RooCodeInc
diff --git a/‎src/core/Cline.ts‎
Lines changed: 12 additions & 0 deletions b/‎src/core/Cline.ts‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎src/core/webview/ClineProvider.ts‎
Lines changed: 14 additions & 0 deletions b/‎src/core/webview/ClineProvider.ts‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎src/core/webview/__tests__/ClineProvider.test.ts‎
Lines changed: 2 additions & 0 deletions b/‎src/core/webview/__tests__/ClineProvider.test.ts‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/exports/roo-code.d.ts‎
Lines changed: 2 additions & 0 deletions b/‎src/exports/roo-code.d.ts‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/shared/ExtensionMessage.ts‎
Lines changed: 3 additions & 0 deletions b/‎src/shared/ExtensionMessage.ts‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/shared/WebviewMessage.ts‎
Lines changed: 2 additions & 0 deletions b/‎src/shared/WebviewMessage.ts‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/shared/globalState.ts‎
Lines changed: 2 additions & 0 deletions b/‎src/shared/globalState.ts‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/utils/pathUtils.ts‎
Lines changed: 24 additions & 0 deletions b/‎src/utils/pathUtils.ts‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎webview-ui/src/components/chat/ChatView.tsx‎
Lines changed: 51 additions & 13 deletions b/‎webview-ui/src/components/chat/ChatView.tsx‎
Lines changed: 51 additions & 13 deletions
@@ -11,6 +11,7 @@ import pWaitFor from "p-wait-for"
 import getFolderSize from "get-folder-size"
 import { serializeError } from "serialize-error"
 import * as vscode from "vscode"
+import { isPathOutsideWorkspace } from "../utils/pathUtils"
 
 import { TokenUsage } from "../exports/roo-code"
 import { ApiHandler, buildApiHandler } from "../api"
@@ -1606,9 +1607,14 @@ export class Cline extends EventEmitter<ClineEvents> {
 							}
 						}
 
+						// Determine if the path is outside the workspace
+						const fullPath = relPath ? path.resolve(this.cwd, removeClosingTag("path", relPath)) : ""
+						const isOutsideWorkspace = isPathOutsideWorkspace(fullPath)
+
 						const sharedMessageProps: ClineSayTool = {
 							tool: fileExists ? "editedExistingFile" : "newFileCreated",
 							path: getReadablePath(this.cwd, removeClosingTag("path", relPath)),
+							isOutsideWorkspace,
 						}
 						try {
 							if (block.partial) {
@@ -2245,9 +2251,15 @@ export class Cline extends EventEmitter<ClineEvents> {
 						const relPath: string | undefined = block.params.path
 						const startLineStr: string | undefined = block.params.start_line
 						const endLineStr: string | undefined = block.params.end_line
+
+						// Get the full path and determine if it's outside the workspace
+						const fullPath = relPath ? path.resolve(this.cwd, removeClosingTag("path", relPath)) : ""
+						const isOutsideWorkspace = isPathOutsideWorkspace(fullPath)
+
 						const sharedMessageProps: ClineSayTool = {
 							tool: "readFile",
 							path: getReadablePath(this.cwd, removeClosingTag("path", relPath)),
+							isOutsideWorkspace,
 						}
 						try {
 							if (block.partial) {
 
