File System Basics
The file systems in OS X and iOS handle the persistent storage of data files, apps, and the files associated with the operating system itself. Therefore, the file system is one of the fundamental resources used by all processes.
OS X 和 iOS的文件系统处理数据文件,应用程序以及跟操作系统自身相关的各种文件的永久保存。 因此,文件系统是所有进程都需要使用的基础资源之一。
The file systems in OS X and iOS are both based on the UNIX file system. All of the disks attached to the computer—whether they are physically plugged into the computer or are connected indirectly through the network—contribute space to create a single collection of files. Because the number of files can easily be many millions, the file system uses directories to create a hierarchical organization. Although the basic directory structures are similar for iOS and OS X, there are differences in the way each system organizes apps and user data.
OS X 和 iOS 的文件系统都是基于UNIX 文件系统之上的。 所有连接到电脑的磁盘--无论它们是物理插入电脑还是通过网络间接连接到电脑--,所有磁盘都用空间创建一个单一的文件集合。 因为文件数量很容易就能达到几百万,文件系统使用目录来创建一个层次组织。 尽管基本目录结构跟iOS 和 OS X 相似,但是在每个系统组织应用程序和用户数据方面存在区别。
Before you begin writing code that interacts with the file system, you should first understand a little about the organization of file system and the rules that apply to your code. Aside from the basic tenet that you cannot write files to directories for which you do not have appropriate security privileges, apps are also expected to be good citizens and put files in appropriate places. Precisely where you put files depends on the platform, but the overarching goal is to make sure that the user’s files remain easily discoverable and that the files your code uses internally are kept out of the user’s way.
在你开始编写跟文件系统交互的代码之前,你应该首先了解一些文件系统组织以及应用于你的代码的各种规则。 除了遵循你不能把文件写入你没有权限的目录这基本原则之外,应用程序也期望把文件放入一个适当的地方。 准确地说文件放在哪里取决于平台,但是首要目标是确保用户文件能被简单发现并且内部代码将不以用户方式保存。
About the iOS File System
一、关于iOS文件系统
The iOS file system is geared toward apps running on their own. To keep the system simple, users of iOS devices do not have direct access to the file system and apps are expected to follow this convention.
iOS 文件系统面向应用程序运行它们自己的系统。 为了保持系统的简单性, iOS设备的用户不能直接访问文件系统,应用程序需要遵守以下约定。
Every App Is an Island
1、每个应用程序都是一个岛屿
An iOS app’s interactions with the file system are limited mostly to the directories inside the app’s sandbox. During installation of a new app, the installer code creates a home directory for the app, places the app in that directory, and creates several other key directories. These directories constitute the app’s primary view of the file system. Figure 1-1 shows a representation of the sandbox for an app.
一个iOS应用程序跟文件系统的交互都主要限于应用程序沙盒内的目录。 当一个新应用程序被安装时,安装代码为应用程序创建一个主目录, 把应用程序放在该主目录,并创建一些其它主要目录。 这些目录组成应用程序文件系统的主要视图。图1-1显示了一个代表性的应用程序沙盒。
Each iOS app operates within its own sandbox
图 1-1 每个iOS 应用程序都在它自己的沙盒里操作
Because it is in a sandbox, an app is generally prohibited from accessing or creating files in directories outside of its home directory. One exception to this rule occurs when an app uses public system interfaces to access things such as the user’s contacts or music. In those cases, the system frameworks handle any file-related operations needed to read from or modify the appropriate data stores.
因为这是在一个沙盒内,所以应用程序一般禁止在其主目录外访问或创建文件。 该规则的一个例外是当应用程序使用公共系统接口来访问东西时,比如用户的联络或音乐。 在这些情况下,系统框架处理任何文件相关的操作都需要读取相应的数据存储或修改它。
For a detailed look at the directories inside an app’s sandbox, see “iOS Standard Directories: Where Files Reside”
关于一个应用程序沙盒内目录的详情,请看“iOS Standard Directories: Where Files Reside”
iOS Standard Directories: Where Files Reside
2、iOS 标准目录:文件所在
For security purposes, an iOS app has limited a number of places where it can write its data. When an app is installed on a device, iTunes creates a home directory for the app. This directory represents the universe for that app and contains everything the app can access directly. Table 1-1 lists some of the important subdirectories of this home directory and describes their intended usage. This table also describes any additional access restrictions for each subdirectory and points out whether the directory’s contents are backed up by iTunes.
