|
125
|
+
} & PaginationArgs,
|
|
126
|
+
) {
|
|
127
|
+
if (args.query) {
|
|
128
|
+
return {
|
|
129
|
+
items: await this.contentService.textSearch(args.query, {
|
|
130
|
+
status: args.status,
|
|
131
|
+
contentTypeId: args.contentTypeId,
|
|
132
|
+
limit: args.limit,
|
|
133
|
+
}),
|
|
134
|
+
limit: args.limit,
|
|
135
|
+
skip: 0,
|
|
136
|
+
};
|
|
137
|
+
}
|
|
138
|
+
|
|
139
|
+
const where = {
|
|
140
|
+
...(args.contentTypeId
|
|
141
|
+
? { contentType: { id: args.contentTypeId } }
|
|
142
|
+
: {}),
|
|
143
|
+
...(args.status !== undefined ? { status: args.status } : {}),
|
|
144
|
+
} as any;
|
|
145
|
+
|
|
146
|
+
return await this.listWithCount(
|
|
147
|
+
this.contentService,
|
|
148
|
+
this.findOptions<ContentOrmEntity>(args, where),
|
|
149
|
+
);
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
@McpPermission('content', Action.READ)
|
|
153
|
+
@ToolGuards([McpPermissionGuard])
|
|
154
|
+
@Tool({
|
|
155
|
+
name: 'hexabot_content_get',
|
|
156
|
+
description: 'Read one CMS content record.',
|
|
157
|
+
parameters: z.object({
|
|
158
|
+
id: uuidSchema,
|
|
159
|
+
}),
|
|
160
|
+
})
|
|
161
|
+
async getContent(args: { id: string }) {
|
|
162
|
+
const content = await this.contentService.findOneAndPopulate(args.id);
|
|
163
|
+
if (!content) {
|
|
164
|
+
throw new NotFoundException(`Content ${args.id} not found`);
|
|
165
|
+
}
|
|
166
|
+
|
|
167
|
+
return content;
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
@McpPermission('content', Action.CREATE)
|
|
171
|
+
@ToolGuards([McpPermissionGuard])
|
|
172
|
+
@Tool({
|
|
173
|
+
name: 'hexabot_content_create',
|
|
174
|
+
description: 'Create a CMS content record.',
|
|
175
|
+
parameters: z.object({
|
|
176
|
+
contentType: uuidSchema,
|
|
177
|
+
title: z.string().min(1),
|
|
178
|
+
status: z.boolean().optional(),
|
|
179
|
+
properties: jsonObjectSchema.optional(),
|
|
180
|
+
}),
|
|
181
|
+
})
|
|
182
|
+
async createContent(args: {
|
|
183
|
+
contentType: string;
|
|
184
|
+
title: string;
|
|
185
|
+
status?: boolean;
|
|
186
|
+
properties?: Record<string, unknown>;
|
|
187
|
+
}) {
|
|
188
|
+
return await this.contentService.create(args as any);
|
|
189
|
+
}
|
|
190
|
+
|
|
191
|
+
@McpPermission('content', Action.UPDATE)
|
|
192
|
+
@ToolGuards([McpPermissionGuard])
|
|
193
|
+
@Tool({
|
|
194
|
+
name: 'hexabot_content_update',
|
|
195
|
+
description: 'Update a CMS content record.',
|
|
196
|
+
parameters: z.object({
|
|
197
|
+
id: uuidSchema,
|
|
198
|
+
contentType: uuidSchema.optional(),
|
|
199
|
+
title: z.string().min(1).optional(),
|
|
200
|
+
status: z.boolean().optional(),
|
|
201
|
+
properties: jsonObjectSchema.optional(),
|
|
202
|
+
}),
|
|
203
|
+
})
|
|
204
|
+
async updateContent(args: { id: string } & Record<string, unknown>) {
|
|
205
|
+
const { id, ...updates } = args;
|
|
206
|
+
|
|
207
|
+
return await this.contentService.updateOne(id, updates as any);
|
|
208
|
+
}
|
|
209
|
+
|
|
210
|
+
@McpPermission('content', Action.READ)
|
|
211
|
+
@ToolGuards([McpPermissionGuard])
|
|
212
|
+
@Tool({
|
|
213
|
+
name: 'hexabot_rag_content_search',
|
|
214
|
+
description: 'Search indexed CMS content through Hexabot RAG retrieval.',
|
|
215
|
+
parameters: z.object({
|
|
216
|
+
query: z.string().min(1),
|
|
217
|
+
mode: z.enum(['embedding', 'lexical']).optional(),
|
|
218
|
+
limit: z.number().int().min(1).max(50).default(10),
|
|
219
|
+
contentTypeId: uuidSchema.optional(),
|
|
220
|
+
includeInactive: z.boolean().optional(),
|
|
221
|
+
}),
|
|
222
|
+
})
|
|
223
|
+
async searchRagContent(args: {
|
|
224
|
+
query: string;
|
|
225
|
+
mode?: 'embedding' | 'lexical';
|
|
226
|
+
limit: number;
|
|
227
|
+
contentTypeId?: string;
|
|
228
|
+
includeInactive?: boolean;
|
|
229
|
+
}) {
|
|
230
|
+
return {
|
|
231
|
+
items: await this.contentService.retrieve(args.query, {
|
|
232
|
+
mode: args.mode,
|
|
233
|
+
limit: args.limit,
|
|
234
|
+
contentTypeId: args.contentTypeId,
|
|
235
|
+
includeInactive: args.includeInactive,
|
|
236
|
+
}),
|
|
237
|
+
};
|
|
238
|
+
}
|
|
239
|
+
}
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Hexabot — Fair Core License (FCL-1.0-ALv2)
|
|
3
|
+
* Copyright (c) 2026 Hexastack.
