Add junction MCP scope with schedule tools for PrincetonCourses#160
Add junction MCP scope with schedule tools for PrincetonCourses#160
Conversation
…tonCourses integration Enables PrincetonCourses users to access and manage their TigerJunction schedules via the chat AI, using their Princeton NetID as the identity bridge. Engine changes: - Add Supabase plugin (SUPABASE_URL + SUPABASE_SERVICE_ROLE_KEY) - New /junction/mcp endpoint with "junction" scope - junction-schedules.ts: read tools (get_user_schedules, get_schedule_details, verify_schedule) + write tools (create_schedule, add_course_to_schedule, remove_course_from_schedule, rename_schedule, delete_schedule) - Identity: NetID → Supabase RPC get_user_id_by_netid → UUID - search_courses: add scheduleId filter for conflict-free course search - All tools enforce ownership (schedule.user_id === resolved UUID) Ask-gateway changes: - Accept netid in request body, route to /junction/mcp when present - Send x-user-netid header to engine MCP - Augment system prompt with schedule tool guidance - Default to Fall 2026 (term 1272) in system prompt Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: eb16ba85b6
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| .limit(fetchLimit); | ||
|
|
||
| // If scheduleId is provided and junction context available, post-filter for conflicts | ||
| if (scheduleId != null && junctionCtx) { |
There was a problem hiding this comment.
search_courses accepts scheduleId in every MCP scope, but filtering only runs inside if (scheduleId != null && junctionCtx). Because createMcpServer only provides junctionCtx for the junction scope, calls from /mcp or /princetoncourses/mcp silently ignore scheduleId instead of erroring, which can return courses that actually conflict and mislead callers who relied on the documented filter behavior.
Useful? React with 👍 / 👎.
| } | ||
|
|
||
| // Fetch more results when schedule filtering is active (some will be filtered out) | ||
| const fetchLimit = scheduleId ? resultLimit * 3 : resultLimit; |
There was a problem hiding this comment.
fetchLimit is increased whenever scheduleId is present, even before verifying that schedule filtering is available. In non-junction scopes this means the query returns up to limit * 3 rows without any post-filtering, violating the API limit contract (for example, limit=200 can return 600) and adding unnecessary DB load.
Useful? React with 👍 / 👎.
|
and added tigersnatch |
|
#162 once this is merged we can mark as complete I believe |
2 participants
Summary
/junction/mcpendpoint that enables PrincetonCourses users to access and manage their TigerJunction schedules via the chat AIget_user_schedules,get_schedule_details,verify_schedulecreate_schedule,add_course_to_schedule,remove_course_from_schedule,rename_schedule,delete_schedulesearch_coursesgains ascheduleIdfilter that excludes courses conflicting with an existing schedule — combines all existing search filters with conflict checking/junction/mcpwhen anetidis present in the request, passingx-user-netidheaderSecurity
schedule.user_id === resolved UUIDbefore any read or writeget_user_id_by_netidRPC usesSECURITY DEFINERto accessauth.usersTest plan
get_user_schedulesreturns correct schedules for authenticated useradd_course_to_schedulecreates association with proper metadatasearch_courseswithscheduleIdexcludes conflicting courses