@glwhappen/web-code 1.32.0 → 1.32.1

package/server/modules/websocket/services/chat-websocket.service.ts

@@ -1,5 +1,6 @@
 import type { WebSocket } from 'ws';
 
+import { assertUserOwnsProjectPath } from '@/modules/projects/services/project-authorization.service.js';
 import { connectedClients } from '@/modules/websocket/services/websocket-state.service.js';
 import { WebSocketWriter } from '@/modules/websocket/services/websocket-writer.service.js';
 import type {
@@ -7,7 +8,7 @@ import type {
   AuthenticatedWebSocketRequest,
   LLMProvider,
 } from '@/shared/types.js';
-import { createNormalizedMessage, parseIncomingJsonObject } from '@/shared/utils.js';
+import { AppError, createNormalizedMessage, parseIncomingJsonObject } from '@/shared/utils.js';
 
 type ChatIncomingMessage = AnyRecord & {
   type?: string;
@@ -30,9 +31,9 @@ type ChatWebSocketDependencies = {
   queryCodex: (command: string, options: unknown, writer: WebSocketWriter) => Promise<unknown>;
   spawnGemini: (command: string, options: unknown, writer: WebSocketWriter) => Promise<unknown>;
   abortClaudeSDKSession: (sessionId: string, userId?: string | number | null) => Promise<boolean>;
-  abortCursorSession: (sessionId: string) => boolean;
+  abortCursorSession: (sessionId: string, userId?: string | number | null) => boolean;
   abortCodexSession: (sessionId: string, userId?: string | number | null) => boolean;
-  abortGeminiSession: (sessionId: string) => boolean;
+  abortGeminiSession: (sessionId: string, userId?: string | number | null) => boolean;
   resolveToolApproval: (
     requestId: string,
     payload: {
@@ -43,15 +44,15 @@ type ChatWebSocketDependencies = {
     }
   ) => void;
   isClaudeSDKSessionActive: (sessionId: string, userId?: string | number | null) => boolean;
-  isCursorSessionActive: (sessionId: string) => boolean;
+  isCursorSessionActive: (sessionId: string, userId?: string | number | null) => boolean;
   isCodexSessionActive: (sessionId: string, userId?: string | number | null) => boolean;
-  isGeminiSessionActive: (sessionId: string) => boolean;
+  isGeminiSessionActive: (sessionId: string, userId?: string | number | null) => boolean;
   reconnectSessionWriter: (sessionId: string, ws: WebSocket, userId?: string | number | null) => boolean;
   getPendingApprovalsForSession: (sessionId: string, userId?: string | number | null) => unknown[];
   getActiveClaudeSDKSessions: (userId?: string | number | null) => unknown;
-  getActiveCursorSessions: () => unknown;
+  getActiveCursorSessions: (userId?: string | number | null) => unknown;
   getActiveCodexSessions: (userId?: string | number | null) => unknown;
-  getActiveGeminiSessions: () => unknown;
+  getActiveGeminiSessions: (userId?: string | number | null) => unknown;
 };
 
 /**
@@ -88,6 +89,35 @@ function readRequestUserId(
   return null;
 }
 
+/**
+ * Pulls `cwd` out of the websocket message options and confirms the caller
+ * owns it. Returning the normalized path lets the downstream spawn use the
+ * canonical form instead of whatever the client happened to send.
+ *
+ * Without this gate, any authenticated user could spawn a CLI in another
+ * user's project (or any path on disk) by setting `options.cwd` directly.
+ */
+function authorizeOptionsCwd(
+  userId: string | number | null,
+  options: AnyRecord | undefined,
+): { authorized: true; cwd: string } | { authorized: false; error: AppError } {
+  try {
+    const cwd = assertUserOwnsProjectPath(userId, options?.cwd);
+    return { authorized: true, cwd };
+  } catch (error) {
+    if (error instanceof AppError) {
+      return { authorized: false, error };
+    }
+    return {
+      authorized: false,
+      error: new AppError('Failed to authorize working directory', {
+        code: 'PROJECT_AUTHORIZATION_FAILED',
+        statusCode: 500,
+      }),
+    };
+  }
+}
+
 /**
  * Handles authenticated chat websocket messages used by the main chat panel.
  */
@@ -101,6 +131,15 @@ export function handleChatConnection(
 
   const writer = new WebSocketWriter(ws, readRequestUserId(request));
 
