Teradata MCP Server

sec_userDbPermissions

Retrieve database permissions for a specified user to analyze access rights and security settings in Teradata systems.

Instructions

Get permissions for a user.

Arguments: user_name - user name to analyze

Returns: ResponseType: formatted response with query results + metadata

Input Schema

TableJSON Schema

Name	Required	Description	Default
`user_name`	Yes

Implementation Reference

src/teradata_mcp_server/tools/sec/sec_tools.py:11-47 (handler)

The main handler function that implements the logic for the sec_userDbPermissions tool. It executes a SQL query against DBC.AllRightsV to fetch permissions for the given user_name and returns formatted results with metadata.

def handle_sec_userDbPermissions(conn: TeradataConnection, user_name: str, *args, **kwargs):
    """
    Get permissions for a user.

    Arguments:
      user_name - user name to analyze

    Returns:
      ResponseType: formatted response with query results + metadata
    """
    logger.debug(f"Tool: handle_sec_userDbPermissions: Args: user_name: {user_name}")

    with conn.cursor() as cur:
        if user_name == "":
            logger.debug("No user_name argument provided")
            data = rows_to_json(None, [])
        else:
            logger.debug(f"Argument provided: {user_name}")
            rows = cur.execute(f"""
                SELECT
                    DatabaseName,
                    TableName,
                    ColumnName,
                    AccessRight,
                    GrantAuthority,
                    GrantorName
                FROM DBC.AllRightsV
                WHERE UserName = '{user_name}'
                ORDER BY DatabaseName, TableName, AccessRight;""")
            data = rows_to_json(cur.description, rows.fetchall())
        metadata = {
            "tool_name": "sec_userDbPermissions",
            "argument": user_name,
            "num_permissions": len(data)
        }
        logger.debug(f"Tool: handle_sec_userDbPermissions: metadata: {metadata}")
        return create_response(data, metadata)

src/teradata_mcp_server/app.py:270-281 (registration)

Dynamic registration code that discovers handle_* functions (including handle_sec_userDbPermissions) via module loader and registers them as MCP tools with the name derived from the function name (sec_userDbPermissions).

module_loader = td.initialize_module_loader(config)
if module_loader:
    all_functions = module_loader.get_all_functions()
    for name, func in all_functions.items():
        if not (inspect.isfunction(func) and name.startswith("handle_")):
            continue
        tool_name = name[len("handle_"):]
        if not any(re.match(p, tool_name) for p in config.get('tool', [])):
            continue
        wrapped = make_tool_wrapper(func)
        mcp.tool(name=tool_name, description=wrapped.__doc__)(wrapped)
        logger.info(f"Created tool: {tool_name}")

src/teradata_mcp_server/tools/sec/__init__.py:1-3 (helper)
Imports the sec_tools (containing the handler) making it available for dynamic loading by the module_loader.
```
from .sec_resources import *
from .sec_tools import *
```

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. It states the tool 'Get permissions for a user' and mentions a return type, but doesn't describe what permissions are retrieved (e.g., database, table, or system-level), whether it requires admin privileges, if it's read-only or has side effects, or any rate limits. For a security-related tool with zero annotation coverage, this is a significant gap.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded with the core purpose in the first sentence. The arguments and returns sections are structured but could be more integrated. There's no wasted text, though it could be slightly more polished (e.g., combining sections).

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of a security tool with no annotations, no output schema, and 0% schema description coverage, the description is incomplete. It lacks details on what permissions are returned, how they're formatted, error conditions, or authentication requirements. The mention of 'ResponseType: formatted response with query results + metadata' is vague and doesn't substitute for proper output documentation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description adds minimal semantics for the single parameter 'user_name' by stating it's 'user name to analyze', which slightly clarifies beyond the schema's 'User Name' title. However, with 0% schema description coverage, the description doesn't fully compensate—it doesn't specify format constraints (e.g., case sensitivity, domain inclusion) or provide examples. The baseline is 3 due to the single parameter, but value added is limited.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with 'Get permissions for a user', which is a specific verb+resource combination. However, it doesn't explicitly distinguish this tool from sibling tools like 'sec_rolePermissions' or 'sec_userRoles', which likely handle related but different security aspects. The purpose is clear but lacks sibling differentiation.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. There's no mention of prerequisites, context, or comparisons to sibling tools like 'sec_rolePermissions' or 'sec_userRoles', which might handle overlapping or complementary functionality. Usage is implied only by the tool name and description.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/blitzstermayank/MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server