001/* 002 * Copyright (C) 2013 The Guava Authors 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package com.google.common.io; 018 019import static com.google.common.base.Preconditions.checkNotNull; 020import static java.nio.file.LinkOption.NOFOLLOW_LINKS; 021 022import com.google.common.annotations.Beta; 023import com.google.common.annotations.GwtIncompatible; 024import com.google.common.base.Optional; 025import com.google.common.base.Predicate; 026import com.google.common.collect.ImmutableList; 027import com.google.common.graph.SuccessorsFunction; 028import com.google.common.graph.Traverser; 029import com.google.common.io.ByteSource.AsCharSource; 030import com.google.j2objc.annotations.J2ObjCIncompatible; 031import java.io.IOException; 032import java.io.InputStream; 033import java.io.OutputStream; 034import java.nio.channels.Channels; 035import java.nio.channels.SeekableByteChannel; 036import java.nio.charset.Charset; 037import java.nio.file.DirectoryIteratorException; 038import java.nio.file.DirectoryStream; 039import java.nio.file.FileAlreadyExistsException; 040import java.nio.file.FileSystemException; 041import java.nio.file.Files; 042import java.nio.file.LinkOption; 043import java.nio.file.NoSuchFileException; 044import java.nio.file.NotDirectoryException; 045import java.nio.file.OpenOption; 046import java.nio.file.Path; 047import java.nio.file.SecureDirectoryStream; 048import java.nio.file.StandardOpenOption; 049import java.nio.file.attribute.BasicFileAttributeView; 050import java.nio.file.attribute.BasicFileAttributes; 051import java.nio.file.attribute.FileAttribute; 052import java.nio.file.attribute.FileTime; 053import java.util.ArrayList; 054import java.util.Arrays; 055import java.util.Collection; 056import java.util.stream.Stream; 057import org.checkerframework.checker.nullness.compatqual.NullableDecl; 058 059/** 060 * Static utilities for use with {@link Path} instances, intended to complement {@link Files}. 061 * 062 * <p>Many methods provided by Guava's {@code Files} class for {@link java.io.File} instances are 063 * now available via the JDK's {@link java.nio.file.Files} class for {@code Path} - check the JDK's 064 * class if a sibling method from {@code Files} appears to be missing from this class. 065 * 066 * @since 21.0 067 * @author Colin Decker 068 */ 069@Beta 070@GwtIncompatible 071@J2ObjCIncompatible // java.nio.file 072public final class MoreFiles { 073 074 private MoreFiles() {} 075 076 /** 077 * Returns a view of the given {@code path} as a {@link ByteSource}. 078 * 079 * <p>Any {@linkplain OpenOption open options} provided are used when opening streams to the file 080 * and may affect the behavior of the returned source and the streams it provides. See {@link 081 * StandardOpenOption} for the standard options that may be provided. Providing no options is 082 * equivalent to providing the {@link StandardOpenOption#READ READ} option. 083 */ 084 public static ByteSource asByteSource(Path path, OpenOption... options) { 085 return new PathByteSource(path, options); 086 } 087 088 private static final class PathByteSource extends ByteSource { 089 090 private static final LinkOption[] FOLLOW_LINKS = {}; 091 092 private final Path path; 093 private final OpenOption[] options; 094 private final boolean followLinks; 095 096 private PathByteSource(Path path, OpenOption... options) { 097 this.path = checkNotNull(path); 098 this.options = options.clone(); 099 this.followLinks = followLinks(this.options); 100 // TODO(cgdecker): validate the provided options... for example, just WRITE seems wrong 101 } 102 103 private static boolean followLinks(OpenOption[] options) { 104 for (OpenOption option : options) { 105 if (option == NOFOLLOW_LINKS) { 106 return false; 107 } 108 } 109 return true; 110 } 111 112 @Override 113 public InputStream openStream() throws IOException { 114 return Files.newInputStream(path, options); 115 } 116 117 private BasicFileAttributes readAttributes() throws IOException { 118 return Files.readAttributes( 119 path, 120 BasicFileAttributes.class, 121 followLinks ? FOLLOW_LINKS : new LinkOption[] {NOFOLLOW_LINKS}); 122 } 123 124 @Override 125 public Optional<Long> sizeIfKnown() { 126 BasicFileAttributes attrs; 127 try { 128 attrs = readAttributes(); 129 } catch (IOException e) { 130 // Failed to get attributes; we don't know the size. 131 return Optional.absent(); 132 } 133 134 // Don't return a size for directories or symbolic links; their sizes are implementation 135 // specific and they can't be read as bytes using the read methods anyway. 