Merge branch 'release/9.1.0'

furey · furey · commit b35192acb2ae · 2025-04-08T00:57:36.000+10:00
diff --git a/README.md b/README.md
@@ -449,9 +449,14 @@ MongoDB Lens supports extensive customization via JSON configuration file.
     "initialRetryDelayMs": 1000                    // Initial delay between retries
   },
   "disabled": {
-    "tools": [],                                   // List of tools to disable or true to disable all
-    "prompts": [],                                 // List of prompts to disable or true to disable all
-    "resources": []                                // List of resources to disable or true to disable all
+    "tools": [],                                   // Array of tools to disable or true to disable all
+    "prompts": [],                                 // Array of prompts to disable or true to disable all
+    "resources": []                                // Array of resources to disable or true to disable all
+  },
+  "enabled": {
+    "tools": true,                                 // Array of tools to enable or true to enable all
+    "prompts": true,                               // Array of prompts to enable or true to enable all
+    "resources": true                              // Array of resources to enable or true to enable all
   },
   "cacheTTL": {
     "stats": 15000,                                // Stats cache lifetime in milliseconds
@@ -841,6 +846,7 @@ To protect your data while using MongoDB Lens, consider the following:
 
 - [Read-Only User Accounts](#data-protection-read-only-user-accounts)
 - [Working with Database Backups](#data-protection-working-with-database-backups)
+- [Data Flow Considerations](#data-protection-data-flow-considerations)
 - [Confirmation for Destructive Operations](#data-protection-confirmation-for-destructive-operations)
 - [Disabling Destructive Operations](#data-protection-disabling-destructive-operations)
 
@@ -876,6 +882,75 @@ Start by generating the backup with `mongodump`. Next, spin up a fresh MongoDB i
 
 This approach gives you a sandbox to test complex or destructive operations against without risking accidental corruption of your live data.
 
+### Data Protection: Data Flow Considerations
+
+- [How Your Data Flows Through the System](#data-flow-considerations-how-your-data-flows-through-the-system)
+- [Protecting Sensitive Data with Projection](#data-flow-considerations-protecting-sensitive-data-with-projection)
+- [Connection Aliases and Passwords](#data-flow-considerations-connection-aliases-and-passwords)
+- [Local Setup for Maximum Safety](#data-flow-considerations-local-setup-for-maximum-safety)
+
+#### Data Flow Considerations: How Your Data Flows Through the System
+
+When using an MCP Server with a remote LLM provider (such as Anthropic via Claude Desktop) understanding how your data moves through the system is key to protecting sensitive information from unintended exposure.
+
+When you send a MongoDB Lens related query through your MCP client, here’s what happens:
+
+```mermaid
+sequenceDiagram
+    actor User
+    box Local Machine #d4f1f9
+        participant Client as MCP Client
+        participant Lens as MongoDB Lens
+        participant MongoDB as MongoDB Database
+    end
+    box Remote Server #ffe6cc
+        participant LLM as Remote LLM Provider
+    end
+
+    User->>Client: 1. Query request<br>"Show me all users older than 30"
+    Client->>LLM: 2. Original request + available tools
+    Note over LLM: Interprets request<br>Chooses appropriate tool
+    LLM->>Client: 3. Tool selection (find-documents)
+    Client->>Lens: 4. Run tool with parameters
+    Lens->>MongoDB: 5. Database query
+    MongoDB-->>Lens: 6. Query results
+    Lens-->>Client: 7. Tool results (formatted data)
+    Client->>LLM: 8. Tool results (raw data)
+    Note over LLM: Processes results<br>Formats response
+    LLM-->>Client: 9. Processed response
+    Client-->>User: 10. Final answer
+```
+
+1. **You sumbit a request**: e.g. _"Show me all users older than 30"_
+1. **Your client sends the request to the remote LLM**: The LLM provider receives your exact words, along with a list of currently available MCP tools and their parameters.
+1. **The remote LLM interprets your request**: It determines your intent and instructs the client to use a specific MCP tool, such as `find-documents`, with appropriate parameters.
+1. **The client asks MongoDB Lens to run the tool**: This occurs locally on your machine via stdio.
+1. **MongoDB Lens queries your MongoDB database**
+1. **MongoDB Lens retreves your MongoDB query results**
+1. **MongoDB Lens sends the data back to the client**: The client receives results formatted by MongoDB Lens.
+1. **The client forwards the data to the remote LLM**: The LLM provider sees the exact data returned by MongoDB Lens.
+1. **The remote LLM processes the data**: It may summarize or format the results further.
+1. **The remote LLM sends the final response to the client**: The client displays the answer to you.
+
+The remote LLM provider sees both your original request and the full response from MongoDB Lens. If your database includes sensitive fields (e.g. passwords, personal details, etc), this data could be unintentionally transmitted to the remote provider unless you take precautions.
+
+#### Data Flow Considerations: Protecting Sensitive Data with Projection
+
+To prevent sensitive data from being sent to the remote LLM provider, use the concept of projection when using tools like `find-documents`, `aggregate-data`, or `export-data`. Projection allows you to specify which fields to include or exclude in query results, ensuring sensitive information stays local.
+
+Example projection usage:
+
+- _"Show me all users older than 30, but use projection to hide their passwords."_<br>
+  <sup>➥ Uses `find-documents` tool with projection</sup>
+
+#### Data Flow Considerations: Connection Aliases and Passwords
+
+When adding new connection aliases using the `add-connection-alias` tool, avoid added aliases to URIs that contain passwords if you're using a remote LLM provider. Since your request is sent to the LLM, any passwords in the URI could be exposed. Instead, define aliases with passwords in the MongoDB Lens [config file](#configuration-multiple-mongodb-connections), where they remain local and are not transmitted to the LLM.
+
+#### Data Flow Considerations: Local Setup for Maximum Safety
+
+While outside the scope of this document, for the highest level of data privacy, consider using a local MCP client paired with a locally hosted LLM model. This approach keeps all requests and data within your local environment, eliminating the risk of sensitive information being sent to a remote provider.
+
 ### Data Protection: Confirmation for Destructive Operations
 
