Add project scope restriction to limit AI access to specific projects

[Copilot]

Adds configuration-based project filtering to restrict AI access to specific projects for security and privacy. Complements existing read-only mode with granular access control.

Solution Design Document

Created comprehensive solution design (PROJECT_SCOPE_SOLUTION.md) covering:

Configuration

• Environment variable: DIDA365_ALLOWED_PROJECTS=proj1,proj2,proj3
• CLI argument: --allowed-projects=proj1,proj2,proj3
• CLI takes precedence over env var
• No configuration = all projects accessible (backward compatible)

Design Decisions

• create_project: Allowed (new projects require config update to access)
• Inbox handling: "inbox" keyword allows all inbox* project IDs
• Wildcards/exclude lists: Deferred to future iterations
• Security model: Explicit allow-list (fail-safe)

Implementation Approach

Follows read-only mode pattern:

1. Parse config in src/config.ts → Set<string> for O(1) lookup
2. Add isProjectAllowed(projectId) validation before API calls
3. Filter results in list_projects and list_tasks
4. Return clear error messages on access denial

Scope

• Config: 1 file (src/config.ts)
• Tools: 11 files (5 project + 6 task tools)
• Docs: 3 files (README.md, README_zh.md, copilot-instructions.md)

Usage Example

{
  "mcpServers": {
    "dida365": {
      "args": [
        "dida365-mcp-server",
        "--readonly",
        "--allowed-projects=work,personal,inbox"
      ]
    }
  }
}

Awaiting review before implementation.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Add project scope restriction to limit AI access to specific projects</issue_title>
<issue_description>## Summary

Users may have numerous projects in their Dida365/TickTick account, but they may want to restrict AI access to only specific projects for security and privacy reasons. We need to provide a configuration option that allows users to specify allowed projectId(s) to limit the AI's access scope.

Motivation

• Security: Users may have sensitive projects they don't want AI to access or modify
• Safety: Prevent accidental modifications to important projects when using YOLO mode
• Organization: Users with many projects can focus AI interactions on relevant projects only
• Complementary to Read-Only Mode: While read-only mode prevents all writes, project scope restriction provides granular access control

Proposed Solution

Configuration Options

Add new configuration parameters that can be set via:

1. Environment Variables
2. Command Line Arguments

# Environment Variable
DIDA365_ALLOWED_PROJECTS=projectId1,projectId2,projectId3

# Command Line Argument
--allowed-projects=projectId1,projectId2,projectId3
# or
--project=projectId1 --project=projectId2

Example MCP Configuration

{
  "mcpServers": {
    "dida365": {
      "command": "npx",
      "args": [
        "-y",
        "dida365-mcp-server@latest",
        "--allowed-projects=project1,project2"
      ],
      "env": {
        "DIDA365_CLIENT_ID": "your_client_id",
        "DIDA365_CLIENT_SECRET": "your_client_secret"
      }
    }
  }
}

Behavioral Changes

Tool	Behavior with Project Scope
list_projects	Only return allowed projects
get_project	Return error if projectId not in allowed list
get_project_data	Return error if projectId not in allowed list
create_project	Discuss: Allow/Deny/Add to allowed list?
update_project	Return error if projectId not in allowed list
delete_project	Return error if projectId not in allowed list
create_task	Return error if target projectId not in allowed list
get_task	Return error if projectId not in allowed list
update_task	Return error if projectId not in allowed list
delete_task	Return error if projectId not in allowed list
complete_task	Return error if projectId not in allowed list

Implementation Tasks

• Add configuration parsing for DIDA365_ALLOWED_PROJECTS env var
• Add --allowed-projects CLI argument support
• Create project scope validation utility function
• Update list_projects to filter results
• Add scope check to all project-related tools
• Add scope check to all task-related tools
• Update documentation (README, copilot-instructions.md)
• Add clear error messages when access is denied

Open Questions

1. Should create_project be allowed when project scope is enabled?
2. Should we support wildcard patterns (e.g., project-*)?
3. Should we provide a way to exclude projects instead of include?
4. How should the Inbox project be handled?

Related Features

• Read-Only Mode (--readonly) - Prevents write operations
• This feature - Restricts access to specific projects
• Both can be combined for maximum security

<agent_instructions>You can first create a document describing the solution, and I will review it and request modifications. Once the solution is refined, we will proceed to implement the changes according to the solution.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

@evalor @copilot We should explore implementation approaches that effectively address project scope isolation while being user-friendly and avoiding overly complex configurations.

• Fixes Add project scope restriction to limit AI access to specific projects #7

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.