Skip to content

fix: enforce mode file restrictions for apply_diff tool (#4732) #4743

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
daniel-lxs wants to merge 1 commit into from
Closed

fix: enforce mode file restrictions for apply_diff tool (#4732) #4743

daniel-lxs wants to merge 1 commit into from

Conversation

@daniel-lxs
Copy link
Member

@daniel-lxs daniel-lxs commented Jun 16, 2025
edited by ellipsis-dev bot
Loading

Description

Fixes #4732

This PR addresses the issue where mode file restrictions were being bypassed by the apply_diff tool. The problem occurred because the file permission check in isToolAllowedForMode was conditional on content parameters being present, allowing the tool to be approved before paths were validated.

Changes Made

  • Modified isToolAllowedForMode in src/shared/modes.ts to validate file paths as soon as they are available
  • Added support for extracting and validating paths from the XML args parameter used by multiApplyDiffTool
  • Updated existing tests to expect FileRestrictionError when non-matching paths are provided
  • Added comprehensive tests for multi-file apply_diff scenarios

Testing

  • All existing tests pass
  • Added tests for single-file apply_diff validation
  • Added tests for multi-file apply_diff validation
  • Verified that matching files are still allowed
  • Verified that non-matching files throw FileRestrictionError

Verification of Acceptance Criteria

  • Mode file restrictions are now properly enforced for all edit tools
  • The apply_diff tool validates paths before execution
  • Both legacy (path/diff) and new (args) parameter formats are handled
  • Architect mode can no longer edit non-markdown files

Checklist

  • Code follows project style guidelines
  • Self-review completed
  • Comments added for complex logic
  • No breaking changes
  • All tests pass

Important

Fixes mode file restriction bypass in apply_diff by validating paths immediately in isToolAllowedForMode and updating tests accordingly.

  • Behavior:
    • isToolAllowedForMode in modes.ts now validates file paths immediately, preventing bypassing of mode restrictions.
    • Supports path extraction and validation from XML args in multiApplyDiffTool.
  • Testing:
    • Updated tests in modes.test.ts to expect FileRestrictionError for non-matching paths.
    • Added tests for single and multi-file apply_diff scenarios.
  • Verification:
    • Ensures mode file restrictions are enforced for all edit tools.
    • Validates paths before apply_diff execution.
    • Handles both legacy and new parameter formats.
    • Architect mode restricted to markdown files only.

This description was created by Ellipsis for e0699cd. You can customize this summary. It will automatically update as commits are pushed.

@daniel-lxs
fix: enforce mode file restrictions for apply_diff tool (#4732)
e0699cd 
- Modified isToolAllowedForMode to validate file paths in apply_diff args parameter
- Added extraction of paths from XML args for multi-file apply_diff operations
- Added comprehensive tests for both single and multi-file scenarios
- Ensures mode permissions are properly enforced for all edit tools
@daniel-lxs daniel-lxs requested review from cte, jr and mrubens as code owners June 16, 2025 15:25
@dosubot dosubot bot added size:L This PR changes 100-499 lines, ignoring generated files. bug Something isn't working labels Jun 16, 2025
@daniel-lxs daniel-lxs moved this from Triage to PR [Needs Review] in Roo Code Roadmap Jun 16, 2025
@daniel-lxs daniel-lxs moved this from PR [Needs Review] to PR [Needs Prelim Review] in Roo Code Roadmap Jun 16, 2025
mrubens
mrubens reviewed Jun 16, 2025
View reviewed changes
Copy link
Collaborator

@mrubens mrubens left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code feels kind of hairy - I wonder if we should move these checks into the tools themselves?

@daniel-lxs
Copy link
Member Author

daniel-lxs commented Jun 16, 2025

@mrubens

That's probably a good idea, since each tool might handle paths differently.

@daniel-lxs
Copy link
Member Author

daniel-lxs commented Jun 16, 2025

Closing, let's try a better approach to fix this

@daniel-lxs daniel-lxs closed this Jun 16, 2025
@github-project-automation github-project-automation bot moved this from PR [Needs Prelim Review] to Done in Roo Code Roadmap Jun 16, 2025
@github-project-automation github-project-automation bot moved this from New to Done in Roo Code Roadmap Jun 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrubens mrubens mrubens left review comments

@cte cte Awaiting requested review from cte cte is a code owner

@jr jr Awaiting requested review from jr jr is a code owner

Assignees

No one assigned

Labels

bug Something isn't working PR - Needs Preliminary Review size:L This PR changes 100-499 lines, ignoring generated files.

Projects

Roo Code Roadmap
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Roo Code ignores mode permissions if concurrent file edits are enabled

4 participants

@daniel-lxs @mrubens @hannesrudolph