I started with a grammar and would like to get some feedback on it. Demo proof-of-concept parser is in the GrammarDemoProofOfConcept.rar attachment.
The grammar has four operators:
- and &&
- or ||
- not !
- parenthesis ( )
and two build-in functions:
Example:
@Secured("permission('account:1 0:test') && (permission('print paper') || !role('role'))")
--------------- Escaping:
Theoretically, the symbol ' might be used in role or permission name. To escape it, use /.
Example:
@Secured("permission('some role with /' symbol')")
@Secured("role('some role with // symbol')")
The symbol \ is more standard, but that one has to be escaped in java. E.g. the user would have to write
role('name with
' in it')) instead of role('name with /' in it')) to get "name with ' in it"
role('name with \\\\ in it')) instead of role('name with // in it')) to get "name with \ in it" or "name with / in it"
--------------- Shortcut 1:
As expressions might get too long, both role and permission functions takes n parameters:
- role(role_1, role_2, ..., role_n),
- permission(permission_1, permission_2, ..., permission_n).
Role function returns true if currently logged user has all specified roles. Permission function returns true if currently logged user has all specified permissions.
Example:
@Secured("role('traveling sales', 'employee')")
is equivalent to
@Secured("role('traveling sales') && role('employee')")
@Secured("permission('account:1', 'print')")
is equivalent to
@Secured("permission('account:1') && permission('print')")
--------------- Shortcut 2:
I assume that roles are used more often. If neither role nor permission function is specified, role is assumed.
Example:
@Secured("'traveling sales' && 'employee' || 'some role')")
is equivalent to
@Secured("role('traveling sales') && role('employee') || role('some role')")
Demo proof-of-concept parser.