Add grist-mcp design document

2025-12-03 14:01:10 -05:00
commit c1d29f1a33
1 changed files with 255 additions and 0 deletions
--- a/docs/plans/2025-12-03-grist-mcp-design.md
+++ b/docs/plans/2025-12-03-grist-mcp-design.md
@@ -0,0 +1,255 @@
+# Grist MCP Server Design
+
+## Overview
+
+A dockerized MCP server that allows AI agents to interact with Grist documents. Each agent authenticates with a token that grants access to specific documents with defined permission levels.
+
+## Architecture
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│                    grist-mcp Container                       │
+│                                                              │
+│  ┌──────────────────────┐          ┌──────────────────────┐ │
+│  │     MCP Server       │          │    Grist Client      │ │
+│  │     (SSE/HTTP)       │─────────▶│       Layer          │ │
+│  │      :8080           │          │                      │ │
+│  └──────────┬───────────┘          └──────────────────────┘ │
+│             │                                                │
+│     ┌───────▼───────┐                                       │
+│     │  config.yaml  │ ← Mounted volume (read-only)          │
+│     └───────────────┘                                       │
+└─────────────────────────────────────────────────────────────┘
+          │                              │
+          ▼                              ▼
+   ┌─────────────┐               ┌─────────────────┐
+   │ AI Agents   │               │  Grist Servers  │
+   │ (with tokens)│               │                 │
+   └─────────────┘               └─────────────────┘
+```
+
+**Key characteristics:**
+- Single container, single port (8080)
+- All configuration from one YAML file
+- No database, no admin API
+- Restart container to apply config changes
+
+## Configuration
+
+### config.yaml
+
+```yaml
+# ============================================================
+# Token Generation:
+#   python -c "import secrets; print(secrets.token_urlsafe(32))"
+#   openssl rand -base64 32
+# ============================================================
+
+# Document definitions (each is self-contained)
+documents:
+  budget-2024:
+    url: https://work.getgrist.com
+    doc_id: mK7xB2pQ9mN4v
+    api_key: ${GRIST_WORK_API_KEY}
+
+  expenses:
+    url: https://work.getgrist.com
+    doc_id: nL8yC3qR0oO5w
+    api_key: ${GRIST_WORK_API_KEY}
+
+  personal-tracker:
+    url: https://docs.getgrist.com
+    doc_id: pN0zE5sT2qP7x
+    api_key: ${GRIST_PERSONAL_API_KEY}
+
+# Agent tokens with access scopes
+tokens:
+  - token: dG9rZW4tZmluYW5jZS1hZ2VudC0xMjM0NTY3ODkw
+    name: finance-agent
+    scope:
+      - document: budget-2024
+        permissions: [read, write]
+      - document: expenses
+        permissions: [read]
+
+  - token: K7xB2pQ9mN4vR8wY1zA3cE6fH0jL5oI2sU7tD4gM
+    name: analytics-agent
+    scope:
+      - document: personal-tracker
+        permissions: [read, write, schema]
+```
+
+### Permission Levels
+
+| Permission | Description |
+|------------|-------------|
+| `read` | Query tables, get records, list structure |
+| `write` | Create, update, delete records |
+| `schema` | Create/modify tables, columns, formulas |
+
+### Environment Variables
+
+API keys are referenced via `${VAR}` syntax in config.yaml and resolved at startup. Store actual keys in `.env` file:
+
+```bash
+GRIST_WORK_API_KEY=actual-api-key-here
+GRIST_PERSONAL_API_KEY=another-api-key
+```
+
+## MCP Tools
+
+### Discovery
+
+| Tool | Permission | Description |
+|------|------------|-------------|
+| `list_documents` | (always available) | List documents this token can access with their permissions |
+
+### Read Operations (requires `read`)
+
+| Tool | Description |
+|------|-------------|
+| `list_tables` | List all tables in a document |
+| `describe_table` | Get column names, types, and formulas for a table |
+| `get_records` | Fetch records with optional filters and sorting |
+| `sql_query` | Run read-only SQL against the document |
+
+### Write Operations (requires `write`)
