fix: prevent $out and $merge stages when create/update/delete operations are disabled MCP-196 (#545)

nirinchev · web-flow · commit ce0218912cdc · 2025-09-11T17:32:15.000+03:00
diff --git a/src/tools/mongodb/read/aggregate.ts b/src/tools/mongodb/read/aggregate.ts
@@ -49,16 +49,23 @@ export class AggregateTool extends MongoDBToolBase {
     }
 
     private assertOnlyUsesPermittedStages(pipeline: Record<string, unknown>[]): void {
-        if (!this.config.readOnly) {
+        const writeOperations: OperationType[] = ["update", "create", "delete"];
+        let writeStageForbiddenError = "";
+
+        if (this.config.readOnly) {
+            writeStageForbiddenError = "In readOnly mode you can not run pipelines with $out or $merge stages.";
+        } else if (this.config.disabledTools.some((t) => writeOperations.includes(t as OperationType))) {
+            writeStageForbiddenError =
+                "When 'create', 'update', or 'delete' operations are disabled, you can not run pipelines with $out or $merge stages.";
+        }
+
+        if (!writeStageForbiddenError) {
             return;
         }
 
         for (const stage of pipeline) {
             if (stage.$out || stage.$merge) {
-                throw new MongoDBError(
-                    ErrorCodes.ForbiddenWriteOperation,
-                    "In readOnly mode you can not run pipelines with $out or $merge stages."
-                );
+                throw new MongoDBError(ErrorCodes.ForbiddenWriteOperation, writeStageForbiddenError);
             }
         }
     }
diff --git a/tests/integration/tools/mongodb/read/aggregate.test.ts b/tests/integration/tools/mongodb/read/aggregate.test.ts
@@ -4,10 +4,15 @@ import {
     validateThrowsForInvalidArguments,
     getResponseContent,
 } from "../../../helpers.js";
-import { expect, it } from "vitest";
+import { expect, it, afterEach } from "vitest";
 import { describeWithMongoDB, getDocsFromUntrustedContent, validateAutoConnectBehavior } from "../mongodbHelpers.js";
 
 describeWithMongoDB("aggregate tool", (integration) => {
+    afterEach(() => {
+        integration.mcpServer().userConfig.readOnly = false;
+        integration.mcpServer().userConfig.disabledTools = [];
+    });
+
     validateToolMetadata(integration, "aggregate", "Run an aggregation against a MongoDB collection", [
         ...databaseCollectionParameters,
         {
@@ -129,6 +134,42 @@ describeWithMongoDB("aggregate tool", (integration) => {
         );
     });
 
+    for (const disabledOpType of ["create", "update", "delete"] as const) {
+        it(`can not run $out stages when ${disabledOpType} operation is disabled`, async () => {
+            await integration.connectMcpClient();
+            integration.mcpServer().userConfig.disabledTools = [disabledOpType];
+            const response = await integration.mcpClient().callTool({
+                name: "aggregate",
+                arguments: {
+                    database: integration.randomDbName(),
+                    collection: "people",
+                    pipeline: [{ $out: "outpeople" }],
+                },
+            });
+            const content = getResponseContent(response);
+            expect(content).toEqual(
+                "Error running aggregate: When 'create', 'update', or 'delete' operations are disabled, you can not run pipelines with $out or $merge stages."
+            );
+        });
+
+        it(`can not run $merge stages when ${disabledOpType} operation is disabled`, async () => {
+            await integration.connectMcpClient();
+            integration.mcpServer().userConfig.disabledTools = [disabledOpType];
+            const response = await integration.mcpClient().callTool({
+                name: "aggregate",
+                arguments: {
+                    database: integration.randomDbName(),
+                    collection: "people",
+                    pipeline: [{ $merge: "outpeople" }],
+                },
+            });
+            const content = getResponseContent(response);
+            expect(content).toEqual(
+                "Error running aggregate: When 'create', 'update', or 'delete' operations are disabled, you can not run pipelines with $out or $merge stages."
+            );
+        });
+    }
+
     validateAutoConnectBehavior(integration, "aggregate", () => {
         return {
             args: {

Original file line number	Diff line number	Diff line change
`@@ -49,16 +49,23 @@ export class AggregateTool extends MongoDBToolBase {`
`49`	`49`	`}`
`50`	`50`
`51`	`51`	`private assertOnlyUsesPermittedStages(pipeline: Record<string, unknown>[]): void {`
`52`		`- if (!this.config.readOnly) {`
	`52`	`+ const writeOperations: OperationType[] = ["update", "create", "delete"];`
	`53`	`+ let writeStageForbiddenError = "";`
	`54`	`+`
	`55`	`+ if (this.config.readOnly) {`
	`56`	`+ writeStageForbiddenError = "In readOnly mode you can not run pipelines with $out or $merge stages.";`
	`57`	`+ } else if (this.config.disabledTools.some((t) => writeOperations.includes(t as OperationType))) {`
	`58`	`+ writeStageForbiddenError =`
	`59`	`+ "When 'create', 'update', or 'delete' operations are disabled, you can not run pipelines with $out or $merge stages.";`
	`60`	`+ }`
	`61`	`+`
	`62`	`+ if (!writeStageForbiddenError) {`
`53`	`63`	`return;`
`54`	`64`	`}`
`55`	`65`
`56`	`66`	`for (const stage of pipeline) {`
`57`	`67`	`if (stage.$out \|\| stage.$merge) {`
`58`		`- throw new MongoDBError(`
`59`		`- ErrorCodes.ForbiddenWriteOperation,`
`60`		`- "In readOnly mode you can not run pipelines with $out or $merge stages."`
`61`		`- );`
	`68`	`+ throw new MongoDBError(ErrorCodes.ForbiddenWriteOperation, writeStageForbiddenError);`
`62`	`69`	`}`
`63`	`70`	`}`
`64`	`71`	`}`