r3wp [groups: 83 posts: 189283]
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

World: r3wp

[Parse] Discussion of PARSE dialect

BrianH
5-Jun-2009
[3864]
Looks like AccessChk: http://technet.microsoft.com/en-us/sysinternals/bb664922.aspx
Pekr
5-Jun-2009
[3865x2]
It does not even have parameter to distinguish directory and file 
- what a lame tool. You have to use trick - icacls c:\some-dir\sub-dir-or-file*. 
, which is relict of 8.3 naming, so actually it will match and dir 
and file, not having suffix ....
What would lame MS do without buying Sysinternals guys escapes my 
mind ...
BrianH
5-Jun-2009
[3867]
This is how they get their tech.
Pekr
5-Jun-2009
[3868]
WTF :-) No I am upset about myself, as I use other SysInternal tools 
often, but dunno why I haven't looked for that tool mysel :-)
BrianH
5-Jun-2009
[3869x2]
Haven't used it yet either.
ICACLS has a /save option - what does that output? It's supposed 
to be machine readable, unlike its stdout output.
Pekr
5-Jun-2009
[3871]
it outputs complete mess. It almost looks like binary, but it is 
not - but no newlines, etc. It is kind of despaced output, which 
can be later used to set right back ....
BrianH
5-Jun-2009
[3872]
Might be more parseable though.
Pekr
5-Jun-2009
[3873x6]
there are no names though ... just SIDs ...
Following does what I need, and the output is nicer

accesschk.exe  -s -d L:\Sprava\* > ble.txt
-s recursion, -d dir-only
L:\My-dir\My-sub-dir
  Medium Mandatory Level (Default) [No-Write-Up]
  RW BUILTIN\Administrators
  RW WALMARK\AJMV
This is parseable ... maybe I can even use read/lines and skip the 
second line ...
It is just "not standard", e.g. If I would be planning (which I am 
not :-) to write simple Identity management, I would be probably 
better with "standard". This is already converted to R, W, etc.
BrianH
5-Jun-2009
[3879x2]
If you don't need it, sure :)
All Vista shop then? The nearest person I know that runs Vista is 
more than 60 miles from me.
Pekr
5-Jun-2009
[3881]
Windows console is so lame, that I have to use iconv to convert to 
win1250 first. It looks like they still live in DOS age :-)
BrianH
5-Jun-2009
[3882]
Windows has moved on to ActiveX and PowerShell - the console is legacy.
Pekr
5-Jun-2009
[3883x2]
Windows should be legacy :-)
OK, thanks for the tip. I don't even need to modify the output, it 
is ok right from the tool!
Gregg
5-Jun-2009
[3885]
Pekr, does the output align/pad the paths so they are all the same 
length? i.e. columnar output?
Pekr
5-Jun-2009
[3886]
Gregg - if you mean my former example, then - no, it does not. It 
really has to be bug in icacls, that the first item is being put 
on the first line appended behind the path ...
BrianH
5-Jun-2009
[3887]
bug -> design flaw
Pekr
5-Jun-2009
[3888]
yes
Paul
5-Jun-2009
[3889]
;Pekr, to avoide subdirectories with the spaces you can use this 
instead of my earlier example:


copy/part path find/reverse find/reverse find/reverse find path "(" 
"\" " " " "
Pekr
5-Jun-2009
[3890]
Paul - that will not work. Because there is one exceptiong - NT AUTHORITY, 
which contains space ...
BrianH
5-Jun-2009
[3891]
Which is a keyword. BUILTIN is another keyword.
Pekr
5-Jun-2009
[3892]
But there can be also any domain name, not just keyword ....
BrianH
5-Jun-2009
[3893]
Ah, but the list of domain names in your network is a fixed list. 
You can use that list to generate the look-for-a-domain rule.
Paul
5-Jun-2009
[3894]
Right Pekr, forgot about that.
Pekr
5-Jun-2009
[3895]
I got it working. I use the following trick - I identify DOMAIN\USER:(RIGHT) 
or (RIGHT) sections first. Then I put weirdly markers around and 
catch the rest with the skip. The file is "clean", so actually what 
do I skip is either spaces, or path. I do check in emit function:

emit: does [
 if find tmp: trim copy/part p-start p-end ":\" [path: tmp]
 print [path domain user rights]
]

;--- rules - spaces, tabs, newlines

spacer-chars: charset [#" " #"^-" #"^/"]
spacers: [some spacer-chars]

;--- user-rights rules
;--- would be easier, if filesystem would not allow () ...

right-char: charset [#"A" - #"Z"]
right-rule: ["(" 1 2 right-char ")" ]

rights-rule: [r-start: some right-rule r-end: (rights: copy/part 
r-start r-end)]

;--- rule to identify user part

user-chars: complement charset {".,;:\/*}
user-rule: [copy user some user-chars ":" ]


;--- rule to identify domain - I expect it being typed in CAPITAL, 
can contain "-"
;--- the exception is "NT AUTHORITY" - contains space

domain-chars: charset [#"A" - #"Z" "-"]
domain-rule: [
    "NT AUTHORITY\" (domain: "NT AUTHORITY")
    |
     copy domain some domain-chars "\"  
]


;--- rules for combinations of: rights only (RIGHT), or DOMAIN\USER:(RIGT)
domain-user-rights: [
     rights-rule 
    |
     domain-rule
     user-rule
     rights-rule
]


parse/all str: read from-file [p-start: any [ p-end: domain-user-rights 
(emit) p-start: | skip ] to end]
Paul
5-Jun-2009
[3896x3]
lcase: charset "abcdefghijklmnopqrstuvwxyz"

copy/part path find/reverse find/reverse find/reverse find/reverse 
find path "(" "\" " " lcase " "
I'm assuming all usernames will be lowercase.
Windows doesn't use case specific usernames.
BrianH
5-Jun-2009
[3899]
No, but they use case-preserving.
Paul
5-Jun-2009
[3900]
Even for the output of icalcs?
BrianH
5-Jun-2009
[3901]
Probably. Only the domains are uppercased.
Paul
5-Jun-2009
[3902x2]
Then with the find command I don't think it will be possible.
At least not without a table lookup.
Graham
14-Jun-2009
[3904]
What's the most economical way to do this.  I have a line of text, 
and I want to classify each line.  So, if I find the word "tablet" 
in it, I class this as a U2, and if I find "capsule", it's AV.

I can do a sequence of finds inside a case statement, or I can use 
a parse.  But in the first instance I have multiple find statements, 
but in the latter I have mutliple assignments in my code.
Gregg
14-Jun-2009
[3905]
Economical how, in space, speed, or complexity? e.g., repeated FINDs 
can seem inelegant, but are easy to understand and maintain.

If lines match more than one rule, what is the desired behavior?


Assuming you have test data, and if performance is the key, have 
you done any quick tests?
Graham
15-Jun-2009
[3906x3]
elegant in looks :)
the lines are so few in number that it won't make any practical difference 
... just wondering if there were a preference on how to do this without 
code duplication.
I decided that since the way I was going to use parse, or case meant 
the code was mixed in with the data .. it was better to do it differently.
Tomc
15-Jun-2009
[3909x3]
you need to maintain a map of keywords and codes   to that  in its 
own file and read it in to build your rules
sort it by keyword length  longest first
before building the rules 
then when codes change or mor are added you just update your map
Graham
15-Jun-2009
[3912]
basically what  ended up doing  :)
PeterWood
16-Jun-2009
[3913]
I'm puzzled about the difference result when using [to end end] and 
[thru end}. Anybody know why?

 >> parse "123456789" [to end end]
== true


>> parse "123456789" [thru end]

== false