[pmwiki-users] Rethinking passwords and authorization
Patrick R. Michaud
pmichaud at pobox.com
Tue Oct 10 13:11:26 CDT 2006
On Mon, Oct 09, 2006 at 09:54:47PM -0400, Stirling Westrup wrote:
> Kathryn Andersen wrote:
>
> > id:"Alice Adams", at authors,id:"Bob Barker","multi word password"
> >
> >> or when we try to revoke access:
> >>
> >> @authors id:"Alice Adams",-carol,"Bob Barker"
> >
> > @authors,id:"Alice Adams",-id:carol,id:"Bob Barker"
> >
> > But you would have to insist that passwords and names couldn't have a
> > comma or quote in them.
> >
> > Another thing, I do like the idea of making all these different forms
> > more uniform with
> >
> > auth_type:authorization
> >
> > as has already been suggested.
>
> I would think that the way to parse it would be like this:
> 1) an auth string consists of space-delimited auth expressions.
> 2) an auth expression is an auth_type, and a comma-separated list of
> auth tokens.
> 3) an auth token is an optional -, followed my a single word, or
> multiple words in quotes. Any token containing a comma or space would
> need to be in quotes, and any quotes inside a token would need to be
> escaped.
>
> The secret to parsing the above would be to have the first pass replace
> quote-delimited phrases with something like the Keep() tokens, and then
> parse on spaces, colons and commas.
ParseArgs already knows how to parse quote-delimited phrases. It
just doesn't know how to parse comma-separated quote-delimited phrases.
Pm
More information about the pmwiki-users
mailing list