fix(amazonq): fix regression of mcp config in agent config (aws#2101)

* fix(amazonq): update process-permission-updates to be the same as previous behavior

* fix(chat-client): update package.json chat-client to prod

* fix(amazonq): retain mcp permissions after disable/enable server

* fix: dont call initOneServer on Built-in

* fix: deny permission does not persist after restart IDE

---------

Co-authored-by: Boyu <[email protected]>

Author: dungdong-aws

server/aws-lsp-codewhisperer/src/language-server/agenticChat/tools/mcp/mcpEventHandler.ts

@@ -35,6 +35,7 @@ import { ProfileStatusMonitor } from './profileStatusMonitor'
 interface PermissionOption {
     label: string
     value: string
+    description?: string
 }
 
 export class McpEventHandler {
@@ -913,20 +914,15 @@ export class McpEventHandler {
         }
 
         const mcpManager = McpManager.instance
-
         // Get the appropriate agent path
         const agentPath = mcpManager.getAllServerConfigs().get(serverName)?.__configPath__
-
-        const perm: MCPServerPermission = {
-            enabled: true,
-            toolPerms: {},
-            __configPath__: agentPath,
-        }
-
         // Set flag to ignore file changes during permission update
         this.#isProgrammaticChange = true
 
         try {
+            const perm = mcpManager.getMcpServerPermissions(serverName)!
+            perm.enabled = true
+            perm.__configPath__ = agentPath
             await mcpManager.updateServerPermission(serverName, perm)
             this.#emitMCPConfigEvent()
         } catch (error) {
@@ -944,21 +940,15 @@ export class McpEventHandler {
         if (!serverName) {
             return { id: params.id }
         }
-
         const mcpManager = McpManager.instance
-        // Get the appropriate agent path
+        // Set flag to ignore file changes during permission update
         const agentPath = mcpManager.getAllServerConfigs().get(serverName)?.__configPath__
-
-        const perm: MCPServerPermission = {
-            enabled: false,
-            toolPerms: {},
-            __configPath__: agentPath,
-        }
-
         // Set flag to ignore file changes during permission update
         this.#isProgrammaticChange = true
-
         try {
+            const perm = mcpManager.getMcpServerPermissions(serverName)!
+            perm.enabled = false
+            perm.__configPath__ = agentPath
             await mcpManager.updateServerPermission(serverName, perm)
             this.#emitMCPConfigEvent()
         } catch (error) {
@@ -1078,17 +1068,16 @@ export class McpEventHandler {
         // Add tool select options
         toolsWithPermissions.forEach(item => {
             const toolName = item.tool.toolName
-            const currentPermission = this.#getCurrentPermission(item.permission)
             // For Built-in server, use a special function that doesn't include the 'Deny' option
-            const permissionOptions = this.#buildPermissionOptions(item.permission)
+            let permissionOptions = this.#buildPermissionOptions()
 
             filterOptions.push({
                 type: 'select',
                 id: `${toolName}`,
                 title: toolName,
                 description: item.tool.description,
-                placeholder: currentPermission,
                 options: permissionOptions,
+                ...{ value: item.permission, boldTitle: true, mandatory: true, hideMandatoryIcon: true },
             })
         })
 
@@ -1141,20 +1130,22 @@ export class McpEventHandler {
     /**
      * Builds permission options excluding the current one
      */
-    #buildPermissionOptions(currentPermission: string) {
+    #buildPermissionOptions() {
         const permissionOptions: PermissionOption[] = []
 
-        if (currentPermission !== McpPermissionType.alwaysAllow) {
-            permissionOptions.push({ label: 'Always allow', value: McpPermissionType.alwaysAllow })
-        }
+        permissionOptions.push({
+            label: 'Ask',
+            value: McpPermissionType.ask,
+            description: 'Ask for your approval each time this tool is run',
+        })
 
-        if (currentPermission !== McpPermissionType.ask) {
-            permissionOptions.push({ label: 'Ask', value: McpPermissionType.ask })
-        }
+        permissionOptions.push({
+            label: 'Always allow',
+            value: McpPermissionType.alwaysAllow,
+            description: 'Always allow this tool to run without asking for approval',
+        })
 
-        if (currentPermission !== McpPermissionType.deny) {
-            permissionOptions.push({ label: 'Deny', value: McpPermissionType.deny })
-        }
+        permissionOptions.push({ label: 'Deny', value: McpPermissionType.deny, description: 'Never run this tool' })
 
         return permissionOptions
     }
@@ -1203,6 +1194,7 @@ export class McpEventHandler {
             }
 
             const mcpServerPermission = await this.#processPermissionUpdates(
+                serverName,
                 updatedPermissionConfig,
                 serverConfig?.__configPath__
             )
@@ -1400,27 +1392,20 @@ export class McpEventHandler {
     /**
      * Processes permission updates from the UI
      */
-    async #processPermissionUpdates(updatedPermissionConfig: any, agentPath: string | undefined) {
+    async #processPermissionUpdates(serverName: string, updatedPermissionConfig: any, agentPath: string | undefined) {
+        const builtInToolAgentPath = await this.#getAgentPath()
         const perm: MCPServerPermission = {
             enabled: true,
             toolPerms: {},
-            __configPath__: agentPath,
+            __configPath__: serverName === 'Built-in' ? builtInToolAgentPath : agentPath,
         }
 
