This is an automated email from the ASF dual-hosted git repository. yuqi1129 pushed a commit to branch feat/mcp-governance-task3-6 in repository https://gitbox.apache.org/repos/asf/gravitino.git
commit 8befd997c277b412ac39e5c7dc06da4750a7fdcd Author: yuqi <[email protected]> AuthorDate: Wed Jun 10 20:23:46 2026 +0800 [#11567] feat(mcp-server): enable tag write tools protected by Gravitino authorization Remove mcp.disable() call that hid create_tag/alter_tag/delete_tag. Write operations are now exposed and enforced by Gravitino authz — a principal without the required grant receives an explicit denial, which is a stronger governance story than tool-level hiding. Update test to assert the three write tools are present in the tool list. --- mcp-server/mcp_server/tools/tag.py | 5 ----- mcp-server/tests/unit/tools/test_tag.py | 17 ++++++++--------- 2 files changed, 8 insertions(+), 14 deletions(-) diff --git a/mcp-server/mcp_server/tools/tag.py b/mcp-server/mcp_server/tools/tag.py index f6daafa678..9bbf8cec4b 100644 --- a/mcp-server/mcp_server/tools/tag.py +++ b/mcp-server/mcp_server/tools/tag.py @@ -364,8 +364,3 @@ def load_tag_tool(mcp: FastMCP): """ client = ctx.request_context.lifespan_context.rest_client() return await client.as_tag_operation().list_metadata_by_tag(tag_name) - - mcp.disable( - names={"create_tag", "alter_tag", "delete_tag"}, - components={"tool"}, - ) diff --git a/mcp-server/tests/unit/tools/test_tag.py b/mcp-server/tests/unit/tools/test_tag.py index 1bb7046f4c..7353bba032 100644 --- a/mcp-server/tests/unit/tools/test_tag.py +++ b/mcp-server/tests/unit/tools/test_tag.py @@ -99,14 +99,13 @@ class TestTagTool(unittest.TestCase): asyncio.run(_test_disassociate_tag_from_metadata(self.mcp)) - def test_destructive_tag_tools_disabled_by_default(self): - async def _test_destructive_tag_tools_disabled_by_default(mcp_server): - tool_names = {tool.name for tool in await mcp_server.list_tools()} + def test_write_tag_tools_enabled_and_protected_by_authz(self): + """Write tools are exposed; authorization is enforced by Gravitino, not by hiding.""" - self.assertIn("get_tag_by_name", tool_names) - self.assertIn("list_of_tags", tool_names) - self.assertNotIn("create_tag", tool_names) - self.assertNotIn("alter_tag", tool_names) - self.assertNotIn("delete_tag", tool_names) + async def _test(mcp_server): + tool_names = {tool.name for tool in await mcp_server.list_tools()} + self.assertIn("create_tag", tool_names) + self.assertIn("alter_tag", tool_names) + self.assertIn("delete_tag", tool_names) - asyncio.run(_test_destructive_tag_tools_disabled_by_default(self.mcp)) + asyncio.run(_test(self.mcp))
