MCPcopy
hub / github.com/AutoMaker-Org/automaker / initAllowedPaths

Function initAllowedPaths

libs/platform/src/security.ts:29–45  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

27 * - DATA_DIR: appData exception, always allowed
28 */
29export function initAllowedPaths(): void {
30 // Load ALLOWED_ROOT_DIRECTORY
31 const rootDir = process.env.ALLOWED_ROOT_DIRECTORY;
32 if (rootDir) {
33 allowedRootDirectory = path.resolve(rootDir);
34 console.log(`[Security] ✓ ALLOWED_ROOT_DIRECTORY configured: ${allowedRootDirectory}`);
35 } else {
36 console.log('[Security] ⚠️ ALLOWED_ROOT_DIRECTORY not set - allowing access to all paths');
37 }
38
39 // Load DATA_DIR (appData exception - always allowed)
40 const dataDir = process.env.DATA_DIR;
41 if (dataDir) {
42 dataDirectory = path.resolve(dataDir);
43 console.log(`[Security] ✓ DATA_DIR configured: ${dataDirectory}`);
44 }
45}
46
47/**
48 * Check if a path is allowed based on ALLOWED_ROOT_DIRECTORY

Callers 5

index.tsFile · 0.90
handleAppReadyFunction · 0.90
security.test.tsFile · 0.85
security.test.tsFile · 0.85

Calls 1

resolveMethod · 0.80

Tested by

no test coverage detected