feat: role-based access control (MCPAccessControl.h, RBAC for tools, key-to-role mapping, server integration) — 36 new tests — bump to v0.42.0

Author: quantumnic

CHANGELOG.md

@@ -2,6 +2,26 @@
 
 All notable changes to this project will be documented in this file.
 
+## [0.42.0] — 2026-02-24
+
+### Added
+- **Access Control / RBAC** (`MCPAccessControl.h`): Role-based access control for tools. Associates API keys with roles, restricts tool access by role. Designed for MCU servers exposed on networks where you want to limit which clients can call destructive tools.
+  - `AccessControl`: Enable/disable RBAC, define roles, map API keys to roles, restrict tools to specific roles.
+  - `addRole()`, `removeRole()`, `hasRole()`, `roles()`: Role lifecycle management.
+  - `mapKeyToRole()`, `unmapKey()`, `roleForKey()`: Key-to-role associations.
+  - `restrictTool()`, `unrestrictTool()`, `isToolRestricted()`, `toolAllowedRoles()`: Per-tool access control.
+  - `canAccess(toolName, apiKey)`: Central access check — unrestricted tools always pass, restricted tools require matching role.
+  - `setDefaultRole()`: Configurable fallback role for unauthenticated/unmapped callers (default: "guest").
+  - `restrictDestructiveTools()`: Bulk-restrict multiple tools to admin roles.
+  - `toolsForRole()`: Query which tools a given role can access.
+  - `toJSON()`, `statsJSON()`: Serialization for debugging and monitoring.
+  - Server integration: `server.accessControl()` accessor, RBAC check in tool dispatch pipeline (before tool execution).
+  - Pairs with existing `MCPAuth.h` — auth identifies the caller, RBAC controls what they can do.
+- **36 new tests**: Full coverage of role management, key mapping, tool restrictions, access checks, edge cases, server integration. **Total: 1493 tests**.
+
+### Fixed
+- Version sync: all test files now reference correct MCPD_VERSION.
+
 ## [0.41.0] — 2026-02-23
 
 ### Added

README.md

@@ -33,7 +33,7 @@
 |---|:---:|:---:|:---:|
 | Runs on the MCU | ✅ | ✅ | ❌ CLI tool |
 | MCP spec compliant | ✅ 2025-11-25 | ❌ custom WS | ❌ |
-| Actually compiles | ✅ 1457 tests | ❌ self-described | N/A |
+| Actually compiles | ✅ 1493 tests | ❌ self-described | N/A |
 | Streamable HTTP + SSE | ✅ | ❌ | ❌ |
 | WebSocket transport | ✅ | ✅ | ❌ |
 | Claude Desktop bridge | ✅ | ❌ | ❌ |
@@ -53,6 +53,7 @@
 | Request Cancellation | ✅ | ❌ | ❌ |
 | Prompts support | ✅ | ❌ | ❌ |
 | Authentication | ✅ | ❌ | ❌ |
+| Role-Based Access Control (RBAC) | ✅ | ❌ | ❌ |
 | OTA Updates | ✅ | ❌ | ❌ |
 | Prometheus Metrics | ✅ | ❌ | ❌ |
 | Captive Portal + Setup CLI | ✅ | ❌ | ❌ |

library.json

@@ -1,6 +1,6 @@
 {
   "name": "mcpd",
-  "version": "0.41.0",
+  "version": "0.42.0",
   "description": "MCP Server SDK for Microcontrollers — Expose ESP32/RP2040/STM32 hardware as AI-accessible tools via Model Context Protocol",
   "keywords": [
     "mcp",

library.properties

@@ -1,5 +1,5 @@
 name=mcpd
-version=0.41.0
+version=0.42.0
 author=Nicola Spieser
 maintainer=Nicola Spieser <redbasecap-buiss@users.noreply.github.com>
 sentence=MCP Server SDK for Microcontrollers

