Struct ashpd::documents::DocumentsProxy[−][src]

pub struct DocumentsProxy<'a>(_);

Expand description

The interface lets sandboxed applications make files from the outside world available to sandboxed applications in a controlled way.

Exported files will be made accessible to the application via a fuse filesystem that gets mounted at /run/user/$UID/doc/. The filesystem gets mounted both outside and inside the sandbox, but the view inside the sandbox is restricted to just those files that the application is allowed to access.

Individual files will appear at /run/user/$UID/doc/$DOC_ID/filename, where $DOC_ID is the ID of the file in the document store. It is returned by the DocumentsProxy::add and DocumentsProxy::add_named calls.

The permissions that the application has for a document store entry (see DocumentsProxy::grant_permissions) are reflected in the POSIX mode bits in the fuse filesystem.

Implementations

impl<'a> DocumentsProxy<'a>

pub async fn new(connection: &Connection) -> Result<DocumentsProxy<'a>, Error>

Create a new instance of DocumentsProxy.

pub fn inner(&self) -> &Proxy<'_>

Get a reference to the underlying Proxy.

pub async fn add<F>(
    &self, 
    o_path_fd: F, 
    reuse_existing: bool, 
    persistent: bool
) -> Result<String, Error> where
    F: AsRawFd + Serialize + Type + Debug,

Adds a file to the document store. The file is passed in the form of an open file descriptor to prove that the caller has access to the file.

Returns the ID of the file in the document store.

Arguments

o_path_fd - Open file descriptor for the file to add.
reuse_existing - Whether to reuse an existing document store entry for the file.
persistent - Whether to add the file only for this session or permanently.

pub async fn add_full(
    &self, 
    o_path_fds: &[Fd], 
    flags: BitFlags<Flags>, 
    app_id: &str, 
    permissions: &[Permission]
) -> Result<(Vec<String>, HashMap<String, OwnedValue>), Error>

Adds multiple files to the document store. The files are passed in the form of an open file descriptor to prove that the caller has access to the file.

Returns the IDs of the files in the document store along with other extra info.

Arguments

o_path_fds - Open file descriptors for the files to export.
flags - A Flags.
app_id - An application ID, or empty string.
permissions - The permissions to grant.

pub async fn add_named<F>(
    &self, 
    o_path_parent_fd: F, 
    filename: &str, 
    reuse_existing: bool, 
    persistent: bool
) -> Result<String, Error> where
    F: AsRawFd + Serialize + Type + Debug,

Creates an entry in the document store for writing a new file.

Returns the ID of the file in the document store.

Arguments

o_path_parent_fd - Open file descriptor for the parent directory.
filename - The basename for the file.
reuse_existing - Whether to reuse an existing document store entry for the file.
persistent - Whether to add the file only for this session or permanently.

pub async fn add_named_full<F>(
    &self, 
    o_path_fd: F, 
    filename: &str, 
    flags: BitFlags<Flags>, 
    app_id: &str, 
    permissions: &[Permission]
) -> Result<(String, HashMap<String, OwnedValue>), Error> where
    F: AsRawFd + Serialize + Type + Debug,

Adds multiple files to the document store. The files are passed in the form of an open file descriptor to prove that the caller has access to the file.

Returns the ID of the file in the document store along with other extra info.

Arguments

o_path_fd - Open file descriptor for the parent directory.
filename - The basename for the file.
flags - A Flags.
app_id - An application ID, or empty string.
permissions - The permissions to grant.

pub async fn delete(&self, doc_id: &str) -> Result<(), Error>

Removes an entry from the document store. The file itself is not deleted. This call is available inside the sandbox if the application has the ‘delete’ permission for the document.

Arguments

doc_id - The ID of the file in the document store.

pub async fn mount_point(&self) -> Result<String, Error>

Returns the path at which the document store fuse filesystem is mounted. This will typically be /run/user/$UID/doc/.

pub async fn grant_permissions(
    &self, 
    doc_id: &str, 
    app_id: &str, 
    permissions: &[Permission]
) -> Result<(), Error>

Grants access permissions for a file in the document store to an application. This call is available inside the sandbox if the application has the ‘grant-permissions’ permission for the document.

Arguments

doc_id - The ID of the file in the document store.
app_id - The ID of the application to which permissions are granted.
permissions - The permissions to grant.

pub async fn info(&self, doc_id: &str) -> Result<(String, Permissions), Error>

Gets the filesystem path and application permissions for a document store entry.

Returns the path of the file in the host filesystem along with the Permissions

Arguments

doc_id - The ID of the file in the document store.

pub async fn list(&self, app_id: &str) -> Result<HashMap<String, String>, Error>

Lists documents in the document store for an application (or for all applications).

Returns a HashMap mapping document IDs to their filesystem path on the host system

Arguments

app-id - The application ID, or ‘’ to list all documents.

pub async fn lookup(&self, filename: &str) -> Result<String, Error>

Looks up the document ID for a file. This call is not available inside the sandbox.

Returns the ID of the file in the document store, or ‘’ if the file is not in the document store

Arguments

filename - A path in the host filesystem.

pub async fn revoke_permissions(
    &self, 
    doc_id: &str, 
    app_id: &str, 
    permissions: &[Permission]
) -> Result<(), Error>

Revokes access permissions for a file in the document store from an application. This call is available inside the sandbox if the application has the ‘grant-permissions’ permission for the document.

Arguments

doc_id - The ID of the file in the document store.
app_id - The ID of the application from which permissions are revoked.
permissions - The permissions to revoke.

Trait Implementations

impl<'a> Debug for DocumentsProxy<'a>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations

impl<'a> !RefUnwindSafe for DocumentsProxy<'a>

impl<'a> Send for DocumentsProxy<'a>

impl<'a> Sync for DocumentsProxy<'a>

impl<'a> Unpin for DocumentsProxy<'a>

impl<'a> !UnwindSafe for DocumentsProxy<'a>

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized,

pub fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T where
    T: ?Sized,

pub fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T where
    T: ?Sized,

pub fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

pub fn from(t: T) -> T

Performs the conversion.

impl<T, U> Into<U> for T where
    U: From<T>,

pub fn into(self) -> U

Performs the conversion.

impl<T, U> TryFrom<U> for T where
    U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

pub fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T where
    V: MultiLane<T>,

pub fn vzip(self) -> V