refactor: streamline ALLOWED_ROOT_DIRECTORY handling and remove legacy support

This commit refactors the handling of ALLOWED_ROOT_DIRECTORY by removing legacy support for ALLOWED_PROJECT_DIRS and simplifying the security logic. Key changes include: - Removed deprecated ALLOWED_PROJECT_DIRS references from .env.example and security.ts. - Updated initAllowedPaths() to focus solely on ALLOWED_ROOT_DIRECTORY and DATA_DIR. - Enhanced logging for ALLOWED_ROOT_DIRECTORY configuration status. - Adjusted route handlers to utilize the new workspace directory logic. - Introduced a centralized storage module for localStorage operations to improve consistency and error handling. These changes aim to enhance security and maintainability by consolidating directory management into a single variable. Tests: All unit tests passing.
2026-03-19 22:53:08 +00:00 · 2025-12-20 20:49:28 -05:00
parent f3c9e828e2
commit 86d92e610b
17 changed files with 485 additions and 244 deletions
--- a/apps/ui/src/lib/storage.ts
+++ b/apps/ui/src/lib/storage.ts
@@ -0,0 +1,100 @@
+/**
+ * Centralized localStorage abstraction module
+ *
+ * Provides type-safe wrappers for all localStorage operations.
+ * All localStorage access should go through this module to ensure
+ * consistent error handling and environment checks.
+ */
+
+/**
+ * Check if localStorage is available in the current environment
+ */
+function isStorageAvailable(): boolean {
+  return typeof window !== "undefined" && window.localStorage !== undefined;
+}
+
+/**
+ * Get an item from localStorage
+ * @param key - The storage key
+ * @returns The stored value or null if not found/unavailable
+ */
+export function getItem(key: string): string | null {
+  if (!isStorageAvailable()) return null;
+  try {
+    return window.localStorage.getItem(key);
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Set an item in localStorage
+ * @param key - The storage key
+ * @param value - The value to store
+ * @returns true if successful, false otherwise
+ */
+export function setItem(key: string, value: string): boolean {
+  if (!isStorageAvailable()) return false;
+  try {
+    window.localStorage.setItem(key, value);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Remove an item from localStorage
+ * @param key - The storage key to remove
+ * @returns true if successful, false otherwise
+ */
+export function removeItem(key: string): boolean {
+  if (!isStorageAvailable()) return false;
+  try {
+    window.localStorage.removeItem(key);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Get a JSON-parsed item from localStorage
+ * @param key - The storage key
+ * @returns The parsed value or null if not found/invalid
+ */
+export function getJSON<T>(key: string): T | null {
+  const value = getItem(key);
+  if (!value) return null;
+  try {
+    return JSON.parse(value) as T;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Set a JSON-stringified item in localStorage
+ * @param key - The storage key
+ * @param value - The value to stringify and store
+ * @returns true if successful, false otherwise
+ */
+export function setJSON<T>(key: string, value: T): boolean {
+  try {
+    return setItem(key, JSON.stringify(value));
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Storage module for named exports
+ */
+export const storage = {
+  getItem,
+  setItem,
+  removeItem,
+  getJSON,
+  setJSON,
+  isAvailable: isStorageAvailable,
+};