PathBoundary

strict_path::validator::path_boundary

Struct PathBoundary 

Source 
pub struct PathBoundary<Marker = ()> { /* private fields */ }
Expand description

A path boundary that serves as the secure foundation for validated path operations.

SUMMARY: Represent the trusted filesystem root for all strict and virtual path operations. All StrictPath/VirtualPath values derived from a PathBoundary are guaranteed to remain within this boundary.

EXAMPLE:

let boundary = PathBoundary::<()>::try_new_create("./data")?;
let file = boundary.strict_join("logs/app.log")?;
println!("{}", file.strictpath_display());

Implementations§

Source§

impl<Marker> PathBoundary<Marker>

Source

pub fn try_new<P: AsRef<Path>>(restriction_path: P) -> Result<Self>

Creates a new PathBoundary rooted at restriction_path (which must already exist and be a directory).

SUMMARY: Create a boundary anchored at an existing directory (must exist and be a directory).

PARAMETERS:

  • restriction_path (AsRef<Path>): Existing directory to anchor the boundary.

RETURNS:

  • Result<PathBoundary<Marker>>: New boundary whose root is canonicalized and verified to exist.

ERRORS:

  • StrictPathError::InvalidRestriction: Root is missing, not a directory, or cannot be canonicalized.

EXAMPLE: Uses AsRef<Path> for maximum ergonomics, including direct TempDir support for clean shadowing patterns:

use strict_path::PathBoundary;
let tmp_dir = tempfile::tempdir()?;
let tmp_dir = PathBoundary::<()>::try_new(tmp_dir)?; // Clean variable shadowing
Source

pub fn try_new_create<P: AsRef<Path>>(root: P) -> Result<Self>

Creates the directory if missing, then constructs a new PathBoundary.

SUMMARY: Ensure the root exists (create if missing) and construct a new boundary.

PARAMETERS:

  • root (AsRef<Path>): Directory to create if needed and use as boundary root.

RETURNS:

  • Result<PathBoundary<Marker>>: New boundary anchored at root.

ERRORS:

  • StrictPathError::InvalidRestriction: Directory creation/canonicalization fails.

EXAMPLE: Uses AsRef<Path> for maximum ergonomics, including direct TempDir support for clean shadowing patterns:

use strict_path::PathBoundary;
let tmp_dir = tempfile::tempdir()?;
let tmp_dir = PathBoundary::<()>::try_new_create(tmp_dir)?; // Clean variable shadowing
Source

pub fn strict_join( &self, candidate_path: impl AsRef<Path>, ) -> Result<StrictPath<Marker>>

SUMMARY: Join a candidate path to the boundary and return a validated StrictPath.

PARAMETERS:

  • candidate_path (AsRef<Path>): Absolute or relative path to validate within this boundary.

RETURNS:

  • Result<StrictPath<Marker>>: Canonicalized, boundary-checked path.

ERRORS:

  • StrictPathError::WindowsShortName (windows), StrictPathError::PathResolutionError, StrictPathError::PathEscapesBoundary.
Source

pub fn exists(&self) -> bool

Returns true if the PathBoundary root exists.

This is always true for a constructed PathBoundary, but we query the filesystem for robustness.

Source

pub fn interop_path(&self) -> &OsStr

SUMMARY: Return the root path as &OsStr for AsRef<Path> interop (no allocation).

Source

pub fn strictpath_display(&self) -> Display<'_>

Returns a Display wrapper that shows the PathBoundary root system path.

Source

pub fn metadata(&self) -> Result<Metadata>

SUMMARY: Return filesystem metadata for the boundary root.

SUMMARY: Create a symbolic link at link_path pointing to this boundary’s root.

PARAMETERS:

  • link_path (&StrictPath<Marker>): Destination for the symlink, within the same boundary.

RETURNS:

  • io::Result<()>: Mirrors std semantics.

SUMMARY: Create a hard link at link_path pointing to this boundary’s root.

PARAMETERS and RETURNS mirror strict_symlink.

