i have a project i'm working on where i'd like to support complex
boolean/relational requests, where those requests must be satisfied on the
context of defined objects...  i'm loath to create an entire parser/scanner
just to evaluate these expression when ruby's own is already written but also
don't want to risk using eval for the obvious reason.  so, for example, i'll
have a command line option for a request:

  prog.rb --request='a < 42 and b == true'


i can think of three approaches for evaluating such requests:

1) eval

    request = 'a < 42 and b == true'
    a = 42
    b = true
    eval request

 2) code generation using ruby to evaluate (this protects against evil evals)

    request = 'a < 42 and b == true'
    a = 42
    b = true

    code = <<-code
      a = #{ a }
      b = #{ b }
      p(#{ request })
    code

    res = `ruby -e '#{ code }'` 

    case res
      when /true/o
      when /false/o
      else
    end

  3) full blown racc parser with associated context/evaluation logic...


* eval is attractive because i'd be done today, but it'd be too easy for someone
to do

  prog.rb --request='a < 42 and b == true; raise "ha ha"'

* code generation is attractive for the same reason but feels hackish and slow


* the full blown racc parser just seems like alot of work to accomplish such a
small thing...  then again perhaps it wouldn't be that bad...

can someone think of alternatives or variations that are simple and safe?
  

-a
-- 
===============================================================================
| EMAIL   :: Ara [dot] T [dot] Howard [at] noaa [dot] gov
| PHONE   :: 303.497.6469
| ADDRESS :: E/GC2 325 Broadway, Boulder, CO 80305-3328
| URL     :: http://www.ngdc.noaa.gov/stp/
| TRY     :: for l in ruby perl;do $l -e "print \"\x3a\x2d\x29\x0a\"";done 
===============================================================================