136 if (attrs.isDirectory() || attrs.isSymbolicLink()) { 137 return Optional.absent(); 138 } 139 140 return Optional.of(attrs.size()); 141 } 142 143 @Override 144 public long size() throws IOException { 145 BasicFileAttributes attrs = readAttributes(); 146 147 // Don't return a size for directories or symbolic links; their sizes are implementation 148 // specific and they can't be read as bytes using the read methods anyway. 149 if (attrs.isDirectory()) { 150 throw new IOException("can't read: is a directory"); 151 } else if (attrs.isSymbolicLink()) { 152 throw new IOException("can't read: is a symbolic link"); 153 } 154 155 return attrs.size(); 156 } 157 158 @Override 159 public byte[] read() throws IOException { 160 try (SeekableByteChannel channel = Files.newByteChannel(path, options)) { 161 return ByteStreams.toByteArray(Channels.newInputStream(channel), channel.size()); 162 } 163 } 164 165 @Override 166 public CharSource asCharSource(Charset charset) { 167 if (options.length == 0) { 168 // If no OpenOptions were passed, delegate to Files.lines, which could have performance 169 // advantages. (If OpenOptions were passed we can't, because Files.lines doesn't have an 170 // overload taking OpenOptions, meaning we can't guarantee the same behavior w.r.t. things 171 // like following/not following symlinks. 172 return new AsCharSource(charset) { 173 @SuppressWarnings("FilesLinesLeak") // the user needs to close it in this case 174 @Override 175 public Stream<String> lines() throws IOException { 176 return Files.lines(path, charset); 177 } 178 }; 179 } 180 181 return super.asCharSource(charset); 182 } 183 184 @Override 185 public String toString() { 186 return "MoreFiles.asByteSource(" + path + ", " + Arrays.toString(options) + ")"; 187 } 188 } 189 190 /** 191 * Returns a view of the given {@code path} as a {@link ByteSink}. 192 * 193 * <p>Any {@linkplain OpenOption open options} provided are used when opening streams to the file 194 * and may affect the behavior of the returned sink and the streams it provides. See {@link 195 * StandardOpenOption} for the standard options that may be provided. Providing no options is 196 * equivalent to providing the {@link StandardOpenOption#CREATE CREATE}, {@link 197 * StandardOpenOption#TRUNCATE_EXISTING TRUNCATE_EXISTING} and {@link StandardOpenOption#WRITE 198 * WRITE} options. 199 */ 200 public static ByteSink asByteSink(Path path, OpenOption... options) { 201 return new PathByteSink(path, options); 202 } 203 204 private static final class PathByteSink extends ByteSink { 205 206 private final Path path; 207 private final OpenOption[] options; 208 209 private PathByteSink(Path path, OpenOption... options) { 210 this.path = checkNotNull(path); 211 this.options = options.clone(); 212 // TODO(cgdecker): validate the provided options... for example, just READ seems wrong 213 } 214 215 @Override 216 public OutputStream openStream() throws IOException { 217 return Files.newOutputStream(path, options); 218 } 219 220 @Override 221 public String toString() { 222 return "MoreFiles.asByteSink(" + path + ", " + Arrays.toString(options) + ")"; 223 } 224 } 225 226 /** 227 * Returns a view of the given {@code path} as a {@link CharSource} using the given {@code 228 * charset}. 