+  const sendAuthorizationError = (error: AppError, provider: LLMProvider): void => {
+    writer.send({
+      type: 'error',
+      error: error.message,
+      code: error.code,
+      provider,
+    });
+  };
+
   ws.on('message', async (rawMessage) => {
     try {
       const parsed = parseIncomingJsonObject(rawMessage);
@@ -115,32 +154,61 @@ export function handleChatConnection(
       }
 
       if (messageType === 'claude-command') {
-        await dependencies.queryClaudeSDK(data.command ?? '', data.options, writer);
+        const authorization = authorizeOptionsCwd(writer.userId, data.options);
+        if (!authorization.authorized) {
+          sendAuthorizationError(authorization.error, 'claude');
+          return;
+        }
+        const sanitizedOptions = { ...(data.options ?? {}), cwd: authorization.cwd };
+        await dependencies.queryClaudeSDK(data.command ?? '', sanitizedOptions, writer);
         return;
       }
 
       if (messageType === 'cursor-command') {
-        await dependencies.spawnCursor(data.command ?? '', data.options, writer);
+        const authorization = authorizeOptionsCwd(writer.userId, data.options);
+        if (!authorization.authorized) {
+          sendAuthorizationError(authorization.error, 'cursor');
+          return;
+        }
+        const sanitizedOptions = { ...(data.options ?? {}), cwd: authorization.cwd };
+        await dependencies.spawnCursor(data.command ?? '', sanitizedOptions, writer);
         return;
       }
 
       if (messageType === 'codex-command') {
-        await dependencies.queryCodex(data.command ?? '', data.options, writer);
+        const authorization = authorizeOptionsCwd(writer.userId, data.options);
+        if (!authorization.authorized) {
+          sendAuthorizationError(authorization.error, 'codex');
+          return;
+        }
+        const sanitizedOptions = { ...(data.options ?? {}), cwd: authorization.cwd };
+        await dependencies.queryCodex(data.command ?? '', sanitizedOptions, writer);
         return;
       }
 
       if (messageType === 'gemini-command') {
-        await dependencies.spawnGemini(data.command ?? '', data.options, writer);
+        const authorization = authorizeOptionsCwd(writer.userId, data.options);
+        if (!authorization.authorized) {
+          sendAuthorizationError(authorization.error, 'gemini');
+          return;
+        }
+        const sanitizedOptions = { ...(data.options ?? {}), cwd: authorization.cwd };
+        await dependencies.spawnGemini(data.command ?? '', sanitizedOptions, writer);
         return;
       }
 
       if (messageType === 'cursor-resume') {
+        const authorization = authorizeOptionsCwd(writer.userId, data.options);
+        if (!authorization.authorized) {
+          sendAuthorizationError(authorization.error, 'cursor');
+          return;
+        }
         await dependencies.spawnCursor(
           '',
           {
             sessionId: data.sessionId,
             resume: true,
-            cwd: data.options?.cwd,
+            cwd: authorization.cwd,
           },
           writer
         );
@@ -154,11 +222,11 @@ export function handleChatConnection(
         let success = false;
 
         if (provider === 'cursor') {
-          success = dependencies.abortCursorSession(sessionId);
+          success = dependencies.abortCursorSession(sessionId, userId);
         } else if (provider === 'codex') {
           success = dependencies.abortCodexSession(sessionId, userId);
         } else if (provider === 'gemini') {
-          success = dependencies.abortGeminiSession(sessionId);
+          success = dependencies.abortGeminiSession(sessionId, userId);
         } else {
           success = await dependencies.abortClaudeSDKSession(sessionId, userId);
         }
@@ -190,7 +258,7 @@ export function handleChatConnection(
 
       if (messageType === 'cursor-abort') {
         const sessionId = typeof data.sessionId === 'string' ? data.sessionId : '';
-        const success = dependencies.abortCursorSession(sessionId);
+        const success = dependencies.abortCursorSession(sessionId, writer.userId);
         writer.send(
           createNormalizedMessage({
             kind: 'complete',
@@ -211,11 +279,11 @@ export function handleChatConnection(
         let isActive = false;
 
         if (provider === 'cursor') {
-          isActive = dependencies.isCursorSessionActive(sessionId);
+          isActive = dependencies.isCursorSessionActive(sessionId, userId);
         } else if (provider === 'codex') {
           isActive = dependencies.isCodexSessionActive(sessionId, userId);
         } else if (provider === 'gemini') {
-          isActive = dependencies.isGeminiSessionActive(sessionId);
+          isActive = dependencies.isGeminiSessionActive(sessionId, userId);
         } else {
           isActive = dependencies.isClaudeSDKSessionActive(sessionId, userId);
           if (isActive) {
@@ -252,9 +320,9 @@ export function handleChatConnection(
           type: 'active-sessions',
           sessions: {
             claude: dependencies.getActiveClaudeSDKSessions(userId),
-            cursor: dependencies.getActiveCursorSessions(),
+            cursor: dependencies.getActiveCursorSessions(userId),
             codex: dependencies.getActiveCodexSessions(userId),
-            gemini: dependencies.getActiveGeminiSessions(),
+            gemini: dependencies.getActiveGeminiSessions(userId),
           },
         });
       }

