[pmwiki-users] Rethinking passwords and authorization

Patrick R. Michaud pmichaud at pobox.com
Tue Oct 10 13:11:26 CDT 2006


On Mon, Oct 09, 2006 at 09:54:47PM -0400, Stirling Westrup wrote:
> Kathryn Andersen wrote:
> 
> > id:"Alice Adams", at authors,id:"Bob Barker","multi word password"
> >  
> >> or when we try to revoke access:
> >>
> >>     @authors id:"Alice Adams",-carol,"Bob Barker"
> >       
> >       @authors,id:"Alice Adams",-id:carol,id:"Bob Barker"
> >  
> > But you would have to insist that passwords and names couldn't have a
> > comma or quote in them.
> > 
> > Another thing, I do like the idea of making all these different forms
> > more uniform with
> > 
> >         auth_type:authorization
> > 
> > as has already been suggested.
> 
> I would think that the way to parse it would be like this:
>   1) an auth string consists of space-delimited auth expressions.
>   2) an auth expression is an auth_type, and a comma-separated list of
> auth tokens.
>   3) an auth token is an optional -, followed my a single word, or
> multiple words in quotes. Any token containing a comma or space would
> need to be in quotes, and any quotes inside a token would need to be
> escaped.
> 
> The secret to parsing the above would be to have the first pass replace
> quote-delimited phrases with something like the Keep() tokens, and then
> parse on spaces, colons and commas.

ParseArgs already knows how to parse quote-delimited phrases.  It
just doesn't know how to parse comma-separated quote-delimited phrases.

Pm




More information about the pmwiki-users mailing list