229 * 230 * <p>Any {@linkplain OpenOption open options} provided are used when opening streams to the file 231 * and may affect the behavior of the returned source and the streams it provides. See {@link 232 * StandardOpenOption} for the standard options that may be provided. Providing no options is 233 * equivalent to providing the {@link StandardOpenOption#READ READ} option. 234 */ 235 public static CharSource asCharSource(Path path, Charset charset, OpenOption... options) { 236 return asByteSource(path, options).asCharSource(charset); 237 } 238 239 /** 240 * Returns a view of the given {@code path} as a {@link CharSink} using the given {@code charset}. 241 * 242 * <p>Any {@linkplain OpenOption open options} provided are used when opening streams to the file 243 * and may affect the behavior of the returned sink and the streams it provides. See {@link 244 * StandardOpenOption} for the standard options that may be provided. Providing no options is 245 * equivalent to providing the {@link StandardOpenOption#CREATE CREATE}, {@link 246 * StandardOpenOption#TRUNCATE_EXISTING TRUNCATE_EXISTING} and {@link StandardOpenOption#WRITE 247 * WRITE} options. 248 */ 249 public static CharSink asCharSink(Path path, Charset charset, OpenOption... options) { 250 return asByteSink(path, options).asCharSink(charset); 251 } 252 253 /** 254 * Returns an immutable list of paths to the files contained in the given directory. 255 * 256 * @throws NoSuchFileException if the file does not exist <i>(optional specific exception)</i> 257 * @throws NotDirectoryException if the file could not be opened because it is not a directory 258 * <i>(optional specific exception)</i> 259 * @throws IOException if an I/O error occurs 260 */ 261 public static ImmutableList<Path> listFiles(Path dir) throws IOException { 262 try (DirectoryStream<Path> stream = Files.newDirectoryStream(dir)) { 263 return ImmutableList.copyOf(stream); 264 } catch (DirectoryIteratorException e) { 265 throw e.getCause(); 266 } 267 } 268 269 /** 270 * Returns a {@link Traverser} instance for the file and directory tree. The returned traverser 271 * starts from a {@link Path} and will return all files and directories it encounters. 272 * 273 * <p>The returned traverser attempts to avoid following symbolic links to directories. However, 274 * the traverser cannot guarantee that it will not follow symbolic links to directories as it is 275 * possible for a directory to be replaced with a symbolic link between checking if the file is a 276 * directory and actually reading the contents of that directory. 277 * 278 * <p>If the {@link Path} passed to one of the traversal methods does not exist or is not a 279 * directory, no exception will be thrown and the returned {@link Iterable} will contain a single 280 * element: that path. 281 * 282 * <p>{@link DirectoryIteratorException} may be thrown when iterating {@link Iterable} instances 283 * created by this traverser if an {@link IOException} is thrown by a call to {@link 284 * #listFiles(Path)}. 285 * 286 * <p>Example: {@code MoreFiles.fileTraverser().breadthFirst("/")} may return files with the 287 * following paths: {@code ["/", "/etc", "/home", "/usr", "/etc/config.txt", "/etc/fonts", ...]} 288 * 289 * @since 23.5 290 */ 291 public static Traverser<Path> fileTraverser() { 292 return Traverser.forTree(FILE_TREE); 293 } 294 295 private static final SuccessorsFunction<Path> FILE_TREE = 296 new SuccessorsFunction<Path>() { 297 @Override 298 public Iterable<Path> successors(Path path) { 299 return fileTreeChildren(path); 300 } 301 }; 302 303 private static Iterable<Path> fileTreeChildren(Path dir) { 304 if (Files.isDirectory(dir, NOFOLLOW_LINKS)) { 305 try { 306 return listFiles(dir); 307 } catch (IOException e) { 308 // the exception thrown when iterating a DirectoryStream if an I/O exception occurs 309 throw new DirectoryIteratorException(e); 310 } 311 } 312 return ImmutableList.of(); 313 } 314 315 /** 316 * Returns a predicate that returns the result of {@link java.nio.file.Files#isDirectory(Path, 317 * LinkOption...)} on input paths with the given link options. 