diff --git a/cmd/gitea-mcp/main.go b/cmd/gitea-mcp/main.go index 9313bd8..dde8a6f 100644 --- a/cmd/gitea-mcp/main.go +++ b/cmd/gitea-mcp/main.go @@ -39,6 +39,7 @@ func main() { reg.Register(tools.NewCodeSearch(giteaClient, ownerAllow)) reg.Register(tools.NewIssueCreate(giteaClient, ownerAllow)) reg.Register(tools.NewIssueComment(giteaClient, ownerAllow)) + reg.Register(tools.NewPRComment(giteaClient, ownerAllow)) mcpSrv := mcp.NewServer(mcp.ServerOptions{ Registry: reg, diff --git a/internal/tools/pr_comment.go b/internal/tools/pr_comment.go new file mode 100644 index 0000000..32c1c52 --- /dev/null +++ b/internal/tools/pr_comment.go @@ -0,0 +1,73 @@ +package tools + +import ( + "context" + "encoding/json" + "fmt" + + "gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist" + "gitea.d-ma.be/mathias/gitea-mcp/internal/auth" + "gitea.d-ma.be/mathias/gitea-mcp/internal/gitea" + "gitea.d-ma.be/mathias/gitea-mcp/internal/identity" + "gitea.d-ma.be/mathias/gitea-mcp/internal/registry" +) + +type PRComment struct { + c *gitea.Client + a *allowlist.Allowlist +} + +func NewPRComment(c *gitea.Client, a *allowlist.Allowlist) *PRComment { + return &PRComment{c: c, a: a} +} + +func (t *PRComment) Descriptor() registry.ToolDescriptor { + return registry.ToolDescriptor{ + Name: "pr_comment", + Description: "Comment on a pull request (conversation, not inline review). Applies identity footer.", + InputSchema: json.RawMessage(`{ + "type":"object", + "properties":{ + "owner":{"type":"string"}, + "name":{"type":"string"}, + "number":{"type":"integer","minimum":1}, + "body":{"type":"string"} + }, + "required":["owner","name","number","body"] + }`), + } +} + +type prCommentArgs struct { + Owner string `json:"owner"` + Name string `json:"name"` + Number int `json:"number"` + Body string `json:"body"` +} + +func (t *PRComment) Call(ctx context.Context, raw json.RawMessage) (json.RawMessage, error) { + var args prCommentArgs + if err := parseArgs(raw, &args); err != nil { + return nil, err + } + if err := t.a.Check(args.Owner); err != nil { + return nil, err + } + if args.Number < 1 { + return nil, fmt.Errorf("number must be >= 1: %w", gitea.ErrValidation) + } + if args.Body == "" { + return nil, fmt.Errorf("body is required: %w", gitea.ErrValidation) + } + body := identity.ApplyFooter(args.Body, auth.Caller(ctx)) + + c, err := t.c.CreateIssueComment(ctx, args.Owner, args.Name, args.Number, body) + if err != nil { + return nil, err + } + + return textOK(map[string]any{ + "id": c.ID, + "html_url": c.HTMLURL, + }) +} diff --git a/internal/tools/pr_comment_test.go b/internal/tools/pr_comment_test.go new file mode 100644 index 0000000..c14ac41 --- /dev/null +++ b/internal/tools/pr_comment_test.go @@ -0,0 +1,53 @@ +package tools_test + +import ( + "context" + "encoding/json" + "io" + "net/http" + "net/http/httptest" + "testing" + + "gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist" + "gitea.d-ma.be/mathias/gitea-mcp/internal/gitea" + "gitea.d-ma.be/mathias/gitea-mcp/internal/tools" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestPRCommentAppliesFooter(t *testing.T) { + var captured []byte + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // PRs share index space with issues — same endpoint + assert.Equal(t, "/api/v1/repos/o/r/issues/3/comments", r.URL.Path) + var err error + captured, err = io.ReadAll(r.Body) + require.NoError(t, err) + w.WriteHeader(http.StatusCreated) + _, _ = w.Write([]byte(commentFixture)) + })) + defer srv.Close() + + tool := tools.NewPRComment(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"o"})) + ctx := callerContext("mathiasbq") + _, err := tool.Call(ctx, json.RawMessage(`{"owner":"o","name":"r","number":3,"body":"looks good"}`)) + require.NoError(t, err) + + var payload map[string]any + require.NoError(t, json.Unmarshal(captured, &payload)) + body, _ := payload["body"].(string) + assert.Contains(t, body, "_Created via git-mcp on behalf of @mathiasbq_") +} + +func TestPRCommentAllowlistRejects(t *testing.T) { + tool := tools.NewPRComment(gitea.NewClient("http://unused", ""), allowlist.New([]string{"allowed"})) + _, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"evil","name":"r","number":1,"body":"hi"}`)) + require.Error(t, err) +} + +func TestPRCommentRequiresBody(t *testing.T) { + tool := tools.NewPRComment(gitea.NewClient("http://unused", ""), allowlist.New([]string{"o"})) + _, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"o","name":"r","number":1,"body":""}`)) + require.Error(t, err) + assert.ErrorIs(t, err, gitea.ErrValidation) +}