         // Process each tool permission setting
         for (const [key, val] of Object.entries(updatedPermissionConfig)) {
             if (key === 'scope') continue
 
-            // // Get the default permission for this tool from McpManager
-            // let defaultPermission = McpManager.instance.getToolPerm(serverName, key)
-
-            // // If no default permission is found, use 'alwaysAllow' for Built-in and 'ask' for MCP servers
-            // if (!defaultPermission) {
-            //     defaultPermission = serverName === 'Built-in' ? 'alwaysAllow' : 'ask'
-            // }
-
-            // If the value is an empty string (''), skip this tool to preserve its existing permission in the persona file
-            if (val === '') continue
+            const currentPerm = McpManager.instance.getToolPerm(serverName, key)
+            if (val === currentPerm) continue
             switch (val) {
                 case McpPermissionType.alwaysAllow:
                     perm.toolPerms[key] = McpPermissionType.alwaysAllow

server/aws-lsp-codewhisperer/src/language-server/agenticChat/tools/mcp/mcpManager.ts

@@ -178,14 +178,49 @@ export class McpManager {
 
         // Reset permissions map
         this.mcpServerPermissions.clear()
-
-        // Initialize permissions for servers from agent config
+        // Create init state
         for (const [sanitizedName, _] of this.mcpServers.entries()) {
-            const name = this.serverNameMapping.get(sanitizedName) || sanitizedName
-
             // Set server status to UNINITIALIZED initially
             this.setState(sanitizedName, McpServerStatus.UNINITIALIZED, 0)
+        }
+        // Get all servers that need to be initialized
+        const serversToInit: Array<[string, MCPServerConfig]> = []
+
+        for (const [name, cfg] of this.mcpServers.entries()) {
+            if (this.isServerDisabled(name)) {
+                this.features.logging.info(`MCP: server '${name}' is disabled by persona settings, skipping`)
+                this.setState(name, McpServerStatus.DISABLED, 0)
+                this.emitToolsChanged(name)
+                continue
+            }
+            serversToInit.push([name, cfg])
+        }
+
+        // Process servers in batches of 5 at a time
+        const MAX_CONCURRENT_SERVERS = 5
+        const totalServers = serversToInit.length
+
+        if (totalServers > 0) {
+            this.features.logging.info(
+                `MCP: initializing ${totalServers} servers with max concurrency of ${MAX_CONCURRENT_SERVERS}`
+            )
+
+            // Process servers in batches
+            for (let i = 0; i < totalServers; i += MAX_CONCURRENT_SERVERS) {
+                const batch = serversToInit.slice(i, i + MAX_CONCURRENT_SERVERS)
+                const batchPromises = batch.map(([name, cfg]) => this.initOneServer(name, cfg))
+
+                this.features.logging.debug(
+                    `MCP: initializing batch of ${batch.length} servers (${i + 1}-${Math.min(i + MAX_CONCURRENT_SERVERS, totalServers)} of ${totalServers})`
+                )
+                await Promise.all(batchPromises)
+            }
 
+            this.features.logging.info(`MCP: completed initialization of ${totalServers} servers`)
+        }
+
+        for (const [sanitizedName, _] of this.mcpServers.entries()) {
+            const name = this.serverNameMapping.get(sanitizedName) || sanitizedName
             // Initialize permissions for this server
             const serverPrefix = `@${name}`
 
@@ -208,9 +243,18 @@ export class McpManager {
                 })
             } else {
                 // Only specific tools are enabled
+                // get allTools of this server, if it's not in tools --> it's denied
+                // have to move the logic after all servers finish init, because that's when we have list of tools
+                const deniedTools = new Set(
+                    this.getAllTools()
+                        .filter(tool => tool.serverName === name)
+                        .map(tool => tool.toolName)
+                )
                 this.agentConfig.tools.forEach(tool => {
                     if (tool.startsWith(serverPrefix + '/')) {
+                        // remove this from deniedTools
                         const toolName = tool.substring(serverPrefix.length + 1)
+                        deniedTools.delete(toolName)
                         if (toolName) {
                             // Check if tool is in allowedTools
                             if (this.agentConfig.allowedTools.includes(tool)) {
@@ -221,49 +265,18 @@ export class McpManager {
                         }
                     }
                 })
+
+                // update permission to deny for rest of the tools
+                deniedTools.forEach(tool => {
+                    toolPerms[tool] = McpPermissionType.deny
+                })
             }
 
