Skip to content
Tauri 中文网
指南 手册 公告 🌐 Nodejs.cn

文件系统

GitHub npm crates.io
API Reference

访问文件系统。

🌐 Access the file system.

支持的平台

Section titled “支持的平台”

🌐 Supported Platforms

This plugin requires a Rust version of at least 1.77.2

Platform Level Notes
windows

Apps installed via MSI or NSIS in perMachine and both mode require admin permissions for write access in $RESOURCES folder
linux

No write access to $RESOURCES folder
macos

No write access to $RESOURCES folder
android

Access is restricted to Application folder by default
ios

Access is restricted to Application folder by default

设置

Section titled “设置”

🌐 Setup

安装 fs 插件即可开始使用。

🌐 Install the fs plugin to get started.

使用项目的包管理器添加依赖:

npm run tauri add fs

配置

Section titled “配置”

🌐 Configuration

Android

Section titled “Android”

使用音频、缓存、文档、下载、图片、公共或视频目录时,你的应用必须有权访问外部存储。

🌐 When using the audio, cache, documents, downloads, picture, public or video directories your app must have access to the external storage.

gen/android/app/src/main/AndroidManifest.xml 文件中的 manifest 标签中包含以下权限:

🌐 Include the following permissions to the manifest tag in the gen/android/app/src/main/AndroidManifest.xml file:

<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />

iOS

Section titled “iOS”

Apple 要求应用开发者指定 API 使用批准的原因,以增强用户隐私。

🌐 Apple requires app developers to specify approved reasons for API usage to enhance user privacy.

你必须在 src-tauri/gen/apple 文件夹中创建一个 PrivacyInfo.xcprivacy 文件,并包含所需的 NSPrivacyAccessedAPICategoryFileTimestamp 键和 C617.1 推荐的理由。

🌐 You must create a PrivacyInfo.xcprivacy file in the src-tauri/gen/apple folder with the required NSPrivacyAccessedAPICategoryFileTimestamp key and the C617.1 recommended reason.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>NSPrivacyAccessedAPITypes</key>
    <array>
      <dict>
        <key>NSPrivacyAccessedAPIType</key>
        <string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
        <key>NSPrivacyAccessedAPITypeReasons</key>
        <array>
          <string>C617.1</string>
        </array>
      </dict>
    </array>
  </dict>
</plist>

使用

Section titled “使用”

🌐 Usage

fs 插件同时在 JavaScript 和 Rust 中可用。

import { exists, BaseDirectory } from '@tauri-apps/plugin-fs';
// when using `"withGlobalTauri": true`, you may use
// const { exists, BaseDirectory } = window.__TAURI__.fs;


// Check if the `$APPDATA/avatar.png` file exists
await exists('avatar.png', { baseDir: BaseDirectory.AppData });

安全

Section titled “安全”

🌐 Security

此模块防止路径遍历,不允许使用父目录访问符(即不允许使用 “/usr/path/to/../file” 或 ”../path/to/file” 路径)。 通过此 API 访问的路径必须相对于其中一个 基础目录 或使用 path API 创建。

🌐 This module prevents path traversal, not allowing parent directory accessors to be used (i.e. “/usr/path/to/../file” or ”../path/to/file” paths are not allowed). Paths accessed with this API must be either relative to one of the base directories or created with the path API.

有关更多信息,请参阅 [@tauri-apps/plugin-fs - 安全]。

🌐 See @tauri-apps/plugin-fs - Security for more information.

路径

Section titled “路径”

🌐 Paths

文件系统插件提供两种操作路径的方法:[基本目录]和[路径 API]。

🌐 The file system plugin offers two ways of manipulating paths: the base directory and the path API.

  • 基本目录

    每个 API 都有一个 options 参数,它允许你定义一个 基础目录,该 基础目录 作为操作的工作目录。

    import { readFile } from '@tauri-apps/plugin-fs';
    const contents = await readFile('avatars/tauri.png', {
      baseDir: BaseDirectory.Home,
    });

    在上面的例子中,由于我们使用的是 Home 基目录,因此会读取 ~/avatars/tauri.png 文件。

  • 路径 API

    或者,你可以使用路径 API 来执行路径操作。

    import { readFile } from '@tauri-apps/plugin-fs';
    import * as path from '@tauri-apps/api/path';
    const home = await path.homeDir();
    const contents = await readFile(await path.join(home, 'avatars/tauri.png'));

文件

Section titled “文件”

🌐 Files

创建

Section titled “创建”

🌐 Create

创建一个文件并返回它的句柄。如果文件已存在,则会被截断。

🌐 Creates a file and returns a handle to it. If the file already exists, it is truncated.

import { create, BaseDirectory } from '@tauri-apps/plugin-fs';
const file = await create('foo/bar.txt', { baseDir: BaseDirectory.AppData });
await file.write(new TextEncoder().encode('Hello world'));
await file.close();

写入

Section titled “写入”

🌐 Write

该插件提供单独的 API 用于写入文本和二进制文件以提高性能。

🌐 The plugin offers separate APIs for writing text and binary files for performance.

  • 文本文件

    import { writeTextFile, BaseDirectory } from '@tauri-apps/plugin-fs';
    const contents = JSON.stringify({ notifications: true });
    await writeTextFile('config.json', contents, {
      baseDir: BaseDirectory.AppConfig,
    });

  • 二进制文件

    import { writeFile, BaseDirectory } from '@tauri-apps/plugin-fs';
    const contents = new Uint8Array(); // fill a byte array
    await writeFile('config', contents, {
      baseDir: BaseDirectory.AppConfig,
    });

打开

Section titled “打开”

🌐 Open

打开一个文件并返回其句柄。使用此 API,你可以更好地控制文件的打开方式(只读模式、只写模式、追加而不是覆盖、仅当文件不存在时创建等)。

🌐 Opens a file and returns a handle to it. With this API you have more control over how the file should be opened (read-only mode, write-only mode, append instead of overwrite, only create if it does not exist, etc).

