fix(mcp): surface admin-required state on settings tools page (#3527) (#3533)

GET /api/mcp/config returns 403 for non-admin users, but the previous client returned the error body as MCPConfig, causing MCPServerList to crash with 'Cannot convert undefined or null to object' on Object.entries(config.mcp_servers). - api.ts: introduce MCPConfigRequestError; loadMCPConfig and updateMCPConfig now throw it (carrying status + isAdminRequired) instead of letting non-2xx bodies leak through as parsed config - tool-settings-page.tsx: render a friendly 'admin privileges required' empty state when the React Query error is an admin-required MCPConfigRequestError; keep MCPServerList resilient with Object.entries(servers ?? {}) and an empty-state for no servers - i18n: add settings.tools.adminRequired and settings.tools.empty in en-US, zh-CN and the Translations type - tests: cover 403 / 5xx / instanceof / detail-fallback for both loadMCPConfig and updateMCPConfig in tests/unit/core/mcp/api.test.ts Refs: #3527
2026-06-13 10:55:59 +00:00 · 2026-06-13 07:36:57 +08:00
parent 420a886e1d
commit a17d2ff8f8
8 changed files with 263 additions and 3 deletions
@@ -9,6 +9,7 @@ import {
 } from "@/components/ui/item";
 import { Switch } from "@/components/ui/switch";
 import { useI18n } from "@/core/i18n/hooks";
+import { MCPConfigRequestError } from "@/core/mcp/api";
 import { useMCPConfig, useEnableMCPServer } from "@/core/mcp/hooks";
 import type { MCPServerConfig } from "@/core/mcp/types";
 import { env } from "@/env";
@@ -18,6 +19,8 @@ import { SettingsSection } from "./settings-section";
 export function ToolSettingsPage() {
  const { t } = useI18n();
  const { config, isLoading, error } = useMCPConfig();
+  const adminRequired =
+    error instanceof MCPConfigRequestError && error.isAdminRequired;
  return (
    <SettingsSection
      title={t.settings.tools.title}
@@ -25,6 +28,10 @@ export function ToolSettingsPage() {
    >
      {isLoading ? (
        <div className="text-muted-foreground text-sm">{t.common.loading}</div>
+      ) : adminRequired ? (
+        <div className="text-muted-foreground text-sm">
+          {t.settings.tools.adminRequired}
+        </div>
      ) : error ? (
        <div>Error: {error.message}</div>
      ) : (
@@ -37,12 +44,21 @@ export function ToolSettingsPage() {
 function MCPServerList({
  servers,
 }: {
-  servers: Record<string, MCPServerConfig>;
+  servers?: Record<string, MCPServerConfig>;
 }) {
+  const { t } = useI18n();
  const { mutate: enableMCPServer } = useEnableMCPServer();
+  const entries = Object.entries(servers ?? {});
+  if (entries.length === 0) {
+    return (
+      <div className="text-muted-foreground text-sm">
+        {t.settings.tools.empty}
+      </div>
+    );
+  }
  return (
    <div className="flex w-full flex-col gap-4">
-      {Object.entries(servers).map(([name, config]) => (
+      {entries.map(([name, config]) => (
        <Item className="w-full" variant="outline" key={name}>
          <ItemContent>
            <ItemTitle>
@@ -495,6 +495,8 @@ export const enUS: Translations = {
    tools: {
      title: "Tools",
      description: "Manage the configuration and enabled status of MCP tools.",
+      adminRequired: "Admin privileges are required to manage MCP tools.",
+      empty: "No MCP tools configured.",
    },
    channels: {
      title: "Channels",
@@ -406,6 +406,8 @@ export interface Translations {
    tools: {
      title: string;
      description: string;
+      adminRequired: string;
+      empty: string;
    };
    channels: {
      title: string;
@@ -476,6 +476,8 @@ export const zhCN: Translations = {
    tools: {
      title: "工具",
      description: "管理 MCP 工具的配置和启用状态。",
+      adminRequired: "需要管理员权限才能管理 MCP 工具。",
+      empty: "暂无 MCP 工具。",
    },
    channels: {
      title: "渠道",
@@ -3,8 +3,36 @@ import { getBackendBaseURL } from "@/core/config";

 import type { MCPConfig } from "./types";

