Only enable destructive actions if explicitly set

Author: WilliamBZA

src/ServiceControl.AcceptanceTests/Mcp/When_mcp_server_is_enabled.cs

@@ -16,7 +16,7 @@ namespace ServiceControl.AcceptanceTests.Mcp;
 class When_mcp_server_is_enabled : AcceptanceTest
 {
     [SetUp]
-    public void EnableMcp() => SetSettings = s => s.EnableMcpServer = true;
+    public void EnableMcp() => SetSettings = s => s.EnableMcpServerWriteMode = true;
 
     [Test]
     public async Task Should_expose_mcp_endpoint()

src/ServiceControl.AcceptanceTests/Mcp/When_mcp_server_write_mode_is_disabled.cs

@@ -0,0 +1,70 @@
+namespace ServiceControl.AcceptanceTests.Mcp;
+
+using System.Linq;
+using System.Net.Http;
+using System.Text.Json;
+using System.Threading.Tasks;
+using NServiceBus.AcceptanceTesting;
+using NUnit.Framework;
+using ServiceControl.AcceptanceTesting.Mcp;
+
+[TestFixture]
+class When_mcp_server_write_mode_is_disabled : AcceptanceTest
+{
+    [SetUp]
+    public void EnableReadOnlyMcp() => SetSettings = s => s.EnableMcpServer = true;
+
+    [Test]
+    public async Task Should_not_expose_write_tools()
+    {
+        string[] toolNames = null;
+
+        await Define<ScenarioContext>()
+            .Done(async _ =>
+            {
+                var session = await McpAcceptanceTestSupport.InitializeAndGetSessionInfo(HttpClient);
+                if (session == null)
+                {
+                    return false;
+                }
+
+                var response = await McpAcceptanceTestSupport.SendMcpRequest(HttpClient, session, "tools/list", new { });
+                if (response == null || response.StatusCode != System.Net.HttpStatusCode.OK)
+                {
+                    return false;
+                }
+
+                var json = await McpAcceptanceTestSupport.ReadMcpResponseJson(response);
+                var mcpResponse = McpAcceptanceTestSupport.DeserializeListToolsResponse(json);
+                toolNames = mcpResponse.Result.Tools.Cast<JsonElement>()
+                    .Select(t => t.GetProperty("name").GetString())
+                    .ToArray();
+                return true;
+            })
+            .Run();
+
+        Assert.That(toolNames, Is.Not.Null);
+        Assert.That(toolNames, Has.Length.EqualTo(7), "Read-only mode should expose exactly 7 tools");
+
+        Assert.That(toolNames, Does.Contain("get_errors_summary"));
+        Assert.That(toolNames, Does.Contain("get_failed_messages"));
+        Assert.That(toolNames, Does.Contain("get_failed_message_by_id"));
+        Assert.That(toolNames, Does.Contain("get_failed_message_last_attempt"));
+        Assert.That(toolNames, Does.Contain("get_failed_messages_by_endpoint"));
+        Assert.That(toolNames, Does.Contain("get_failure_groups"));
+        Assert.That(toolNames, Does.Contain("get_retry_history"));
+
+        Assert.That(toolNames, Does.Not.Contain("retry_failed_message"));
+        Assert.That(toolNames, Does.Not.Contain("retry_failed_messages"));
+        Assert.That(toolNames, Does.Not.Contain("retry_failed_messages_by_queue"));
+        Assert.That(toolNames, Does.Not.Contain("retry_all_failed_messages"));
+        Assert.That(toolNames, Does.Not.Contain("retry_all_failed_messages_by_endpoint"));
+        Assert.That(toolNames, Does.Not.Contain("retry_failure_group"));
+        Assert.That(toolNames, Does.Not.Contain("archive_failed_message"));
+        Assert.That(toolNames, Does.Not.Contain("archive_failed_messages"));
+        Assert.That(toolNames, Does.Not.Contain("archive_failure_group"));
+        Assert.That(toolNames, Does.Not.Contain("unarchive_failed_message"));
+        Assert.That(toolNames, Does.Not.Contain("unarchive_failed_messages"));
+        Assert.That(toolNames, Does.Not.Contain("unarchive_failure_group"));
+    }
+}

src/ServiceControl.Audit.UnitTests/ApprovalFiles/APIApprovals.PlatformSampleSettings.approved.txt

