MCPcopy
hub / github.com/codeaashu/claude-code / validateInput

Function validateInput

src/tools/FileWriteTool/FileWriteTool.ts:153–222  ·  view source on GitHub ↗
({ file_path, content }, toolUseContext: ToolUseContext)

Source from the content-addressed store, hash-verified

151 return ''
152 },
153 async validateInput({ file_path, content }, toolUseContext: ToolUseContext) {
154 const fullFilePath = expandPath(file_path)
155
156 // Reject writes to team memory files that contain secrets
157 const secretError = checkTeamMemSecrets(fullFilePath, content)
158 if (secretError) {
159 return { result: false, message: secretError, errorCode: 0 }
160 }
161
162 // Check if path should be ignored based on permission settings
163 const appState = toolUseContext.getAppState()
164 const denyRule = matchingRuleForInput(
165 fullFilePath,
166 appState.toolPermissionContext,
167 'edit',
168 'deny',
169 )
170 if (denyRule !== null) {
171 return {
172 result: false,
173 message:
174 'File is in a directory that is denied by your permission settings.',
175 errorCode: 1,
176 }
177 }
178
179 // SECURITY: Skip filesystem operations for UNC paths to prevent NTLM credential leaks.
180 // On Windows, fs.existsSync() on UNC paths triggers SMB authentication which could
181 // leak credentials to malicious servers. Let the permission check handle UNC paths.
182 if (fullFilePath.startsWith('\\\\') || fullFilePath.startsWith('//')) {
183 return { result: true }
184 }
185
186 const fs = getFsImplementation()
187 let fileMtimeMs: number
188 try {
189 const fileStat = await fs.stat(fullFilePath)
190 fileMtimeMs = fileStat.mtimeMs
191 } catch (e) {
192 if (isENOENT(e)) {
193 return { result: true }
194 }
195 throw e
196 }
197
198 const readTimestamp = toolUseContext.readFileState.get(fullFilePath)
199 if (!readTimestamp || readTimestamp.isPartialView) {
200 return {
201 result: false,
202 message:
203 'File has not been read yet. Read it first before writing to it.',
204 errorCode: 2,
205 }
206 }
207
208 // Reuse mtime from the stat above — avoids a redundant statSync via
209 // getFileModificationTime. The readTimestamp guard above ensures this
210 // block is always reached when the file exists.

Callers

nothing calls this directly

Calls 6

expandPathFunction · 0.85
checkTeamMemSecretsFunction · 0.85
matchingRuleForInputFunction · 0.85
getFsImplementationFunction · 0.85
isENOENTFunction · 0.85
getMethod · 0.65

Tested by

no test coverage detected