为了安全目的,iOS应用程序限定了一些它能写入数据的地方。当应用程序被安装到一个设备时,iTunes 为应用程序创建了一个主目录。 该主目录代表了那个应用程序的全部,包含了应用程序能直接访问的所有东西。 表 1-1 列出了一些该主目录的重要子目录并描述了它们的用途。 该表格还描述了每个子目录的全部额外访问限制,并指出目录的内容是否被iTunes备份。
Directory |
Description |
---|---|
|
This is the bundle directory containing the app itself. Do not write anything to this directory. To prevent tampering, the bundle directory is signed at installation time. Writing to this directory changes the signature and prevents your app from launching again. 这是包含应用程序自身的束目录。不要往该目录写入任何东西。为了阻止被篡改,该目录在安装时被签名。往该目录写入数据将改变了签名,应用程序将无法再启动。 In iOS 2.1 and later, the contents of this directory are not backed up by iTunes. However, iTunes does perform an initial sync of any apps purchased from the App Store. 在iOS 2.1 以及以后版本,该目录的内容没有被iTunes备份。 然而,iTunes 确实对任何从App Store 购买的应用程序做一个初始化同步。 |
|
Use this directory to store critical user documents and app data files. Critical data is any data that cannot be recreated by your app, such as user-generated content. 使用该目录来存储关键的用户文档以及应用程序数据文件。关键数据是指应用程序不能再次创建的数据, 比如用户生成的内容。 The contents of this directory can be made available to the user through file sharing. The contents of this directory are backed up by iTunes. 该目录的内容可通过文件共享提供给用户。该目录的内容由iTunes备份。 |
|
Use this directory to access files that your app was asked to open by outside entities. Specifically, the Mail program places email attachments associated with your app in this directory; document interaction controllers may also place files in it. 使用该目录来访问由外部实体请求应用程序打开的各种文件。特别是,邮箱程序在该程序里放置应用程序相关的邮件附件;跟控制器交互的文档也可能在这里存储文件。 Your app can read and delete files in this directory but cannot create new files or write to existing files. If the user tries to edit a file in this directory, your app must silently move it out of the directory before making any changes. 你的应用程序能在该目录里读取或删除文件,但是不能创建新文件或向已有的文件里写入数据。如果用户尝试着在该目录里编辑一个文件,应用程序必须在对文件做任何改变之前悄悄地把文件移到目录外。 The contents of this directory are backed up by iTunes. 该目录的内容由iTunes备份。 |
|
This directory is the top-level directory for files that are not user data files. You typically put files in one of several standard subdirectories but you can also create custom subdirectories for files you want backed up but not exposed to the user. You should not use this directory for user data files. 该目录是文件的顶层目录,它不包含用户数据文件。 你通常可以在这些标准子目录里放置文件,但是你也可以为不想暴露给用户的文件创建自定义子目录。你不应该使用该目录来存储用户数据文件。 The contents of this directory (with the exception of the 该目录的内容由iTunes备份,Caches 子目录除外。 For additional information about the Library directory, see “The Library Directory Stores App-Specific Files.” 关于Library 目录的额外信息,请看 “The Library Directory Stores App-Specific Files.” |
|
Use this directory to write temporary files that do not need to persist between launches of your app. Your app should remove files from this directory when it determines they are no longer needed. (The system may also purge lingering files from this directory when your app is not running.) 使用该目录存储临时文件,这些文件不需要在应用程序启动期间长期保持。当应用程序确定这些文件不被需要时,它应该从该目录删除这些文件。(当应用程序停止运行时,该系统还可能从该目录清除顽固文件。) In iOS 2.1 and later, the contents of this directory are not backed up by iTunes. 从iOS 2.1 以及之后版本,该目录的内容不被iTunes备份。 |
An iOS app may create additional directories in the Documents
, Library
, and tmp
directories. You might want to do this to organize the files in those locations better.
iOS 应用程序可能在Documents, Library, 以及 tmp 目录里创建额外的目录。 你可能想这样做在那些地方更好的组织文件。
For information about how to get references to the preceding directories from your iOS app, see “Locating Items in the Standard Directories.” For tips on where to put files, see “Where You Should Put Your App’s Files.”
关于如何从iOS应用程序获得前目录的引用, 请看“Locating Items in the Standard Directories.” 关于在哪放置文件,请看“Where You Should Put Your App’s Files.”
