Skip to content

feat: Add multi approval MCP button

Dylan Bernardirequested to merge
db/add-multi-approve-MCP-component into main

What does this MR do?

Resolves: [LSP] [MCP] Add optional multi-approval button ... (#94 - closed)

This code update enhances a tool approval dialog component to support multiple approval options instead of just a single "Approve" button.

The main changes include:

New functionality: The component now accepts an optional approvalOptions configuration that allows developers to specify multiple approval types (like "Approve Once", "Always Approve", "Approve for Session") with customizable button text and disabled states.

Backward compatibility: When no approval options are provided, it automatically defaults to the original simple "Approve" button behavior, so existing code continues working without changes.

Enhanced testing: Added comprehensive tests to verify the new approval payload handling and validation rules, ensuring the component requires at least one "approve-tool-once" option for compatibility.

Improved documentation: Updated the interactive story examples to demonstrate both simple single-approval and advanced multi-approval scenarios, showing developers how to migrate from basic to advanced usage.

Better user experience: The approval dialog can now show split buttons with dropdown menus for multiple approval types, and can disable certain options based on user permissions or context.

This change allows the approval system to be more flexible while maintaining full compatibility with existing implementations.

Screenshots or screen recordings

Integration merge requests

This will need to go into the IDEs as well, but because the changes are backwards compatible, nothing is required to change before this goes in. Eventually I imagine this change is ported over to Duo UI Next.

Does this MR meet the acceptance criteria?

This checklist encourages the authors, reviewers, and maintainers of merge requests (MRs) to confirm changes were analyzed for conformity with the project's guidelines, security and accessibility.

Toggle the acceptance checklist

Conformity

  • Code review guidelines.
  • GitLab UI's contributing guidelines.
  • If it changes a Pajamas-compliant component's look & feel, the MR has been reviewed by a UX designer.
  • If it changes GitLab UI's documentation guidelines, the MR has been reviewed by a Technical Writer.
  • If the MR changes a component's API, integration MR(s) have been opened (see integration merge requests above).
  • Added the ~"component:*" label(s) if applicable.

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • Security reports checked/validated by a reviewer from the AppSec team

Accessibility

If this MR adds or modifies a component, take a few moments to review the following:

  • All actions and functionality can be done with a keyboard.
  • Links, buttons, and controls have a visible focus state.
  • All content is presented in text or with a text equivalent. For example, alt text for SVG, or aria-label for icons that have meaning or perform actions.
  • Changes in a component’s state are announced by a screen reader. For example, changing aria-expanded="false" to aria-expanded="true" when an accordion is expanded.
  • Color combinations have sufficient contrast.
Edited by Dylan Bernardi

Merge request reports