318 */ 319 public static Predicate<Path> isDirectory(LinkOption... options) { 320 final LinkOption[] optionsCopy = options.clone(); 321 return new Predicate<Path>() { 322 @Override 323 public boolean apply(Path input) { 324 return Files.isDirectory(input, optionsCopy); 325 } 326 327 @Override 328 public String toString() { 329 return "MoreFiles.isDirectory(" + Arrays.toString(optionsCopy) + ")"; 330 } 331 }; 332 } 333 334 /** Returns whether or not the file with the given name in the given dir is a directory. */ 335 private static boolean isDirectory( 336 SecureDirectoryStream<Path> dir, Path name, LinkOption... options) throws IOException { 337 return dir.getFileAttributeView(name, BasicFileAttributeView.class, options) 338 .readAttributes() 339 .isDirectory(); 340 } 341 342 /** 343 * Returns a predicate that returns the result of {@link java.nio.file.Files#isRegularFile(Path, 344 * LinkOption...)} on input paths with the given link options. 345 */ 346 public static Predicate<Path> isRegularFile(LinkOption... options) { 347 final LinkOption[] optionsCopy = options.clone(); 348 return new Predicate<Path>() { 349 @Override 350 public boolean apply(Path input) { 351 return Files.isRegularFile(input, optionsCopy); 352 } 353 354 @Override 355 public String toString() { 356 return "MoreFiles.isRegularFile(" + Arrays.toString(optionsCopy) + ")"; 357 } 358 }; 359 } 360 361 /** 362 * Returns true if the files located by the given paths exist, are not directories, and contain 363 * the same bytes. 364 * 365 * @throws IOException if an I/O error occurs 366 * @since 22.0 367 */ 368 public static boolean equal(Path path1, Path path2) throws IOException { 369 checkNotNull(path1); 370 checkNotNull(path2); 371 if (Files.isSameFile(path1, path2)) { 372 return true; 373 } 374 375 /* 376 * Some operating systems may return zero as the length for files denoting system-dependent 377 * entities such as devices or pipes, in which case we must fall back on comparing the bytes 378 * directly. 379 */ 380 ByteSource source1 = asByteSource(path1); 381 ByteSource source2 = asByteSource(path2); 382 long len1 = source1.sizeIfKnown().or(0L); 383 long len2 = source2.sizeIfKnown().or(0L); 384 if (len1 != 0 && len2 != 0 && len1 != len2) { 385 return false; 386 } 387 return source1.contentEquals(source2); 388 } 389 390 /** 391 * Like the unix command of the same name, creates an empty file or updates the last modified 392 * timestamp of the existing file at the given path to the current system time. 393 */ 394 public static void touch(Path path) throws IOException { 395 checkNotNull(path); 396 397 try { 398 Files.setLastModifiedTime(path, FileTime.fromMillis(System.currentTimeMillis())); 399 } catch (NoSuchFileException e) { 400 try { 401 Files.createFile(path); 402 } catch (FileAlreadyExistsException ignore) { 403 // The file didn't exist when we called setLastModifiedTime, but it did when we called 404 // createFile, so something else created the file in between. The end result is 405 // what we wanted: a new file that probably has its last modified time set to approximately 406 // now. Or it could have an arbitrary last modified time set by the creator, but that's no 407 // different than if another process set its last modified time to something else after we 408 // created it here. 409 } 410 } 411 } 412 413 /** 414 * Creates any necessary but nonexistent parent directories of the specified path. Note that if 415 * this operation fails, it may have succeeded in creating some (but not all) of the necessary 416 * parent directories. The parent directory is created with the given {@code attrs}. 417 * 418 * @throws IOException if an I/O error occurs, or if any necessary but nonexistent parent 419 * directories of the specified file could not be created. 420 */ 421 public static void createParentDirectories(Path path, FileAttribute<?