package/server/routes/agent.js

@@ -12,7 +12,8 @@ import { spawnGemini } from '../gemini-cli.js';
 import { Octokit } from '@octokit/rest';
 import { CLAUDE_MODELS, CURSOR_MODELS, CODEX_MODELS } from '../../shared/modelConstants.js';
 import { IS_PLATFORM } from '../constants/config.js';
-import { normalizeProjectPath } from '../shared/utils.js';
+import { assertUserOwnsProjectPath } from '../modules/projects/services/project-authorization.service.js';
+import { AppError, ensureUserWorkspaceRoot, normalizeProjectPath, validateWorkspacePath } from '../shared/utils.js';
 
 const router = express.Router();
 
@@ -880,7 +881,17 @@ router.post('/', validateExternalApiKey, async (req, res) => {
 
       let targetPath;
       if (projectPath) {
-        targetPath = projectPath;
+        // Confine clone destinations to the caller's per-user workspace root so
+        // an API key cannot drop a fresh checkout into another user's directory.
+        const userWorkspaceRoot = await ensureUserWorkspaceRoot(req.user.username);
+        const validation = await validateWorkspacePath(projectPath, userWorkspaceRoot);
+        if (!validation.valid) {
+          return res.status(403).json({
+            success: false,
+            error: validation.error || 'Invalid project path for clone destination',
+          });
+        }
+        targetPath = validation.resolvedPath || projectPath;
       } else {
         // Generate a unique path for cloning
         const repoHash = crypto.createHash('md5').update(githubUrl + Date.now()).digest('hex');
@@ -889,10 +900,21 @@ router.post('/', validateExternalApiKey, async (req, res) => {
 
       finalProjectPath = await cloneGitHubRepo(githubUrl.trim(), tokenToUse, targetPath);
     } else {
-      // Use existing project path
-      finalProjectPath = normalizeProjectPath(path.resolve(projectPath));
+      // Existing project path: only the owning user may operate on it.
+      try {
+        finalProjectPath = assertUserOwnsProjectPath(req.user.id, projectPath);
+      } catch (authorizationError) {
+        if (authorizationError instanceof AppError) {
+          return res.status(authorizationError.statusCode).json({
+            success: false,
+            error: authorizationError.message,
+            code: authorizationError.code,
+          });
+        }
+        throw authorizationError;
+      }
 
-      // Verify the path exists
+      // Verify the path exists on disk; ownership check above already confirmed registration.
       try {
         await fs.access(finalProjectPath);
       } catch (error) {
@@ -902,10 +924,15 @@ router.post('/', validateExternalApiKey, async (req, res) => {
 
     finalProjectPath = normalizeProjectPath(finalProjectPath);
 
-    // Warn if the same project path is actively used by another user
+    // Reject cross-user shared paths outright; previous warn-only behavior let
+    // user A operate inside a path also registered to user B.
     const sharedPathCheck = projectsDb.isProjectPathUsedByOthers(req.user.id, finalProjectPath);
     if (sharedPathCheck.used) {
-      console.warn(`[WARN] Project path "${finalProjectPath}" is shared with user(s): ${sharedPathCheck.usernames.join(', ')}`);
+      return res.status(403).json({
+        success: false,
+        error: 'Project path is already registered to another user',
+        code: 'PROJECT_PATH_CROSS_USER',
+      });
     }
 
     // Register project path in DB (or reuse existing active registration)

package/server/routes/settings.js

@@ -255,7 +255,7 @@ router.post('/push/unsubscribe', async (req, res) => {
     if (!endpoint) {
       return res.status(400).json({ error: 'Missing endpoint' });
     }
-    pushSubscriptionsDb.removeSubscription(endpoint);
+    pushSubscriptionsDb.removeSubscription(req.user.id, endpoint);
 
