ARPA2 Common Libraries  2.6.2
Modules
Policy Rules for ARPA2 Access Control, Groups, ...
Collaboration diagram for Policy Rules for ARPA2 Access Control, Groups, ...:

Modules

 Rules Types
 
 RuleDB underpinning Access Control, Groups, ...
 

Detailed Description

Rules are a generic layer underpinning ARPA2 code for Rules Control, Groups and so on. Rules specify how to handle a certain user (found with iteration) for a given Rules Domain for an Rules Type ("service" or "application") and Rules Name ("identity" or "instance").

Rules are NUL-terminated UTF-8 strings consisting of space-separated words. Each word starts with a single character to select an abstract function:

Rules are concatenated to form Rulesets, and passed as a char * to the start and an unsigned total length. The terminating NUL for each Rule allows a reset of state between Rules, notably of the =xvalue and FLAGS that are retained between the words of a Rule.

There are 26 flags, named A through Z and passed in an integer as bits 0 through 25, respectively.

There are 26 variables, named a through z and passed in an array at indexes 0 through 25, respectively.

The form ~sel may occur in localised Rulesets (near a policy-ruled resource) but not in a database, because then it is part of the database lookup key.

The form #label is a one-word comment label, has no meaning but may be used to select individual Rules from a Ruleset during bulk traversal. It can be used to mark a Rule as having originated from a particular source.