Where You Should Put Your App’s Files
3、你应该在哪放置你的应用程序文件
To prevent the syncing and backup processes on iOS devices from taking a long time, be selective about where you place files inside your app’s home directory. Apps that store large files can slow down the process of backing up to iTunes or iCloud. These apps can also consume a large amount of a user's available storage, which may encourage the user to delete the app or disable backup of that app's data to iCloud. With this in mind, you should store app data according to the following guidelines:
为防止在iOS设备花长时间同步和备份进程,在应用程序主目录里有选择的放置你的文件。存储大文件的应用程序会减慢备份到iTunes 或 iCloud的进程。这些应用程序还会消耗大量用户的可用存储,这样可能会鼓励用户删除应用程序或不允许备份该应用程序数据到iCloud。所以,你应该遵循以下指导原则来存储应用程序数据:
-
Put user data in the
/Documents/
. User data is any data that cannot be recreated by your app, such as user documents and other user-generated content.把用户数据存在
/Documents/目录。用户数据是应用程序不能再次创建的所有数据,比如用户文档以及其它用户相关的内容。
-
Handle support files—files your application downloads or generates and can recreate as needed—in one of two ways:
用以下两种方式之一来处理支持文件----应用程序下载或生产的文件并能根据需要再次创建。
-
In iOS 5.0 and earlier, put support files in the
/Library/Caches
directory to prevent them from being backed up在iOS 5.0 以及早期版本中,把支持文件放在
/Library/Caches 目录里,以阻止它们被备份。
-
In iOS 5.0.1 and later, put support files in the
/Library/Application Support
directory and apply thecom.apple.MobileBackup
extended attribute to them. This attribute prevents the files from being backed up to iTunes or iCloud. If you have a large number of support files, you may store them in a custom subdirectory and apply the extended attribute to just the directory.在iOS 5.0.1 以及以后版本中,把支持文件放在
/Library/Application Support 目录并给它们提供 com.apple.MobileBackup 扩展属性。该属性阻止文件备份到iTunes 或 iCloud。 如果你有很多支持文件,你可以把它们存储在一个自定义子目录并把扩展属性应用给该目录。
-
-
Put data cache files in the
/Library/Caches
directory. Examples of files you should put in this directory include (but are not limited to) database cache files and downloadable content, such as that used by magazine, newspaper, and map apps. Your app should be able to gracefully handle situations where cached data is deleted by the system to free up disk space.把数据缓存文件放置在
/Library/Caches 目录。 你应该放在该目录的文件包括(但不仅限于)数据库缓存文件以及可下载的内容,比如杂志,新闻以及地图应用程序使用的内容。应用程序应该能优雅地处理缓存数据被系统删除以释放磁盘空间的各种情况。
-
Put temporary data in the
/tmp
directory. Temporary data comprises any data that you do not need to persist for an extended period of time. Remember to delete those files when you are done with them so that they do not continue to consume space on the user’s device.把临时数据放置在
/tmp 目录。 临时数据包含你不需要持久保存一段时间的各种数据。 记住当你不需要它们时,请删除这些文件,这样它们就不会继续占用用户设备的内存。
About the OS X File System
The OS X file system is designed for Macintosh computers, where both users and software have access to the file system. Users access the file system directly through the Finder, which presents a user-oriented view of the file system by hiding or renaming some files and directories. Apps access the file system using the system interfaces, which show the complete file system precisely as it appears on disk.
Domains Determine the Placement of Files
In OS X, the file system is divided into multiple domains, which separate files and resources based on their intended usage. This separation provides simplicity for the user, who only needs to worry about a specific subset of files. Arranging files by domain also lets the system apply blanket access privileges to files in that domain, preventing unauthorized users from changing files intentionally or inadvertently.
-
The user domain contains resources specific to the users who log in to the system. Although it technically encompasses all users, this domain reflects only the home directory of the current user at runtime. User home directories can reside on the computer’s boot volume (in the
/Users
directory) or on a network volume. Each user (regardless of privileges) has access to and control over the files in his or her own home directory. -
The local domain contains resources such as apps that are local to the current computer and shared among all users of that computer. The local domain does not correspond to a single physical directory, but instead consists of several directories on the local boot (and root) volume. This domain is typically managed by the system, but users with administrative privileges may add, remove, or modify items in this domain.
-
The network domain contains resources such as apps and documents that are shared among all users of a local area network. Items in this domain are typically located on network file servers and are under the control of a network administrator.
-
The system domain contains the system software installed by Apple. The resources in the system domain are required by the system to run. Users cannot add, remove, or alter items in this domain.
Figure 1-2 shows how the local, system, and user domains map to the local file system of an OS X installation. (The network domain is not shown but is similar in many ways to the local domain.) This figure shows the visible directories that the user might see. Depending on the user’s system, other directories may be visible or some of the ones shown here may be hidden.
The local OS X file system
For information about the contents of the directories in OS X, see “OS X Standard Directories: Where Files Reside.” For information about the directories that OS X normally hides from the user (and why), see “Hidden Files and Directories: Simplifying the User Experience.”
OS X Standard Directories: Where Files Reside
Whether provided by the system or created by your app, every file has its place in OS X. Table 1-2 lists some of the top-level directories in an OS X installation and the types of content that each one contains.
Directory |
Usage |
---|---|
|
This directory is where you install apps intended for use by all users of a computer. The App Store installs apps purchased by the user in this directory automatically. The This directory is part of the local domain. |
|
This directory contains the Xcode apps, tools, and developer-related resources. The default name of this directory is |
|
There are multiple For detailed information about the contents of this directory and how you use it to support your apps, see “The Library Directory Stores App-Specific Files.” |
|
This directory contains the list of computers in the local area network. There is no guarantee that files located on network file servers will have the |
|
This directory contains the system resources required by OS X to run. These resources are provided by Apple and must not be modified. This directory comprises the contents of the system domain. |
|
This directory contains one or more user home directories. The user home directory is where user-related files are stored. A typical user’s home directory includes the following subdirectories:
The preceding directories are for storing user documents and media only. Apps must not write files to the preceding directories unless explicitly directed to do so by the user. The sole exception to this rule is the Of the subdirectories, only the |
Important: The files in the user’s Documents
and Desktop
directories should reflect only the documents that the user created and works with directly. Similarly, the media directories should contain only the user’s media files. Those directories must never be used to store data files that your app creates and manages automatically. If you need a place to store automatically generated files, use the Library
directory, which is designated specifically for that purpose. For information on where to put files in the Library directory, see “The Library Directory Stores App-Specific Files.”