  • read-only

    这是默认模式。

    import { open, BaseDirectory } from '@tauri-apps/plugin-fs';
    const file = await open('foo/bar.txt', {
      read: true,
      baseDir: BaseDirectory.AppData,
    });
    

    const stat = await file.stat();
    const buf = new Uint8Array(stat.size);
    await file.read(buf);
    const textContents = new TextDecoder().decode(buf);
    await file.close();

  • write-only

    import { open, BaseDirectory } from '@tauri-apps/plugin-fs';
    const file = await open('foo/bar.txt', {
      write: true,
      baseDir: BaseDirectory.AppData,
    });
    await file.write(new TextEncoder().encode('Hello world'));
    await file.close();

    默认情况下,文件在任何 file.write() 调用时都会被截断。请参见以下示例以了解如何改为附加到现有内容。

  • append

    import { open, BaseDirectory } from '@tauri-apps/plugin-fs';
    const file = await open('foo/bar.txt', {
      append: true,
      baseDir: BaseDirectory.AppData,
    });
    await file.write(new TextEncoder().encode('world'));
    await file.close();

    请注意,{ append: true } 的效果与 { write: true, append: true } 相同。

  • truncate

    当设置 truncate 选项且文件已存在时,它将被截断为长度 0。

    import { open, BaseDirectory } from '@tauri-apps/plugin-fs';
    const file = await open('foo/bar.txt', {
      write: true,
      truncate: true,
      baseDir: BaseDirectory.AppData,
    });
    await file.write(new TextEncoder().encode('world'));
    await file.close();

    此选项要求 writetrue

    如果你想使用多个 file.write() 调用重写现有文件,你可以将其与 append 选项一起使用。

  • create

    默认情况下,open API 仅打开现有文件。要在文件不存在时创建它,如果存在则打开它,请将 create 设置为 true

    import { open, BaseDirectory } from '@tauri-apps/plugin-fs';
    const file = await open('foo/bar.txt', {
      write: true,
      create: true,
      baseDir: BaseDirectory.AppData,
    });
    await file.write(new TextEncoder().encode('world'));
    await file.close();

    为了创建该文件,writeappend也必须设置为true

    如果文件已存在而失败,请参阅 createNew

  • createNew

    createNew 的工作方式类似于 create,但如果文件已存在则会失败。

    import { open, BaseDirectory } from '@tauri-apps/plugin-fs';
    const file = await open('foo/bar.txt', {
      write: true,
      createNew: true,
      baseDir: BaseDirectory.AppData,
    });
    await file.write(new TextEncoder().encode('world'));
    await file.close();

    为了创建该文件,write 也必须设置为 true

阅读

Section titled “阅读”

🌐 Read

该插件提供单独的 API 用于读取文本和二进制文件以提高性能。

🌐 The plugin offers separate APIs for reading text and binary files for performance.

  • 文本文件

    import { readTextFile, BaseDirectory } from '@tauri-apps/plugin-fs';
    const configToml = await readTextFile('config.toml', {
      baseDir: BaseDirectory.AppConfig,
    });

    如果文件很大,你可以使用 readTextFileLines API 流式读取其行:

    import { readTextFileLines, BaseDirectory } from '@tauri-apps/plugin-fs';
    const lines = await readTextFileLines('app.logs', {
      baseDir: BaseDirectory.AppLog,
    });
    for await (const line of lines) {
      console.log(line);
    }

  • 二进制文件

    import { readFile, BaseDirectory } from '@tauri-apps/plugin-fs';
    const icon = await readFile('icon.png', {
      baseDir: BaseDirectory.Resources,
    });

删除

Section titled “删除”

🌐 Remove

调用 remove() 删除文件。如果文件不存在,将返回错误。

🌐 Call remove() to delete a file. If the file does not exist, an error is returned.

import { remove, BaseDirectory } from '@tauri-apps/plugin-fs';
await remove('user.db', { baseDir: BaseDirectory.AppLocalData });

复制

Section titled “复制”

🌐 Copy

copyFile 函数接受源路径和目标路径。请注意,你必须单独配置每个基础目录。

🌐 The copyFile function takes the source and destination paths. Note that you must configure each base directory separately.

import { copyFile, BaseDirectory } from '@tauri-apps/plugin-fs';
await copyFile('user.db', 'user.db.bk', {
  fromPathBaseDir: BaseDirectory.AppLocalData,
  toPathBaseDir: BaseDirectory.Temp,
});

在上述示例中,<app-local-data>/user.db 文件被复制到 $TMPDIR/user.db.bk。

存在

Section titled “存在”

🌐 Exists

使用 exists() 函数来检查文件是否存在:

🌐 Use the exists() function to check if a file exists:

import { exists, BaseDirectory } from '@tauri-apps/plugin-fs';
const tokenExists = await exists('token', {
  baseDir: BaseDirectory.AppLocalData,
});

元数据

Section titled “元数据”

🌐 Metadata

可以使用 statlstat 函数检索文件元数据。stat 会跟随符号链接(如果它指向的实际文件不在允许范围内,则返回错误),而 lstat 不会跟随符号链接,返回符号链接本身的信息。

🌐 File metadata can be retrieved with the stat and the lstat functions. stat follows symlinks (and returns an error if the actual file it points to is not allowed by the scope) and lstat does not follow symlinks, returning the information of the symlink itself.

import { stat, BaseDirectory } from '@tauri-apps/plugin-fs';
const metadata = await stat('app.db', {
  baseDir: BaseDirectory.AppLocalData,
});

重命名

Section titled “重命名”

🌐 Rename

rename 函数接受源路径和目标路径。请注意,你必须单独配置每个基础目录。

🌐 The rename function takes the source and destination paths. Note that you must configure each base directory separately.

import { rename, BaseDirectory } from '@tauri-apps/plugin-fs';
await rename('user.db.bk', 'user.db', {
  fromPathBaseDir: BaseDirectory.AppLocalData,
  toPathBaseDir: BaseDirectory.Temp,
});

在上述示例中,<app-local-data>/user.db.bk 文件被重命名为 $TMPDIR/user.db。

截断

Section titled “截断”

🌐 Truncate

截断或扩展指定的文件以达到指定的文件长度(默认为 0)。

🌐 Truncates or extends the specified file to reach the specified file length (defaults to 0).

