feat: harden API safety and expand command docs with full test coverage

2026-03-01 16:04:24 -08:00 · 2026-02-15 22:15:51 -05:00
parent d791c6b6b7
commit abb7915672
60 changed files with 7122 additions and 1247 deletions
--- a/unraid_mcp/tools/keys.py
+++ b/unraid_mcp/tools/keys.py
@@ -47,7 +47,11 @@ MUTATIONS: dict[str, str] = {
 DESTRUCTIVE_ACTIONS = {"delete"}

 KEY_ACTIONS = Literal[
-    "list", "get", "create", "update", "delete",
+    "list",
+    "get",
+    "create",
+    "update",
+    "delete",
 ]


@@ -101,9 +105,7 @@ def register_keys_tool(mcp: FastMCP) -> None:
                    input_data["roles"] = roles
                if permissions:
                    input_data["permissions"] = permissions
-                data = await make_graphql_request(
-                    MUTATIONS["create"], {"input": input_data}
-                )
+                data = await make_graphql_request(MUTATIONS["create"], {"input": input_data})
                return {
                    "success": True,
                    "key": data.get("createApiKey", {}),
@@ -117,9 +119,7 @@ def register_keys_tool(mcp: FastMCP) -> None:
                    input_data["name"] = name
                if roles:
                    input_data["roles"] = roles
-                data = await make_graphql_request(
-                    MUTATIONS["update"], {"input": input_data}
-                )
+                data = await make_graphql_request(MUTATIONS["update"], {"input": input_data})
                return {
                    "success": True,
                    "key": data.get("updateApiKey", {}),
@@ -128,12 +128,12 @@ def register_keys_tool(mcp: FastMCP) -> None:
            if action == "delete":
                if not key_id:
                    raise ToolError("key_id is required for 'delete' action")
-                data = await make_graphql_request(
-                    MUTATIONS["delete"], {"input": {"ids": [key_id]}}
-                )
+                data = await make_graphql_request(MUTATIONS["delete"], {"input": {"ids": [key_id]}})
                result = data.get("deleteApiKeys")
                if not result:
-                    raise ToolError(f"Failed to delete API key '{key_id}': no confirmation from server")
+                    raise ToolError(
+                        f"Failed to delete API key '{key_id}': no confirmation from server"
+                    )
                return {
                    "success": True,
                    "message": f"API key '{key_id}' deleted",