@@ -59,5 +59,6 @@
   "TimeToRestartAuditIngestionAfterFailure": "00:01:00",
   "EnableFullTextSearchOnBodies": true,
   "EnableMcpServer": false,
+  "EnableMcpServerWriteMode": false,
   "ShutdownTimeout": "00:00:05"
 }

src/ServiceControl.Audit/Infrastructure/Settings/Settings.cs

@@ -54,6 +54,7 @@ public Settings(string transportType = null, string persisterType = null, Loggin
             ServiceControlQueueAddress = SettingsReader.Read<string>(SettingsRootNamespace, "ServiceControlQueueAddress");
             TimeToRestartAuditIngestionAfterFailure = GetTimeToRestartAuditIngestionAfterFailure();
             EnableFullTextSearchOnBodies = SettingsReader.Read(SettingsRootNamespace, "EnableFullTextSearchOnBodies", true);
+            EnableMcpServerWriteMode = SettingsReader.Read(SettingsRootNamespace, "EnableMcpServerWriteMode", false);
             EnableMcpServer = SettingsReader.Read(SettingsRootNamespace, "EnableMcpServer", false);
             ShutdownTimeout = SettingsReader.Read(SettingsRootNamespace, "ShutdownTimeout", ShutdownTimeout);
 
@@ -188,7 +189,14 @@ public int MaxBodySizeToStore
 
         public bool EnableFullTextSearchOnBodies { get; set; }
 
-        public bool EnableMcpServer { get; set; }
+        bool enableMcpServer;
+        public bool EnableMcpServer
+        {
+            get => enableMcpServer || EnableMcpServerWriteMode;
+            set => enableMcpServer = value;
+        }
+
+        public bool EnableMcpServerWriteMode { get; set; }
 
         // The default value is set to the maximum allowed time by the most
         // restrictive hosting platform, which is Linux containers. Linux

src/ServiceControl.UnitTests/ApprovalFiles/APIApprovals.PlatformSampleSettings.approved.txt

@@ -38,6 +38,7 @@
   "NotificationsFilter": null,
   "AllowMessageEditing": false,
   "EnableMcpServer": false,
+  "EnableMcpServerWriteMode": false,
   "EnableIntegratedServicePulse": false,
   "ServicePulseSettings": null,
   "MessageFilter": null,

src/ServiceControl/Infrastructure/Settings/Settings.cs

@@ -81,6 +81,7 @@ public Settings(
             DisableExternalIntegrationsPublishing = SettingsReader.Read(SettingsRootNamespace, "DisableExternalIntegrationsPublishing", false);
             TrackInstancesInitialValue = SettingsReader.Read(SettingsRootNamespace, "TrackInstancesInitialValue", true);
             ShutdownTimeout = SettingsReader.Read(SettingsRootNamespace, "ShutdownTimeout", ShutdownTimeout);
+            EnableMcpServerWriteMode = SettingsReader.Read(SettingsRootNamespace, "EnableMcpServerWriteMode", false);
             EnableMcpServer = SettingsReader.Read(SettingsRootNamespace, "EnableMcpServer", false);
             AssemblyLoadContextResolver = static assemblyPath => new PluginAssemblyLoadContext(assemblyPath);
         }
@@ -114,7 +115,14 @@ public Settings(
 
         public bool AllowMessageEditing { get; set; }
 
-        public bool EnableMcpServer { get; set; }
+        bool enableMcpServer;
+        public bool EnableMcpServer
+        {
+            get => enableMcpServer || EnableMcpServerWriteMode;
+            set => enableMcpServer = value;
+        }
+
+        public bool EnableMcpServerWriteMode { get; set; }
 
         public bool EnableIntegratedServicePulse { get; set; }
         public ServicePulseSettings ServicePulseSettings { get; set; }

src/ServiceControl/Infrastructure/WebApi/HostApplicationBuilderExtensions.cs

@@ -25,8 +25,12 @@ public static void AddServiceControlApi(this IHostApplicationBuilder builder, Se
             {
                 builder.Services.AddTransient<ServiceControl.Mcp.FailedMessageTools>();
                 builder.Services.AddTransient<ServiceControl.Mcp.FailureGroupTools>();
-                builder.Services.AddTransient<ServiceControl.Mcp.RetryTools>();
-                builder.Services.AddTransient<ServiceControl.Mcp.ArchiveTools>();
+
+                if (settings.EnableMcpServerWriteMode)
+                {
+                    builder.Services.AddTransient<ServiceControl.Mcp.RetryTools>();
+                    builder.Services.AddTransient<ServiceControl.Mcp.ArchiveTools>();
+                }
 
                 builder.Services
                     .AddMcpServer()