pub fn IsPathAllowedForAccess(
ApplicationState: &ApplicationState,
PathToCheck: &Path,
) -> Result<(), CommonError>Expand description
A critical security helper that checks if a given filesystem path is allowed for access.
The access model has two tiers:
-
Trusted system paths - directories Land itself owns (user extensions, agent plugins, app-support storage, bundled extension roots). These are never “user content” and the extension scanner, VSIX installer, and global-storage probes must be able to read/write them regardless of which workspace folder is open. They bypass the workspace-folder check entirely.
-
Workspace content - everything else is only reachable when the resolved path is a descendant of a currently registered, trusted workspace folder. That’s the sandbox boundary that keeps extensions from rifling through
$HOMEviavscode.workspace.fs.
Without tier 1, the scanner’s read of ~/.land/extensions is
rejected as “Path is outside of the registered workspace folders”, so
user-installed VSIXes never reach the Extensions sidebar even though
they are present on disk.