@@ -971,10 +971,18 @@ export class ClineProvider extends EventEmitter<ClineProviderEvents> implements
 						await this.updateGlobalState("alwaysAllowReadOnly", message.bool ?? undefined)
 						await this.postStateToWebview()
 						break
+					case "alwaysAllowReadOnlyOutsideWorkspace":
+						await this.updateGlobalState("alwaysAllowReadOnlyOutsideWorkspace", message.bool ?? undefined)
+						await this.postStateToWebview()
+						break
 					case "alwaysAllowWrite":
 						await this.updateGlobalState("alwaysAllowWrite", message.bool ?? undefined)
 						await this.postStateToWebview()
 						break
+					case "alwaysAllowWriteOutsideWorkspace":
+						await this.updateGlobalState("alwaysAllowWriteOutsideWorkspace", message.bool ?? undefined)
+						await this.postStateToWebview()
+						break
 					case "alwaysAllowExecute":
 						await this.updateGlobalState("alwaysAllowExecute", message.bool ?? undefined)
 						await this.postStateToWebview()
@@ -2490,7 +2498,9 @@ export class ClineProvider extends EventEmitter<ClineProviderEvents> implements
 			lastShownAnnouncementId,
 			customInstructions,
 			alwaysAllowReadOnly,
+			alwaysAllowReadOnlyOutsideWorkspace,
 			alwaysAllowWrite,
+			alwaysAllowWriteOutsideWorkspace,
 			alwaysAllowExecute,
 			alwaysAllowBrowser,
 			alwaysAllowMcp,
@@ -2544,7 +2554,9 @@ export class ClineProvider extends EventEmitter<ClineProviderEvents> implements
 			apiConfiguration,
 			customInstructions,
 			alwaysAllowReadOnly: alwaysAllowReadOnly ?? false,
+			alwaysAllowReadOnlyOutsideWorkspace: alwaysAllowReadOnlyOutsideWorkspace ?? false,
 			alwaysAllowWrite: alwaysAllowWrite ?? false,
+			alwaysAllowWriteOutsideWorkspace: alwaysAllowWriteOutsideWorkspace ?? false,
 			alwaysAllowExecute: alwaysAllowExecute ?? false,
 			alwaysAllowBrowser: alwaysAllowBrowser ?? false,
 			alwaysAllowMcp: alwaysAllowMcp ?? false,
@@ -2707,7 +2719,9 @@ export class ClineProvider extends EventEmitter<ClineProviderEvents> implements
 			lastShownAnnouncementId: stateValues.lastShownAnnouncementId,
 			customInstructions: stateValues.customInstructions,
 			alwaysAllowReadOnly: stateValues.alwaysAllowReadOnly ?? false,
+			alwaysAllowReadOnlyOutsideWorkspace: stateValues.alwaysAllowReadOnlyOutsideWorkspace ?? false,
 			alwaysAllowWrite: stateValues.alwaysAllowWrite ?? false,
+			alwaysAllowWriteOutsideWorkspace: stateValues.alwaysAllowWriteOutsideWorkspace ?? false,
 			alwaysAllowExecute: stateValues.alwaysAllowExecute ?? false,
 			alwaysAllowBrowser: stateValues.alwaysAllowBrowser ?? false,
 			alwaysAllowMcp: stateValues.alwaysAllowMcp ?? false,
 
@@ -434,7 +434,9 @@ describe("ClineProvider", () => {
 			},
 			customInstructions: undefined,
 			alwaysAllowReadOnly: false,
+			alwaysAllowReadOnlyOutsideWorkspace: false,
 			alwaysAllowWrite: false,
+			alwaysAllowWriteOutsideWorkspace: false,
 			alwaysAllowExecute: false,
 			alwaysAllowBrowser: false,
 			alwaysAllowMcp: false,
 
@@ -182,7 +182,9 @@ export type GlobalStateKey =
 	| "lastShownAnnouncementId"
 	| "customInstructions"
 	| "alwaysAllowReadOnly"
+	| "alwaysAllowReadOnlyOutsideWorkspace"
 	| "alwaysAllowWrite"
+	| "alwaysAllowWriteOutsideWorkspace"
 	| "alwaysAllowExecute"
 	| "alwaysAllowBrowser"
 	| "alwaysAllowMcp"
 
@@ -120,7 +120,9 @@ export interface ExtensionState {
 	customModePrompts?: CustomModePrompts
 	customSupportPrompts?: CustomSupportPrompts
 	alwaysAllowReadOnly?: boolean
+	alwaysAllowReadOnlyOutsideWorkspace?: boolean
 	alwaysAllowWrite?: boolean
+	alwaysAllowWriteOutsideWorkspace?: boolean
 	alwaysAllowExecute?: boolean
 	alwaysAllowBrowser?: boolean
 	alwaysAllowMcp?: boolean
@@ -192,6 +194,7 @@ export interface ClineSayTool {
 	filePattern?: string
 	mode?: string
 	reason?: string
+	isOutsideWorkspace?: boolean
 }
 
 // Must keep in sync with system prompt.
 
@@ -22,7 +22,9 @@ export interface WebviewMessage {
 		| "customInstructions"
 		| "allowedCommands"
 		| "alwaysAllowReadOnly"
+		| "alwaysAllowReadOnlyOutsideWorkspace"
 		| "alwaysAllowWrite"
+		| "alwaysAllowWriteOutsideWorkspace"
 		| "alwaysAllowExecute"
 		| "webviewDidLaunch"
 		| "newTask"
 
@@ -49,7 +49,9 @@ export const GLOBAL_STATE_KEYS = [
 	"lastShownAnnouncementId",
 	"customInstructions",
 	"alwaysAllowReadOnly",
+	"alwaysAllowReadOnlyOutsideWorkspace",
 	"alwaysAllowWrite",
+	"alwaysAllowWriteOutsideWorkspace",
 	"alwaysAllowExecute",
 	"alwaysAllowBrowser",
 	"alwaysAllowMcp",
 
