Great module. I love it. It made my research much more efficient. Thank you!
I do have a feature request. I have a local Webtrees with no internet access, and I use a local LLM to "power" my research. Having private relationships or people that are not dead private is something that just slows down the research in my case. I modified your code locally to allow a few things:
- Add a new OAuth2 scope,
mcp_read_member, for MCP read operations that should use the authenticated technical user's normal webtrees access level instead of forced public/privacy-only access.
- Keep the existing
mcp_read_privacy behavior unchanged: when only that scope is present, the MCP request still logs out and reads using public/privacy-safe access.
- Propagate
oauth_scopes into the synthetic ServerRequest created by McpTool, so request handlers such as GetRecord and SearchGeneral can make correct scope-aware access decisions.
- Allow moderator/manager technical users to submit API/MCP writes while still keeping the safety guard that rejects users with “automatically accept changes” enabled. This allows writes to land as pending changes for human review, rather than being impossible for manager/moderator accounts.
Would it be possible to incorporate those, or are they too dangerous for the "general population"?
Great module. I love it. It made my research much more efficient. Thank you!
I do have a feature request. I have a local Webtrees with no internet access, and I use a local LLM to "power" my research. Having private relationships or people that are not dead private is something that just slows down the research in my case. I modified your code locally to allow a few things:
mcp_read_member, for MCP read operations that should use the authenticated technical user's normal webtrees access level instead of forced public/privacy-only access.mcp_read_privacybehavior unchanged: when only that scope is present, the MCP request still logs out and reads using public/privacy-safe access.oauth_scopesinto the syntheticServerRequestcreated byMcpTool, so request handlers such asGetRecordandSearchGeneralcan make correct scope-aware access decisions.Would it be possible to incorporate those, or are they too dangerous for the "general population"?