Spaces:
Sleeping
Sleeping
| # ============================================================= | |
| # File: backend/mcp_servers/admin_server.py | |
| # ============================================================= | |
| from fastapi import FastAPI | |
| from fastapi.middleware.cors import CORSMiddleware | |
| import logging | |
| import sys | |
| import os | |
| # Fix Python module paths | |
| current_dir = os.path.dirname(__file__) | |
| sys.path.insert(0, current_dir) | |
| from models.admin import EvalRequest, AlertPayload | |
| admin_app = FastAPI(title="Admin MCP Server") | |
| # Enable CORS | |
| admin_app.add_middleware( | |
| CORSMiddleware, | |
| allow_origins=["*"], | |
| allow_credentials=True, | |
| allow_methods=["*"], | |
| allow_headers=["*"], | |
| ) | |
| log = logging.getLogger("admin_mcp") | |
| logging.basicConfig(level=logging.INFO) | |
| async def eval_query(req: EvalRequest): | |
| danger = ["delete all data", "export users", "password", "token"] | |
| q = req.query.lower() | |
| for d in danger: | |
| if d in q: | |
| return {"action": "block", "reason": d} | |
| return {"action": "allow"} | |
| async def alert(payload: AlertPayload): | |
| log.warning(f"Alert received for tenant {payload.tenant_id}: {payload.violations}") | |
| return {"status": "ok"} | |
| if __name__ == "__main__": | |
| import uvicorn | |
| uvicorn.run(admin_app, host="0.0.0.0", port=8003) | |