feat: add ExO permission section on remote-mcp config screen [AIS-187]#11062
Open
Tyler Pina (tylerpina) wants to merge 14 commits into
Open
feat: add ExO permission section on remote-mcp config screen [AIS-187]#11062Tyler Pina (tylerpina) wants to merge 14 commits into
Tyler Pina (tylerpina) wants to merge 14 commits into
Conversation
…dead useCMA [AIS-187] Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…AIS-187]
Client-side ExO detection is impossible from within an app: sdk.cma blocks
reads of ExO entity types at the App SDK host boundary ("You can not access
the entity type ComponentType from within an app"), per the app-identity
entity allowlist. The probe always failed closed, hiding ExO rows even in
ExO spaces. Marketplace installs also mean we can't rely on remote-mcp-server
to compute disposition.
- Remove useSpaceType hook, spaceType util, and their specs
- Add an "Experience orchestration actions" accordion section rendering the
five ExO entity matrices, with a Note that the tools only function in
ExO-compatible spaces
- Scope column/select-all handlers to an explicit entity list so the classic
and ExO tables toggle independently; derive select-all per table
- Remove the Migration permissions section (server never registered migration
tools or read those params)
- Update tests for the new behavior
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
… revert mockCma [AIS-187] - Add EXO_ACTIONS constant (STANDARD_ACTIONS filtered to actions used by at least one ExO entity: read/edit/create/delete/publish/unpublish), dropping archive, unarchive, and invoke columns from the ExO section - Add visibleActions prop to ContentLifecyclePermissionsTable (defaults to STANDARD_ACTIONS) and pass EXO_ACTIONS for the ExO table - Fix Note top border in the ExO accordion section by adding marginTop: 12px to counteract the parent div's -12px marginTop - Revert mockCma to empty object now that the componentType probe is gone Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…fields [AIS-187] Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…sionsTable Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
f4e36ed to
d5e5673
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
AIS-187
Summary
Render permission rows for the five ExO entities (Component types, Experiences, Templates, Data assemblies, Fragments) on the
remote-mcpapp config screen, with action whitelists matching the server side (AIS-186) verbatim.The ExO rows live in their own "Experience orchestration actions" accordion section, with an inline note that these tools only function in ExO-compatible spaces.
Why not gate rows by space type?
The original plan was to detect ExO/classic/empty client-side (porting the server's
componentType.getMany→contentType.getManyprobe) and hide ExO rows in classic spaces. This is not possible from within an app, and we verified it end-to-end:sdk.cma.componentType.getManythrows"You can not access the entity type ComponentType from within an app."Asset,ContentType,EditorInterface,Entry,Locale,Release,ReleaseAction,ScheduledAction,Snapshot,Tag,Task,AppInstallation— see App Identity docs). No ExO entity types are on it.sdk.cmaenforces this at the App SDK host boundary before the request ever reaches the API.remote-mcp-serverto compute disposition instead doesn't generalize either: once this app is installable from the marketplace, it can land in an ExO space without ever hitting our server.Given that, detection is dropped. ExO rows are always rendered in their own section, and the note sets expectations. The server-side permission guard remains the real enforcement boundary — enabling an ExO permission in a non-ExO space simply has no effect.
Changes
useSpaceTypehook,spaceType.tsutil, and their specs.Noteabout ExO compatibility.MigrationPermissions.tsx, the hook state/handler, and themigrateWithinSpace/migrateBetweenSpacesinstall parameters.Notes
App.tsxregisters onlyLOCATION_APP_CONFIG) — there is no auth/OAuth screen, so the "ExO rows must not appear on the auth screen" requirement holds by construction.ComponentTyperead) to the app-identity CMA allowlist. This is a prerequisite for ExO-aware marketplace apps generally, and it's already directionally on the roadmap (ECO ExO Toolbar RFC; PROD Fractional PRD "Extensibility for ExO"). Until then, "always show + note" is the correct interim behavior.Test plan
tsc --noEmit— only the pre-existingset-up/index.tserror (present onmaster), 0 newvitest --run— 10/10 pass (ExO section + rows always render; migration section absent; section-scoped toggle regressions)vite buildsucceedsCoordination
🤖 Generated with Claude Code