fix: use dynamic database lookup instead of hardcoded #mongodb-mcp in isSearchSupported #1091
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -29,7 +29,10 @@ export interface ConnectionState { | |
| connectedAtlasCluster?: AtlasClusterConnectionInfo; | ||
| } | ||
|
|
||
| // Fallback database for search index check when no accessible database is found | ||
| const MCP_FALLBACK_TEST_DATABASE = "#mongodb-mcp"; | ||
| // System databases that should be skipped when searching for accessible databases | ||
| const SYSTEM_DATABASES = new Set(["admin", "local", "config", "$external"]); | ||
|
|
||
| export const defaultDriverOptions: ConnectionInfo["driverOptions"] = { | ||
| readConcern: { | ||
|
|
@@ -62,7 +65,10 @@ export class ConnectionStateConnected implements ConnectionState { | |
| // with a cursor otherwise will throw an Error. | ||
| // the Search Index Management Service might not be ready yet, but | ||
| // we assume that the agent can retry in that situation. | ||
| // Try to find an accessible database dynamically instead of using | ||
| // a hardcoded database name that may not exist or be accessible. | ||
| const databaseName = await this.findAccessibleDatabase(); | ||
| await this.serviceProvider.getSearchIndexes(databaseName, "test"); | ||
| this._isSearchSupported = true; | ||
| } catch { | ||
| this._isSearchSupported = false; | ||
|
|
@@ -71,6 +77,27 @@ export class ConnectionStateConnected implements ConnectionState { | |
|
|
||
| return this._isSearchSupported; | ||
| } | ||
|
|
||
| /** | ||
| * Find an accessible database for search index operations. | ||
| * Tries to list databases and find a non-system database that the user can access. | ||
| */ | ||
| private async findAccessibleDatabase(): Promise<string> { | ||
| try { | ||
| // List all databases using the current connection context | ||
| const dbs = (await this.serviceProvider.listDatabases("")).databases as { | ||
| name: string; | ||
| }[]; | ||
| // Find first non-system database | ||
| const accessibleDb = dbs.find((db) => !SYSTEM_DATABASES.has(db.name)); | ||
| if (accessibleDb) { | ||
| return accessibleDb.name; | ||
| } | ||
| } catch { | ||
| // If listing databases fails (e.g., permission issues), fall back to default | ||
| } | ||
| return MCP_FALLBACK_TEST_DATABASE; | ||
|
Comment on lines
+85
to
+99
There was a problem hiding this comment. New behavior (
Author
There was a problem hiding this comment. I agree comprehensive tests would be valuable. However, as I mentioned in the issue comment, setting up a restricted DB user in the test harness would be quite complex since there's no precedent for it in the current test infrastructure. The existing tests cover the fallback behavior through the regular connection flow.\n\nIf test coverage is a blocker for merging, I'd need some guidance on how to approach setting up a restricted user in the test environment. Alternatively, if the maintainers prefer, I can close this PR and the fix can be implemented by someone with more context on the test setup. |
||
| } | ||
|
Comment on lines
+96
to
+100
There was a problem hiding this comment. When
Author
There was a problem hiding this comment. Good point. The fallback to #mongodb-mcp occurs when listDatabases fails due to permissions. In that scenario, the user has database-level (not cluster-level) access, so trying other databases would likely fail too. The fallback to #mongodb-mcp is the best available option since it's a commonly used database name for MCP tools. The primary fix is the dynamic lookup when listDatabases succeeds, which helps users with cluster-level access. The fallback case is an edge case where we don't have good alternatives. |
||
| } | ||
|
|
||
| export interface ConnectionStateConnecting extends ConnectionState { | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
findAccessibleDatabase()selects the first non-system DB name fromlistDatabases(), but that does not guarantee the user can actually access/read that database (a role may havelistDatabaseson the cluster but privileges only on specific DBs). This can lead to false negatives inisSearchSupported()ifgetSearchIndexes()is attempted against an unauthorized DB. Consider iterating candidate DBs and picking one that is actually usable (e.g., trylistCollections/a lightweight read or directly attemptgetSearchIndexesand continue on auth errors).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the review. The suggestion to verify actual accessibility by trying listCollections or getSearchIndexes is valid, but implementing it would significantly expand the PR scope.
The current approach is a reasonable first step: it uses listDatabases which is already permitted for users who can call it, and filters out system databases. If listDatabases succeeds, the user has cluster-level access and any non-system database is likely accessible.
The fallback to #mongodb-mcp only triggers when listDatabases fails (permission denied), which means the user lacks cluster-level privileges. In that case, trying multiple databases would likely all fail with auth errors anyway.
If you'd prefer the more thorough approach, I can explore it as a follow-up, but it would be a larger change.