mcp-server-sqlite 1.0.0

An MCP server for SQLite with fine-grained access control
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188

//! MCP server implementation for SQLite.

use std::sync::Arc;

use rmcp::{
    ServerHandler,
    handler::server::tool::ToolRouter,
    model::{ServerCapabilities, ServerInfo},
    tool_handler,
};

use crate::{
    access_control::AuthorizationResolver,
    tools::{
        backup_tool::BackupTool, create_fts_index_tool::CreateFtsIndexTool,
        database_info_tool::DatabaseInfoTool,
        describe_table_tool::DescribeTableTool, execute_tool::ExecuteTool,
        explain_query_tool::ExplainQueryTool,
        list_foreign_keys_tool::ListForeignKeysTool,
        list_indexes_tool::ListIndexesTool, list_tables_tool::ListTablesTool,
        list_triggers_tool::ListTriggersTool, list_views_tool::ListViewsTool,
        search_fts_tool::SearchFtsTool, vacuum_tool::VacuumTool,
    },
    traits::SqliteServerTool,
};

/// The MCP server instance that handles tool calls against a SQLite database
/// with access control.
pub struct McpServerSqlite {
    /// The connection pool for the SQLite database.
    pool: r2d2::Pool<r2d2_sqlite::SqliteConnectionManager>,
    /// The resolver that evaluates access control rules for each SQL operation.
    /// Wrapped in an `Arc` so it can be moved into the per-query authorizer
    /// closure required by rusqlite.
    authorization_resolver: Arc<AuthorizationResolver>,
    /// Optional query timeout. When `Some`, each connection's progress handler
    /// aborts operations that exceed this duration.
    query_timeout: Option<std::time::Duration>,
    /// The router that dispatches tool calls to their handlers.
    tool_router: ToolRouter<Self>,
}

impl McpServerSqlite {
    /// Creates a new MCP server backed by the given connection pool and access
    /// control resolver.
    pub fn new(
        pool: r2d2::Pool<r2d2_sqlite::SqliteConnectionManager>,
        authorization_resolver: AuthorizationResolver,
        query_timeout: Option<std::time::Duration>,
    ) -> Self {
        let tool_router = Self::tool_router();
        Self {
            pool,
            authorization_resolver: Arc::new(authorization_resolver),
            query_timeout,
            tool_router,
        }
    }

    /// Obtains a pooled connection from the database pool, installs the access
    /// control authorizer, and optionally sets up the query timeout via a
    /// progress handler.
    pub fn connection(
        &self,
    ) -> Result<
        r2d2::PooledConnection<r2d2_sqlite::SqliteConnectionManager>,
        ConnectionError,
    > {
        tracing::debug!("checking out pooled connection");
        let conn = self.pool.get().map_err(|source| {
            tracing::error!(%source, "pool checkout failed");
            ConnectionError::Pool(source)
        })?;
        let resolver = self.authorization_resolver.clone();
        conn.authorizer(Some(move |ctx: rusqlite::hooks::AuthContext<'_>| {
            resolver.authorization(ctx)
        }))
        .map_err(|source| {
            tracing::error!(%source, "failed to install authorizer");
            ConnectionError::Authorizer(source)
        })?;

        if let Some(timeout) = self.query_timeout {
            let deadline = std::time::Instant::now() + timeout;
            conn.progress_handler(
                1000,
                Some(move || std::time::Instant::now() > deadline),
            )
            .map_err(|source| {
                tracing::error!(%source, "failed to install progress handler");
                ConnectionError::ProgressHandler(source)
            })?;
        }

        Ok(conn)
    }

    pub fn tool_router() -> ToolRouter<Self> {
        ToolRouter::<Self>::new()
            .with_route((ExecuteTool::tool(), ExecuteTool::handler_func()))
            .with_route((
                ListTablesTool::tool(),
                ListTablesTool::handler_func(),
            ))
            .with_route((
                DescribeTableTool::tool(),
                DescribeTableTool::handler_func(),
            ))
            .with_route((
                ListIndexesTool::tool(),
                ListIndexesTool::handler_func(),
            ))
            .with_route((
                ListForeignKeysTool::tool(),
                ListForeignKeysTool::handler_func(),
            ))
            .with_route((ListViewsTool::tool(), ListViewsTool::handler_func()))
            .with_route((
                ListTriggersTool::tool(),
                ListTriggersTool::handler_func(),
            ))
            .with_route((
                ExplainQueryTool::tool(),
                ExplainQueryTool::handler_func(),
            ))
            .with_route((BackupTool::tool(), BackupTool::handler_func()))
            .with_route((
                CreateFtsIndexTool::tool(),
                CreateFtsIndexTool::handler_func(),
            ))
            .with_route((SearchFtsTool::tool(), SearchFtsTool::handler_func()))
            .with_route((VacuumTool::tool(), VacuumTool::handler_func()))
            .with_route((
                DatabaseInfoTool::tool(),
                DatabaseInfoTool::handler_func(),
            ))
    }
}

/// Errors that can occur when checking out and configuring a pooled database
/// connection.
#[derive(Debug, thiserror::Error)]
pub enum ConnectionError {
    /// The connection pool failed to provide a connection.
    #[error("pool checkout failed: {0}")]
    Pool(r2d2::Error),
    /// The SQLite authorizer could not be installed.
    #[error("failed to install authorizer: {0}")]
    Authorizer(rusqlite::Error),
    /// The query progress handler could not be installed.
    #[error("failed to install progress handler: {0}")]
    ProgressHandler(rusqlite::Error),
}

#[tool_handler]
impl ServerHandler for McpServerSqlite {
    fn get_info(&self) -> ServerInfo {
        let mut info = ServerInfo::default();
        info.server_info.name = env!("CARGO_PKG_NAME").into();
        info.server_info.version = env!("CARGO_PKG_VERSION").into();
        info.instructions = Some(INSTRUCTIONS.into());
        info.capabilities =
            ServerCapabilities::builder().enable_tools().build();
        info
    }
}

const INSTRUCTIONS: &str = "\
You are connected to an MCP SQLite server with fine-grained access control.

Available tools:
- execute: Run any SQL query (SELECT, INSERT, UPDATE, DELETE, DDL)
- list_tables: Show all tables with their CREATE TABLE schemas
- describe_table: Show columns, types, constraints, and defaults for a table
- list_indexes: Show indexes with columns, uniqueness, and partial predicates
- list_foreign_keys: Show foreign key constraints for a table
- list_views: Show all views with their defining SQL
- list_triggers: Show triggers with event, timing, and SQL
- explain_query: Show the EXPLAIN QUERY PLAN for a SQL statement
- create_fts_index: Create a full-text search index on a table
- search_fts: Search a full-text index with BM25 ranking and snippets
- backup: Back up the database to a file
- vacuum: Reclaim unused space and defragment the database
- database_info: Show database metadata (size, page count, journal mode, etc.)

Start by calling list_tables to discover the schema, then use describe_table \
for details on specific tables. Use explain_query to optimize slow queries. \
All operations respect the server's access control policy.";