Documentation / Mcp / Generic Mcp Feature Step By Step

File Inventory

This is the full surface you need to account for when bringing the generic User-scoped MCP into another Rails project.

Core Shared Runtime

File or area Role Export status
app/middleware/mcp/base_rack_app.rb Rack transport, token auth, rate limiting, transport reuse Copy as-is
app/middleware/mcp/rack_app.rb User-scoped authorization and request lifecycle hooks Copy and adapt
app/models/mcp/token.rb Token digest lookup, permission checks, revocation, regeneration Copy and adapt
app/models/mcp/activity_log.rb Tool call audit trail Copy and adapt
app/models/mcp/user_context.rb Thread-safe user context value object Copy as-is
app/models/mcp/base_tool.rb Base class for all tools; exposes user and token; prepends CallLogging Copy as-is
app/models/mcp/server_builder.rb Discovers tool namespaces and filters by permission Copy and adapt

Tool Concerns

File or area Role Export status
app/models/mcp/tools/concerns/formattable.rb text_response, json_response, not_found_response helpers Copy as-is
app/models/mcp/tools/concerns/listable.rb Pagination + plain-text list rendering Copy as-is
app/models/mcp/tools/concerns/tool_metadata.rb mcp_domain / mcp_action DSL driving permission filtering Copy as-is

Tool Classes β€” The Item CRUD Set

File or area Role Export status
app/models/mcp/tools/items/list.rb list_items β€” paginated, user-scoped list Rebuild per resource
app/models/mcp/tools/items/get.rb get_item β€” single record lookup Rebuild per resource
app/models/mcp/tools/items/create.rb create_item β€” safe create with validation feedback Rebuild per resource
app/models/mcp/tools/items/update.rb update_item β€” partial update, scoped find Rebuild per resource
app/models/mcp/tools/items/delete.rb delete_item β€” scoped destroy with confirmation response Rebuild per resource

Replace Item with your real resource name. Keep the five-file layout: one tool per action, one action per class.

Token Management Surface

File or area Role Export status
app/controllers/mcp/base_controller.rb Ensures the user is authenticated and applies the app layout Copy and adapt
app/controllers/mcp/tokens_controller.rb Token create, update, revoke, regenerate for the current user Copy and adapt
app/controllers/mcp/settings_controller.rb MCP settings landing page (optional) Optional
app/controllers/mcp/activity_controller.rb Activity log viewer (optional) Optional
app/policies/mcp/token_policy.rb Pundit policy limiting scope to current_user's tokens Adapt
app/views/mcp/tokens/** Token form, permission toggles, list view Copy and adapt

Routes And Dependency Hooks

File or area Role Export status
config/routes.rb Mounts /mcp and nested token management routes Copy and adapt
Gemfile Adds gem "mcp", "~> 0.10.0" Required
app/models/current.rb Holds Current.user so downstream code sees the acting user during MCP dispatch Recommended

Database Contract

For a fresh export, build around the final model contract rather than replaying migration history.

  • user_id, non-null, foreign key
  • name, non-null
  • token_digest, non-null, unique
  • token_prefix, nullable (UI only)
  • permissions, JSON, non-null, default {}
  • scope, non-null, default "user"
  • last_used_at
  • revoked_at
  • timestamps
  • unique on token_digest
  • user_id
  • composite [user_id, revoked_at] for active-token lookups
  • mcp_token_id, non-null, foreign key
  • user_id, non-null, foreign key (denormalized for fast per-user queries)
  • tool_name, non-null
  • domain, non-null
  • action_type, non-null
  • arguments, JSON
  • result_summary, JSON
  • status_code, integer
  • timestamps
  • mcp_token_id
  • composite [mcp_token_id, created_at]
  • user_id
  • composite [user_id, created_at]

Tool Inventory Snapshot (Generic Package)

The generic package ships one domain with five tools:

  • items β€” list_items, get_item, create_item, update_item, delete_item

Each tool declares:

  • tool_name "<verb>_item"
  • mcp_domain "items"
  • mcp_action "read" | "create" | "update" | "delete"
  • description β€” one sentence naming the resource and the action
  • input_schema β€” tight, explicit property definitions

Must-Copy Minimum Set

If you want a minimal but working export, start with these:

  1. Gemfile dependency on mcp
  2. app/middleware/mcp/base_rack_app.rb
  3. app/middleware/mcp/rack_app.rb
  4. app/models/mcp/token.rb + migration
  5. app/models/mcp/activity_log.rb + migration
  6. app/models/mcp/user_context.rb
  7. app/models/mcp/base_tool.rb
  8. app/models/mcp/server_builder.rb
  9. app/models/mcp/tools/concerns/*
  10. One tool class to prove the wiring (Mcp::Tools::Items::List is a good first target)
  11. Route: mount Mcp::RackApp.new, at: "/mcp"

Everything else β€” token UI, activity viewer, additional tool domains β€” can be layered in after the endpoint already serves tools/list.