+export class MCPConfigRequestError extends Error {
+  readonly status: number;
+  constructor(status: number, message: string) {
+    super(message);
+    this.name = "MCPConfigRequestError";
+    this.status = status;
+  }
+  get isAdminRequired(): boolean {
+    return this.status === 403;
+  }
+}
+
+async function readErrorDetail(
+  response: Response,
+  fallback: string,
+): Promise<string> {
+  const error = (await response.json().catch(() => ({}))) as {
+    detail?: unknown;
+  };
+  return typeof error.detail === "string" ? error.detail : fallback;
+}
+
 export async function loadMCPConfig() {
  const response = await fetch(`${getBackendBaseURL()}/api/mcp/config`);
+  if (!response.ok) {
+    throw new MCPConfigRequestError(
+      response.status,
+      await readErrorDetail(response, "Failed to load MCP configuration"),
+    );
+  }
  return response.json() as Promise<MCPConfig>;
 }

@@ -16,5 +44,11 @@ export async function updateMCPConfig(config: MCPConfig) {
    },
    body: JSON.stringify(config),
  });
+  if (!response.ok) {
+    throw new MCPConfigRequestError(
+      response.status,
+      await readErrorDetail(response, "Failed to update MCP configuration"),
+    );
+  }
  return response.json();
 }
@@ -1,11 +1,13 @@
 import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query";

-import { loadMCPConfig, updateMCPConfig } from "./api";
+import { loadMCPConfig, MCPConfigRequestError, updateMCPConfig } from "./api";