Although the directories in Table 1-2 are the ones seen by OS X users, they are not the only directories present in the file system. OS X hides many directories to prevent users from accessing files that they don’t need to.
Sandboxed OS X App File Containers
OS X apps that are sandboxed have all their Application Support
, Cache
, temporary directories and other related documents stored within a directory located at a system-defined path that you can obtain by calling the NSHomeDirectory
function.
For more information see App Sandbox Design Guide.
Hidden Files and Directories: Simplifying the User Experience
To simplify the experience for users, the Finder, and some specific user-facing interfaces (such as the Open and Save panels), hide many files and directories that the user should never have to use. Many of the hidden items are system- or app-specific resources that users cannot (or should not) access directly. Among the files and directories that are hidden are the following:
-
Dot directories and files—Any file or directory whose name starts with a period (
.
) character is hidden automatically. This convention is taken from UNIX, which used it to hide system scripts and other special types of files and directories. Two special directories in this category are the.
and..
directories, which are references to the current and parent directories respectively. -
UNIX-specific directories—The directories in this category are inherited from traditional UNIX installations. They are an important part of the system’s BSD layer but are more useful to software developers than end users. Some of the more important directories that are hidden include:
-
/bin
—Contains essential command-line binaries. Typically, you execute these binaries from command-line scripts. -
/dev
—Contains essential device files, such as mount points for attached hardware. -
/etc
—Contains host-specific configuration files. -
/sbin
—Contains essential system binaries. -
/tmp
—Contains temporary files created by apps and the system. -
/usr
—Contains non-essential command-line binaries, libraries, header files, and other data. -
/var
—Contains log files and other files whose content is variable. (Log files are typically viewed using the Console app.)
-
-
Explicitly hidden files and directories—The Finder may hide specific files or directories that should not be accessed directly by the user. The most notable example of this is the
/Volumes
directory, which contains a subdirectory for each mounted disk in the local file system from the command line. (The Finder provides a different user interface for accessing local disks.) In OS X 10.7 and later, the Finder also hides the~/Library
directory—that is, theLibrary
directory located in the user’s home directory. -
Packages and bundles—Packages and bundles are directories that the Finder presents to the user as if they were files. Bundles hide the internal workings of executables such as apps and just present a single entity that can be moved around the file system easily. Similarly, packages allow apps to implement complex document formats consisting of multiple individual files while still presenting what appears to be a single document to the user.
Although the Finder and other system interfaces hide files and directories from the user, Cocoa interfaces such as NSFileManager
do not filter out files or directories that are normally invisible to users. Thus, code that uses these interfaces theoretically has a complete view of the file system and its contents. (Of course, a process really has access to only those files and directories for which it has appropriate permissions.)
Files and Directories Can Have Alternate Names
In some situations, the Finder presents users with file or directory names that do not match the actual names as they appear in the file system. These names are known as display names and are used only by the Finder and specific system components (such as the Open and Save panels) when presenting file and directory information to the user. Display names improve the user experience by presenting the user with content in a more friendly way. For example, OS X uses display names in the following situations:
-
Localized names—The system provides localized names for many system directories, such as
Applications
,Library
,Music
,Movies
. An app may similarly provide localized names for itself and for any directories it creates. -
Filename extension hiding—The system hides filename extensions for all files by default. The user may change option, but when filename extension hiding is in effect, the characters after the last period in a filename (and the period itself) are not displayed.
Display names do not affect the actual name of the file in the file system. Code that accesses a file or directory programmatically must specify the item’s actual name when opening or manipulating the item using the file system interfaces. The only time your app should ever use display names is when displaying the name of a file or directory to the user. You can get the display name for any file or directory using the displayNameAtPath:
method of NSFileManager
.
Important: Your code should not allow users to modify display names directly. When you want the user to specify the name of a file, use a Save panel.
For information on how to localize the directories your app creates, see File System Advanced Programming Topics. For more information about localizing app content, see Internationalization Programming Topics.
The Library Directory Stores App-Specific Files
The Library
directory is where apps and other code modules store their custom data files. Regardless of whether you are writing code for iOS or OS X, understanding the structure of the Library
directory is important. You use this directory to store data files, caches, resources, preferences, and even user data in some specific situations.
There are several Library
directories throughout the system but only a few that your code should ever need to access:
-
Library
in the current home directory—This is the version of the directory you use the most because it is the one that contains all user-specific files. In iOS, the home directory is the app’s sandbox directory. In OS X, it is the app’s sandbox directory or the current user’s home directory (if the app is not in a sandbox). -
/Library
(OS X only)—Apps that share resources between users store those resources in this version of theLibrary
directory. Sandboxed apps are not permitted to use this directory. -
/System/Library
(OS X only)—This directory is reserved for use by Apple.
After selecting which version of the Library directory to use, you still need to know where to store your files. The Library directory itself contains several subdirectories that subdivide app-specific content into a few well-known categories. Table 1-3lists the most common subdirectories that you might use. Although Library directories in OS X contain many more subdirectories than the ones listed, most are used only by the system. If you want a more complete list of subdirectories, though, see “OS X Library Directory Details.”