>... attrs) 422 throws IOException { 423 // Interestingly, unlike File.getCanonicalFile(), Path/Files provides no way of getting the 424 // canonical (absolute, normalized, symlinks resolved, etc.) form of a path to a nonexistent 425 // file. getCanonicalFile() can at least get the canonical form of the part of the path which 426 // actually exists and then append the normalized remainder of the path to that. 427 Path normalizedAbsolutePath = path.toAbsolutePath().normalize(); 428 Path parent = normalizedAbsolutePath.getParent(); 429 if (parent == null) { 430 // The given directory is a filesystem root. All zero of its ancestors exist. This doesn't 431 // mean that the root itself exists -- consider x:\ on a Windows machine without such a 432 // drive -- or even that the caller can create it, but this method makes no such guarantees 433 // even for non-root files. 434 return; 435 } 436 437 // Check if the parent is a directory first because createDirectories will fail if the parent 438 // exists and is a symlink to a directory... we'd like for this to succeed in that case. 439 // (I'm kind of surprised that createDirectories would fail in that case; doesn't seem like 440 // what you'd want to happen.) 441 if (!Files.isDirectory(parent)) { 442 Files.createDirectories(parent, attrs); 443 if (!Files.isDirectory(parent)) { 444 throw new IOException("Unable to create parent directories of " + path); 445 } 446 } 447 } 448 449 /** 450 * Returns the <a href="http://en.wikipedia.org/wiki/Filename_extension">file extension</a> for 451 * the file at the given path, or the empty string if the file has no extension. The result does 452 * not include the '{@code .}'. 453 * 454 * <p><b>Note:</b> This method simply returns everything after the last '{@code .}' in the file's 455 * name as determined by {@link Path#getFileName}. It does not account for any filesystem-specific 456 * behavior that the {@link Path} API does not already account for. For example, on NTFS it will 457 * report {@code "txt"} as the extension for the filename {@code "foo.exe:.txt"} even though NTFS 458 * will drop the {@code ":.txt"} part of the name when the file is actually created on the 459 * filesystem due to NTFS's <a href="https://goo.gl/vTpJi4">Alternate Data Streams</a>. 460 */ 461 public static String getFileExtension(Path path) { 462 Path name = path.getFileName(); 463 464 // null for empty paths and root-only paths 465 if (name == null) { 466 return ""; 467 } 468 469 String fileName = name.toString(); 470 int dotIndex = fileName.lastIndexOf('.'); 471 return dotIndex == -1 ? "" : fileName.substring(dotIndex + 1); 472 } 473 474 /** 475 * Returns the file name without its <a 476 * href="http://en.wikipedia.org/wiki/Filename_extension">file extension</a> or path. This is 477 * similar to the {@code basename} unix command. The result does not include the '{@code .}'. 478 */ 479 public static String getNameWithoutExtension(Path path) { 480 Path name = path.getFileName(); 481 482 // null for empty paths and root-only paths 483 if (name == null) { 484 return ""; 485 } 486 487 String fileName = name.toString(); 488 int dotIndex = fileName.lastIndexOf('.'); 489 return dotIndex == -1 ? fileName : fileName.substring(0, dotIndex); 490 } 491 492 /** 493 * Deletes the file or directory at the given {@code path} recursively. Deletes symbolic links, 494 * not their targets (subject to the caveat below). 495 * 496 * <p>If an I/O exception occurs attempting to read, open or delete any file under the given 497 * directory, this method skips that file and continues. All such exceptions are collected and, 498 * after attempting to delete all files, an {@code IOException} is thrown containing those 499 * exceptions as {@linkplain Throwable#getSuppressed() suppressed exceptions}. 500 * 501 * <h2>Warning: Security of recursive deletes</h2> 502 * 503 * <p>On a file system that supports symbolic links and does <i>not</i> support {@link 504 * SecureDirectoryStream}, it is possible for a recursive delete to delete files and directories 505 * that are <i>outside</i> the directory being deleted. This can happen if, after checking that a 506 * file is a directory (and not a symbolic link), that directory is replaced by a symbolic link to 507 * an outside directory before the call that opens the directory to read its entries. 