@@ -0,0 +1,24 @@
+import * as vscode from "vscode"
+import * as path from "path"
+
+/**
+ * Checks if a file path is outside all workspace folders
+ * @param filePath The file path to check
+ * @returns true if the path is outside all workspace folders, false otherwise
+ */
+export function isPathOutsideWorkspace(filePath: string): boolean {
+	// If there are no workspace folders, consider everything outside workspace for safety
+	if (!vscode.workspace.workspaceFolders || vscode.workspace.workspaceFolders.length === 0) {
+		return true
+	}
+
+	// Normalize and resolve the path to handle .. and . components correctly
+	const absolutePath = path.resolve(filePath)
+
+	// Check if the path is within any workspace folder
+	return !vscode.workspace.workspaceFolders.some((folder) => {
+		const folderPath = folder.uri.fsPath
+		// Path is inside a workspace if it equals the workspace path or is a subfolder
+		return absolutePath === folderPath || absolutePath.startsWith(folderPath + path.sep)
+	})
+}
@@ -55,7 +55,9 @@ const ChatView = ({ isHidden, showAnnouncement, hideAnnouncement, showHistoryVie
 		mcpServers,
 		alwaysAllowBrowser,
 		alwaysAllowReadOnly,
+		alwaysAllowReadOnlyOutsideWorkspace,
 		alwaysAllowWrite,
+		alwaysAllowWriteOutsideWorkspace,
 		alwaysAllowExecute,
 		alwaysAllowMcp,
 		allowedCommands,
@@ -649,26 +651,60 @@ const ChatView = ({ isHidden, showAnnouncement, hideAnnouncement, showHistoryVie
 		(message: ClineMessage | undefined) => {
 			if (!autoApprovalEnabled || !message || message.type !== "ask") return false
 
-			return (
-				(alwaysAllowBrowser && message.ask === "browser_action_launch") ||
-				(alwaysAllowReadOnly && message.ask === "tool" && isReadOnlyToolAction(message)) ||
-				(alwaysAllowWrite && message.ask === "tool" && isWriteToolAction(message)) ||
-				(alwaysAllowExecute && message.ask === "command" && isAllowedCommand(message)) ||
-				(alwaysAllowMcp && message.ask === "use_mcp_server" && isMcpToolAlwaysAllowed(message)) ||
-				(alwaysAllowModeSwitch &&
-					message.ask === "tool" &&
-					JSON.parse(message.text || "{}")?.tool === "switchMode") ||
-				(alwaysAllowSubtasks &&
-					message.ask === "tool" &&
-					["newTask", "finishTask"].includes(JSON.parse(message.text || "{}")?.tool))
-			)
+			if (message.ask === "browser_action_launch") {
+				return alwaysAllowBrowser
+			}
+
+			if (message.ask === "use_mcp_server") {
+				return alwaysAllowMcp && isMcpToolAlwaysAllowed(message)
+			}
+
+			if (message.ask === "command") {
+				return alwaysAllowExecute && isAllowedCommand(message)
+			}
+
+			// For read/write operations, check if it's outside workspace and if we have permission for that
+			if (message.ask === "tool") {
+				let tool: any = {}
+				try {
+					tool = JSON.parse(message.text || "{}")
+				} catch (error) {
+					console.error("Failed to parse tool:", error)
+				}
+
+				if (!tool) {
+					return false
+				}
+
+				if (tool?.tool === "switchMode") {
+					return alwaysAllowModeSwitch
+				}
+
+				if (["newTask", "finishTask"].includes(tool?.tool)) {
+					return alwaysAllowSubtasks
+				}
+
+				const isOutsideWorkspace = !!tool.isOutsideWorkspace
+
+				if (isReadOnlyToolAction(message)) {
+					return alwaysAllowReadOnly && (!isOutsideWorkspace || alwaysAllowReadOnlyOutsideWorkspace)
+				}
+
+				if (isWriteToolAction(message)) {
+					return alwaysAllowWrite && (!isOutsideWorkspace || alwaysAllowWriteOutsideWorkspace)
+				}
+			}
+
+			return false
 		},
 		[
 			autoApprovalEnabled,
 			alwaysAllowBrowser,
 			alwaysAllowReadOnly,
+			alwaysAllowReadOnlyOutsideWorkspace,
 			isReadOnlyToolAction,
 			alwaysAllowWrite,
+			alwaysAllowWriteOutsideWorkspace,
 			isWriteToolAction,
 			alwaysAllowExecute,
 			isAllowedCommand,
@@ -1047,7 +1083,9 @@ const ChatView = ({ isHidden, showAnnouncement, hideAnnouncement, showHistoryVie
 		handlePrimaryButtonClick,
 		alwaysAllowBrowser,
 		alwaysAllowReadOnly,
+		alwaysAllowReadOnlyOutsideWorkspace,
 		alwaysAllowWrite,
+		alwaysAllowWriteOutsideWorkspace,
 		alwaysAllowExecute,
 		alwaysAllowMcp,
 		messages,