Directory |
Usage |
---|---|
|
Use this directory to store all app data files except those associated with the user’s documents. For example, you might use this directory to store app-created data files, configuration files, templates, or other fixed or modifiable resources that are managed by the app. An app might use this directory to store a modifiable copy of resources contained initially in the app’s bundle. A game might use this directory to store new levels purchased by the user and downloaded from a server. All content in this directory should be placed in a custom subdirectory whose name is that of your app’s bundle identifier or your company. In iOS, the contents of this directory are backed up by iTunes. |
|
Use this directory to write any app-specific support files that your app can re-create easily. Your app is generally responsible for managing the contents of this directory and for adding and deleting files as needed. In iOS 2.2 and later, the contents of this directory are not backed up by iTunes. In addition, iTunes removes files in this directory during a full restoration of the device. On iOS 5.0 and later, the system may delete the |
|
In OS X, frameworks that must be shared by multiple apps can be installed in either the local or user domain. The Frameworks directory in the system domain stores the frameworks you use to create your OS X apps. In iOS, apps cannot install custom frameworks. |
|
This directory contains app-specific preference files. You should not create files in this directory yourself. Instead, use the In iOS, the contents of this directory are backed up by iTunes. |
The iCloud File Storage Container
三、iCloud 文件存储容器
iCloud provides a structured system for storing files for apps that make use of iCloud:
iCloud 提供了一个结构系统来存储应用程序文件,以供iCloud使用:
-
Apps have a primary iCloud container directory for storing their native files. They can also access secondary iCloud container directories listed in their app entitlements.
应用程序都有一个主要iCloud容器目录,用来存储它们的本地文件。它们还能访问列在应用程序配置(entitlements)里的次要iCloud容器目录。
-
Inside each container directory, files are segregated into "documents" and data. Every file or file package located in the
Documents
subdirectory (or one of its subdirectories) is presented to the user (via the iCloud UI in OS X and iOS) as a separate document that can be deleted individually. Anything not inDocuments
or one of its subdirectories is treated as data and shown as a single entry in the iCloud UI.在每个容器目录里面,文件被分为文档和数据。放置于Documents 子目录(或是Documents子目录里的其中一个)每个文件或文件包都以一个单独文档的方式呈现给用户,这些文档能被独立地删除。 不在Documents里或其子目录里的任何东西都作为数据并在iCloud UI 里以单个视图显示。
Documents that the user creates and sees in an app's user interface—for example the document browsers in Pages, Numbers, and Keynote should be stored in theDocuments
directory. Another example of files that might go in the Documents
directory are saved games, again because they are something that an app could potentially provide some sort of method for selecting.
用户在一个应用程序的用户界面里创建并看到的文档---比如页面上的浏览的文档,数字,以及主题(keynote)应该被存储在Documents目录。 另一个可能存储在Documents 目录里的例子是被保存的游戏,因为它们是应用程序可能提供一些方法以供选择的一些东西。
Anything that the app does not want the user to see or modify directly should be placed outside of the Documents
directory. Apps can create any subdirectories inside the container directory, so they can arrange private files as desired.
任何应用程序不想用户看见或直接修改的东西应该被放在Documents 目录之外。 应用程序能在容器目录里创建任何子目录, 这样他们就可以根据需要组织似有文件。
Apps create files and directories in iCloud container directories in exactly the same way as they create local files and directories. And all the file’s attributes are saved, if they add extended attributes to a file, those attributes are copied to iCloud and to the user's other devices too.
应用程序在iCloud 容器目录里创建文件和目录跟它们创建本地文件和目录一样。 而且如果它们给文件添加了扩展属性,所有的文件属性都将被保存,同时这些属性也被拷贝到iCloud 以及用户的其他设备中。
iCloud containers also allow the storage of key-value pairs that can be easily accessed without having to create a document format.
iCloud 容器还允许存储键值对,它们能被简单访问而不需要创建一个文档格式。
How the System Identifies the Type of Content in a File
四、系统如何辨别文件里的内容类型
There are two primary techniques for identifying the type of content in a file:
有两种主要方法可以辨别一个文件内容的类型:
-
Uniform Type Identifiers (UTIs)
统一类型标识符
-
Filename extensions
文件扩展名
A uniform type identifier is a string that uniquely identifies a class of entities considered to have a “type.” UTIs provide consistent identifiers for data that all apps and services can recognize and rely upon. They are also more flexible than most other techniques because you can use them to represent any type of data, not just files and directories. Examples of UTIs include:
统一类型标识符是一个字符串,它用来唯一的辨别实体类的类型。UTIs 提供了所有应用程序和服务都能辨认和信赖的一致的数据标识符。 它们也比大多数其它技术更灵活,因为你可以用它们来代表任何数据类型,不仅仅是文件和目录。 UTIs的例子包括:
-
public.text
—A public type that identifies text data.一种辨别文本数据的公告类型。
-
public.jpeg
—A public type that identifies JPEG image data.一种辨别JPEG图片数据的公共类型。
-
com.apple.bundle
—An Apple type that identifies a bundle directory.一种辨别一个束目录的苹果类型。
-
com.apple.application-bundle
—An Apple type that identifies a bundled app.一种辨别一个bundled应用程序的苹果类型。
Whenever a UTI-based interface is available for specifying file types, you should prefer that interface over any others. Many OS X interfaces allow you to specify UTIs corresponding to the files or directories you want to work with. For example, in the Open panel, you can use UTIs as file filters and limit the types of files the user selects to ones your app can handle. Several AppKit classes, including NSDocument
,NSPasteboard
, and NSImage
, support UTIs. In iOS, UTIs are used to specify pasteboard types only.