src/MCPAccessControl.h

@@ -0,0 +1,257 @@
+/**
+ * mcpd — Role-Based Access Control (RBAC) for tools
+ *
+ * Associates API keys with roles, and restricts tool access by role.
+ * When enabled, tool calls are checked against the caller's role.
+ * Unauthenticated callers get the "guest" role (configurable).
+ *
+ * Usage:
+ *   auto& ac = server.accessControl();
+ *   ac.addRole("admin");
+ *   ac.addRole("viewer");
+ *   ac.mapKeyToRole("secret-admin-key", "admin");
+ *   ac.mapKeyToRole("read-only-key", "viewer");
+ *   ac.restrictTool("gpio_write", {"admin"});
+ *   ac.restrictTool("gpio_read", {"admin", "viewer"});
+ *   // Tools without restrictions are accessible to all roles
+ */
+
+#ifndef MCPD_ACCESS_CONTROL_H
+#define MCPD_ACCESS_CONTROL_H
+
+#include <Arduino.h>
+#include <functional>
+#include <map>
+#include <set>
+#include <vector>
+#include <string>
+
+namespace mcpd {
+
+class AccessControl {
+public:
+    AccessControl() = default;
+
+    // ── Role Management ──────────────────────────────────────────────
+
+    /** Add a role definition. */
+    void addRole(const char* role) {
+        _roles.insert(String(role));
+    }
+
+    /** Remove a role definition and all its associations. */
+    void removeRole(const char* role) {
+        String r(role);
+        _roles.erase(r);
+        // Remove key→role mappings for this role
+        for (auto it = _keyToRole.begin(); it != _keyToRole.end(); ) {
+            if (it->second == r) {
+                it = _keyToRole.erase(it);
+            } else {
+                ++it;
+            }
+        }
+        // Remove from tool restrictions
+        for (auto& pair : _toolRoles) {
+            pair.second.erase(r);
+        }
+    }
+
+    /** Check if a role exists. */
+    bool hasRole(const char* role) const {
+        return _roles.count(String(role)) > 0;
+    }
+
+    /** Get all defined roles. */
+    std::set<String> roles() const { return _roles; }
+
+    // ── Key-to-Role Mapping ──────────────────────────────────────────
+
+    /** Map an API key to a role. A key can only have one role. */
+    void mapKeyToRole(const char* apiKey, const char* role) {
+        _keyToRole[String(apiKey)] = String(role);
+        _roles.insert(String(role)); // Auto-add role if not yet defined
+    }
+
+    /** Remove a key mapping. */
+    void unmapKey(const char* apiKey) {
+        _keyToRole.erase(String(apiKey));
+    }
+
+    /** Get the role for a key, or empty string if not mapped. */
+    String roleForKey(const char* apiKey) const {
+        auto it = _keyToRole.find(String(apiKey));
+        if (it != _keyToRole.end()) return it->second;
+        return String();
+    }
+
+    // ── Tool Restrictions ────────────────────────────────────────────
+
+    /**
+     * Restrict a tool to specific roles.
+     * Only callers with one of the listed roles can call this tool.
+     * An empty set means the tool is restricted to no one (effectively disabled).
+     */
+    void restrictTool(const char* toolName, const std::vector<const char*>& allowedRoles) {
+        std::set<String> roleSet;
+        for (auto r : allowedRoles) roleSet.insert(String(r));
+        _toolRoles[String(toolName)] = roleSet;
+    }
+
+    /** Overload accepting String set. */
+    void restrictToolSet(const char* toolName, const std::set<String>& allowedRoles) {
+        _toolRoles[String(toolName)] = allowedRoles;
+    }
+
+    /** Remove restrictions from a tool (makes it accessible to all). */
+    void unrestrictTool(const char* toolName) {
+        _toolRoles.erase(String(toolName));
+    }
+
+    /** Check if a tool has restrictions. */
+    bool isToolRestricted(const char* toolName) const {
+        return _toolRoles.count(String(toolName)) > 0;
+    }
+
+    /** Get allowed roles for a tool (empty set = unrestricted). */
+    std::set<String> toolAllowedRoles(const char* toolName) const {
+        auto it = _toolRoles.find(String(toolName));
+        if (it != _toolRoles.end()) return it->second;
+        return {};
+    }
+
+    // ── Access Checks ────────────────────────────────────────────────
+
+    /** Set the default role for unauthenticated/unmapped callers. */
+    void setDefaultRole(const char* role) {
+        _defaultRole = String(role);
+        _roles.insert(String(role));
+    }
+
+    /** Get the default role. */
+    String defaultRole() const { return _defaultRole; }
+
+    /**
+     * Check if a caller with the given API key can access a tool.
