Mountain/Environment/Utility/PathSecurity.rs
1//! # Path Security Utilities
2//!
3//! Functions for validating filesystem access and enforcing workspace trust.
4
5use std::path::Path;
6
7use CommonLibrary::Error::CommonError::CommonError;
8use log::trace;
9
10use crate::ApplicationState::ApplicationState;
11
12/// A critical security helper that checks if a given filesystem path is
13/// allowed for access.
14///
15/// In this architecture, this means the path must be a descendant of one of the
16/// currently open and trusted workspace folders. This prevents extensions from
17/// performing arbitrary filesystem operations outside the user's intended
18/// scope.
19pub fn IsPathAllowedForAccess(ApplicationState:&ApplicationState, PathToCheck:&Path) -> Result<(), CommonError> {
20 trace!("[EnvironmentSecurity] Verifying path: {}", PathToCheck.display());
21
22 if !ApplicationState.Workspace.IsTrusted.load(std::sync::atomic::Ordering::Relaxed) {
23 return Err(CommonError::FileSystemPermissionDenied {
24 Path:PathToCheck.to_path_buf(),
25 Reason:"Workspace is not trusted. File access is denied.".to_string(),
26 });
27 }
28
29 let FoldersGuard = ApplicationState
30 .Workspace
31 .WorkspaceFolders
32 .lock()
33 .map_err(super::ErrorMapping::MapApplicationStateLockErrorToCommonError)?;
34
35 if FoldersGuard.is_empty() {
36 // Allow access if no folder is open, as operations are likely on user-chosen
37 // files. A stricter model could deny this.
38 return Ok(());
39 }
40
41 let IsAllowed = FoldersGuard.iter().any(|Folder| {
42 match Folder.URI.to_file_path() {
43 Ok(FolderPath) => PathToCheck.starts_with(FolderPath),
44 Err(_) => false,
45 }
46 });
47
48 if IsAllowed {
49 Ok(())
50 } else {
51 Err(CommonError::FileSystemPermissionDenied {
52 Path:PathToCheck.to_path_buf(),
53 Reason:"Path is outside of the registered workspace folders.".to_string(),
54 })
55 }
56}