Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #45619
| Path | csiph.com!usenet.pasdenom.info!aioe.org!news.stack.nl!newsfeed.xs4all.nl!newsfeed4.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <python-python-list@m.gmane.org> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.001 |
| X-Spam-Evidence | '*H*': 1.00; '*S*': 0.00; 'operator': 0.03; 'subsequent': 0.05; "'',": 0.07; 'column': 0.07; 'element': 0.07; 'subject:Question': 0.07; 'integers': 0.09; 'logic': 0.09; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'subject:skip:a 10': 0.09; 'sure,': 0.09; "'0',": 0.16; "'in',": 0.16; "'is',": 0.16; 'boolean': 0.16; 'bracket': 0.16; 'bullet': 0.16; 'discarded': 0.16; 'entry.': 0.16; 'expressions,': 0.16; 'placeholder': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'timestamps': 0.16; 'tuple': 0.16; 'exception': 0.16; 'wrote:': 0.18; 'examples': 0.20; 'work,': 0.20; 'seems': 0.21; 'input': 0.22; 'header:User- Agent:1': 0.23; 'convenient': 0.24; 'entries': 0.24; 'string,': 0.24; 'compare': 0.26; 'defined': 0.27; 'header:X-Complaints- To:1': 0.27; 'header:In-Reply-To:1': 0.27; 'chris': 0.29; 'compared': 0.30; 'evaluation': 0.30; 'field,': 0.30; 'work.': 0.31; 'follows': 0.31; 'operators': 0.31; 'anyone': 0.31; 'regular': 0.32; 'guess': 0.33; 'received:co.za': 0.34; 'received:za': 0.34; 'problem': 0.35; "can't": 0.35; 'display': 0.35; 'something': 0.35; 'requirement': 0.35; 'test': 0.35; 'but': 0.35; 'scheme': 0.36; 'entry': 0.36; 'similar': 0.36; 'wrong': 0.37; 'list': 0.37; 'implement': 0.38; 'to:addr:python-list': 0.38; 'list,': 0.38; 'anything': 0.39; 'does': 0.39; 'to:addr:python.org': 0.39; 'changed': 0.39; 'either': 0.39; 'received:org': 0.40; 'according': 0.40; 'ensure': 0.60; 'easy': 0.60; 'above,': 0.60; 'no.': 0.61; 'first': 0.61; 'name': 0.63; 'field': 0.63; 'decided': 0.64; 'pick': 0.64; 'situation': 0.65; 'here': 0.66; 'frank': 0.68; 'received:41': 0.70; 'safe': 0.72; "'and'": 0.84; 'bite': 0.84; 'cuts': 0.84; 'safe.': 0.84; 'approach.': 0.91; 'divided': 0.91 |
| X-Injected-Via-Gmane | http://gmane.org/ |
| To | python-list@python.org |
| From | Frank Millman <frank@chagford.com> |
| Subject | Re: Question about ast.literal_eval |
| Date | Mon, 20 May 2013 15:26:02 +0200 |
| References | <knci07$jol$1@ger.gmane.org> <BLU176-W37EB377C73CD6D7306247DD7AF0@phx.gbl> <knckj0$cft$1@ger.gmane.org> <CAPTjJmpb073XFH5ksNhzRyAJNSJF=6WNq5pGzed4PXqBrJBN=A@mail.gmail.com> <knclk6$lva$1@ger.gmane.org> |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=ISO-8859-1; format=flowed |
| Content-Transfer-Encoding | 7bit |
| X-Gmane-NNTP-Posting-Host | 41-133-115-58.dsl.mweb.co.za |
| User-Agent | Mozilla/5.0 (Windows NT 5.2; rv:17.0) Gecko/20130509 Thunderbird/17.0.6 |
| In-Reply-To | <knclk6$lva$1@ger.gmane.org> |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.15 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.1888.1369056365.3114.python-list@python.org> (permalink) |
| Lines | 69 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1369056365 news.xs4all.nl 15866 [2001:888:2000:d::a6]:59686 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:45619 |
Show key headers only | View raw
On 20/05/2013 10:07, Frank Millman wrote:
> On 20/05/2013 09:55, Chris Angelico wrote:
>> Is it a requirement that they be able to key in a constraint as a
>> single string? We have a similar situation in one of the systems at
>> work, so we divided the input into three(ish) parts: pick a field,
>> pick an operator (legal operators vary according to field type -
>> integers can't be compared against regular expressions, timestamps can
>> use >= and < only), then enter the other operand. Sure, that cuts out
>> a few possibilities, but you get 99.9%+ of all usage and it's easy to
>> sanitize.
>>
>> ChrisA
>>
>
> It is not a requirement, no. I just thought it would be a convenient
> short-cut.
>
> I had in mind something similar to your scheme above, so I guess I will
> have to bite the bullet and implement it.
>
Can anyone see anything wrong with the following approach. I have not
definitely decided to do it this way, but I have been experimenting and
it seems to work.
I store the boolean test as a json'd list of 6-part tuples. Each element
of the tuple is a string, defined as follows -
0 - for the first entry in the list, the word 'check' (a placeholder -
it is discarded at evaluation time), for any subsequent entries the word
'and' or 'or'.
1 - left bracket - either '(' or ''.
2 - column name to check - it will be validated on entry.
3 - operator - must be one of '=', '!=', '<', '>', '<=', '>=', 'in',
'is', 'is not'. At evaluation time, '=' is changed to '=='.
4 - value to compare - at evaluation time I call
str(literal_eval(value)) to ensure that it is safe.
5 - right bracket - either ')' or ''.
At evaluation time I loop through the list, construct the boolean test
as a string, and call eval() on it.
Here are some examples -
check = []
check.append(('check', '', 'name', 'in', "('abc', 'xyz')", ''))
check = []
check.append(('check', '', 'value', '>=', '0', ''))
check = []
check.append(('check', '(', 'descr', 'is not', 'None', ''))
check.append(('and', '', 'alt', 'is', 'None', ')'))
check.append(('or', '(', 'descr', 'is', 'None', ''))
check.append(('and', '', 'alt', 'is not', 'None', ')'))
I don't plan to check the logic - I will just display the exception if
it does not evaluate.
It seems safe to me. Can anyone see a problem with it?
Frank
Back to comp.lang.python | Previous | Next — Next in thread | Find similar | Unroll thread
Re: Question about ast.literal_eval Frank Millman <frank@chagford.com> - 2013-05-20 15:26 +0200
Re: Question about ast.literal_eval Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-05-20 16:12 +0000
Re: Question about ast.literal_eval Chris Angelico <rosuav@gmail.com> - 2013-05-21 02:23 +1000
Re: Question about ast.literal_eval Frank Millman <frank@chagford.com> - 2013-05-21 08:30 +0200
Re: Question about ast.literal_eval Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-05-21 07:21 +0000
Re: Question about ast.literal_eval Frank Millman <frank@chagford.com> - 2013-05-21 10:06 +0200
Re: Question about ast.literal_eval Fábio Santos <fabiosantosart@gmail.com> - 2013-05-21 09:23 +0100
Re: Question about ast.literal_eval Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-05-21 10:00 +0100
csiph-web