7ab16ad7b5
Add Model Context Protocol server exposing Coolify infrastructure data to AI assistants. Includes tools for listing/fetching servers, projects, applications, databases, and services, scoped to authenticated team tokens. - Add CoolifyServer with 10 read-only tools (list/get for all resource types) - Add BuildsResponse and ResolvesTeam traits for shared tool logic - Add EnsureMcpEnabled middleware guarding /mcp routes - Add enable/disable MCP API endpoints (root-only) - Add is_mcp_server_enabled toggle in instance settings and advanced UI - Add migration for is_mcp_server_enabled column - Add feature tests for MCP endpoints and toggle API - Scrub sensitive keys (passwords, tokens, raw IDs) from all responses
35 lines
812 B
PHP
35 lines
812 B
PHP
<?php
|
|
|
|
namespace App\Mcp\Concerns;
|
|
|
|
use Laravel\Mcp\Request;
|
|
use Laravel\Mcp\Response;
|
|
|
|
trait ResolvesTeam
|
|
{
|
|
protected function ensureAbility(Request $request, string $ability = 'read'): ?Response
|
|
{
|
|
$user = $request->user();
|
|
if (! $user) {
|
|
return Response::error('Unauthenticated.');
|
|
}
|
|
|
|
$token = $user->currentAccessToken();
|
|
if (! $token) {
|
|
return Response::error('Invalid token.');
|
|
}
|
|
|
|
if ($token->can('root') || $token->can($ability)) {
|
|
return null;
|
|
}
|
|
|
|
return Response::error("Missing required permissions: {$ability}");
|
|
}
|
|
|
|
protected function resolveTeamId(Request $request): ?int
|
|
{
|
|
$token = $request->user()?->currentAccessToken();
|
|
|
|
return $token?->team_id;
|
|
}
|
|
}
|