+
+| Tool | Description |
+|------|-------------|
+| `add_records` | Insert one or more records into a table |
+| `update_records` | Update existing records by ID |
+| `delete_records` | Delete records by ID |
+
+### Schema Operations (requires `schema`)
+
+| Tool | Description |
+|------|-------------|
+| `create_table` | Create a new table with column definitions |
+| `add_column` | Add a column to an existing table |
+| `modify_column` | Change column type or formula |
+| `delete_column` | Remove a column from a table |
+
+## Authentication Flow
+
+1. Agent connects to MCP server at `http://host:8080/mcp`
+2. Agent provides token via `Authorization: Bearer <token>` header
+3. Server looks up token in config, retrieves associated scope
+4. All subsequent tool calls are validated against that scope
+
+### Validation on Each Tool Call
+
+```
+Agent calls: get_records(document="budget-2024", table="Transactions")
+                              │
+                              ▼
+              ┌───────────────────────────────┐
+              │ 1. Is token valid?            │──No──▶ 401 Unauthorized
+              └───────────────┬───────────────┘
+                              │ Yes
+                              ▼
+              ┌───────────────────────────────┐
+              │ 2. Does token have access to  │──No──▶ 403 Forbidden
+              │    document "budget-2024"?    │
+              └───────────────┬───────────────┘
+                              │ Yes
+                              ▼
+              ┌───────────────────────────────┐
+              │ 3. Does token have "read"     │──No──▶ 403 Forbidden
+              │    permission on this doc?    │
+              └───────────────┬───────────────┘
+                              │ Yes
+                              ▼
+              ┌───────────────────────────────┐
+              │ 4. Execute against Grist API  │
+              │    using doc's api_key        │
+              └───────────────────────────────┘
+```
+
+### Error Responses
+
+- Invalid/missing token → `401 Unauthorized` (no details)
+- Valid token, wrong document → `403 Forbidden: Document not in scope`
+- Valid token, wrong permission → `403 Forbidden: Permission denied`
+
+## Project Structure
+
+```
+grist-mcp/
+├── Dockerfile
+├── docker-compose.yaml
+├── config.yaml.example      # Template with dummy values
+├── pyproject.toml
+├── uv.lock
+├── src/
+│   └── grist_mcp/
+│       ├── __init__.py
+│       ├── main.py          # Entry point, loads config, starts server
+│       ├── config.py        # Config parsing, env var substitution
+│       ├── auth.py          # Token validation, permission checking
+│       ├── grist_client.py  # Grist API wrapper
+│       └── tools/
+│           ├── __init__.py
+│           ├── discovery.py # list_documents
+│           ├── read.py      # list_tables, describe_table, get_records, sql_query
+│           ├── write.py     # add_records, update_records, delete_records
+│           └── schema.py    # create_table, add_column, modify_column, delete_column
+└── tests/
+    └── ...
+```
+
+## Docker Setup
+
+### docker-compose.yaml
+
+```yaml
+services:
+  grist-mcp:
+    build: .
+    ports:
+      - "8080:8080"
+    volumes:
+      - ./config.yaml:/app/config.yaml:ro
+    env_file:
+      - .env
+```
+
+### Dockerfile
+
+```dockerfile
+FROM ghcr.io/astral-sh/uv:python3.14-bookworm-slim
+WORKDIR /app
+COPY pyproject.toml uv.lock ./
+RUN uv sync --frozen --no-dev
+COPY src/ ./src/
+CMD ["uv", "run", "python", "-m", "grist_mcp.main"]
+```
+
+### pyproject.toml
+
+```toml
+[project]
+name = "grist-mcp"
+version = "0.1.0"
+requires-python = ">=3.14"
+dependencies = [
+    "mcp",
+    "httpx",
+    "pyyaml",
+]
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+```
+
+## Technology Stack
+
+| Component | Choice |
+|-----------|--------|
+| Language | Python 3.14 |
+| Package Manager | uv |
+| MCP Framework | mcp (official SDK) |
+| HTTP Client | httpx |
+| Config Parsing | pyyaml |
+| Deployment | Docker |