Mountain/Environment/Utility/
PathSecurity.rs

1//! # Path Security Utilities
2//!
3//! Functions for validating filesystem access and enforcing workspace trust.
4
5use std::path::Path;
6
7use CommonLibrary::Error::CommonError::CommonError;
8
9use crate::{ApplicationState::ApplicationState, dev_log};
10
11/// A critical security helper that checks if a given filesystem path is
12/// allowed for access.
13///
14/// In this architecture, this means the path must be a descendant of one of the
15/// currently open and trusted workspace folders. This prevents extensions from
16/// performing arbitrary filesystem operations outside the user's intended
17/// scope.
18pub fn IsPathAllowedForAccess(ApplicationState:&ApplicationState, PathToCheck:&Path) -> Result<(), CommonError> {
19	dev_log!("vfs", "[EnvironmentSecurity] Verifying path: {}", PathToCheck.display());
20
21	if !ApplicationState.Workspace.IsTrusted.load(std::sync::atomic::Ordering::Relaxed) {
22		return Err(CommonError::FileSystemPermissionDenied {
23			Path:PathToCheck.to_path_buf(),
24			Reason:"Workspace is not trusted. File access is denied.".to_string(),
25		});
26	}
27
28	let FoldersGuard = ApplicationState
29		.Workspace
30		.WorkspaceFolders
31		.lock()
32		.map_err(super::ErrorMapping::MapApplicationStateLockErrorToCommonError)?;
33
34	if FoldersGuard.is_empty() {
35		// Allow access if no folder is open, as operations are likely on user-chosen
36		// files. A stricter model could deny this.
37		return Ok(());
38	}
39
40	let IsAllowed = FoldersGuard.iter().any(|Folder| {
41		match Folder.URI.to_file_path() {
42			Ok(FolderPath) => PathToCheck.starts_with(FolderPath),
43			Err(_) => false,
44		}
45	});
46
47	if IsAllowed {
48		Ok(())
49	} else {
50		Err(CommonError::FileSystemPermissionDenied {
51			Path:PathToCheck.to_path_buf(),
52			Reason:"Path is outside of the registered workspace folders.".to_string(),
53		})
54	}
55}
Mountain/Environment/Utility/PathSecurity.rs

Mountain/Environment/Utility/
PathSecurity.rs
