feat: disable all web mcp by default (new users) (#6677)

2025-10-01 09:35:09 +07:00 · 2025-10-01 09:35:09 +07:00 · 4cb3c46f89
commit 4cb3c46f89
parent 46d55030f0
4 changed files with 59 additions and 5 deletions
--- a/core/src/browser/extensions/mcp.ts
+++ b/core/src/browser/extensions/mcp.ts
@ -25,4 +25,10 @@ export abstract class MCPExtension extends BaseExtension implements MCPInterface
   * @returns A React component or null if no custom component is provided
   */
  getToolComponent?(): ComponentType<MCPToolComponentProps> | null
+
+  /**
+   * Optional method to get the list of tool names that should be disabled by default
+   * @returns Array of tool names that should be disabled by default for new users
+   */
+  getDefaultDisabledTools?(): Promise<string[]>
 }
--- a/extensions-web/src/mcp-web/index.ts
+++ b/extensions-web/src/mcp-web/index.ts
@ -242,4 +242,19 @@ export default class MCPExtensionWeb extends MCPExtension {
  getToolComponent(): ComponentType<MCPToolComponentProps> | null {
    return WebSearchButton
  }
+
+  /**
+   * Returns the list of tool names that should be disabled by default for new users
+   * All MCP web tools are disabled by default to prevent accidental API usage
+   * @returns Array of tool names to disable by default
+   */
+  async getDefaultDisabledTools(): Promise<string[]> {
+    try {
+      const tools = await this.getTools()
+      return tools.map(tool => tool.name)
+    } catch (error) {
+      console.error('Failed to get default disabled tools:', error)
+      return []
+    }
+  }
 }
--- a/web-app/src/hooks/useToolAvailable.ts
+++ b/web-app/src/hooks/useToolAvailable.ts
@ -8,6 +8,8 @@ type ToolDisabledState = {
  disabledTools: Record<string, string[]> // threadId -> toolNames[]
  // Global default disabled tools (for new threads/index page)
  defaultDisabledTools: string[]
+  // Flag to track if defaults have been initialized from extension
+  defaultsInitialized: boolean

  // Actions
  setToolDisabledForThread: (
@ -19,6 +21,8 @@ type ToolDisabledState = {
  getDisabledToolsForThread: (threadId: string) => string[]
  setDefaultDisabledTools: (toolNames: string[]) => void
  getDefaultDisabledTools: () => string[]
+  isDefaultsInitialized: () => boolean
+  markDefaultsAsInitialized: () => void
  // Initialize thread tools from default or existing thread settings
  initializeThreadTools: (threadId: string, allTools: MCPTool[]) => void
 }
@ -28,6 +32,7 @@ export const useToolAvailable = create<ToolDisabledState>()(
    (set, get) => ({
      disabledTools: {},
      defaultDisabledTools: [],
+      defaultsInitialized: false,

      setToolDisabledForThread: (
        threadId: string,
@ -81,6 +86,14 @@ export const useToolAvailable = create<ToolDisabledState>()(
        return get().defaultDisabledTools
      },

+      isDefaultsInitialized: () => {
+        return get().defaultsInitialized
+      },
+
+      markDefaultsAsInitialized: () => {
+        set({ defaultsInitialized: true })
+      },
+
      initializeThreadTools: (threadId: string, allTools: MCPTool[]) => {
        const state = get()
        // If thread already has settings, don't override
@ -109,6 +122,7 @@ export const useToolAvailable = create<ToolDisabledState>()(
      partialize: (state) => ({
        disabledTools: state.disabledTools,
        defaultDisabledTools: state.defaultDisabledTools,
+        defaultsInitialized: state.defaultsInitialized,
      }),
    }
  )
--- a/web-app/src/hooks/useTools.ts
+++ b/web-app/src/hooks/useTools.ts
@ -1,19 +1,38 @@
 import { useEffect } from 'react'
 import { getServiceHub } from '@/hooks/useServiceHub'
-import { MCPTool } from '@/types/completion'
 import { SystemEvent } from '@/types/events'
 import { useAppState } from './useAppState'
+import { useToolAvailable } from './useToolAvailable'
+import { ExtensionManager } from '@/lib/extension'
+import { ExtensionTypeEnum, MCPExtension } from '@janhq/core'

 export const useTools = () => {
  const updateTools = useAppState((state) => state.updateTools)
+  const { isDefaultsInitialized, setDefaultDisabledTools, markDefaultsAsInitialized } = useToolAvailable()

  useEffect(() => {
-    function setTools() {
-      getServiceHub().mcp().getTools().then((data: MCPTool[]) => {
+    async function setTools() {
+      try {
+        // Get MCP extension first
+        const mcpExtension = ExtensionManager.getInstance().get<MCPExtension>(
+          ExtensionTypeEnum.MCP
+        )
+
+        // Fetch tools
+        const data = await getServiceHub().mcp().getTools()
        updateTools(data)
-      }).catch((error) => {
+
+        // Initialize default disabled tools for new users (only once)
+        if (!isDefaultsInitialized() && data.length > 0 && mcpExtension?.getDefaultDisabledTools) {
+          const defaultDisabled = await mcpExtension.getDefaultDisabledTools()
+          if (defaultDisabled.length > 0) {
+            setDefaultDisabledTools(defaultDisabled)
+            markDefaultsAsInitialized()
+          }
+        }
+      } catch (error) {
        console.error('Failed to fetch MCP tools:', error)
-      })
+      }
    }
    setTools()