  • 截断为 0 长度
import { truncate } from '@tauri-apps/plugin-fs';
await truncate('my_file.txt', 0, { baseDir: BaseDirectory.AppLocalData });
  • 截断为特定长度
import {
  truncate,
  readTextFile,
  writeTextFile,
  BaseDirectory,
} from '@tauri-apps/plugin-fs';


const filePath = 'file.txt';
await writeTextFile(filePath, 'Hello World', {
  baseDir: BaseDirectory.AppLocalData,
});
await truncate(filePath, 7, {
  baseDir: BaseDirectory.AppLocalData,
});
const data = await readTextFile(filePath, {
  baseDir: BaseDirectory.AppLocalData,
});
console.log(data); // "Hello W"

目录

Section titled “目录”

🌐 Directories

创建

Section titled “创建”

🌐 Create

要创建一个目录,调用 mkdir 函数:

🌐 To create a directory, call the mkdir function:

import { mkdir, BaseDirectory } from '@tauri-apps/plugin-fs';
await mkdir('images', {
  baseDir: BaseDirectory.AppLocalData,
});

阅读

Section titled “阅读”

🌐 Read

readDir 函数递归列出目录的条目:

🌐 The readDir function recursively lists the entries of a directory:

import { readDir, BaseDirectory } from '@tauri-apps/plugin-fs';
const entries = await readDir('users', { baseDir: BaseDirectory.AppLocalData });

删除

Section titled “删除”

🌐 Remove

调用 remove() 删除目录。如果目录不存在,将返回错误。

🌐 Call remove() to delete a directory. If the directory does not exist, an error is returned.

import { remove, BaseDirectory } from '@tauri-apps/plugin-fs';
await remove('images', { baseDir: BaseDirectory.AppLocalData });

如果目录不为空,必须将 recursive 选项设置为 true

🌐 If the directory is not empty, the recursive option must be set to true:

import { remove, BaseDirectory } from '@tauri-apps/plugin-fs';
await remove('images', {
  baseDir: BaseDirectory.AppLocalData,
  recursive: true,
});

存在

Section titled “存在”

🌐 Exists

使用 exists() 函数来检查目录是否存在:

🌐 Use the exists() function to check if a directory exists:

import { exists, BaseDirectory } from '@tauri-apps/plugin-fs';
const tokenExists = await exists('images', {
  baseDir: BaseDirectory.AppLocalData,
});

元数据

Section titled “元数据”

🌐 Metadata

可以使用 statlstat 函数检索目录元数据。stat 会跟随符号链接(如果它指向的实际文件不在允许范围内,则返回错误),而 lstat 不会跟随符号链接,返回符号链接本身的信息。

🌐 Directory metadata can be retrieved with the stat and the lstat functions. stat follows symlinks (and returns an error if the actual file it points to is not allowed by the scope) and lstat does not follow symlinks, returning the information of the symlink itself.

import { stat, BaseDirectory } from '@tauri-apps/plugin-fs';
const metadata = await stat('databases', {
  baseDir: BaseDirectory.AppLocalData,
});

观察变化

Section titled “观察变化”

🌐 Watching changes

要监视目录或文件的更改,请使用 watchwatchImmediate 函数。

🌐 To watch a directory or file for changes, use the watch or watchImmediate functions.

  • watch

    watch 经过防抖处理,因此它只会在一定延迟后触发事件:

    import { watch, BaseDirectory } from '@tauri-apps/plugin-fs';
    await watch(
      'app.log',
      (event) => {
        console.log('app.log event', event);
      },
      {
        baseDir: BaseDirectory.AppLog,
        delayMs: 500,
      }
    );

  • watchImmediate

    watchImmediate 立即通知监听器事件:

    import { watchImmediate, BaseDirectory } from '@tauri-apps/plugin-fs';
    await watchImmediate(
      'logs',
      (event) => {
        console.log('logs directory event', event);
      },
      {
        baseDir: BaseDirectory.AppLog,
        recursive: true,
      }
    );

默认情况下,对目录的监视操作不是递归的。将 recursive 选项设置为 true 可以递归地监视所有子目录的变化。

🌐 By default watch operations on a directory are not recursive. Set the recursive option to true to recursively watch for changes on all sub-directories.

权限

Section titled “权限”

🌐 Permissions

默认情况下,所有潜在危险的插件命令和作用域都会被阻止,无法访问。你必须在 capabilities 配置中修改权限以启用这些功能。

🌐 By default all potentially dangerous plugin commands and scopes are blocked and cannot be accessed. You must modify the permissions in your capabilities configuration to enable these.

有关更多信息,请参见功能概览,有关使用插件权限的分步指南,请参见分步指南

🌐 See the Capabilities Overview for more information and the step by step guide to use plugin permissions.

src-tauri/capabilities/default.json
{
  "$schema": "../gen/schemas/desktop-schema.json",
  "identifier": "main-capability",
  "description": "Capability for the main window",
  "windows": ["main"],
  "permissions": [
    "fs:default",
    {
      "identifier": "fs:allow-exists",
      "allow": [{ "path": "$APPDATA/*" }]
    }
  ]
}

Default Permission

This set of permissions describes the what kind of file system access the fs plugin has enabled or denied by default.

Granted Permissions

This default permission set enables read access to the application specific directories (AppConfig, AppData, AppLocalData, AppCache, AppLog) and all files and sub directories created in it. The location of these directories depends on the operating system, where the application is run.

In general these directories need to be manually created by the application at runtime, before accessing files or folders in it is possible.

Therefore, it is also allowed to create all of these folders via the mkdir command.

Denied Permissions

This default permission set prevents access to critical components of the Tauri application by default. On Windows the webview data folder access is denied.

This default permission set includes the following:

  • create-app-specific-dirs
  • read-app-specific-dirs-recursive
  • deny-default

Permission Table

Identifier Description

fs:allow-app-read-recursive

This allows full recursive read access to the complete application folders, files and subdirectories.

fs:allow-app-write-recursive

This allows full recursive write access to the complete application folders, files and subdirectories.

fs:allow-app-read

This allows non-recursive read access to the application folders.

fs:allow-app-write

This allows non-recursive write access to the application folders.

fs:allow-app-meta-recursive

This allows full recursive read access to metadata of the application folders, including file listing and statistics.

fs:allow-app-meta

This allows non-recursive read access to metadata of the application folders, including file listing and statistics.

fs:scope-app-recursive

This scope permits recursive access to the complete application folders, including sub directories and files.

fs:scope-app

This scope permits access to all files and list content of top level directories in the application folders.

fs:scope-app-index

This scope permits to list all files and folders in the application directories.

