On 12/21/2012 08:58 PM, Alex Rousskov wrote: > Christos, > > I wonder if we can avoid code duplication by moving existing AND and > OR logic from Checklist into a new ACL node type and then _always_ using > that node type to wrap _all_ ACL rules? It would be kind of the opposite > of what you have done: You are wrapping existing nodes into Checklist > rule when an AND/OR ACL is found. This solution would wrap ALL rules > into an AND or OR ACL node while Checklist will always check just _one_ > ACL node (usually AND or OR). > > In other words, this solution would automatically transfer > > http_access allow a1 a2 a3 > http_access allow b1 b2 b3 > > into > > acl autoA all-of a1 a2 a3 > acl autoB all-of b1 b2 b3 > acl autoAB any-of autoA autoB > http_access allow autoAB > > We would need to store the allow/deny keyword with the and/or node to > make this work, but I did not show that detail in the above example in > hope to avoid further confusion. > > Do you see what I am getting at?
I think yes... I don't now how easy is to implement it but it may worth it if we decide that the any-of and all-of needed (Personally I am seeing many advantages). The only concerns I have is that I prefer a one-to-one interpretation of squid.conf acls and acls related C++ structure. Interpreting the http_access rules to an other scheme may confuse development, more bugs, more difficult to solve problems etc... > > > Thank you, > > Alex. > >