 MongoDB Lens implements a token-based confirmation system for potentially destructive operations, requiring a two-step process to execute tools that may otherwise result in unchecked data loss:
@@ -923,6 +998,7 @@ docker run --rm -i --network=host --pull=always -e CONFIG_DISABLE_DESTRUCTIVE_OP
 - [High-Risk Tools](#high-risk-tools)
 - [Medium-Risk Tools](#medium-risk-tools)
 - [Read-Only Configuration](#read-only-configuration)
+- [Selective Component Enabling](#selective-component-enabling)
 
 #### Disabling Tools
 
@@ -944,6 +1020,19 @@ MongoDB Lens includes several tools that can modify or delete data. To disable s
 }
 ```
 
+To disable all tools (keeping `resources` and `prompts`), set `disabled.tools` to `true`:
+
+```json
+{
+  "disabled": {
+    "tools": true
+  }
+}
+```
+
+> [!NOTE]<br>
+> Resources and prompts can also be disabled via `disabled.resources` and `disabled.prompts` settings.
+
 #### High-Risk Tools
 
 These tools can cause immediate data loss and should be considered for disabling in sensitive environments:
@@ -995,6 +1084,30 @@ For a complete read-only configuration, disable all potentially destructive tool
 
 This configuration allows MongoDB Lens to query and analyze data while preventing any modifications, providing multiple layers of protection against accidental data loss.
 
+#### Selective Component Enabling
+
+In addition to [disabling components](#disabling-tools), specify exactly which components should be enabled (implicitly disabling all others) using the `enabled` settings in your [configuration file](#configuration-config-file):
+
+```json
+{
+  "enabled": {
+    "tools": [
+      "use-database",
+      "find-documents",
+      "count-documents",
+      "aggregate-data"
+    ]
+  },
+  "disabled": {
+    "resources": true,
+    "prompts": true
+  }
+}
+```
+
+> [!IMPORTANT]<br>
+> If a component appears in both `enabled` and `disabled` lists, the `enabled` setting takes precedence.
+
 ## Tutorial
 
 This following tutorial guides you through setting up a MongoDB container with sample data, then using MongoDB Lens to interact with it through natural language queries:
diff --git a/mongodb-lens.js b/mongodb-lens.js
@@ -300,13 +300,24 @@ const changeConnection = async (uri, validate = true) => {
 }
 
 const isDisabled = (type, name) => {
-  if (!config.disabled || !config.disabled[type]) return false
-  if (config.disabled[type] === true) return true
-  return Array.isArray(config.disabled[type]) && config.disabled[type].includes(name)
+  if (config.enabled && config.enabled[type] !== undefined) {
+    if (name === 'all') return config.enabled[type] === false
+    if (Array.isArray(config.enabled[type]) && config.enabled[type].includes(name)) return false
+  }
+
+  if (config.disabled && config.disabled[type] !== undefined) {
+    if (name === 'all') return config.disabled[type] === true
+    if (Array.isArray(config.disabled[type]) && config.disabled[type].includes(name)) return true
+  }
+
+  if (config.enabled && Array.isArray(config.enabled[type]))
+    return !config.enabled[type].includes(name)
+
+  return false
 }
 
 const registerResources = (server) => {
-  if (isDisabled('resources', true)) {
+  if (isDisabled('resources', 'all')) {
     log('All MCP resources disabled via configuration', true)
     return
   }
@@ -695,7 +706,7 @@ const registerResources = (server) => {
 }
 
 const registerPrompts = (server) => {
-  if (isDisabled('prompts', true)) {
+  if (isDisabled('prompts', 'all')) {
     log('All MCP prompts disabled via configuration', true)
     return
   }
@@ -1330,7 +1341,7 @@ const registerPrompts = (server) => {
 }
 
 const registerTools = (server) => {
-  if (isDisabled('tools', true)) {
+  if (isDisabled('tools', 'all')) {
     log('All MCP tools disabled via configuration', true)
     return
   }
@@ -5999,9 +6010,14 @@ const defaultConfig = {
     }
   },
   disabled: {
-    tools: [],
-    prompts: [],
-    resources: []
+    tools: undefined,
+    prompts: undefined,
+    resources: undefined
+  },
+  enabled: {
+    tools: undefined,
+    prompts: undefined,
+    resources: undefined
   }
 }
 
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "mongodb-lens",
-  "version": "9.0.2",
+  "version": "9.1.0",
   "author": "James Furey (https://about.me/jamesfurey)",
   "description": "MongoDB Lens: Full Featured MCP Server for MongoDB Databases",
   "license": "MIT",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "mongodb-lens",`
`3`		`- "version": "9.0.2",`
	`3`	`+ "version": "9.1.0",`
`4`	`4`	`"author": "James Furey (https://about.me/jamesfurey)",`
`5`	`5`	`"description": "MongoDB Lens: Full Featured MCP Server for MongoDB Databases",`
`6`	`6`	`"license": "MIT",`