fs:allow-appcache-read-recursive

This allows full recursive read access to the complete $APPCACHE folder, files and subdirectories.

fs:allow-appcache-write-recursive

This allows full recursive write access to the complete $APPCACHE folder, files and subdirectories.

fs:allow-appcache-read

This allows non-recursive read access to the $APPCACHE folder.

fs:allow-appcache-write

This allows non-recursive write access to the $APPCACHE folder.

fs:allow-appcache-meta-recursive

This allows full recursive read access to metadata of the $APPCACHE folder, including file listing and statistics.

fs:allow-appcache-meta

This allows non-recursive read access to metadata of the $APPCACHE folder, including file listing and statistics.

fs:scope-appcache-recursive

This scope permits recursive access to the complete $APPCACHE folder, including sub directories and files.

fs:scope-appcache

This scope permits access to all files and list content of top level directories in the $APPCACHE folder.

fs:scope-appcache-index

This scope permits to list all files and folders in the $APPCACHEfolder.

fs:allow-appconfig-read-recursive

This allows full recursive read access to the complete $APPCONFIG folder, files and subdirectories.

fs:allow-appconfig-write-recursive

This allows full recursive write access to the complete $APPCONFIG folder, files and subdirectories.

fs:allow-appconfig-read

This allows non-recursive read access to the $APPCONFIG folder.

fs:allow-appconfig-write

This allows non-recursive write access to the $APPCONFIG folder.

fs:allow-appconfig-meta-recursive

This allows full recursive read access to metadata of the $APPCONFIG folder, including file listing and statistics.

fs:allow-appconfig-meta

This allows non-recursive read access to metadata of the $APPCONFIG folder, including file listing and statistics.

fs:scope-appconfig-recursive

This scope permits recursive access to the complete $APPCONFIG folder, including sub directories and files.

fs:scope-appconfig

This scope permits access to all files and list content of top level directories in the $APPCONFIG folder.

fs:scope-appconfig-index

This scope permits to list all files and folders in the $APPCONFIGfolder.

fs:allow-appdata-read-recursive

This allows full recursive read access to the complete $APPDATA folder, files and subdirectories.

fs:allow-appdata-write-recursive

This allows full recursive write access to the complete $APPDATA folder, files and subdirectories.

fs:allow-appdata-read

This allows non-recursive read access to the $APPDATA folder.

fs:allow-appdata-write

This allows non-recursive write access to the $APPDATA folder.

fs:allow-appdata-meta-recursive

This allows full recursive read access to metadata of the $APPDATA folder, including file listing and statistics.

fs:allow-appdata-meta

This allows non-recursive read access to metadata of the $APPDATA folder, including file listing and statistics.

fs:scope-appdata-recursive

This scope permits recursive access to the complete $APPDATA folder, including sub directories and files.

fs:scope-appdata

This scope permits access to all files and list content of top level directories in the $APPDATA folder.

fs:scope-appdata-index

This scope permits to list all files and folders in the $APPDATAfolder.

fs:allow-applocaldata-read-recursive

This allows full recursive read access to the complete $APPLOCALDATA folder, files and subdirectories.

fs:allow-applocaldata-write-recursive

This allows full recursive write access to the complete $APPLOCALDATA folder, files and subdirectories.

fs:allow-applocaldata-read

This allows non-recursive read access to the $APPLOCALDATA folder.

fs:allow-applocaldata-write

This allows non-recursive write access to the $APPLOCALDATA folder.

fs:allow-applocaldata-meta-recursive

This allows full recursive read access to metadata of the $APPLOCALDATA folder, including file listing and statistics.

fs:allow-applocaldata-meta

This allows non-recursive read access to metadata of the $APPLOCALDATA folder, including file listing and statistics.

fs:scope-applocaldata-recursive

This scope permits recursive access to the complete $APPLOCALDATA folder, including sub directories and files.

fs:scope-applocaldata

This scope permits access to all files and list content of top level directories in the $APPLOCALDATA folder.

fs:scope-applocaldata-index

This scope permits to list all files and folders in the $APPLOCALDATAfolder.

fs:allow-applog-read-recursive

This allows full recursive read access to the complete $APPLOG folder, files and subdirectories.

fs:allow-applog-write-recursive

This allows full recursive write access to the complete $APPLOG folder, files and subdirectories.

fs:allow-applog-read

This allows non-recursive read access to the $APPLOG folder.

fs:allow-applog-write

This allows non-recursive write access to the $APPLOG folder.

fs:allow-applog-meta-recursive

This allows full recursive read access to metadata of the $APPLOG folder, including file listing and statistics.

fs:allow-applog-meta

This allows non-recursive read access to metadata of the $APPLOG folder, including file listing and statistics.

fs:scope-applog-recursive

This scope permits recursive access to the complete $APPLOG folder, including sub directories and files.

fs:scope-applog

This scope permits access to all files and list content of top level directories in the $APPLOG folder.

fs:scope-applog-index

This scope permits to list all files and folders in the $APPLOGfolder.

fs:allow-audio-read-recursive

This allows full recursive read access to the complete $AUDIO folder, files and subdirectories.

fs:allow-audio-write-recursive

This allows full recursive write access to the complete $AUDIO folder, files and subdirectories.

fs:allow-audio-read

This allows non-recursive read access to the $AUDIO folder.

fs:allow-audio-write

This allows non-recursive write access to the $AUDIO folder.

fs:allow-audio-meta-recursive

This allows full recursive read access to metadata of the $AUDIO folder, including file listing and statistics.

fs:allow-audio-meta

This allows non-recursive read access to metadata of the $AUDIO folder, including file listing and statistics.

fs:scope-audio-recursive

This scope permits recursive access to the complete $AUDIO folder, including sub directories and files.

fs:scope-audio

This scope permits access to all files and list content of top level directories in the $AUDIO folder.

fs:scope-audio-index

This scope permits to list all files and folders in the $AUDIOfolder.

fs:allow-cache-read-recursive

This allows full recursive read access to the complete $CACHE folder, files and subdirectories.

fs:allow-cache-write-recursive

This allows full recursive write access to the complete $CACHE folder, files and subdirectories.

fs:allow-cache-read

This allows non-recursive read access to the $CACHE folder.

fs:allow-cache-write

This allows non-recursive write access to the $CACHE folder.

fs:allow-cache-meta-recursive

This allows full recursive read access to metadata of the $CACHE folder, including file listing and statistics.