任何时候当可以用一个基于UTI的接口来指定文件类型时,你应该优先使用该接口。 很多OS X接口允许你指定跟你想工作的文件或目录相关的UTIs。比如,在一个打开面板中,你可以使用UTIs作为文件过滤器,并限制用户选择应用程序可以处理的文件类型。一些AppKit类,包括 NSDocument, NSPasteboard
, and NSImage 都支持UTIs。在iOS中,UTIs只用于指定粘贴面板类型。
One way the system determines the UTI for a given file is by looking at its filename extension. A filename extension is a string of characters appended to the end of a file and separated from the main filename with a period. Each unique string of characters identifies a file of a specific type. For example, the .strings
extension identifies a resource file with localizable string data while the .png
extension identifies a file with image data in the portable network graphics format.
系统给一个给定文件决定UTI的一种方法是查看它的文件扩展名。 文件扩展名是追加到文件尾部的一个由字符组成的字符串,它跟主文件名之间以点号分隔。每个唯一的字符串标识一个特定类型的文件。 比如, .strings扩展名 标识了一个本地化字符串数据的资源文件,而.png扩展名标识一个便携式网络图形格式的图形数据文件。
Note: Because period characters are valid characters in OS X and iOS filenames, only the characters after the last period in a filename are considered part of the filename extension. Everything to the left of the last period is considered part of the filename itself.
注意:因为点字符在OS X 和 iOS文件名里是有效字符,所以只有在文件名里的最后一个点才被认为是文件扩展名的一部分。 最后一个点前面的整个部分都是文件名的一部分。
If your app defines custom file formats, you should register those formats and any associated filename extensions in your app’s Info.plist
file. TheCFBundleDocumentTypes
key specifies the file formats that your app recognizes and is able to open. Entries for any custom file formats should include both a filename extension and UTI corresponding to the file contents. The system uses that information to direct files with the appropriate type to your app.
如果你的应用程序定义了自定义文件格式,你应该在你的应用程序Info.plist文件里注册那些格式和相关的文件扩展名。 CFBundleDocumentTypes 键指定了应用程序能够辨认并打开的文件格式。任何自定义文件格式应该都包含一个文件扩展名以及跟文件内容相关的UTI。 系统使用这些信息让文件以适当的类型接入应用程序。
For more information about UTIs and how you use them, see Uniform Type Identifiers Overview. For more information about the CFBundleDocumentTypes
key, see Information Property List Key Reference.
关于UTIs的更多信息,以及你如何使用它们,请看 Uniform Type Identifiers Overview. 关于CFBundleDocumentTypes键的更多信息,请看Information Property List Key Reference.
Security: Protect the Files You Create
五、安全:保护创建的文件
Because all user data and system code are stored on disk somewhere, protecting the integrity of files and the file system is an important job. For that reason, there are several ways to secure content and prevent it from being stolen or damaged by other processes.
因为所有用户数据和系统代码都存储在磁盘的某个地方,所以保护文件和文件系统的完整性四一项很重要的工作。 因为那个原因,有很多方法可以保护内容安全并阻止它被其它进程盗取或损坏。
For general information about secure coding practices when working with files, seeSecure Coding Guide.
关于处理文件时的安全编码实践的基本信息,请看Secure Coding Guide.
Sandboxes Limit the Spread of Damage
1、沙盒限制损坏的传播
In iOS and in OS X v10.7 and later, sandboxes prevent apps from writing to parts of the file system that they should not. Each sandboxed app receives its own container directory in which it can write files. An app cannot write to other apps’ containers or to most directories outside of the sandbox. These restrictions limit the potential damage that can be done in the event that an app’s security is breached.
在iOS 和 OS X v10.7以及之后版本中, 沙盒禁止应用程序向部分它们不应该写入数据的文件系统写入数据。每个沙盒应用程序接收一个自己的容器目录,在那里它们能存入各种文件。 应用程序不能写入其它应用程序的容器内,也不能向沙盒外的大多数目录你写入数据。这些限制在应用程序的安全被破坏时能减少事件中的潜在损坏。
Developers writing apps for OS X v10.7 and later are encouraged to put their apps in sandboxes to enhance security. Developers of iOS apps do not have to explicitly put their app in a sandbox because the system does it for them automatically at install time.
推荐编写OS X v10.7以及之后版本应用程序的开发者把他们的应用程序放入沙盒来增强安全性。iOS应用程序的开发者不需要明确把应用程序放入沙盒,因为系统在下载时自动完成。
For more information about sandboxes and the types of restrictions they impose on file system access, see Mac App Programming Guide and App Sandbox Design Guide.
