Add methods to an instance at runtime

>Our GemStone based financial system stores compiled blocks built from
user
>parameters.  So, if a set of three input numbers needs to be
calculated as
>(a / b) + c, the user enters that string and it gets compiled as a [:a
:b :c
>| (a / b) + c] block ...

Sounds definately cool. :-)  Would you mind elaborating on this? I
mean, how do you compile that string into a Block with the right number
of arguments? O:-)

Thanks

The string is first parsed into a tree, so '(a / b) + c'  ends up as: #(
#(#a #/ #b) #+ #c) ... from this structure, it's easy to build a list of
variables #(#a #b #c) and then build the block.  The block string is created
by navigating the tree structure, not by using the original string.

Our code is designed to run transparently on GS or VA.  In order to test the
parser on VA prior to a GS compile, we allow the user to simulate the
evaluation of the block (no compiler in the runtime).  It's easy to traverse
the structure as #(object method argument).

The parser supports Smalltalk methods, so you could have code like: 'a + (a
min: c)' or 'a + (b asInteger)'.
Variables from #a to #y are supported.  #z is reserved and is bound to the
date the function is being evaluated on (we allow recalculation in the
past).  That feature was need in a few cases where we needed numeric values
from date, like monthIndex or year, in the expression itself.
--
Bob Nemec
Northwater Objects

"Fernando" <[hidden email]> wrote in message
news:[hidden email]...

Andy,

> Well I think it should work but I'd be willing to be corrected.

As am I.  In fact, I am eager to be corrected in this case.


 > You'd
> have to make sure that you turn off the deployment options that throw
> away metadat from the image. Things like: "Strip meta-information",
> "Strip class builder", "Retain instance variable names" and "Strip
> empty method dictionaries".

Reasonable.  I will put it on my rainy day list.

Thanks,

Bill


--
Wilhelm K. Schwab, Ph.D.
[hidden email]

I think it's worth pointing out that depending on the application this
technique can introduce security problems.  For example, compiling and
executing "ObjectMemory quitPrimitive" on someone else's server
(running VW) can cause, let's call it, oh, unwanted difficulties.

Note that there may even be security problems with the technique
someone mentioned about taking a string and converting it to a block
for Glorp to process.  If part of the string comes from the user, the
process may be vulnerable to an attack similar to query injection.  For
example, if the string is '] value: [ObjectMemory quitPrimitive] value;
value: [' and this is injected into the pattern '[:a :b |
%%insertHere%%]' for compilation and execution (with the intent to
produce a two-argument block), then you may get a big sursprise.

Good point... that's exactly why we parse and reconstruct a string to build
our user defined blocks.  We explicitly restrict what users can put into the
block (no global references, for example).

Our case (math expressions) is easy to constrain.
--
Bob Nemec
Northwater Objects

"Mark van Gulik (ghoul)" <[hidden email]> wrote in message
news:[hidden email]...

Well, with BottomFeeder, I supply the upgrades through a server I
control.  With the blog server, I'm the only one with access to the
patch system.  Yes, it could be a security issue, but you can control
that with process