pub trait RootDefinition:
HasRootMetadata
+ HasRootPermissions
+ HasRootFiltering
+ HasRootAnnotations {
// Provided methods
fn to_root(&self) -> Root { ... }
fn validate(&self) -> Result<(), String> { ... }
}Expand description
Complete MCP Root Creation - Build secure file system access boundaries.
This trait represents a complete, working MCP root that defines secure access
boundaries for file system operations with permissions, filtering, and metadata.
When you implement the required metadata traits, you automatically get
RootDefinition for free via blanket implementation.
§What You’re Building
A root is a secure file system boundary that:
- Defines accessible file system paths for clients
- Enforces security permissions and access control
- Filters files and directories based on rules
- Provides metadata annotations for client context
§How to Create a Root
Implement these four traits on your struct:
// This struct will automatically implement RootDefinition!
struct ProjectRoot {
base_path: String,
project_name: String,
}
impl HasRootMetadata for ProjectRoot {
fn uri(&self) -> &str {
&self.base_path
}
fn name(&self) -> Option<&str> {
Some(&self.project_name)
}
}
impl HasRootPermissions for ProjectRoot {
fn can_read(&self, _path: &str) -> bool {
true // Allow reading all files in project
}
fn can_write(&self, path: &str) -> bool {
// Only allow writing to src/ and tests/ directories
path.contains("/src/") || path.contains("/tests/")
}
fn max_depth(&self) -> Option<usize> {
Some(10) // Limit depth to prevent infinite recursion
}
}
impl HasRootFiltering for ProjectRoot {
fn excluded_patterns(&self) -> Option<&[String]> {
static PATTERNS: &[String] = &[];
None // Use default filtering
}
fn should_include(&self, path: &str) -> bool {
// Exclude hidden files and build artifacts
!path.contains("/.") && !path.contains("/target/")
}
}
impl HasRootAnnotations for ProjectRoot {
fn annotations(&self) -> Option<&HashMap<String, Value>> {
// Static annotations for this example
None
}
}
// Now you can use it with the server:
let root = ProjectRoot {
base_path: "file:///workspace/my-project".to_string(),
project_name: "My Rust Project".to_string(),
};
// The root automatically implements RootDefinition
let protocol_root = root.to_root();
let validation_result = root.validate();§Key Benefits
- Security: Fine-grained access control for file operations
- Filtering: Automatic exclusion of unwanted files/directories
- Metadata: Rich annotations for client context
- MCP Compliant: Fully compatible with MCP 2025-06-18 specification
§Common Use Cases
- Project workspace boundaries
- Secure document repositories
- Code review access control
- Filtered file system views
- Multi-tenant file access