feat: add allowedTools whitelist support to MCP server config

[roomote]

Related GitHub Issue

Closes: #11259

Description

This PR attempts to address Issue #11259 by adding an optional allowedTools whitelist to MCP server configuration. Feedback and guidance are welcome.

Key implementation details:

• Added allowedTools as an optional field in the BaseConfigSchema (Zod schema) alongside the existing disabledTools
• When allowedTools is specified, only tools in the whitelist are enabled (enabledForPrompt: true)
• When allowedTools is not specified, all tools are enabled (backward compatible)
• disabledTools blacklist further filters from the allowed set (whitelist wins as primary gate, blacklist narrows)
• No changes needed in prompt builder, types, or webview UI -- they all already respect enabledForPrompt

Example config:

{
  "mcpServers": {
    "my-server": {
      "command": "node",
      "args": ["server.js"],
      "allowedTools": ["tool1", "tool3"],
      "disabledTools": ["tool3"]
    }
  }
}

In this case, only tool1 would be enabled (tool3 is whitelisted but then blacklisted, tool2 is not whitelisted).

Test Procedure

• 4 new unit tests added covering:
  • Whitelist filtering (only listed tools are enabled)
  • Backward compatibility (no allowedTools means all tools allowed)
  • Combined allowedTools + disabledTools behavior
  • Empty allowedTools array disables all tools
• All 51 tests pass: cd src && npx vitest run services/mcp/__tests__/McpHub.spec.ts
• Full lint and type-check passed via pre-push hooks

Pre-Submission Checklist

• Issue Linked: This PR is linked to an approved GitHub Issue (see "Related GitHub Issue" above).
• Scope: My changes are focused on the linked issue (one major feature/fix per PR).
• Self-Review: I have performed a thorough self-review of my code.
• Testing: New and/or updated tests have been added to cover my changes.
• Documentation Impact: I have considered if my changes require documentation updates.
• Contribution Guidelines: I have read and agree to the Contributor Guidelines.

Documentation Updates

• No documentation updates are required. The change is additive and optional in the config schema.

Additional Notes

Files changed:

• src/services/mcp/McpHub.ts: Added allowedTools to schema, config reading, and enabledForPrompt logic
• src/services/mcp/__tests__/McpHub.spec.ts: Added 4 test cases for whitelist behavior

[roomote]

Rooviewer   See task

Clean implementation overall. The allowedTools whitelist logic, schema addition, and test coverage are solid. One minor defensive coding fix flagged.

• Use loose equality (== null) instead of strict (=== undefined) for allowedToolsList check in fetchToolsList to handle null values from raw JSON config

_{Mention @roomote in a comment to request specific changes to this pull request or fix all unresolved issues.}

[roomote]

allowedToolsList is read from raw JSON (line 1007), not from Zod-validated config, so null is a possible value if a user writes "allowedTools": null in their config file. Strict equality === undefined won't catch null, causing null.includes(tool.name) to throw a TypeError. The outer try/catch swallows it but returns an empty tools list with no user-facing feedback. The adjacent disabledTools reading defensively uses || [] for the same reason. Using loose equality here keeps both code paths consistent.

Suggested change

	const isWhitelisted = allowedToolsList === undefined || allowedToolsList.includes(tool.name)
	const isWhitelisted = allowedToolsList == null || allowedToolsList.includes(tool.name)

_{Fix it with Roo Code or mention @roomote and request a fix.}