             this.mcpServerPermissions.set(sanitizedName, {
                 enabled: true,
                 toolPerms,
             })
         }
-
-        // Get all servers that need to be initialized
-        const serversToInit: Array<[string, MCPServerConfig]> = []
-
-        for (const [name, cfg] of this.mcpServers.entries()) {
-            if (this.isServerDisabled(name)) {
-                this.features.logging.info(`MCP: server '${name}' is disabled by persona settings, skipping`)
-                this.setState(name, McpServerStatus.DISABLED, 0)
-                this.emitToolsChanged(name)
-                continue
-            }
-            serversToInit.push([name, cfg])
-        }
-
-        // Process servers in batches of 5 at a time
-        const MAX_CONCURRENT_SERVERS = 5
-        const totalServers = serversToInit.length
-
-        if (totalServers > 0) {
-            this.features.logging.info(
-                `MCP: initializing ${totalServers} servers with max concurrency of ${MAX_CONCURRENT_SERVERS}`
-            )
-
-            // Process servers in batches
-            for (let i = 0; i < totalServers; i += MAX_CONCURRENT_SERVERS) {
-                const batch = serversToInit.slice(i, i + MAX_CONCURRENT_SERVERS)
-                const batchPromises = batch.map(([name, cfg]) => this.initOneServer(name, cfg))
-
-                this.features.logging.debug(
-                    `MCP: initializing batch of ${batch.length} servers (${i + 1}-${Math.min(i + MAX_CONCURRENT_SERVERS, totalServers)} of ${totalServers})`
-                )
-                await Promise.all(batchPromises)
-            }
-
-            this.features.logging.info(`MCP: completed initialization of ${totalServers} servers`)
-        }
     }
 
     /**
@@ -658,13 +671,7 @@ export class McpManager {
             }
 
             // Save agent config once with all changes
-            await saveAgentConfig(
-                this.features.workspace,
-                this.features.logging,
-                this.agentConfig,
-                agentPath,
-                serverName
-            )
+            await saveAgentConfig(this.features.workspace, this.features.logging, this.agentConfig, agentPath)
 
             // Add server tools to tools list after initialization
             await this.initOneServer(sanitizedName, newCfg)
@@ -728,13 +735,7 @@ export class McpManager {
             })
 
             // Save agent config
-            await saveAgentConfig(
-                this.features.workspace,
-                this.features.logging,
-                this.agentConfig,
-                cfg.__configPath__,
-                unsanitizedName
-            )
+            await saveAgentConfig(this.features.workspace, this.features.logging, this.agentConfig, cfg.__configPath__)
 
             // Get all config paths and delete the server from each one
             const wsUris = this.features.workspace.getAllWorkspaceFolders()?.map(f => f.uri) ?? []
@@ -817,13 +818,7 @@ export class McpManager {
                 this.agentConfig.mcpServers[unsanitizedServerName] = updatedConfig
 
                 // Save agent config
-                await saveAgentConfig(
-                    this.features.workspace,
-                    this.features.logging,
-                    this.agentConfig,
-                    agentPath,
-                    unsanitizedServerName
-                )
+                await saveAgentConfig(this.features.workspace, this.features.logging, this.agentConfig, agentPath)
             }
 
             const newCfg: MCPServerConfig = {
@@ -1035,13 +1030,7 @@ export class McpManager {
             // Save agent config
             const agentPath = perm.__configPath__
             if (agentPath) {
-                await saveAgentConfig(
-                    this.features.workspace,
-                    this.features.logging,
-                    this.agentConfig,
-                    agentPath,
-                    unsanitizedServerName
-                )
+                await saveAgentConfig(this.features.workspace, this.features.logging, this.agentConfig, agentPath)
             }
 
             // Update mcpServerPermissions map
@@ -1059,7 +1048,7 @@ export class McpManager {
                 }
                 this.setState(serverName, McpServerStatus.DISABLED, 0)
             } else {
-                if (!this.clients.has(serverName)) {
+                if (!this.clients.has(serverName) && serverName !== 'Built-in') {
                     await this.initOneServer(serverName, this.mcpServers.get(serverName)!)
                 }
             }
@@ -1087,6 +1076,13 @@ export class McpManager {
         return !this.agentConfig.allowedTools.includes(toolId)
     }
 
+    /**
+     * get server's tool permission
+     */
+    public getMcpServerPermissions(serverName: string): MCPServerPermission | undefined {
+        return this.mcpServerPermissions.get(serverName)
+    }
+
     /**
      * Returns any errors that occurred during loading of MCP configuration files
      */
@@ -1152,8 +1148,7 @@ export class McpManager {
                     this.features.workspace,
                     this.features.logging,
                     this.agentConfig,
-                    cfg.__configPath__,
-                    unsanitizedName
+                    cfg.__configPath__
                 )
             }
         } catch (err) {