Module: TalkToYourApp::Plugins::Rake

Defined in:

lib/talk_to_your_app/plugins/rake/plugin.rb,
lib/talk_to_your_app/plugins/rake/tools/run.rb

Overview

The Rake plugin runs operator-approved rake tasks over MCP. It is fail-closed and allow-list-only: it refuses to boot without an explicit ‘allowed:` list, and refuses any task not on that list. Because rake tasks can do anything, the allow-list is the security boundary — keep it tight, and prefer read-only/reporting tasks.

config.plugin :rake, allowed: ["stats", "report:generate"]

Defined Under Namespace

Modules: Tools Classes: Plugin

Class Method Summary

• .allowed?(task) ⇒ Boolean
• .allowed_tasks ⇒ Object

Class Method Details

.allowed?(task) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/talk_to_your_app/plugins/rake/plugin.rb', line 23

def allowed?(task)
  allowed_tasks.include?(task.to_s)
end

.allowed_tasks ⇒ Object

# File 'lib/talk_to_your_app/plugins/rake/plugin.rb', line 18

def allowed_tasks
  options = TalkToYourApp.configuration.enabled_plugins[:rake] || {}
  Array(options[:allowed]).map(&:to_s)
end