core/php-mcp
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
13 commits 2 branches 0 tags 361 KiB
Commit graph

6 commits

Author SHA1 Message Date
Snider
7e881f6565 test(mcp): add comprehensive Quota System tests (P2-016) 
Add extensive Pest tests for the MCP quota system covering:
- Usage recording and tracking (tool calls, tokens)
- Quota enforcement per tier (free, starter, pro, business, enterprise)
- Token quota enforcement independently of tool calls
- Detailed quota check responses with reasons
- Remaining quota calculation
- Quota reset and monthly period management
- Usage history retrieval
- Quota HTTP headers (X-MCP-Quota-*)
- Quota limits retrieval and caching
- CheckMcpQuota middleware (429 responses, headers injection)
- Workspace-scoped quotas (isolation, independent limits)
- McpUsageQuota model (scopes, accessors, static methods)
- Edge cases (concurrent requests, cache invalidation, month boundaries)
- Cache management (performance caching, invalidation)

Replaces basic test coverage with ~100 test cases for thorough validation.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:48:21 +00:00
Snider
64ce1ee324 test(mcp): add comprehensive Tool Analytics tests (P2-015) 
Add Pest tests for ToolAnalyticsService covering:
- Usage tracking (recording successful/failed executions)
- ToolStats DTO calculations and formatting
- Error rate calculations
- Daily trend aggregation
- Reporting functions (popular tools, error-prone tools, workspace stats)
- Tool combination tracking within sessions
- Date range filtering
- ToolMetric model methods and scopes

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:44:32 +00:00
Snider
ac7fe0ea7a test(mcp): add comprehensive Workspace Context tests (P2-014) 
Add extensive Pest tests for workspace context security covering:
- WorkspaceContext resolution from headers and authentication
- Automatic workspace scoping for queries
- MissingWorkspaceContextException handling
- Workspace boundary enforcement
- Cross-workspace data isolation and query prevention
- Context injection via middleware
- Edge cases including concurrent contexts and request isolation

Also update Pest.php to include src/Mcp/Tests/Unit directory.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:39:24 +00:00
Snider
41b8568d5c test(mcp): add comprehensive SQL Query Validator tests (P2-013) 
Add Pest tests for SqlQueryValidator covering:
- Allowed SELECT statements with WHERE, ORDER BY, LIMIT
- Blocked data modification (INSERT, UPDATE, DELETE, TRUNCATE)
- Blocked schema changes (DROP, ALTER, CREATE, RENAME)
- Blocked permissions/admin (GRANT, REVOKE, FLUSH, KILL, SET)
- Blocked execution (EXECUTE, PREPARE, CALL, DEALLOCATE)
- Blocked file operations (INTO OUTFILE/DUMPFILE, LOAD_FILE/DATA)
- SQL injection prevention: UNION attacks, stacked queries,
  time-based (SLEEP/BENCHMARK), encoding (hex/CHAR), subqueries,
  system table access, comment obfuscation
- Query structure validation and whitelist configuration
- Exception details and edge cases

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:38:40 +00:00
Snider
e536e4586f feat(mcp): add query security features (P1-007, P1-008, P1-009) 
- P1-007: Tier-based query result size limits with truncation warnings
- P1-008: Per-tier query timeout enforcement (MySQL/PostgreSQL/SQLite)
- P1-009: Comprehensive audit logging for all query attempts

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 13:15:39 +00:00
Snider
afb3dacd98 monorepo sepration 2026-01-26 20:57:41 +00:00