+     * - If the tool has no restrictions, returns true.
+     * - If the tool is restricted, checks the key's role (or default role).
+     * - If RBAC is not enabled, always returns true.
+     */
+    bool canAccess(const char* toolName, const char* apiKey = nullptr) const {
+        if (!_enabled) return true;
+
+        // Tool not restricted → allow
+        auto toolIt = _toolRoles.find(String(toolName));
+        if (toolIt == _toolRoles.end()) return true;
+
+        // Determine caller's role
+        String callerRole = _defaultRole;
+        if (apiKey && apiKey[0] != '\0') {
+            auto keyIt = _keyToRole.find(String(apiKey));
+            if (keyIt != _keyToRole.end()) {
+                callerRole = keyIt->second;
+            }
+        }
+
+        // Check if caller's role is in allowed set
+        if (callerRole.isEmpty()) return false;
+        return toolIt->second.count(callerRole) > 0;
+    }
+
+    /** Enable/disable RBAC checking. When disabled, canAccess always returns true. */
+    void enable(bool v = true) { _enabled = v; }
+    void disable() { _enabled = false; }
+    bool isEnabled() const { return _enabled; }
+
+    // ── Bulk Operations ──────────────────────────────────────────────
+
+    /**
+     * Restrict all tools with a given annotation to specific roles.
+     * Useful for restricting all destructive tools to admin only.
+     */
+    void restrictDestructiveTools(const std::vector<const char*>& toolNames,
+                                  const std::vector<const char*>& allowedRoles) {
+        for (auto name : toolNames) {
+            restrictTool(name, allowedRoles);
+        }
+    }
+
+    /**
+     * Get the list of tools accessible to a given role.
+     * Returns tool names that are either unrestricted or explicitly allow this role.
+     */
+    std::vector<String> toolsForRole(const char* role, const std::vector<String>& allTools) const {
+        String r(role);
+        std::vector<String> result;
+        for (const auto& tool : allTools) {
+            auto it = _toolRoles.find(tool);
+            if (it == _toolRoles.end()) {
+                // Unrestricted
+                result.push_back(tool);
+            } else if (it->second.count(r) > 0) {
+                result.push_back(tool);
+            }
+        }
+        return result;
+    }
+
+    // ── JSON Serialization ───────────────────────────────────────────
+
+    /** Serialize RBAC config to JSON string. */
+    String toJSON() const {
+        String json = "{\"enabled\":";
+        json += _enabled ? "true" : "false";
+        json += ",\"defaultRole\":\"";
+        json += _defaultRole;
+        json += "\",\"roles\":[";
+        bool first = true;
+        for (const auto& r : _roles) {
+            if (!first) json += ",";
+            json += "\"" + r + "\"";
+            first = false;
+        }
+        json += "],\"toolRestrictions\":{";
+        first = true;
+        for (const auto& pair : _toolRoles) {
+            if (!first) json += ",";
+            json += "\"" + pair.first + "\":[";
+            bool f2 = true;
+            for (const auto& r : pair.second) {
+                if (!f2) json += ",";
+                json += "\"" + r + "\"";
+                f2 = false;
+            }
+            json += "]";
+            first = false;
+        }
+        json += "},\"keyMappings\":";
+        json += String((int)_keyToRole.size());
+        json += "}";
+        return json;
+    }
+
+    /** Get stats as JSON. */
+    String statsJSON() const {
+        String json = "{\"enabled\":";
+        json += _enabled ? "true" : "false";
+        json += ",\"roles\":";
+        json += String((int)_roles.size());
+        json += ",\"keyMappings\":";
+        json += String((int)_keyToRole.size());
+        json += ",\"restrictedTools\":";
+        json += String((int)_toolRoles.size());
+        json += "}";
+        return json;
+    }
+
+private:
+    bool _enabled = false;
+    String _defaultRole = "guest";
+    std::set<String> _roles;
+    std::map<String, String> _keyToRole;       // API key → role
+    std::map<String, std::set<String>> _toolRoles; // tool name → allowed roles
+};
+
+} // namespace mcpd
+
+#endif // MCPD_ACCESS_CONTROL_H

src/mcpd.cpp

@@ -781,6 +781,19 @@ String Server::_handleToolsCall(JsonVariant params, JsonVariant id) {
         return _jsonRpcError(id, -32602, "Tool not found");
     }
 