     // Disable webPush in preferences to match subscription state
     const currentPrefs = notificationPreferencesDb.getPreferences(req.user.id);

package/server/services/notification-orchestrator.js

@@ -164,7 +164,7 @@ async function sendWebPush(userId, event) {
     if (result.status === 'rejected') {
       const statusCode = result.reason?.statusCode;
       if (statusCode === 410 || statusCode === 404) {
-        pushSubscriptionsDb.removeSubscription(subscriptions[index].endpoint);
+        pushSubscriptionsDb.removeSubscription(userId, subscriptions[index].endpoint);
       }
     }
   });

package/server/shared/utils.ts

@@ -99,12 +99,66 @@ export class AppError extends Error {
 // ---------------------------
 //----------------- WORKSPACE PATH VALIDATION UTILITIES ------------
 /**
- * Root directory that all workspace/project paths must stay under.
+ * Shared base directory under which every website user gets their own
+ * subdirectory. The per-user root is always `<WORKSPACES_ROOT>/<username>` —
+ * even when an operator sets `WORKSPACES_ROOT` explicitly — so that two
+ * website users can never browse/create projects in each other's space.
  *
- * This is resolved from `WORKSPACES_ROOT` when configured; otherwise it falls
- * back to the current user's home directory.
+ * Default is `<homedir>/web-code-workspaces` so the app keeps its files in a
+ * dedicated directory instead of polluting the host user's home.
  */
-export const WORKSPACES_ROOT = process.env.WORKSPACES_ROOT || os.homedir();
+export const WORKSPACES_ROOT =
+  process.env.WORKSPACES_ROOT || path.join(os.homedir(), 'web-code-workspaces');
+
+/**
+ * Strips characters that are unsafe in directory names so a malicious or
+ * unusual username cannot escape its workspace sandbox or collide with
+ * sibling directories. Returns null if the result is empty/`.`/`..`.
+ */
+export function sanitizeUsernameForPath(username: unknown): string | null {
+  if (typeof username !== 'string') {
+    return null;
+  }
+
+  const trimmed = username.trim();
+  if (!trimmed) {
+    return null;
+  }
+
+  const sanitized = trimmed.replace(/[^A-Za-z0-9._-]/g, '_');
+  if (!sanitized || sanitized === '.' || sanitized === '..') {
+    return null;
+  }
+
+  return sanitized;
+}
+
+/**
+ * Returns the absolute per-user workspace root for `username`. Does not touch
+ * the filesystem; callers that need the directory to exist before use should
+ * call `ensureUserWorkspaceRoot` instead.
+ */
+export function getUserWorkspaceRoot(username: unknown): string {
+  const safe = sanitizeUsernameForPath(username);
+  if (!safe) {
+    throw new AppError('Authenticated user is required', {
+      code: 'AUTHENTICATION_REQUIRED',
+      statusCode: 401,
+    });
+  }
+  return path.join(WORKSPACES_ROOT, safe);
+}
+
+/**
+ * Ensures the per-user workspace directory exists (mkdir -p) and returns its
+ * absolute path. Safe to call on every request — `recursive: true` makes it
+ * idempotent.
+ */
+export async function ensureUserWorkspaceRoot(username: unknown): Promise<string> {
+  const userRoot = getUserWorkspaceRoot(username);
+  await mkdir(userRoot, { recursive: true });
+  return userRoot;
+}
 
 /**
  * System-critical paths that must never be used as workspace roots.
@@ -201,10 +255,14 @@ export function normalizeProjectPath(inputPath: string): string {
  * Validates that a user-supplied workspace path is safe to use.
  *
  * Call this before any filesystem mutation that creates or registers projects.
- * The function resolves symlinks, enforces `WORKSPACES_ROOT` containment, and
- * blocks known system directories.
+ * The function resolves symlinks, enforces containment within `workspaceRoot`
+ * (defaults to the app-wide `WORKSPACES_ROOT`), and blocks known system
+ * directories. Pass the per-user root for multi-user isolation.
  */
-export async function validateWorkspacePath(requestedPath: string): Promise<WorkspacePathValidationResult> {
+export async function validateWorkspacePath(
+  requestedPath: string,
+  workspaceRoot: string = WORKSPACES_ROOT,
+): Promise<WorkspacePathValidationResult> {
   try {
     const normalizedRequestedPath = normalizeProjectPath(requestedPath);
     if (!normalizedRequestedPath) {
@@ -267,14 +325,17 @@ export async function validateWorkspacePath(requestedPath: string): Promise<Work
       }
     }
 
-    const resolvedWorkspaceRoot = normalizeProjectPath(await realpath(WORKSPACES_ROOT));
+    // Ensure the workspace root exists before realpath so we can give a clean
+    // error to admins who haven't created it yet. Cheap & idempotent.
+    await mkdir(workspaceRoot, { recursive: true });
+    const resolvedWorkspaceRoot = normalizeProjectPath(await realpath(workspaceRoot));
     if (
       !resolvedPath.startsWith(`${resolvedWorkspaceRoot}${path.sep}`)
       && resolvedPath !== resolvedWorkspaceRoot
     ) {
       return {
         valid: false,
-        error: `Workspace path must be within the allowed workspace root: ${WORKSPACES_ROOT}`,
+        error: `Workspace path must be within the allowed workspace root: ${workspaceRoot}`,
       };
     }