Expand ALL permissions in MCP describe_entities to explicit operations

[Copilot]

The MCP describe_entities tool returns "ALL" for wildcard permissions, which confuses LLM consumers that need explicit operation lists.

Changes

Modified DescribeEntitiesTool.BuildPermissionsInfo() to expand EntityActionOperation.All:

• Tables/Views: Expands to ["CREATE", "DELETE", "READ", "UPDATE"] via EntityAction.ValidPermissionOperations
• Stored Procedures: Expands to ["EXECUTE"] via EntityAction.ValidStoredProcedurePermissionOperations

Example

Before:

{
  "name": "Todo",
  "permissions": ["ALL"]
}

After:

{
  "name": "Todo",
  "permissions": ["CREATE", "DELETE", "READ", "UPDATE"]
}

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[Bug]: MCP describe_entities permissions value ALL needs to be expanded.</issue_title>
<issue_description>## What?

Models are confused by ALL.

{
  "entities": [
    {
      "name": "Todo",
      "description": "This table contains the list of todo items.",
      "fields": [ ],
      "permissions": [
        "ALL" // this is the problem
      ]
    }
  ],
  "count": 1,
  "mode": "full",
  "status": "success"
}

Solution

When table/view.

{
  "permissions: [
    "CREATE",
    "DELETE",
    "READ",
    "UPDATE"
  ]
}

When stored procedure.

{
  "permissions: [
    "EXECUTE"
  ]
}

</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes [Bug]: MCP describe_entities permissions value ALL needs to be expanded. #2935

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[Copilot]

Pull Request Overview

This PR enhances the BuildPermissionsInfo method in DescribeEntitiesTool to expand the "ALL" wildcard permission into specific operations based on entity type. When an entity has the "ALL" permission, it now resolves to specific CRUD operations (Create, Read, Update, Delete) for regular entities or Execute for stored procedures, providing more explicit permission information to API consumers.

• Adds logic to detect and expand "ALL" (wildcard) permissions
• Differentiates between stored procedure entities (expand to Execute) and regular entities (expand to CRUD operations)
• Maintains the existing behavior for explicit permissions

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[souvikghosh04]

LGTM. Added a small optimization to get the valid permissions only once if entity is stored procedure.

[souvikghosh04]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 6 pipeline(s).

[souvikghosh04]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 6 pipeline(s).

[souvikghosh04]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 6 pipeline(s).

[anushakolan]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 6 pipeline(s).

[souvikghosh04]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 6 pipeline(s).

[souvikghosh04]

This change is moved under a different PR- #2951 due to some issues with test pipeline. Once the new PR is approved and merged, this PR should be closed without merging.

[souvikghosh04]

Awaiting PR #2951 to be merged. This PR should not be merged.