关于沙盒和它们用于文件系统访问的限制类型等更多信息,请看Mac App Programming Guide 和 App Sandbox Design Guide.
Permissions and Access Control Lists Govern All Access to Files
2、权限和访问控制列表管理所有对文件的访问
Access to files and directories is governed by a mixture of access control lists (ACLs) and BSD permissions. Access control lists are a set of fine-grained controls that define exactly what can and cannot be done to a file or directory and by whom. With access control lists, you can grant individual users different levels of access to a given file or directory. By contrast, BSD permissions only allow you to give access to three classes of users: the file’s owner, a single group of users that you specify, and all users. See Security Overview for more information.
文件和目录的访问由访问控制列表(ACLs)和BSD权限混合控制。访问控制列表是对文件的一系列详细控制,它包含什么能做,什么不能做,以及谁能做等内容。有了访问控制列表之后,你就能获得用户对文件或目录的不同访问权限。与此相反,BSD权限只允许你给三个用户类授权:the file's owner(文件所有者),你指定的单个用户组,以及所有用户。请看Security Overview 了解更多详情。
Note: For a file on a network server, do not make any assumptions about the ACLs and BSD permissions associated with the file. Some network file systems provide only a summarized version of this information.
注意:对于一个网络服务器上的文件,不做任何与该文件相关的ACL的和BSD权限的假设。一些网络文件系统只能提供这些信息的总结版本。
Because iOS apps always run in a sandbox, the system assigns specific ACLs and permissions to files created by each app. However, OS X apps can use Identity Services to manage access control lists for files to which they have access. For information about how to use Identity Services (and the Collaboration framework), see Identity Services Programming Guide.
因为iOS应用程序永远只在一个沙盒里运行, 系统给每个应用程序的文件分配了特定的ACL和权限。然而,OS X 应用程序可以给它们已经访问的文件使用身份服务来管理访问控制列表。关于如何使用身份服务(以及Collaboration 框架)的信息,请看Identity Services Programming Guide.
Files Can Be Encrypted On Disk
3、 磁盘上的文件可加密
Both OS X and iOS provide support for encrypting files on disk:
OS X 和 iOS都可以对磁盘的文件加密:
-
iOS—An iOS app can designate files that it wants to be encrypted on disk. When the user unlocks a device containing encrypted files, the system creates a decryption key that allows the app to access its encrypted files. When the user locks the device, though, the decryption key is destroyed to prevent unauthorized access to the files.
iOS--iOS应用程序可以指定磁盘中它想加密的文件。 当用户解锁包含加密文件的设备时,系统创建一个解密秘钥让应用程序访问它的加密文件。当用户锁设备时,该解密秘钥就被摧毁以阻止对该文件的非法访问。
-
OS X—Users can encrypt the contents of a volume using the Disk Utility app. (They can also encrypt just the boot volume from the Security & Privacy system preference.) The contents of an encrypted disk are available to apps only while the computer is running. When the user puts the computer to sleep or shuts it down, the decryption keys are destroyed to prevent unauthorized access to the disk’s contents.
OS X--用户可以使用磁盘实用应用程序对卷内容进行加密。(它们也可以在Security & Privacy system preference只给启动卷进行加密。) 应用程序只能在电脑运行时才恩那个使用一个加密磁盘的内容。当用户让电脑进入睡眠或关闭时,解密秘钥就被摧毁以阻止非法访问磁盘的内容。
In iOS, apps that take advantage of disk-based encryption need to be discontinue the use of encrypted files when the user locks the device. Because locking the device destroys the decryption keys, access to encrypted files is limited to when the device is unlocked. If your iOS app can run in the background while the device is locked, it must do so without access to any of its encrypted files. Because encrypted disks in OS X are always accessible while the computer is running, OS X apps do not need to do anything special to handle disk-level encryption.
在iOS中,当用户锁定设备时,使用基于磁盘加密的应用程序需要停止使用文件加密。 因为锁定设备摧毁解密秘钥, 访问加密文件只限于当设备不被锁定时。当设备被锁定时,如果你的iOS应用程序能在后台运行,它必须不能访问任何它的加密文件。因为在OS X中的加密磁盘在电脑运行时总是可访问, OS X 应用程序不需要做任何特殊事情来处理磁盘层的加密。
For more information about working with encrypted files in iOS, see iOS App Programming Guide.
关于iOS中有关加密文件的更多信息,请看 iOS App Programming Guide.
Synchronization Ensures Robustness in Your File-Related Code
六、同步可确保你的文件相关代码的健壮性
The file system is a resource shared by third-party apps and system apps. Because multiple apps are able to access files and directories at the same time, the potential arises for one app to make changes that render a second app’s view of the file system obsolete. If the second app is not prepared to handle such changes, it could enter an unknown state or even crash. In cases where your app relies on the presence of specific files, you can use synchronization interfaces to be notified of changes to those files.