Source

pub fn read_dir(&self) -> Result<ReadDir>

SUMMARY: Read directory entries under the boundary root (discovery only).

Source

pub fn remove_dir(&self) -> Result<()>

SUMMARY: Remove the boundary root directory (non-recursive); fails if not empty.

Source

pub fn remove_dir_all(&self) -> Result<()>

SUMMARY: Recursively remove the boundary root directory and contents.

Source

pub fn virtualize(self) -> VirtualRoot<Marker>

SUMMARY: Convert this boundary into a VirtualRoot for virtual path operations.

Trait Implementations§

Source§

impl<Marker> AsRef<Path> for PathBoundary<Marker>

Source§

fn as_ref(&self) -> &Path

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl<Marker> Clone for PathBoundary<Marker>

Source§

fn clone(&self) -> Self

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<Marker> Debug for PathBoundary<Marker>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<Marker: Default> FromStr for PathBoundary<Marker>

Source§

fn from_str(path: &str) -> Result<Self, Self::Err>

Parse a PathBoundary from a string path for universal ergonomics.

Creates the directory if it doesn’t exist, enabling seamless integration with any string-parsing context (clap, config files, environment variables, etc.):

let temp_dir = tempfile::tempdir()?;
let safe_path = temp_dir.path().join("safe_dir");
let boundary: PathBoundary<()> = safe_path.to_string_lossy().parse()?;
assert!(safe_path.exists());
Source§

type Err = StrictPathError

The associated error which can be returned from parsing.
Source§

impl<Marker> Hash for PathBoundary<Marker>

Source§

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl<Marker> Ord for PathBoundary<Marker>

Source§

fn cmp(&self, other: &Self) -> Ordering

This method returns an Ordering between self and other. Read more
1.21.0 · Source§

fn max(self, other: Self) -> Self
where Self: Sized,

Compares and returns the maximum of two values. Read more
1.21.0 · Source§

fn min(self, other: Self) -> Self
where Self: Sized,

Compares and returns the minimum of two values. Read more
1.50.0 · Source§

fn clamp(self, min: Self, max: Self) -> Self
where Self: Sized,

Restrict a value to a certain interval. Read more
Source§

impl<Marker> PartialEq<&Path> for PathBoundary<Marker>

Source§

fn eq(&self, other: &&Path) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<Marker> PartialEq<Path> for PathBoundary<Marker>

Source§

fn eq(&self, other: &Path) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<Marker> PartialEq<PathBoundary<Marker>> for VirtualRoot<Marker>

Source§

fn eq(&self, other: &PathBoundary<Marker>) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<Marker> PartialEq<PathBuf> for PathBoundary<Marker>

Source§

fn eq(&self, other: &PathBuf) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<Marker> PartialEq<VirtualRoot<Marker>> for PathBoundary<Marker>

Source§

fn eq(&self, other: &VirtualRoot<Marker>) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<Marker> PartialEq for PathBoundary<Marker>

Source§

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<Marker> PartialOrd for PathBoundary<Marker>

Source§

fn partial_cmp(&self, other: &Self) -> Option<Ordering>

This method returns an ordering between self and other values if one exists. Read more
1.0.0 · Source§

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator. Read more
1.0.0 · Source§

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator. Read more
1.0.0 · Source§

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator. Read more
1.0.0 · Source§

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator. Read more
Source§

impl<Marker> Eq for PathBoundary<Marker>

Auto Trait Implementations§

§

impl<Marker> Freeze for PathBoundary<Marker>

§

impl<Marker> RefUnwindSafe for PathBoundary<Marker>
where Marker: RefUnwindSafe,

§

impl<Marker> Send for PathBoundary<Marker>
where Marker: Send,

§

impl<Marker> Sync for PathBoundary<Marker>
where Marker: Sync,

§

impl<Marker> Unpin for PathBoundary<Marker>
where Marker: Unpin,

§

impl<Marker> UnwindSafe for PathBoundary<Marker>
where Marker: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.