nathan/nexus-mcp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat: add AD user groups retrieval function to identity shard

Browse Source
This commit is contained in:
Nathan Castaldi 2026-04-15 17:30:11 -04:00
parent a4c09bd43d
commit 4539653d79
2 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
nexus-mcp/src/identity_backend.py Normal file
View File

@ -0,0 +1,22 @@
from typing import Set
# Fields allowed to be returned to the MCP client
ALLOWED_USER_FIELDS: Set[str] = {
"username",
"display_name",
"first_name",
"last_name",
"email",
"enabled",
"ou",
"description",
"last_logon_utc",
"when_created_utc",
"department",
"title",
}
class IdentityBackend:
"""Base interface for Identity Shard backends."""
pass

9
nexus-mcp/src/shards/identity.py
View File

@ -121,6 +121,15 @@ def register(mcp: FastMCP) -> None:
logger.warning("ad_list_groups: group enumeration not yet implemented in AD backend") logger.warning("ad_list_groups: group enumeration not yet implemented in AD backend")
return [] return []
@mcp.tool()
async def ad_get_user_groups(sam_account_name: str) -> list[str]:
"""Get all AD groups for a specific user."""
if _USE_MOCK:
# Mock logic here...
return ["Domain Users", "Wheels-IT"]
return await _get_ad().get_user_groups(sam_account_name)
@mcp.tool() @mcp.tool()
async def ad_get_group_members(group_dn: str) -> list[dict]: async def ad_get_group_members(group_dn: str) -> list[dict]:
"""Return all members of an Active Directory group by its distinguished name.""" """Return all members of an Active Directory group by its distinguished name."""