import path from "node:path";
import os from "node:os";
// Critical system directories that should never be modified
const BLOCKED_DIRECTORIES = [
"C:\\Windows",
"C:\\Program Files",
"C:\\Program Files (x86)",
"C:\\Users\\All Users",
"C:\\System Volume Information",
];
// Folders we explicitly want to allow and prioritize
const homeDir = os.homedir();
const ALLOWED_USER_DIRECTORIES = [
path.join(homeDir, "Downloads"),
path.join(homeDir, "Documents"),
path.join(homeDir, "Desktop"),
];
export function isPathSafe(targetPath: string): boolean {
const absolutePath = path.resolve(targetPath);
// Check if it's explicitly allowed user folder (takes precedence)
for (const allowed of ALLOWED_USER_DIRECTORIES) {
if (absolutePath.toLowerCase().startsWith(allowed.toLowerCase())) {
return true;
}
}
// Check if the path is in a blocked directory
for (const blocked of BLOCKED_DIRECTORIES) {
if (absolutePath.toLowerCase().startsWith(blocked.toLowerCase())) {
return false;
}
}
// Basic heuristic: avoid deleting the root of any drive
if (absolutePath.length <= 3 && absolutePath.endsWith(":\\")) {
return false;
}
return true;
}
export function validatePaths(paths: string[]): { safe: boolean; path?: string } {
for (const p of paths) {
if (!isPathSafe(p)) {
return { safe: false, path: p };
}
}
return { safe: true };
}