|
|
4
|
+
* Full terms: see LICENSE.md.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
import { Action } from '@hexabot-ai/types';
|
|
8
|
+
import { Injectable, NotFoundException } from '@nestjs/common';
|
|
9
|
+
import { Tool, ToolGuards } from '@rekog/mcp-nest';
|
|
10
|
+
import { z } from 'zod';
|
|
11
|
+
|
|
12
|
+
import { CredentialService } from '@/user/services/credential.service';
|
|
13
|
+
|
|
14
|
+
import { McpPermission } from '../decorators/mcp-permission.decorator';
|
|
15
|
+
import { McpPermissionGuard } from '../guards/mcp-permission.guard';
|
|
16
|
+
|
|
17
|
+
import { HexabotMcpToolBase } from './hexabot-mcp-tool.base';
|
|
18
|
+
import {
|
|
19
|
+
PaginationArgs,
|
|
20
|
+
paginationSchema,
|
|
21
|
+
uuidSchema,
|
|
22
|
+
} from './hexabot-mcp.schemas';
|
|
23
|
+
import { sanitizeCredential } from './hexabot-mcp.utils';
|
|
24
|
+
|
|
25
|
+
@Injectable()
|
|
26
|
+
export class HexabotCredentialMcpTools extends HexabotMcpToolBase {
|
|
27
|
+
constructor(private readonly credentialService: CredentialService) {
|
|
28
|
+
super();
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
@McpPermission('credential', Action.READ)
|
|
32
|
+
@ToolGuards([McpPermissionGuard])
|
|
33
|
+
@Tool({
|
|
34
|
+
name: 'hexabot_credential_search',
|
|
35
|
+
description:
|
|
36
|
+
'Search credentials by metadata only. Secret credential values are never returned.',
|
|
37
|
+
parameters: z.object({
|
|
38
|
+
query: z.string().optional(),
|
|
39
|
+
ownerId: uuidSchema.optional(),
|
|
40
|
+
...paginationSchema,
|
|
41
|
+
}),
|
|
42
|
+
})
|
|
43
|
+
async searchCredentials(
|
|
44
|
+
args: { query?: string; ownerId?: string } & PaginationArgs,
|
|
45
|
+
) {
|
|
46
|
+
const where = {
|
|
47
|
+
...(args.ownerId ? { owner: { id: args.ownerId } } : {}),
|
|
48
|
+
...(args.query ? { name: this.contains(args.query) } : {}),
|
|
49
|
+
} as any;
|
|
50
|
+
const result = await this.listWithCount(
|
|
51
|
+
this.credentialService,
|
|
52
|
+
this.findOptions(args, where),
|
|
53
|
+
);
|
|
54
|
+
|
|
55
|
+
return {
|
|
56
|
+
...result,
|
|
57
|
+
items: result.items.map((credential) =>
|
|
58
|
+
sanitizeCredential(credential as Record<string, unknown>),
|
|
59
|
+
),
|
|
60
|
+
};
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
@McpPermission('credential', Action.READ)
|
|
64
|
+
@ToolGuards([McpPermissionGuard])
|
|
65
|
+
@Tool({
|
|
66
|
+
name: 'hexabot_credential_get',
|
|
67
|
+
description:
|
|
68
|
+
'Read credential metadata. Secret credential values are never returned.',
|
|
69
|
+
parameters: z.object({
|
|
70
|
+
id: uuidSchema,
|
|
71
|
+
}),
|
|
72
|
+
})
|
|
73
|
+
async getCredential(args: { id: string }) {
|
|
74
|
+
const credential = await this.credentialService.findOneAndPopulate(args.id);
|
|
75
|
+
if (!credential) {
|
|
76
|
+
throw new NotFoundException(`Credential ${args.id} not found`);
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
return sanitizeCredential(credential as Record<string, unknown>);
|
|
80
|
+
}
|
|
81
|
+
}
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Hexabot — Fair Core License (FCL-1.0-ALv2)
|
|
3
|
+
* Copyright (c) 2026 Hexastack.