fs:allow-cache-meta

This allows non-recursive read access to metadata of the $CACHE folder, including file listing and statistics.

fs:scope-cache-recursive

This scope permits recursive access to the complete $CACHE folder, including sub directories and files.

fs:scope-cache

This scope permits access to all files and list content of top level directories in the $CACHE folder.

fs:scope-cache-index

This scope permits to list all files and folders in the $CACHEfolder.

fs:allow-config-read-recursive

This allows full recursive read access to the complete $CONFIG folder, files and subdirectories.

fs:allow-config-write-recursive

This allows full recursive write access to the complete $CONFIG folder, files and subdirectories.

fs:allow-config-read

This allows non-recursive read access to the $CONFIG folder.

fs:allow-config-write

This allows non-recursive write access to the $CONFIG folder.

fs:allow-config-meta-recursive

This allows full recursive read access to metadata of the $CONFIG folder, including file listing and statistics.

fs:allow-config-meta

This allows non-recursive read access to metadata of the $CONFIG folder, including file listing and statistics.

fs:scope-config-recursive

This scope permits recursive access to the complete $CONFIG folder, including sub directories and files.

fs:scope-config

This scope permits access to all files and list content of top level directories in the $CONFIG folder.

fs:scope-config-index

This scope permits to list all files and folders in the $CONFIGfolder.

fs:allow-data-read-recursive

This allows full recursive read access to the complete $DATA folder, files and subdirectories.

fs:allow-data-write-recursive

This allows full recursive write access to the complete $DATA folder, files and subdirectories.

fs:allow-data-read

This allows non-recursive read access to the $DATA folder.

fs:allow-data-write

This allows non-recursive write access to the $DATA folder.

fs:allow-data-meta-recursive

This allows full recursive read access to metadata of the $DATA folder, including file listing and statistics.

fs:allow-data-meta

This allows non-recursive read access to metadata of the $DATA folder, including file listing and statistics.

fs:scope-data-recursive

This scope permits recursive access to the complete $DATA folder, including sub directories and files.

fs:scope-data

This scope permits access to all files and list content of top level directories in the $DATA folder.

fs:scope-data-index

This scope permits to list all files and folders in the $DATAfolder.

fs:allow-desktop-read-recursive

This allows full recursive read access to the complete $DESKTOP folder, files and subdirectories.

fs:allow-desktop-write-recursive

This allows full recursive write access to the complete $DESKTOP folder, files and subdirectories.

fs:allow-desktop-read

This allows non-recursive read access to the $DESKTOP folder.

fs:allow-desktop-write

This allows non-recursive write access to the $DESKTOP folder.

fs:allow-desktop-meta-recursive

This allows full recursive read access to metadata of the $DESKTOP folder, including file listing and statistics.

fs:allow-desktop-meta

This allows non-recursive read access to metadata of the $DESKTOP folder, including file listing and statistics.

fs:scope-desktop-recursive

This scope permits recursive access to the complete $DESKTOP folder, including sub directories and files.

fs:scope-desktop

This scope permits access to all files and list content of top level directories in the $DESKTOP folder.

fs:scope-desktop-index

This scope permits to list all files and folders in the $DESKTOPfolder.

fs:allow-document-read-recursive

This allows full recursive read access to the complete $DOCUMENT folder, files and subdirectories.

fs:allow-document-write-recursive

This allows full recursive write access to the complete $DOCUMENT folder, files and subdirectories.

fs:allow-document-read

This allows non-recursive read access to the $DOCUMENT folder.

fs:allow-document-write

This allows non-recursive write access to the $DOCUMENT folder.

fs:allow-document-meta-recursive

This allows full recursive read access to metadata of the $DOCUMENT folder, including file listing and statistics.

fs:allow-document-meta

This allows non-recursive read access to metadata of the $DOCUMENT folder, including file listing and statistics.

fs:scope-document-recursive

This scope permits recursive access to the complete $DOCUMENT folder, including sub directories and files.

fs:scope-document

This scope permits access to all files and list content of top level directories in the $DOCUMENT folder.

fs:scope-document-index

This scope permits to list all files and folders in the $DOCUMENTfolder.

fs:allow-download-read-recursive

This allows full recursive read access to the complete $DOWNLOAD folder, files and subdirectories.

fs:allow-download-write-recursive

This allows full recursive write access to the complete $DOWNLOAD folder, files and subdirectories.

fs:allow-download-read

This allows non-recursive read access to the $DOWNLOAD folder.

fs:allow-download-write

This allows non-recursive write access to the $DOWNLOAD folder.

fs:allow-download-meta-recursive

This allows full recursive read access to metadata of the $DOWNLOAD folder, including file listing and statistics.

fs:allow-download-meta

This allows non-recursive read access to metadata of the $DOWNLOAD folder, including file listing and statistics.

fs:scope-download-recursive

This scope permits recursive access to the complete $DOWNLOAD folder, including sub directories and files.

fs:scope-download

This scope permits access to all files and list content of top level directories in the $DOWNLOAD folder.

fs:scope-download-index

This scope permits to list all files and folders in the $DOWNLOADfolder.

fs:allow-exe-read-recursive

This allows full recursive read access to the complete $EXE folder, files and subdirectories.

fs:allow-exe-write-recursive

This allows full recursive write access to the complete $EXE folder, files and subdirectories.

fs:allow-exe-read

This allows non-recursive read access to the $EXE folder.

fs:allow-exe-write

This allows non-recursive write access to the $EXE folder.

fs:allow-exe-meta-recursive

This allows full recursive read access to metadata of the $EXE folder, including file listing and statistics.

fs:allow-exe-meta

This allows non-recursive read access to metadata of the $EXE folder, including file listing and statistics.

fs:scope-exe-recursive

This scope permits recursive access to the complete $EXE folder, including sub directories and files.

fs:scope-exe

This scope permits access to all files and list content of top level directories in the $EXE folder.

fs:scope-exe-index

This scope permits to list all files and folders in the $EXEfolder.

fs:allow-font-read-recursive

This allows full recursive read access to the complete $FONT folder, files and subdirectories.

fs:allow-font-write-recursive

This allows full recursive write access to the complete $FONT folder, files and subdirectories.

fs:allow-font-read

This allows non-recursive read access to the $FONT folder.

