🐛 Bug Report: Unable to set permissions

[orkuhh]

👟 Reproduction steps

When using the Appwrite MCP tools in Cursor, it's not possible to set permissions on collections or documents using the standard Appwrite permissions format.

The following MCP tools that accept permissions parameters all fail:

• mcp_appwrite_databases_create_collection (shown as databases_create_collection)
• mcp_appwrite_databases_update_collection (shown as databases_update_collection)
• mcp_appwrite_databases_create_document (shown as databases_create_document)
• mcp_appwrite_databases_update_document (shown as databases_update_document)

The tools consistently return Appwrite Error: Invalid 'permissions' param: Permissions must be an array of strings. even when providing permissions in the format that matches Appwrite's documentation.

Steps to Reproduce

1. Use any of the following MCP tools:

   // Creating a new collection with permissions
   databases_create_collection({
       database_id: "main_database",
       collection_id: "test_collection",
       name: "Test Collection",
       permissions: ["create(\"any\")", "read(\"any\")", "update(\"any\")", "delete(\"any\")"]
   })
   
   // Updating an existing collection's permissions
   databases_update_collection({
       database_id: "main_database",
       collection_id: "test_collection",
       name: "Test Collection",
       permissions: ["create(\"any\")", "read(\"any\")", "update(\"any\")", "delete(\"any\")"]
   })
   
   // Creating a document with permissions
   databases_create_document({
       database_id: "main_database",
       collection_id: "test_collection",
       document_id: "unique_id",
       data: {},
       permissions: ["read(\"any\")", "update(\"any\")"]
   })
   
   // Updating a document's permissions
   databases_update_document({
       database_id: "main_database",
       collection_id: "test_collection",
       document_id: "unique_id",
       permissions: ["read(\"any\")", "update(\"any\")"]
   })

2. Try to set permissions using various formats following Appwrite's documentation:

// Format 1: As shown in Appwrite API responses
["create(\"any\")", "read(\"any\")", "update(\"any\")", "delete(\"any\")"]

// Format 2: As a JSON array
[
  "create(\"any\")",
  "read(\"any\")",
  "update(\"any\")",
  "delete(\"any\")"
]

// Format 3: Without escape characters
["create(\"any\")", "read(\"any\")"]

// Format 4: With single quotes
["read('any')", "create('any')"]

👍 Expected behavior

The MCP tools should accept permissions in the standard format documented by Appwrite, such as:

"$permissions": [
    "create(\"any\")",
    "read(\"any\")",
    "update(\"any\")",
    "delete(\"any\")"
]

👎 Actual Behavior

All attempts to set permissions result in:

Appwrite Error: Invalid `permissions` param: Permissions must be an array of strings.

This error occurs even when providing what is clearly an array of strings.

🎲 Appwrite version

Version 1.6.x

💻 Operating system

Linux

🧱 Your Environment

No response

👀 Have you spent some time to check if this issue has been raised before?

• I checked and didn't find similar issue

🏢 Have you read the Code of Conduct?

• I have read the Code of Conduct

[ChiragAgg5k]

@orkuhh thanks for raising this! this is an issue we noticed a while back. This is mainly because appwrite uses JSON-strings to define permissions. For the end user, its expected for them to use the Query class, but this isn't possible for MCP. Also MCP is not very good at following JSON string's structure and often fails at it.

We are still investigating ways to overcome this, in the meanwhile a solution we found Cursor is to provide it explicit instructions or link it to some docs containing more information about permissions for it to work better.