Skip to main content

Cli

mcp_server_sqlite::cli

Struct Cli 

Source 
pub struct Cli {
    pub database: String,
    pub init_sql: Vec<PathBuf>,
    pub preset: Preset,
    pub allow: Vec<AccessControlSelector>,
    pub deny: Vec<AccessControlSelector>,
    pub timeout_ms: Option<u64>,
}
Expand description

An MCP server that exposes a SQLite database over MCP (Model Context Protocol), with fine-grained access control for every SQL operation SQLite can perform.

Access control is built on a preset system layered with explicit overrides. Start by choosing a –preset (defaults to read-only), then refine with –allow and –deny flags:

  • Read all column reads
  • Read(Students) reads on the Students table
  • Read(*.ssn) reads on any ssn column
  • Function(count) the count() SQL function

More specific selectors (more pinned fields) override less specific ones. When allow and deny conflict at the same specificity, deny wins.

Fields§

§database: String

The SQLite database URI. Defaults to a shared in-memory database. Use a file URI for persistence (e.g. file:./app.db). Query parameters like ?mode=ro and ?cache=shared are supported.

§init_sql: Vec<PathBuf>

Paths to SQL files executed once when creating a new database. Skipped entirely if the database file already exists. Use this to set up schemas and seed data on first run. May be specified multiple times on the CLI or as a comma-separated list in the environment variable.

§preset: Preset

The baseline permission preset that determines which SQL operations are allowed or denied before any –allow / –deny overrides are applied.

§allow: Vec<AccessControlSelector>

Allow a specific SQL operation. Accepts a selector in the form Action or Action(field1.field2) where * is a wildcard. More specific rules override less specific ones. May be specified multiple times on the CLI or as a comma-separated list in the environment variable.

§deny: Vec<AccessControlSelector>

Deny a specific SQL operation. Same selector syntax as –allow. When an allow and deny rule match at the same specificity level, deny wins. May be specified multiple times on the CLI or as a comma-separated list in the environment variable.

§timeout_ms: Option<u64>

Maximum time in milliseconds that any single SQL operation is allowed to run before being interrupted. When set, a progress handler is installed on each connection that aborts queries exceeding this duration. Omit for no timeout.

Trait Implementations§

Source§

impl Args for Cli

Source§

fn group_id() -> Option<Id>

Report the ArgGroup::id for this set of arguments
Source§

fn augment_args<'b>(__clap_app: Command) -> Command

Append to Command so it can instantiate Self via FromArgMatches::from_arg_matches_mut Read more
Source§

fn augment_args_for_update<'b>(__clap_app: Command) -> Command

Append to Command so it can instantiate self via FromArgMatches::update_from_arg_matches_mut Read more
Source§

impl CommandFactory for Cli

Source§

fn command<'b>() -> Command

Build a Command that can instantiate Self. Read more
Source§

fn command_for_update<'b>() -> Command

Build a Command that can update self. Read more
Source§

impl FromArgMatches for Cli

Source§

fn from_arg_matches(__clap_arg_matches: &ArgMatches) -> Result<Self, Error>

Instantiate Self from ArgMatches, parsing the arguments as needed. Read more
Source§

fn from_arg_matches_mut( __clap_arg_matches: &mut ArgMatches, ) -> Result<Self, Error>

Instantiate Self from ArgMatches, parsing the arguments as needed. Read more
Source§

fn update_from_arg_matches( &mut self, __clap_arg_matches: &ArgMatches, ) -> Result<(), Error>

Assign values from ArgMatches to self.
Source§

fn update_from_arg_matches_mut( &mut self, __clap_arg_matches: &mut ArgMatches, ) -> Result<(), Error>

Assign values from ArgMatches to self.
Source§

impl Parser for Cli

Source§

fn parse() -> Self

Parse from std::env::args_os(), exit on error.
Source§

fn try_parse() -> Result<Self, Error>

Parse from std::env::args_os(), return Err on error.
Source§

fn parse_from<I, T>(itr: I) -> Self
where I: IntoIterator<Item = T>, T: Into<OsString> + Clone,

Parse from iterator, exit on error.
Source§

fn try_parse_from<I, T>(itr: I) -> Result<Self, Error>
where I: IntoIterator<Item = T>, T: Into<OsString> + Clone,

Parse from iterator, return Err on error.
Source§

fn update_from<I, T>(&mut self, itr: I)
where I: IntoIterator<Item = T>, T: Into<OsString> + Clone,

Update from iterator, exit on error. Read more
Source§

fn try_update_from<I, T>(&mut self, itr: I) -> Result<(), Error>
where I: IntoIterator<Item = T>, T: Into<OsString> + Clone,

Update from iterator, return Err on error.

Auto Trait Implementations§

§

impl Freeze for Cli

§

impl RefUnwindSafe for Cli

§

impl Send for Cli

§

impl Sync for Cli

§

impl Unpin for Cli

§

impl UnsafeUnpin for Cli

§

impl UnwindSafe for Cli

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more