fs:allow-font-write

This allows non-recursive write access to the $FONT folder.

fs:allow-font-meta-recursive

This allows full recursive read access to metadata of the $FONT folder, including file listing and statistics.

fs:allow-font-meta

This allows non-recursive read access to metadata of the $FONT folder, including file listing and statistics.

fs:scope-font-recursive

This scope permits recursive access to the complete $FONT folder, including sub directories and files.

fs:scope-font

This scope permits access to all files and list content of top level directories in the $FONT folder.

fs:scope-font-index

This scope permits to list all files and folders in the $FONTfolder.

fs:allow-home-read-recursive

This allows full recursive read access to the complete $HOME folder, files and subdirectories.

fs:allow-home-write-recursive

This allows full recursive write access to the complete $HOME folder, files and subdirectories.

fs:allow-home-read

This allows non-recursive read access to the $HOME folder.

fs:allow-home-write

This allows non-recursive write access to the $HOME folder.

fs:allow-home-meta-recursive

This allows full recursive read access to metadata of the $HOME folder, including file listing and statistics.

fs:allow-home-meta

This allows non-recursive read access to metadata of the $HOME folder, including file listing and statistics.

fs:scope-home-recursive

This scope permits recursive access to the complete $HOME folder, including sub directories and files.

fs:scope-home

This scope permits access to all files and list content of top level directories in the $HOME folder.

fs:scope-home-index

This scope permits to list all files and folders in the $HOMEfolder.

fs:allow-localdata-read-recursive

This allows full recursive read access to the complete $LOCALDATA folder, files and subdirectories.

fs:allow-localdata-write-recursive

This allows full recursive write access to the complete $LOCALDATA folder, files and subdirectories.

fs:allow-localdata-read

This allows non-recursive read access to the $LOCALDATA folder.

fs:allow-localdata-write

This allows non-recursive write access to the $LOCALDATA folder.

fs:allow-localdata-meta-recursive

This allows full recursive read access to metadata of the $LOCALDATA folder, including file listing and statistics.

fs:allow-localdata-meta

This allows non-recursive read access to metadata of the $LOCALDATA folder, including file listing and statistics.

fs:scope-localdata-recursive

This scope permits recursive access to the complete $LOCALDATA folder, including sub directories and files.

fs:scope-localdata

This scope permits access to all files and list content of top level directories in the $LOCALDATA folder.

fs:scope-localdata-index

This scope permits to list all files and folders in the $LOCALDATAfolder.

fs:allow-log-read-recursive

This allows full recursive read access to the complete $LOG folder, files and subdirectories.

fs:allow-log-write-recursive

This allows full recursive write access to the complete $LOG folder, files and subdirectories.

fs:allow-log-read

This allows non-recursive read access to the $LOG folder.

fs:allow-log-write

This allows non-recursive write access to the $LOG folder.

fs:allow-log-meta-recursive

This allows full recursive read access to metadata of the $LOG folder, including file listing and statistics.

fs:allow-log-meta

This allows non-recursive read access to metadata of the $LOG folder, including file listing and statistics.

fs:scope-log-recursive

This scope permits recursive access to the complete $LOG folder, including sub directories and files.

fs:scope-log

This scope permits access to all files and list content of top level directories in the $LOG folder.

fs:scope-log-index

This scope permits to list all files and folders in the $LOGfolder.

fs:allow-picture-read-recursive

This allows full recursive read access to the complete $PICTURE folder, files and subdirectories.

fs:allow-picture-write-recursive

This allows full recursive write access to the complete $PICTURE folder, files and subdirectories.

fs:allow-picture-read

This allows non-recursive read access to the $PICTURE folder.

fs:allow-picture-write

This allows non-recursive write access to the $PICTURE folder.

fs:allow-picture-meta-recursive

This allows full recursive read access to metadata of the $PICTURE folder, including file listing and statistics.

fs:allow-picture-meta

This allows non-recursive read access to metadata of the $PICTURE folder, including file listing and statistics.

fs:scope-picture-recursive

This scope permits recursive access to the complete $PICTURE folder, including sub directories and files.

fs:scope-picture

This scope permits access to all files and list content of top level directories in the $PICTURE folder.

fs:scope-picture-index

This scope permits to list all files and folders in the $PICTUREfolder.

fs:allow-public-read-recursive

This allows full recursive read access to the complete $PUBLIC folder, files and subdirectories.

fs:allow-public-write-recursive

This allows full recursive write access to the complete $PUBLIC folder, files and subdirectories.

fs:allow-public-read

This allows non-recursive read access to the $PUBLIC folder.

fs:allow-public-write

This allows non-recursive write access to the $PUBLIC folder.

fs:allow-public-meta-recursive

This allows full recursive read access to metadata of the $PUBLIC folder, including file listing and statistics.

fs:allow-public-meta

This allows non-recursive read access to metadata of the $PUBLIC folder, including file listing and statistics.

fs:scope-public-recursive

This scope permits recursive access to the complete $PUBLIC folder, including sub directories and files.

fs:scope-public

This scope permits access to all files and list content of top level directories in the $PUBLIC folder.

fs:scope-public-index

This scope permits to list all files and folders in the $PUBLICfolder.

fs:allow-resource-read-recursive

This allows full recursive read access to the complete $RESOURCE folder, files and subdirectories.

fs:allow-resource-write-recursive

This allows full recursive write access to the complete $RESOURCE folder, files and subdirectories.

fs:allow-resource-read

This allows non-recursive read access to the $RESOURCE folder.

fs:allow-resource-write

This allows non-recursive write access to the $RESOURCE folder.

fs:allow-resource-meta-recursive

This allows full recursive read access to metadata of the $RESOURCE folder, including file listing and statistics.

fs:allow-resource-meta

This allows non-recursive read access to metadata of the $RESOURCE folder, including file listing and statistics.

fs:scope-resource-recursive

This scope permits recursive access to the complete $RESOURCE folder, including sub directories and files.

fs:scope-resource

This scope permits access to all files and list content of top level directories in the $RESOURCE folder.

fs:scope-resource-index

This scope permits to list all files and folders in the $RESOURCEfolder.

fs:allow-runtime-read-recursive

This allows full recursive read access to the complete $RUNTIME folder, files and subdirectories.

fs:allow-runtime-write-recursive

This allows full recursive write access to the complete $RUNTIME folder, files and subdirectories.