|
|
4
|
+
* Full terms: see LICENSE.md.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
import type { User } from '@hexabot-ai/types';
|
|
8
|
+
import { UnauthorizedException } from '@nestjs/common';
|
|
9
|
+
import { FindManyOptions, Like } from 'typeorm';
|
|
10
|
+
|
|
11
|
+
import { HexabotMcpRequest } from '../types';
|
|
12
|
+
|
|
13
|
+
import { PaginationArgs } from './hexabot-mcp.schemas';
|
|
14
|
+
|
|
15
|
+
export abstract class HexabotMcpToolBase {
|
|
16
|
+
protected findOptions<Entity>(
|
|
17
|
+
args: PaginationArgs,
|
|
18
|
+
where: FindManyOptions<Entity>['where'],
|
|
19
|
+
): FindManyOptions<Entity> {
|
|
20
|
+
return {
|
|
21
|
+
where,
|
|
22
|
+
take: args.limit,
|
|
23
|
+
skip: args.skip,
|
|
24
|
+
order: { [args.sortBy]: args.sortDirection } as any,
|
|
25
|
+
};
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
protected async listWithCount<Entity>(
|
|
29
|
+
service: {
|
|
30
|
+
findAndPopulate(options?: FindManyOptions<Entity>): Promise<unknown[]>;
|
|
31
|
+
count(options?: FindManyOptions<Entity>): Promise<number>;
|
|
32
|
+
},
|
|
33
|
+
options: FindManyOptions<Entity>,
|
|
34
|
+
) {
|
|
35
|
+
const [items, total] = await Promise.all([
|
|
36
|
+
service.findAndPopulate(options),
|
|
37
|
+
service.count({ where: options.where }),
|
|
38
|
+
]);
|
|
39
|
+
|
|
40
|
+
return {
|
|
41
|
+
items,
|
|
42
|
+
total,
|
|
43
|
+
limit: options.take,
|
|
44
|
+
skip: options.skip,
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
protected contains(value: string) {
|
|
49
|
+
return Like(`%${value}%`);
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
protected resolveRelationId(
|
|
53
|
+
relation: string | { id?: string | null } | null | undefined,
|
|
54
|
+
): string | null {
|
|
55
|
+
if (typeof relation === 'string') {
|
|
56
|
+
return relation;
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
return relation?.id ?? null;
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
protected getActor(request?: HexabotMcpRequest): User {
|
|
63
|
+
const actor = request?.hexabotUser ?? request?.user;
|
|
64
|
+
if (!actor?.id) {
|
|
65
|
+
throw new UnauthorizedException('MCP Hexabot user is required');
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
return actor as User;
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
protected getActorId(request?: HexabotMcpRequest): string {
|
|
72
|
+
return this.getActor(request).id;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Hexabot — Fair Core License (FCL-1.0-ALv2)
|
|
3
|
+
* Copyright (c) 2026 Hexastack.
|
|
4
|
+
* Full terms: see LICENSE.md.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
import { z } from 'zod';
|
|
8
|
+
|
|
9
|
+
import {
|
|
10
|
+
DirectionType,
|
|
11
|
+
McpServerTransport,
|
|
12
|
+
WorkflowType,
|
|
13
|
+
} from '@/workflow/types';
|
|
14
|
+
|
|
15
|
+
export const uuidSchema = z.string().uuid();
|
|
16
|
+
|
|
17
|
+
export const jsonObjectSchema = z.record(z.string(), z.unknown());
|
|
18
|
+
|
|
19
|
+
export const paginationSchema = {
|
|
20
|
+
limit: z.number().int().min(1).max(100).default(20),
|
|
21
|
+
skip: z.number().int().min(0).default(0),
|
|
22
|
+
sortBy: z.string().default('createdAt'),
|
|
23
|
+
sortDirection: z.enum(['ASC', 'DESC']).default('DESC'),
|
|
24
|
+
};
|
|
25
|
+
|
|
26
|
+
export const workflowPayloadSchema = {
|
|
27
|
+
name: z.string().min(1).optional(),
|
|
28
|
+
description: z.string().optional(),
|
|
29
|
+
type: z.enum(WorkflowType).optional(),
|
|
30
|
+
schedule: z.string().nullable().optional(),
|
|
31
|
+
inputSchema: jsonObjectSchema.optional(),
|
|
32
|
+
builtin: z.boolean().optional(),
|
|
33
|
+
x: z.number().optional(),
|
|
34
|
+
y: z.number().optional(),
|
|
35
|
+
zoom: z.number().optional(),
|
|
36
|
+
direction: z.enum(DirectionType).optional(),
|
|
37
|
+
};
|
|
38
|
+
|
|
39
|
+
export const mcpServerPayloadSchema = {
|
|
40
|
+
name: z.string().min(1).optional(),
|
|
41
|
+
enabled: z.boolean().optional(),
|
|
42
|
+
transport: z.enum(McpServerTransport).optional(),
|
|
43
|
+
url: z.string().nullable().optional(),
|
|
44
|
+
command: z.string().nullable().optional(),
|
|
45
|
+
args: z.array(z.string()).nullable().optional(),
|
|
46
|
+
cwd: z.string().nullable().optional(),
|
|
47
|
+
credential: uuidSchema.nullable().optional(),
|
|
48
|
+
};
|
|
49
|
+
|
|
50
|
+
export type PaginationArgs = {
|
|
51
|
+
limit: number;
|
|
52
|
+
skip: number;
|
|
53
|
+
sortBy: string;
|
|
54
|
+
sortDirection: 'ASC' | 'DESC';
|
|
55
|
+
};
|