Struct PathPolicy 

pub struct PathPolicy { /* private fields */ }

Policy controlling how input paths are resolved and opened.

Construct with PathPolicy::new (or Default) and refine with the builder-style methods.

Implementations

impl PathPolicy

pub const fn new() -> Self

Create a policy with safe defaults: no base-directory confinement, symlinks allowed (but resolved and re-checked), and a DEFAULT_MAX_FILE_SIZE byte cap.

pub fn base_dir(self, base: impl Into<PathBuf>) -> Self

Confine all inputs to base: resolved paths must stay within it.

pub const fn allow_symlinks(self, allow: bool) -> Self

Allow (true, the default) or deny (false) symbolic links.

pub const fn max_file_size(self, limit: u64) -> Self

Set the maximum number of bytes that may be read from a single input.

pub const fn limit(&self) -> u64

The configured byte limit.

pub fn open(&self, requested: &Path) -> Result<OpenedFile, PathSecurityError>

Resolve, validate and open requested, returning an OpenedFile.

Errors

Returns a PathSecurityError if the path is empty, contains an interior NUL, traverses outside the configured base directory, is a disallowed symlink, is not a regular file, exceeds the size limit, or cannot be accessed.

pub fn read(&self, requested: &Path) -> Result<Vec<u8>, PathSecurityError>

Open requested and read its contents, hard-capped at the byte limit.

Errors

As for PathPolicy::open, plus PathSecurityError::TooLarge if the file streams more than the configured limit.

Trait Implementations

impl Clone for PathPolicy

fn clone(&self) -> PathPolicy

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for PathPolicy

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for PathPolicy

fn default() -> Self

Returns the “default value” for a type.