508 * 509 * <p>By default, this method throws {@link InsecureRecursiveDeleteException} if it can't 510 * guarantee the security of recursive deletes. If you wish to allow the recursive deletes anyway, 511 * pass {@link RecursiveDeleteOption#ALLOW_INSECURE} to this method to override that behavior. 512 * 513 * @throws NoSuchFileException if {@code path} does not exist <i>(optional specific exception)</i> 514 * @throws InsecureRecursiveDeleteException if the security of recursive deletes can't be 515 * guaranteed for the file system and {@link RecursiveDeleteOption#ALLOW_INSECURE} was not 516 * specified 517 * @throws IOException if {@code path} or any file in the subtree rooted at it can't be deleted 518 * for any reason 519 */ 520 public static void deleteRecursively(Path path, RecursiveDeleteOption... options) 521 throws IOException { 522 Path parentPath = getParentPath(path); 523 if (parentPath == null) { 524 throw new FileSystemException(path.toString(), null, "can't delete recursively"); 525 } 526 527 Collection<IOException> exceptions = null; // created lazily if needed 528 try { 529 boolean sdsSupported = false; 530 try (DirectoryStream<Path> parent = Files.newDirectoryStream(parentPath)) { 531 if (parent instanceof SecureDirectoryStream) { 532 sdsSupported = true; 533 exceptions = 534 deleteRecursivelySecure((SecureDirectoryStream<Path>) parent, path.getFileName()); 535 } 536 } 537 538 if (!sdsSupported) { 539 checkAllowsInsecure(path, options); 540 exceptions = deleteRecursivelyInsecure(path); 541 } 542 } catch (IOException e) { 543 if (exceptions == null) { 544 throw e; 545 } else { 546 exceptions.add(e); 547 } 548 } 549 550 if (exceptions != null) { 551 throwDeleteFailed(path, exceptions); 552 } 553 } 554 555 /** 556 * Deletes all files within the directory at the given {@code path} {@linkplain #deleteRecursively 557 * recursively}. Does not delete the directory itself. Deletes symbolic links, not their targets 558 * (subject to the caveat below). If {@code path} itself is a symbolic link to a directory, that 559 * link is followed and the contents of the directory it targets are deleted. 560 * 561 * <p>If an I/O exception occurs attempting to read, open or delete any file under the given 562 * directory, this method skips that file and continues. All such exceptions are collected and, 563 * after attempting to delete all files, an {@code IOException} is thrown containing those 564 * exceptions as {@linkplain Throwable#getSuppressed() suppressed exceptions}. 565 * 566 * <h2>Warning: Security of recursive deletes</h2> 567 * 568 * <p>On a file system that supports symbolic links and does <i>not</i> support {@link 569 * SecureDirectoryStream}, it is possible for a recursive delete to delete files and directories 570 * that are <i>outside</i> the directory being deleted. This can happen if, after checking that a 571 * file is a directory (and not a symbolic link), that directory is replaced by a symbolic link to 572 * an outside directory before the call that opens the directory to read its entries. 573 * 574 * <p>By default, this method throws {@link InsecureRecursiveDeleteException} if it can't 575 * guarantee the security of recursive deletes. If you wish to allow the recursive deletes anyway, 576 * pass {@link RecursiveDeleteOption#ALLOW_INSECURE} to this method to override that behavior. 