 export function useMCPConfig() {
  const { data, isLoading, error } = useQuery({
    queryKey: ["mcpConfig"],
    queryFn: () => loadMCPConfig(),
+    retry: (count, error) =>
+      !(error instanceof MCPConfigRequestError) && count < 3,
  });
  return { config: data, isLoading, error };
 }
@@ -0,0 +1,118 @@
+/**
+ * Tests for the error-handling behaviour of the MCP config API client.
+ *
+ * Issue #3527: when a non-admin user opens Settings → Tools, the gateway
+ * returns 403 `{detail: "Admin privileges required to manage MCP
+ * configuration."}` for `GET /api/mcp/config`. The previous client
+ * silently treated the 403 body as a valid `MCPConfig`, so the UI then
+ * crashed with `Cannot convert undefined or null to object` when it tried
+ * `Object.entries(config.mcp_servers)`.
+ *
+ * These tests pin the contract that non-2xx responses are surfaced as
+ * `MCPConfigRequestError` carrying the HTTP status and backend `detail`,
+ * so the React Query hook's `error` branch can render a friendly empty
+ * state (admin-required for 403) instead of crashing.
+ */
+import { beforeEach, describe, expect, test, vi } from "vitest";
+
+vi.mock("@/core/api/fetcher", () => ({
+  fetch: vi.fn(),
+}));
+
+vi.mock("@/core/config", () => ({
+  getBackendBaseURL: () => "",
+}));
+
+import { fetch as fetcher } from "@/core/api/fetcher";
+import {
+  MCPConfigRequestError,
+  loadMCPConfig,
+  updateMCPConfig,
+} from "@/core/mcp/api";
+
+const mockedFetch = vi.mocked(fetcher);
+
+function jsonResponse(status: number, body: unknown): Response {
+  return new Response(JSON.stringify(body), {
+    status,
+    headers: { "Content-Type": "application/json" },
+  });
+}
+
+beforeEach(() => {
+  mockedFetch.mockReset();
+});
+
+describe("loadMCPConfig", () => {
+  test("returns parsed config on 200", async () => {
+    const config = { mcp_servers: { foo: { enabled: true } } };
+    mockedFetch.mockResolvedValueOnce(jsonResponse(200, config));
+    await expect(loadMCPConfig()).resolves.toEqual(config);
+  });
+
+  test("throws MCPConfigRequestError with isAdminRequired on 403 (issue #3527)", async () => {
+    mockedFetch.mockResolvedValueOnce(
+      jsonResponse(403, {
+        detail: "Admin privileges required to manage MCP configuration.",
+      }),
+    );
+    await expect(loadMCPConfig()).rejects.toMatchObject({
+      name: "MCPConfigRequestError",
+      status: 403,
+      isAdminRequired: true,
+      message: "Admin privileges required to manage MCP configuration.",
+    });
+  });
+
+  test("throws MCPConfigRequestError with isAdminRequired=false on non-403 errors", async () => {
+    mockedFetch.mockResolvedValueOnce(
+      new Response("", { status: 500, statusText: "Internal Server Error" }),
+    );
+    await expect(loadMCPConfig()).rejects.toMatchObject({
+      name: "MCPConfigRequestError",
+      status: 500,
+      isAdminRequired: false,
+      message: "Failed to load MCP configuration",
+    });
+  });
+
+  test("the rejected value is an instance of MCPConfigRequestError", async () => {
+    mockedFetch.mockResolvedValueOnce(jsonResponse(403, { detail: "nope" }));
+    await expect(loadMCPConfig()).rejects.toBeInstanceOf(MCPConfigRequestError);
+  });
+});
+
+describe("updateMCPConfig", () => {
+  test("returns parsed body on 200", async () => {
+    mockedFetch.mockResolvedValueOnce(jsonResponse(200, { ok: true }));
+    await expect(updateMCPConfig({ mcp_servers: {} })).resolves.toEqual({
+      ok: true,
+    });
+  });
+
+  test("throws MCPConfigRequestError with isAdminRequired on 403", async () => {
+    mockedFetch.mockResolvedValueOnce(
+      jsonResponse(403, {
+        detail: "Admin privileges required to manage MCP configuration.",
+      }),
+    );
+    await expect(updateMCPConfig({ mcp_servers: {} })).rejects.toMatchObject({
+      name: "MCPConfigRequestError",
+      status: 403,
+      isAdminRequired: true,
+      message: "Admin privileges required to manage MCP configuration.",
+    });
+  });
+
+  test("falls back to generic message on non-403 errors", async () => {
+    mockedFetch.mockResolvedValueOnce(
+      new Response("", { status: 500, statusText: "Internal Server Error" }),
+    );
+    await expect(updateMCPConfig({ mcp_servers: {} })).rejects.toMatchObject({
+      name: "MCPConfigRequestError",
+      status: 500,
+      isAdminRequired: false,
+      message: "Failed to update MCP configuration",
+    });
+  });
+});
@@ -0,0 +1,84 @@
+import { QueryClient } from "@tanstack/react-query";
+import { beforeEach, describe, expect, it, vi } from "vitest";
+
+vi.mock("@/core/api/fetcher", () => ({
+  fetch: vi.fn(),
+}));
+
+import { fetch } from "@/core/api/fetcher";
+import { MCPConfigRequestError, loadMCPConfig } from "@/core/mcp/api";
+
+const mockedFetch = vi.mocked(fetch);
+
+function makeClient() {
+  return new QueryClient({
+    defaultOptions: {
+      queries: {
+        retryDelay: 0,
+      },
+    },
+  });
+}
+
+describe("useMCPConfig retry policy", () => {
+  beforeEach(() => {
+    mockedFetch.mockReset();
+  });
+
+  it("does not retry when loadMCPConfig throws MCPConfigRequestError (403)", async () => {
+    mockedFetch.mockResolvedValue({
+      ok: false,
+      status: 403,
+      json: async () => ({ detail: "Forbidden" }),
+    } as Response);
+
+    const client = makeClient();
+    await expect(
+      client.fetchQuery({
+        queryKey: ["mcpConfig"],
+        queryFn: () => loadMCPConfig(),
+        retry: (count, error) =>
+          !(error instanceof MCPConfigRequestError) && count < 3,
+      }),
+    ).rejects.toBeInstanceOf(MCPConfigRequestError);
+
+    expect(mockedFetch).toHaveBeenCalledTimes(1);
+  });
+
+  it("retries up to 3 times on generic errors", async () => {
+    mockedFetch.mockRejectedValue(new Error("network down"));
+
+    const client = makeClient();
+    await expect(
+      client.fetchQuery({
+        queryKey: ["mcpConfig"],
+        queryFn: () => loadMCPConfig(),
+        retry: (count, error) =>
+          !(error instanceof MCPConfigRequestError) && count < 3,
+      }),
+    ).rejects.toThrow("network down");
+
+    // initial + 3 retries = 4 calls
+    expect(mockedFetch).toHaveBeenCalledTimes(4);
+  });
+
+  it("does not retry on MCPConfigRequestError 5xx either (deterministic typed error)", async () => {
+    mockedFetch.mockResolvedValue({
+      ok: false,
+      status: 500,
+      json: async () => ({ detail: "Boom" }),
+    } as Response);
+
+    const client = makeClient();
+    await expect(
+      client.fetchQuery({
+        queryKey: ["mcpConfig"],
+        queryFn: () => loadMCPConfig(),
+        retry: (count, error) =>
+          !(error instanceof MCPConfigRequestError) && count < 3,
+      }),
+    ).rejects.toBeInstanceOf(MCPConfigRequestError);
+
+    expect(mockedFetch).toHaveBeenCalledTimes(1);
+  });
+});