[{'Text': 'Found 16 matches:\n\n## Matches in point-topic-mcp/src/point_topic_mcp/auth/__init__.py\n\n### L1-14\n```\n"""Authentication utilities for Point Topic MCP.\n\nAuth0 OAuth integration with role-based access control:\n- @public decorator - Tools available to everyone\n- @requires_permissions decorator - Tools requiring specific permissions\n- ptAdmin role - Full access to all tools\n- JWT token claims contain user permissions\n\nUsage:\n    from point_topic_mcp.auth import public, requires_permissions\n\n    @public\n    @mcp.tool()\n    async def health_check():\n```\n\n7 lines remaining in ancestor node. Read the file to see all.\n\n### L15-19\n```\n        return {"status": "ok"}  # Available to everyone\n\n    @requires_permissions(["read:data"])\n    @mcp.tool()\n    async def query_database():\n```\n\n## Matches in point-topic-mcp/src/point_topic_mcp/auth/decorators.py\n\n### L1-11\n```\n"""Authentication decorators for tool permissions.\n\nThis module provides decorators to control tool accessibility based on\nAuth0 roles and permissions.\n\nUsage:\n    from point_topic_mcp.auth import requires_permissions, public\n\n    @public\n    @mcp.tool()\n    async def get_server_info() -> dict:\n```\n\n7 lines remaining in ancestor node. Read the file to see all.\n\n### L12-16\n```\n        return {"status": "ok"}  # Available to everyone\n\n    @requires_permissions(["read:data"])\n    @mcp.tool()\n    async def query_data() -> dict:\n```\n\n### def requires_permissions › L70-74\n```\n\n    Example:\n        @requires_permissions("read:data")\n        @mcp.tool()\n        async def get_data():\n```\n\n### def requires_permissions › L75-79\n```\n            return {"data": "secret"}\n\n        @requires_permissions(["admin:users", "write:config"])\n        @mcp.tool()\n        async def admin_action():\n```\n\n## Matches in point-topic-mcp/src/point_topic_mcp/auth/middleware.py\n\n### L1-11\n```\n"""Permission-based authentication middleware for FastMCP.\n\nThis middleware enforces role/permission-based access control using Auth0 JWT tokens.\n\nAccess Levels:\n1. Unauthenticated → Only @public tools\n2. Authenticated (not ptAdmin) → @public + tools matching their permissions\n3. ptAdmin → All tools (full access)\n\nUsage:\n    The middleware is automatically applied when using register_tools() from\n```\n\n2 lines remaining in ancestor node. Read the file to see all.\n\n### class PermissionMiddleware › L143-153\n```\n    """Middleware that enforces permission-based access control.\n\n    This middleware filters tools based on user permissions from Auth0 JWT tokens.\n    It implements three-tier access:\n        - Unauthenticated: Only @public tools visible\n        - Authenticated: @public + matching @requires_permissions\n        - ptAdmin: All tools visible\n\n    Uses on_list_tools to filter visible tools per-user.\n    Uses on_call_tool as defense-in-depth (should rarely trigger if filtering works).\n    """\n```\n\n## Matches in point-topic-mcp/src/point_topic_mcp/tools/__init__.py\n\n### L1-11\n```\n"""MCP tools module with auto-discovery and registration.\n\nThis module registers ALL tools at server startup.\nTool names are prefixed with the module name (e.g. database_tools_describe_table)\nfor easier agent understanding of which tool file provides each capability.\nPermission-based access control is handled by PermissionMiddleware\nwhich filters the tool list per-user via the on_list_tools hook.\n\nAccess Levels (enforced by middleware):\n1. Unauthenticated → Only @public tools visible\n2. Authenticated (not ptAdmin) → @public + matching @requires_permissions\n```\n\n11 lines remaining in ancestor node. Read the file to see all.\n\n## Matches in point-topic-mcp/src/point_topic_mcp/tools/server_info_tools.py\n\n### L17-21\n```\n\n \n# @public\n# @dynamic_docstring([("{VERSION}", _get_version)])\n# def get_server_info() -> dict:\n```\n\n### L52-62\n```\n@public\n@dynamic_docstring([("{STATUS}", get_mcp_status_info), ("{VERSION}", _get_version)])\ndef get_mcp_server_capabilities(\n    ctx: Optional[Context[ServerSession, None]] = None,\n) -> None:\n    """MCP Server Configuration Status and Available Tools\n\n    Shows which tools are available and which need environment variables.\n    Use this to debug missing tools or check your MCP server configuration.\n\n    Current Status: {STATUS}\n```\n\n17 lines remaining in ancestor node. Read the file to see all.\n\n## Matches in point-topic-mcp/tests/test_permissions.py\n\n### L21-26\n```\n\n\n# Test 1: @public decorator\n@public\ndef test_public_tool():\n    return "public"\n```\n\n### L28-36\n```\n\nassert is_public_tool("test_public_tool"), "Public tool should be registered"\nprint("✓ @public decorator works")\n\n\n# Test 2: @requires_permissions decorator\n@requires_permissions(["read:data", "write:data"])\ndef test_permission_tool():\n    return "permission required"\n```\n\n### L39-43\n```\nperms = get_tool_permissions("test_permission_tool")\nassert perms == ["read:data", "write:data"], f"Expected permissions, got {perms}"\nprint("✓ @requires_permissions decorator works")\n\n# Test 3: Permission checking\n```\n\n## Matches in point-topic-mcp/tests/test_registration.py\n\n### L1-8\n```\n"""Test permission-based tool registration.\n\nThis script verifies that:\n1. Tools with @public are always registered\n2. Tools with @requires_permissions are only registered if user has permissions\n3. ptAdmin gets all tools\n4. Unauthenticated users only get @public tools\n"""\n```\n\n### def test_registration_scenario › L46-47\n```\n            should_register = True\n            reason = "@public decorator"\n```\n'}]