577 * 578 * @throws NoSuchFileException if {@code path} does not exist <i>(optional specific exception)</i> 579 * @throws NotDirectoryException if the file at {@code path} is not a directory <i>(optional 580 * specific exception)</i> 581 * @throws InsecureRecursiveDeleteException if the security of recursive deletes can't be 582 * guaranteed for the file system and {@link RecursiveDeleteOption#ALLOW_INSECURE} was not 583 * specified 584 * @throws IOException if one or more files can't be deleted for any reason 585 */ 586 public static void deleteDirectoryContents(Path path, RecursiveDeleteOption... options) 587 throws IOException { 588 Collection<IOException> exceptions = null; // created lazily if needed 589 try (DirectoryStream<Path> stream = Files.newDirectoryStream(path)) { 590 if (stream instanceof SecureDirectoryStream) { 591 SecureDirectoryStream<Path> sds = (SecureDirectoryStream<Path>) stream; 592 exceptions = deleteDirectoryContentsSecure(sds); 593 } else { 594 checkAllowsInsecure(path, options); 595 exceptions = deleteDirectoryContentsInsecure(stream); 596 } 597 } catch (IOException e) { 598 if (exceptions == null) { 599 throw e; 600 } else { 601 exceptions.add(e); 602 } 603 } 604 605 if (exceptions != null) { 606 throwDeleteFailed(path, exceptions); 607 } 608 } 609 610 /** 611 * Secure recursive delete using {@code SecureDirectoryStream}. Returns a collection of exceptions 612 * that occurred or null if no exceptions were thrown. 613 */ 614 @NullableDecl 615 private static Collection<IOException> deleteRecursivelySecure( 616 SecureDirectoryStream<Path> dir, Path path) { 617 Collection<IOException> exceptions = null; 618 try { 619 if (isDirectory(dir, path, NOFOLLOW_LINKS)) { 620 try (SecureDirectoryStream<Path> childDir = dir.newDirectoryStream(path, NOFOLLOW_LINKS)) { 621 exceptions = deleteDirectoryContentsSecure(childDir); 622 } 623 624 // If exceptions is not null, something went wrong trying to delete the contents of the 625 // directory, so we shouldn't try to delete the directory as it will probably fail. 626 if (exceptions == null) { 627 dir.deleteDirectory(path); 628 } 629 } else { 630 dir.deleteFile(path); 631 } 632 633 return exceptions; 634 } catch (IOException e) { 635 return addException(exceptions, e); 636 } 637 } 638 639 /** 640 * Secure method for deleting the contents of a directory using {@code SecureDirectoryStream}. 641 * Returns a collection of exceptions that occurred or null if no exceptions were thrown. 642 */ 643 @NullableDecl 644 private static Collection<IOException> deleteDirectoryContentsSecure( 645 SecureDirectoryStream<Path> dir) { 646 Collection<IOException> exceptions = null; 647 try { 648 for (Path path : dir) { 649 exceptions = concat(exceptions, deleteRecursivelySecure(dir, path.getFileName())); 650 } 651 652 return exceptions; 653 } catch (DirectoryIteratorException e) { 654 return addException(exceptions, e.getCause()); 655 } 656 } 657 658 /** 659 * Insecure recursive delete for file systems that don't support {@code SecureDirectoryStream}. 660 * Returns a collection of exceptions that occurred or null if no exceptions were thrown. 661 */ 662 @NullableDecl 663 private static Collection<IOException> deleteRecursivelyInsecure(Path path) { 664 Collection<IOException> exceptions = null; 665 try { 666 if (Files.isDirectory(path, NOFOLLOW_LINKS)) { 667 try (DirectoryStream<Path> stream = Files.newDirectoryStream(path)) { 668 exceptions = deleteDirectoryContentsInsecure(stream); 669 } 670 } 671 672 // If exceptions is not null, something went wrong trying to delete the contents of the 673 // directory, so we shouldn't try to delete the directory as it will probably fail. 674 if (exceptions == null) { 675 Files.delete(path); 676 } 677 678 return exceptions; 679 } catch (IOException e) { 680 return addException(exceptions, e); 681 } 682 } 683 684 /** 685 * Simple, insecure method for deleting the contents of a directory for file systems that don't 686 * support {@code SecureDirectoryStream}. Returns a collection of exceptions that occurred or null 687 * if no exceptions were thrown. 