Ryan Malloy
8b3da9d729
Read-only MCP server for Cisco Unified CM 15 AXL — built for LLM-driven
cluster auditing, with a particular focus on the Route Plan Report:
partitions, calling search spaces, route patterns, translation patterns,
called/calling party transformations, and digit-discard instructions.
Pairs intentionally with the sibling mcp-cisco-docs server (live
cluster state + vendor docs in one LLM context).
Architecture:
- zeep SOAP client to CUCM AXL
- WSDL bootstrap from Cisco's axlsqltoolkit.zip (auto-extract on
first launch; zip is gitignored, vendor-licensed)
- SQLite response cache at ~/.cache/mcp-cucm-axl/responses/
- Schema-grounded prompts that pull chunks from the sibling
cisco-docs index (docs_loader.py)
Read-only by structural guarantee — never registers AXL write methods
(no executeSQLUpdate, no add*/update*/remove*/apply*/reset*/restart*
tools). SQL queries also client-side validated (sql_validator.py) to
begin with SELECT or WITH.
Tools exposed:
Foundational: axl_version, axl_sql, axl_list_tables,
axl_describe_table, cache_stats, cache_clear
Route plan: route_partitions, route_calling_search_spaces,
route_patterns, route_inspect_pattern,
route_lists_and_groups, route_translation_chain,
route_digit_discard_instructions
Prompts (schema-grounded):
route_plan_overview, investigate_pattern, audit_routing,
cucm_sql_help
Tests cover cache, docs_loader, normalize, sql_validator, wildcard.
85 lines
3.2 KiB
Python
85 lines
3.2 KiB
Python
"""Tests for the SELECT-only SQL guardrail."""
|
|
|
|
import pytest
|
|
|
|
from mcp_cucm_axl.sql_validator import validate_select, SqlValidationError
|
|
|
|
|
|
class TestSelectAccepted:
|
|
def test_simple_select(self):
|
|
assert validate_select("SELECT * FROM device") == "SELECT * FROM device"
|
|
|
|
def test_with_cte(self):
|
|
q = "WITH x AS (SELECT 1 FROM systables) SELECT * FROM x"
|
|
assert validate_select(q) == q
|
|
|
|
def test_lowercase_select(self):
|
|
assert validate_select("select * from numplan") == "select * from numplan"
|
|
|
|
def test_trailing_semicolon_stripped(self):
|
|
assert validate_select("SELECT 1 FROM device;") == "SELECT 1 FROM device"
|
|
|
|
def test_block_comments_stripped(self):
|
|
q = "/* comment */ SELECT 1 FROM device"
|
|
cleaned = validate_select(q)
|
|
assert "SELECT 1 FROM device" in cleaned
|
|
|
|
def test_line_comments_stripped(self):
|
|
q = "-- a comment\nSELECT 1 FROM device"
|
|
cleaned = validate_select(q)
|
|
assert "SELECT 1 FROM device" in cleaned
|
|
|
|
|
|
class TestRejected:
|
|
def test_empty(self):
|
|
with pytest.raises(SqlValidationError, match="empty"):
|
|
validate_select("")
|
|
|
|
def test_whitespace_only(self):
|
|
with pytest.raises(SqlValidationError, match="empty"):
|
|
validate_select(" \n ")
|
|
|
|
def test_only_comments(self):
|
|
with pytest.raises(SqlValidationError, match="empty"):
|
|
validate_select("-- just a comment\n/* and another */")
|
|
|
|
def test_insert_rejected(self):
|
|
with pytest.raises(SqlValidationError, match="INSERT"):
|
|
validate_select("INSERT INTO device VALUES (1)")
|
|
|
|
def test_update_rejected(self):
|
|
with pytest.raises(SqlValidationError, match="UPDATE"):
|
|
validate_select("UPDATE device SET name='x' WHERE pkid='y'")
|
|
|
|
def test_delete_rejected(self):
|
|
with pytest.raises(SqlValidationError, match="DELETE"):
|
|
validate_select("DELETE FROM device WHERE pkid='y'")
|
|
|
|
def test_drop_rejected(self):
|
|
with pytest.raises(SqlValidationError, match="DROP"):
|
|
validate_select("DROP TABLE device")
|
|
|
|
def test_select_with_embedded_drop_rejected(self):
|
|
# Belt-and-suspenders: even if "DROP" appears in a quoted string-ish
|
|
# position our keyword filter still catches it. AXL would also reject
|
|
# this, but failing fast on the client saves a SOAP round-trip.
|
|
with pytest.raises(SqlValidationError, match="DROP"):
|
|
validate_select("SELECT 1 FROM device; DROP TABLE device")
|
|
|
|
def test_truncate_rejected(self):
|
|
with pytest.raises(SqlValidationError, match="TRUNCATE"):
|
|
validate_select("TRUNCATE TABLE device")
|
|
|
|
|
|
class TestEdgeCases:
|
|
def test_keyword_as_column_name_blocked(self):
|
|
# A column named "delete" would be blocked. This is acceptable —
|
|
# the data dictionary doesn't use SQL keywords as column names,
|
|
# and conservative blocking is the right call for v1.
|
|
with pytest.raises(SqlValidationError):
|
|
validate_select("SELECT delete FROM device")
|
|
|
|
def test_select_with_subquery(self):
|
|
q = "SELECT name FROM device WHERE pkid IN (SELECT fkdevice FROM numplan)"
|
|
assert "SELECT name FROM device" in validate_select(q)
|