fs:allow-runtime-read

This allows non-recursive read access to the $RUNTIME folder.

fs:allow-runtime-write

This allows non-recursive write access to the $RUNTIME folder.

fs:allow-runtime-meta-recursive

This allows full recursive read access to metadata of the $RUNTIME folder, including file listing and statistics.

fs:allow-runtime-meta

This allows non-recursive read access to metadata of the $RUNTIME folder, including file listing and statistics.

fs:scope-runtime-recursive

This scope permits recursive access to the complete $RUNTIME folder, including sub directories and files.

fs:scope-runtime

This scope permits access to all files and list content of top level directories in the $RUNTIME folder.

fs:scope-runtime-index

This scope permits to list all files and folders in the $RUNTIMEfolder.

fs:allow-temp-read-recursive

This allows full recursive read access to the complete $TEMP folder, files and subdirectories.

fs:allow-temp-write-recursive

This allows full recursive write access to the complete $TEMP folder, files and subdirectories.

fs:allow-temp-read

This allows non-recursive read access to the $TEMP folder.

fs:allow-temp-write

This allows non-recursive write access to the $TEMP folder.

fs:allow-temp-meta-recursive

This allows full recursive read access to metadata of the $TEMP folder, including file listing and statistics.

fs:allow-temp-meta

This allows non-recursive read access to metadata of the $TEMP folder, including file listing and statistics.

fs:scope-temp-recursive

This scope permits recursive access to the complete $TEMP folder, including sub directories and files.

fs:scope-temp

This scope permits access to all files and list content of top level directories in the $TEMP folder.

fs:scope-temp-index

This scope permits to list all files and folders in the $TEMPfolder.

fs:allow-template-read-recursive

This allows full recursive read access to the complete $TEMPLATE folder, files and subdirectories.

fs:allow-template-write-recursive

This allows full recursive write access to the complete $TEMPLATE folder, files and subdirectories.

fs:allow-template-read

This allows non-recursive read access to the $TEMPLATE folder.

fs:allow-template-write

This allows non-recursive write access to the $TEMPLATE folder.

fs:allow-template-meta-recursive

This allows full recursive read access to metadata of the $TEMPLATE folder, including file listing and statistics.

fs:allow-template-meta

This allows non-recursive read access to metadata of the $TEMPLATE folder, including file listing and statistics.

fs:scope-template-recursive

This scope permits recursive access to the complete $TEMPLATE folder, including sub directories and files.

fs:scope-template

This scope permits access to all files and list content of top level directories in the $TEMPLATE folder.

fs:scope-template-index

This scope permits to list all files and folders in the $TEMPLATEfolder.

fs:allow-video-read-recursive

This allows full recursive read access to the complete $VIDEO folder, files and subdirectories.

fs:allow-video-write-recursive

This allows full recursive write access to the complete $VIDEO folder, files and subdirectories.

fs:allow-video-read

This allows non-recursive read access to the $VIDEO folder.

fs:allow-video-write

This allows non-recursive write access to the $VIDEO folder.

fs:allow-video-meta-recursive

This allows full recursive read access to metadata of the $VIDEO folder, including file listing and statistics.

fs:allow-video-meta

This allows non-recursive read access to metadata of the $VIDEO folder, including file listing and statistics.

fs:scope-video-recursive

This scope permits recursive access to the complete $VIDEO folder, including sub directories and files.

fs:scope-video

This scope permits access to all files and list content of top level directories in the $VIDEO folder.

fs:scope-video-index

This scope permits to list all files and folders in the $VIDEOfolder.

fs:allow-copy-file

Enables the copy_file command without any pre-configured scope.

fs:deny-copy-file

Denies the copy_file command without any pre-configured scope.

fs:allow-create

Enables the create command without any pre-configured scope.

fs:deny-create

Denies the create command without any pre-configured scope.

fs:allow-exists

Enables the exists command without any pre-configured scope.

fs:deny-exists

Denies the exists command without any pre-configured scope.

fs:allow-fstat

Enables the fstat command without any pre-configured scope.

fs:deny-fstat

Denies the fstat command without any pre-configured scope.

fs:allow-ftruncate

Enables the ftruncate command without any pre-configured scope.

fs:deny-ftruncate

Denies the ftruncate command without any pre-configured scope.

fs:allow-lstat

Enables the lstat command without any pre-configured scope.

fs:deny-lstat

Denies the lstat command without any pre-configured scope.

fs:allow-mkdir

Enables the mkdir command without any pre-configured scope.

fs:deny-mkdir

Denies the mkdir command without any pre-configured scope.

fs:allow-open

Enables the open command without any pre-configured scope.

fs:deny-open

Denies the open command without any pre-configured scope.

fs:allow-read

Enables the read command without any pre-configured scope.

fs:deny-read

Denies the read command without any pre-configured scope.

fs:allow-read-dir

Enables the read_dir command without any pre-configured scope.

fs:deny-read-dir

Denies the read_dir command without any pre-configured scope.

fs:allow-read-file

Enables the read_file command without any pre-configured scope.

fs:deny-read-file

Denies the read_file command without any pre-configured scope.

fs:allow-read-text-file

Enables the read_text_file command without any pre-configured scope.

fs:deny-read-text-file

Denies the read_text_file command without any pre-configured scope.

fs:allow-read-text-file-lines

Enables the read_text_file_lines command without any pre-configured scope.

fs:deny-read-text-file-lines

Denies the read_text_file_lines command without any pre-configured scope.

fs:allow-read-text-file-lines-next

Enables the read_text_file_lines_next command without any pre-configured scope.

fs:deny-read-text-file-lines-next

Denies the read_text_file_lines_next command without any pre-configured scope.

fs:allow-remove

Enables the remove command without any pre-configured scope.

fs:deny-remove

Denies the remove command without any pre-configured scope.

fs:allow-rename

Enables the rename command without any pre-configured scope.

fs:deny-rename

Denies the rename command without any pre-configured scope.

fs:allow-seek

Enables the seek command without any pre-configured scope.

fs:deny-seek

Denies the seek command without any pre-configured scope.

fs:allow-size

Enables the size command without any pre-configured scope.

fs:deny-size

Denies the size command without any pre-configured scope.

fs:allow-start-accessing-security-scoped-resource

Enables the start_accessing_security_scoped_resource command without any pre-configured scope.

