Class: RosettAi::Mcp::Settings::TrustManager

Inherits:

Object

• Object
• RosettAi::Mcp::Settings::TrustManager

Defined in:

lib/rosett_ai/mcp/settings/trust_manager.rb

Overview

Manages trust sources for MCP server installation.

Trust sources define which domains are approved for MCP server installation. Prevents untrusted servers from being silently added to configuration.

Author:

• hugo

• claude

Constant Summary

CONFIG_DIR =

'.config/rosett-ai/mcp'

USER_TRUST_FILE =

'user_trust.yml'

Instance Method Summary

• #add_trust(domain, description: 'User-trusted domain')

  Adds a user-trusted domain.

• #initialize(config_dir: nil, defaults_path: nil) ⇒ TrustManager constructor

  A new instance of TrustManager.

• #list ⇒ Array<Hash>

  Lists all trusted sources (default + user-added).

• #remove_trust(domain) ⇒ Boolean

  Removes a user-trusted domain.

• #trusted?(domain) ⇒ Boolean

  Checks whether a domain is trusted.

• #validate_uri(uri) ⇒ Hash

  Validates whether a URI originates from a trusted source.

Constructor Details

#initialize(config_dir: nil, defaults_path: nil) ⇒ TrustManager

Returns a new instance of TrustManager.

Parameters:

• config_dir (Pathname, nil) (defaults to: nil) —

  override config directory

• defaults_path (Pathname, nil) (defaults to: nil) —

  override default trust sources file

# File 'lib/rosett_ai/mcp/settings/trust_manager.rb', line 23

def initialize(config_dir: nil, defaults_path: nil)
  @config_dir = config_dir || Pathname.new(Dir.home).join(CONFIG_DIR)
  @defaults_path = defaults_path || RosettAi.root.join('conf', 'mcp', 'trust.yml')
end

Instance Method Details

#add_trust(domain, description: 'User-trusted domain')

This method returns an undefined value.

Adds a user-trusted domain.

Parameters:

• domain (String) —

  domain to trust

• description (String) (defaults to: 'User-trusted domain') —

  optional description

# File 'lib/rosett_ai/mcp/settings/trust_manager.rb', line 64

def add_trust(domain, description: 'User-trusted domain')
  sources = user_sources
  normalized = normalize_domain(domain)
  return if sources.any? { |s| normalize_domain(s[:domain]) == normalized }

  sources << { domain: normalized, type: 'user', description: description }
  write_user_sources(sources)
end

#list ⇒ Array<Hash>

Lists all trusted sources (default + user-added).

Returns:

• (Array<Hash>) —

  trust source entries with :domain, :type, :description

# File 'lib/rosett_ai/mcp/settings/trust_manager.rb', line 31

def list
  default_sources + user_sources
end

#remove_trust(domain) ⇒ Boolean

Removes a user-trusted domain.

Parameters:

• domain (String) —

  domain to remove

Returns:

• (Boolean) —

  true if removed

# File 'lib/rosett_ai/mcp/settings/trust_manager.rb', line 77

def remove_trust(domain) # rubocop:disable Naming/PredicateMethod -- destructive action, not a predicate
  sources = user_sources
  normalized = normalize_domain(domain)
  original_size = sources.size
  sources.reject! { |s| normalize_domain(s[:domain]) == normalized }

  return false if sources.size == original_size

  write_user_sources(sources)
  true
end

#trusted?(domain) ⇒ Boolean

Checks whether a domain is trusted.

Parameters:

• domain (String) —

  domain to check

Returns:

• (Boolean)

# File 'lib/rosett_ai/mcp/settings/trust_manager.rb', line 39

def trusted?(domain)
  normalized = normalize_domain(domain)
  list.any? { |source| normalize_domain(source[:domain]) == normalized }
end

#validate_uri(uri) ⇒ Hash

Validates whether a URI originates from a trusted source.

Parameters:

• uri (String) —

  URI to validate

Returns:

• (Hash) —

  result with :trusted, :domain, :source_type

# File 'lib/rosett_ai/mcp/settings/trust_manager.rb', line 48

def validate_uri(uri)
  domain = extract_domain(uri)
  source = find_source(domain)

  if source
    { trusted: true, domain: domain, source_type: source[:type] }
  else
    { trusted: false, domain: domain, source_type: nil }
  end
end