688 */ 689 @NullableDecl 690 private static Collection<IOException> deleteDirectoryContentsInsecure( 691 DirectoryStream<Path> dir) { 692 Collection<IOException> exceptions = null; 693 try { 694 for (Path entry : dir) { 695 exceptions = concat(exceptions, deleteRecursivelyInsecure(entry)); 696 } 697 698 return exceptions; 699 } catch (DirectoryIteratorException e) { 700 return addException(exceptions, e.getCause()); 701 } 702 } 703 704 /** 705 * Returns a path to the parent directory of the given path. If the path actually has a parent 706 * path, this is simple. Otherwise, we need to do some trickier things. Returns null if the path 707 * is a root or is the empty path. 708 */ 709 @NullableDecl 710 private static Path getParentPath(Path path) { 711 Path parent = path.getParent(); 712 713 // Paths that have a parent: 714 if (parent != null) { 715 // "/foo" ("/") 716 // "foo/bar" ("foo") 717 // "C:\foo" ("C:\") 718 // "\foo" ("\" - current drive for process on Windows) 719 // "C:foo" ("C:" - working dir of drive C on Windows) 720 return parent; 721 } 722 723 // Paths that don't have a parent: 724 if (path.getNameCount() == 0) { 725 // "/", "C:\", "\" (no parent) 726 // "" (undefined, though typically parent of working dir) 727 // "C:" (parent of working dir of drive C on Windows) 728 // 729 // For working dir paths ("" and "C:"), return null because: 730 // A) it's not specified that "" is the path to the working directory. 731 // B) if we're getting this path for recursive delete, it's typically not possible to 732 // delete the working dir with a relative path anyway, so it's ok to fail. 733 // C) if we're getting it for opening a new SecureDirectoryStream, there's no need to get 734 // the parent path anyway since we can safely open a DirectoryStream to the path without 735 // worrying about a symlink. 736 return null; 737 } else { 738 // "foo" (working dir) 739 return path.getFileSystem().getPath("."); 740 } 741 } 742 743 /** Checks that the given options allow an insecure delete, throwing an exception if not. */ 744 private static void checkAllowsInsecure(Path path, RecursiveDeleteOption[] options) 745 throws InsecureRecursiveDeleteException { 746 if (!Arrays.asList(options).contains(RecursiveDeleteOption.ALLOW_INSECURE)) { 747 throw new InsecureRecursiveDeleteException(path.toString()); 748 } 749 } 750 751 /** 752 * Adds the given exception to the given collection, creating the collection if it's null. Returns 753 * the collection. 754 */ 755 private static Collection<IOException> addException( 756 @NullableDecl Collection<IOException> exceptions, IOException e) { 757 if (exceptions == null) { 758 exceptions = new ArrayList<>(); // don't need Set semantics 759 } 760 exceptions.add(e); 761 return exceptions; 762 } 763 764 /** 765 * Concatenates the contents of the two given collections of exceptions. If either collection is 766 * null, the other collection is returned. Otherwise, the elements of {@code other} are added to 767 * {@code exceptions} and {@code exceptions} is returned. 768 */ 769 @NullableDecl 770 private static Collection<IOException> concat( 771 @NullableDecl Collection<IOException> exceptions, 772 @NullableDecl Collection<IOException> other) { 773 if (exceptions == null) { 774 return other; 775 } else if (other != null) { 776 exceptions.addAll(other); 777 } 778 return exceptions; 779 } 780 781 /** 782 * Throws an exception indicating that one or more files couldn't be deleted. The thrown exception 783 * contains all the exceptions in the given collection as suppressed exceptions. 784 */ 785 private static void throwDeleteFailed(Path path, Collection<IOException> exceptions) 786 throws FileSystemException { 787 // TODO(cgdecker): Should there be a custom exception type for this? 788 // Also, should we try to include the Path of each file we may have failed to delete rather 789 // than just the exceptions that occurred? 790 FileSystemException deleteFailed = 791 new FileSystemException( 792 path.toString(), 793 null, 794 "failed to delete one or more files; see suppressed exceptions for details"); 795 for (IOException e : exceptions) { 796 deleteFailed.addSuppressed(e); 797 } 798 throw deleteFailed; 799 } 800}