fs:deny-start-accessing-security-scoped-resource

Denies the start_accessing_security_scoped_resource command without any pre-configured scope.

fs:allow-stat

Enables the stat command without any pre-configured scope.

fs:deny-stat

Denies the stat command without any pre-configured scope.

fs:allow-stop-accessing-security-scoped-resource

Enables the stop_accessing_security_scoped_resource command without any pre-configured scope.

fs:deny-stop-accessing-security-scoped-resource

Denies the stop_accessing_security_scoped_resource command without any pre-configured scope.

fs:allow-truncate

Enables the truncate command without any pre-configured scope.

fs:deny-truncate

Denies the truncate command without any pre-configured scope.

fs:allow-unwatch

Enables the unwatch command without any pre-configured scope.

fs:deny-unwatch

Denies the unwatch command without any pre-configured scope.

fs:allow-watch

Enables the watch command without any pre-configured scope.

fs:deny-watch

Denies the watch command without any pre-configured scope.

fs:allow-write

Enables the write command without any pre-configured scope.

fs:deny-write

Denies the write command without any pre-configured scope.

fs:allow-write-file

Enables the write_file command without any pre-configured scope.

fs:deny-write-file

Denies the write_file command without any pre-configured scope.

fs:allow-write-text-file

Enables the write_text_file command without any pre-configured scope.

fs:deny-write-text-file

Denies the write_text_file command without any pre-configured scope.

fs:create-app-specific-dirs

This permissions allows to create the application specific directories.

fs:deny-default

This denies access to dangerous Tauri relevant files and folders by default.

fs:deny-webview-data-linux

This denies read access to the $APPLOCALDATA folder on linux as the webview data and configuration values are stored here. Allowing access can lead to sensitive information disclosure and should be well considered.

fs:deny-webview-data-windows

This denies read access to the $APPLOCALDATA/EBWebView folder on windows as the webview data and configuration values are stored here. Allowing access can lead to sensitive information disclosure and should be well considered.

fs:read-all

This enables all read related commands without any pre-configured accessible paths.

fs:read-app-specific-dirs-recursive

This permission allows recursive read functionality on the application specific base directories.

fs:read-dirs

This enables directory read and file metadata related commands without any pre-configured accessible paths.

fs:read-files

This enables file read related commands without any pre-configured accessible paths.

fs:read-meta

This enables all index or metadata related commands without any pre-configured accessible paths.

fs:scope

An empty permission you can use to modify the global scope.

Example

{
  "identifier": "read-documents",
  "windows": ["main"],
  "permissions": [
    "fs:allow-read",
    {
      "identifier": "fs:scope",
      "allow": [
        "$APPDATA/documents/**/*"
      ],
      "deny": [
        "$APPDATA/documents/secret.txt"
      ]
    }
  ]
}

fs:write-all

This enables all write related commands without any pre-configured accessible paths.

fs:write-files

This enables all file write related commands without any pre-configured accessible paths.

范围

Section titled “范围”

🌐 Scopes

此插件权限包括用于定义允许或明确拒绝的路径的作用域。有关作用域的更多信息,请参见[命令作用域]。

🌐 This plugin permissions includes scopes for defining which paths are allowed or explicitly rejected. For more information on scopes, see the Command Scopes.

每个 allowdeny 范围必须包含一个数组,列出所有应被允许或拒绝的路径。范围条目采用 { path: string } 格式。

🌐 Each allow or deny scope must include an array listing all paths that should be allowed or denied. The scope entries are in the { path: string } format.

作用域条目可以使用 $<path> 变量来引用常见的系统路径,例如主目录、应用资源目录和配置目录。下表列出了你可以引用的所有常见路径:

🌐 Scope entries can use $<path> variables to reference common system paths such as the home directory, the app resources directory and the config directory. The following table lists all common paths you can reference:

路径变量
appConfigDir$APPCONFIG
appDataDir$APPDATA
appLocalDataDir$APPLOCALDATA
appcacheDir$APPCACHE
applogDir$APPLOG
音频目录$AUDIO
cacheDir$CACHE
configDir$CONFIG
dataDir$DATA
localDataDir$LOCALDATA
desktopDir$DESKTOP
documentDir$DOCUMENT
下载目录$DOWNLOAD
可执行文件目录$EXE
fontDir$字体
homeDir$HOME
图片目录$PICTURE
publicDir$PUBLIC
runtimeDir$RUNTIME
templateDir$TEMPLATE
视频目录$VIDEO
resourceDir$RESOURCE
tempDir$TEMP

示例

Section titled “示例”

🌐 Examples

  • 全局范围

要将作用域应用于任何 fs 命令,请使用 fs:scope 权限:

🌐 To apply a scope to any fs command, use the fs:scope permission:

src-tauri/capabilities/default.json
{
  "$schema": "../gen/schemas/desktop-schema.json",
  "identifier": "main-capability",
  "description": "Capability for the main window",
  "windows": ["main"],
  "permissions": [
    {
      "identifier": "fs:scope",
      "allow": [{ "path": "$APPDATA" }, { "path": "$APPDATA/**/*" }]
    }
  ]
}

要将范围应用于特定的 fs 命令,请使用权限的对象形式 { "identifier": string, "allow"?: [], "deny"?: [] }

🌐 To apply a scope to a specific fs command, use the the object form of permissions { "identifier": string, "allow"?: [], "deny"?: [] }:

src-tauri/capabilities/default.json
{
  "$schema": "../gen/schemas/desktop-schema.json",
  "identifier": "main-capability",
  "description": "Capability for the main window",
  "windows": ["main"],
  "permissions": [
    {
      "identifier": "fs:allow-rename",
      "allow": [{ "path": "$HOME/**/*" }]
    },
    {
      "identifier": "fs:allow-rename",
      "deny": [{ "path": "$HOME/.config/**/*" }]
    },
    {
      "identifier": "fs:allow-exists",
      "allow": [{ "path": "$APPDATA/*" }]
    }
  ]
}

在上面的示例中,你可以使用 exists API,使用任何 $APPDATA 子路径(不包括子目录)和 rename

🌐 In the above example you can use the exists API using any $APPDATA sub path (does not include sub-directories) and the rename

Tauri 中文网 - 粤ICP备13048890号
Nodejs.cn 旗下网站