文件系统是被第三方应用程序和系统应用程序共享的一个资源。因为多个应用程序可以同时访问文件和目录, 所以就有可能出现一个应用程序的修改导致第二个应用程序的文件系统视图过时的现象。如果第二个应用程序没有准备处理这样的改变,它可能进入一个未知的状态甚至奔溃。在你的应用程序依赖指定文件是否存在的情况下,你可以使用同步接口来接收对那些文件的改变。
File system synchronization is primarily an issue in OS X, where the user can manipulate files directly with the Finder or with any number of other apps at the same time. Fortunately, OS X provides the following interfaces to help with synchronization issues:
文件系统同步主要是OS X里的一个问题,在OS X里用户可以通过Finder或很多其它应用程序同时直接操作文件。 幸运的是,OS X提供了以下接口来帮助同步问题:
-
File coordinators—In OS X 10.7 and later, file coordinators are a way to incorporate fine-grained synchronization support directly into the objects of your app; see “The Role of File Coordinators and Presenters.”
文件协调者---在OS X 10.7 以及之后版本中,文件协调员是直接把详细同步支持组合到应用程序对象里的一个方法;请看“The Role of File Coordinators and Presenters.”
-
FSEvents—In OS X 10.5 and later, file system events allow you to monitor changes to a directory or its contents; see File System Events Programming Guide.
FSEvents---在OS X 10.5 以及之后版本中,文件系统事件允许你监视改变一个目录或其内容;请看File System Events Programming Guide.
Files, Concurrency, and Thread Safety
七、文件,并发,以及线程安全
Because file-related operations involve interacting with the hard disk and are therefore slow compared to most other operations, most of the file-related interfaces in iOS and OS X are designed with concurrency in mind. Several technologies incorporate asynchronous operation into their design and most others can execute safely from a dispatch queue or secondary thread. Table 1-4 lists some of the key technologies discussed in this document and whether they are safe to use from specific threads or any thread. For specific information about the capabilities of any interface, see the reference documentation for that interface.
因为文件相关的操作涉及与硬件磁盘的交互,所以相比于其它操作比较慢,大多数文件相关的接口在iOS 和 OS X中都设计带有并发。表1-4 列出了一些在本文档中讨论的关键技术,以及它们从特定线程或任何线程中使用是否安全。 对于有关任何接口的能力的特定信息,请看那个接口的参考文档。
Class/Technology |
Notes |
---|---|
|
For most tasks, it is safe to use the default 对于大多数任务,从多个后台线程同时使用默认的NSFileManager 对象是安全的。唯一例外是当任务跟文件管理者的委托(file manager's delegate)发生交互时。当一个委托使用一个文件管理者对象时,推荐你创建一个唯一的NSFileManager实例,并让你的委托跟该实例一起使用。然后你应该在一个时间从一个线程使用你的唯一实例。 |
Grand Central Dispatch |
GCD itself is safe to use from any thread. However, you are still responsible for writing your blocks in a way that is thread safe. GCD本身在任何线程使用都是安全的。但是,你任然有责任考虑线程安全编写你的块。 |
|
Most of the Foundation objects you use to read and write file data can be used from any single thread but should not be used from multiple threads simultaneously. 大多数你用来读取和写入文件数据的基础对象都能在任何单个线程中使用,但是不应该同时在多个线程使用。 |
Open and Save panels |
Because they are part of your user interface, you should always present and manipulate the Open and Save panels from your app’s main thread. 因为它们是你的用户界面的一部分,你应该总是从你的应用程序主线程中呈现并操作Open and Save 面板。 |
POSIX routines |
The POSIX routines for manipulating files are generally designed to operate safely from any thread. For details, see the corresponding man pages. POSIX 例程 用来操作文件一般都是从任何线程操作都是安全的。详情请看相关手册页。 |
|
The immutable objects you use to specify paths are safe to use from any thread. Because they are immutable, you can also refer to them from multiple threads simultaneously. Of course, the mutable versions of these objects should be used from only one thread at a time. 你用来指定路径的固定不变的对象在任何线程使用都是安全的。 因为它们是一成不变的,你还可以同时在多个线程引用它们。 当然,这些对象的可变版本只能一个时间在一个线程中使用。 |
|
Enumerator objects are safe to use from any single thread but should not be used from multiple threads simultaneously. 枚举对象在任何单个线程中使用都是安全的,但是不应该同时在多个线程使用。 |
Even if you use an thread-safe interface for manipulating a file, problems can still arise when multiple threads or multiple processes attempt to act on the same file. Although there are safeguards to prevent multiple clients from modifying a file at the same time, those safeguards do not always guarantee exclusive access to the file at all times. (Nor should you attempt to prevent other processes from accessing shared files.) To make sure your code knows about changes made to shared files, use file coordinators to manage access to those files. For more information about file coordinators, see “The Role of File Coordinators and Presenters”
即使你使用一个线程安全接口来操作一个文件,当对个线程或多个进程尝试操作同一个文件时,问题还是会发生。虽然有保障措施,以防止多个客户端同时修改文件,但是这些措施不会总是保证任何时候都能独占访问该文件。(你也不应该尝试阻止其它进程访问共享文件。)要想确保你的代码了解对共享文件所在的改变,使用文件协调员(file coordinators)来管理那些文件的访问。 关于文件协调员的更多信息,请看 “The Role of File Coordinators and Presenters”