Skip to content

Enforce read-only mode by rejecting non-read SQL#57

Open
BorisTyshkevich wants to merge 1 commit intomainfrom
codex/read-only-block-writes
Open

Enforce read-only mode by rejecting non-read SQL#57
BorisTyshkevich wants to merge 1 commit intomainfrom
codex/read-only-block-writes

Conversation

@BorisTyshkevich
Copy link
Collaborator

@BorisTyshkevich BorisTyshkevich commented Mar 4, 2026

Summary

This PR enforces read_only behavior in the MCP execution path by rejecting non-read SQL statements before execution.

Closes #56.

Changes

  • Add a guard in Client.ExecuteQuery to reject non-read queries when ReadOnly=true.
  • Keep allowed read statements aligned with existing isSelectQuery behavior (SELECT, WITH, SHOW, DESC, EXISTS, EXPLAIN).
  • Add unit test coverage for read-only non-select rejection.
  • Update tool/OpenAPI query parameter descriptions to reflect read-only restrictions.
  • Update README --read-only flag description to clarify enforced behavior.

Validation

  • gofmt -w pkg/clickhouse/client.go pkg/clickhouse/client_test.go pkg/server/server.go
  • go test ./pkg/clickhouse ./pkg/server -run "TestClientErrorPaths|TestUtilityFunctions|TestHandleExecuteQuery|TestHandleExecuteQueryOpenAPI|TestBuildConfigFromClaims" -count=1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

read-only mode should reject write SQL in execute_query

2 participants

@BorisTyshkevich @bvt123