Entity level check if MCP Tool is enabled #3084
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Author
|
/azp run |
|
Azure Pipelines successfully started running 6 pipeline(s). |
souvikghosh04
requested review from
Alekhya-Polavarapu,
Aniruddh25,
RubenCerna2079,
aaronburtle,
anushakolan,
neeraj-sharma2592,
rusamant,
sourabh1007 and
vadeveka
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR wires entity-level MCP configuration into the MCP tools so that both global runtime and per-entity flags are honored when deciding if a tool is enabled. It also introduces tests to validate behavior for enabled/disabled states, missing MCP config, and custom tools under hot-reload scenarios.
Changes:
- Added
DmlToolEnabledchecks to all DML MCP tools (read_records,create_record,update_record,delete_record,execute_entity) so they return aToolDisablederror when disabled at the entity level. - Added a
CustomToolEnabledruntime check inDynamicCustomToolto ensure stored-proc tools are disabled when entity-level config turns them off, even after hot reload. - Extended MCP error helper to support custom tool-disabled messages and added a dedicated test suite validating entity-level MCP behavior across DML and custom tools.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| src/Service.Tests/Mcp/EntityLevelDmlToolConfigurationTests.cs | New MSTest suite validating entity-level Mcp.DmlToolEnabled and Mcp.CustomToolEnabled handling across DML tools and dynamic custom tools, including disabled entities, enabled/default cases, and missing MCP config. |
| src/Azure.DataApiBuilder.Mcp/Utils/McpErrorHelpers.cs | Extends ToolDisabled helper with an optional custom message parameter to support more specific error messages while preserving existing call sites. |
| src/Azure.DataApiBuilder.Mcp/Core/DynamicCustomTool.cs | Adds a runtime check against entityConfig.Mcp.CustomToolEnabled before metadata/authorization, returning a ToolDisabled error when the custom tool is disabled in the current config. |
| src/Azure.DataApiBuilder.Mcp/BuiltInTools/UpdateRecordTool.cs | After parsing entity/keys/fields, adds an entity-level DmlToolEnabled check that returns ToolDisabled when the entity’s DML tools are disabled. |
| src/Azure.DataApiBuilder.Mcp/BuiltInTools/ReadRecordsTool.cs | After parsing the entity argument, adds an entity-level DmlToolEnabled check to gate the read_records tool per entity. |
| src/Azure.DataApiBuilder.Mcp/BuiltInTools/ExecuteEntityTool.cs | Adds an early entity-level DmlToolEnabled check and hardens entity lookup against config.Entities being null before resolving metadata and executing. |
| src/Azure.DataApiBuilder.Mcp/BuiltInTools/DeleteRecordTool.cs | Adds an entity-level DmlToolEnabled check after parsing entity/keys to prevent deletes when the entity’s DML tools are disabled. |
| src/Azure.DataApiBuilder.Mcp/BuiltInTools/CreateRecordTool.cs | Adds an entity-level DmlToolEnabled check after parsing entity/data so create operations respect per-entity MCP configuration. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
souvikghosh04
changed the title
anushakolan
reviewed
Jan 28, 2026
anushakolan
requested changes
Jan 28, 2026
Contributor
anushakolan
left a comment
anushakolan
left a comment
There was a problem hiding this comment.
The tests code can be refactored to reduce duplicate logic, apart from that rest LGTM. Will re-review once the test code is refactored.
github-project-automation
bot
moved this from In Progress
to Review In Progress
in Data API builder
Aniruddh25
reviewed
Jan 29, 2026
Aniruddh25
reviewed
Jan 29, 2026
Aniruddh25
requested changes
Jan 29, 2026
Collaborator
Aniruddh25
left a comment
Aniruddh25
left a comment
There was a problem hiding this comment.
Waiting on answering if entity level check truly overrides runtime section settings even in case when runtime section is disabled for a particular tool, but the entity level setting is enabled for dml tools.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Why make this change?
The entity-level MCP configuration (
Entity.Mcp.DmlToolEnabledorEntity.Mcp.CustomToolEnabled) can override runtime-level settings.DmlToolEnableddefaults to true when unspecified, whileCustomToolEnableddefaults to false.However, this entity-level configuration was not being checked by the MCP tools when they execute. The tools only checked the runtime-level configuration (e.g.
RuntimeConfig.McpDmlTools.ReadRecords, etc.).This change addresses this gap for both built-in/DML tools and custom tools by adding entity-level validation before tool execution.
What is this change?
entity.Mcp.DmlToolEnabledand return aToolDisablederror when disabled at the entity level.entity.Mcp.CustomToolEnabledand return aToolDisablederrorHow was this tested?
Sample Request(s)
Not applicable since it's a config level change and have been tested based on config settings.