+    // RBAC check: verify caller has permission for this tool
+    if (_accessControl.isEnabled()) {
+        // Extract API key from _meta.apiKey (set by auth layer) or use empty
+        const char* callerKey = nullptr;
+        if (!params["_meta"].isNull() && !params["_meta"]["apiKey"].isNull()) {
+            callerKey = params["_meta"]["apiKey"].as<const char*>();
+        }
+        if (!_accessControl.canAccess(toolName, callerKey)) {
+            if (!requestId.isEmpty()) _requestTracker.completeRequest(requestId);
+            return _jsonRpcError(id, -32603, "Access denied: insufficient permissions");
+        }
+    }
+
     // Find the tool
     for (const auto& tool : _tools) {
         if (tool.name == toolName) {

src/mcpd.h

@@ -47,12 +47,13 @@
 #include "MCPScheduler.h"
 #include "MCPEventStore.h"
 #include "MCPStateStore.h"
+#include "MCPAccessControl.h"
 
 #ifdef ESP32
 #include "MCPTransportBLE.h"
 #endif
 
-#define MCPD_VERSION "0.41.0"
+#define MCPD_VERSION "0.42.0"
 #define MCPD_MCP_PROTOCOL_VERSION "2025-11-25"
 #define MCPD_MCP_PROTOCOL_VERSION_COMPAT "2025-03-26"
 
@@ -314,6 +315,10 @@ class Server {
     /** Access the rate limiter for stats or manual control */
     RateLimiter& rateLimiter() { return _rateLimiter; }
 
+    // ── Access Control (RBAC) ──────────────────────────────────────────
+    /** Access the RBAC controller for role-based tool restrictions. */
+    AccessControl& accessControl() { return _accessControl; }
+
     // ── Session Management ─────────────────────────────────────────────
 
     /** Access session manager for multi-client session control */
@@ -563,6 +568,7 @@ class Server {
 #endif
 
     RateLimiter _rateLimiter;
+    AccessControl _accessControl;
     SessionManager _sessionManager;
     HeapMonitor _heapMonitor;
     Auth _auth;

test/native/Makefile

@@ -3,7 +3,7 @@ CXXFLAGS = -std=c++17 -Wall -Wextra -Wno-unused-parameter -DMCPD_TEST -pthread
 INCLUDES = -I../../src -I../mock_includes -I..
 
 # Targets
-TESTS = test_jsonrpc test_tools test_mcp_http test_infrastructure test_modules test_auth_platform test_robustness test_session test_content_transport test_advanced test_integration test_output_annotations test_2025_11_25 test_tasks test_validation test_cache test_scheduler test_pipeline test_toolgroups test_eventstore test_statestore
+TESTS = test_jsonrpc test_tools test_mcp_http test_infrastructure test_modules test_auth_platform test_robustness test_session test_content_transport test_advanced test_integration test_output_annotations test_2025_11_25 test_tasks test_validation test_cache test_scheduler test_pipeline test_toolgroups test_eventstore test_statestore test_accesscontrol
 
 .PHONY: all clean test
 
@@ -103,3 +103,6 @@ test: $(TESTS)
 
 clean:
 	rm -f $(TESTS)
+
+test_accesscontrol: ../test_accesscontrol.cpp ../arduino_mock.h ../test_framework.h ../../src/MCPAccessControl.h ../../src/mcpd.h ../../src/mcpd.cpp
+	$(CXX) $(CXXFLAGS) $(INCLUDES) -o $@ ../test_accesscontrol.cpp