Skip to content

Commit a952bf7

Browse files
squellsquell
committed
move 'tag' to the outside
1 parent f6a94f8 commit a952bf7

1 file changed

Lines changed: 14 additions & 11 deletions

File tree

proofs/sudoers.mlw

Lines changed: 14 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -17,19 +17,22 @@ function last_match (pred: 'a -> bool) (a: seq 'a): 'a
1717
a[last_index]
1818

1919
(* loose models for the types in sudoers::Ast *)
20-
type name = H.key
21-
type metavar 'a = All | Only 'a | Alias name
20+
type metavar 'a = All | Only 'a | Alias H.key
2221
type qualified 'a = Allow 'a | Forbid 'a
23-
type spec 'tag 'a = { inner: qualified (metavar 'a); info: 'tag }
22+
type spec 'a = qualified (metavar 'a)
23+
24+
type tagged 'tag 'a = { inner: 'a; info: 'tag }
25+
type tagged_spec 'tag 'a = tagged 'tag (spec 'a)
26+
2427
type found_aliases = H.t bool
2528

26-
function who (item: spec 'tag 'a): metavar 'a
27-
= match item.inner with
29+
function who (item: spec 'a): metavar 'a
30+
= match item with
2831
| Allow x -> x
2932
| Forbid x -> x
3033
end
3134

32-
function condition (aliases: found_aliases) (item: spec 'tag 'a): option (qualified 'tag)
35+
function condition (aliases: found_aliases) (item: tagged_spec 'tag 'a): option (qualified 'tag)
3336
= match item with
3437
| { inner = Allow (Alias name); info = tag } -> Some(if H.find name aliases then Allow tag else Forbid tag)
3538
| { inner = Forbid (Alias name); info = tag } -> Some(if H.find name aliases then Forbid tag else Allow tag)
@@ -38,8 +41,8 @@ function condition (aliases: found_aliases) (item: spec 'tag 'a): option (qualif
3841
| _ -> None
3942
end
4043

41-
function matched_by (pred: 'a -> bool) (aliases: found_aliases) (item: spec 'tag 'a): bool
42-
= match who item with
44+
function matched_by (pred: 'a -> bool) (aliases: found_aliases) (item: tagged_spec 'tag 'a): bool
45+
= match who item.inner with
4346
| All -> true
4447
| Only x -> pred x
4548
| Alias name -> H.mem name aliases
@@ -48,20 +51,20 @@ function matched_by (pred: 'a -> bool) (aliases: found_aliases) (item: spec 'tag
4851
let function bool_then (b: bool) (x: 'a): option 'a
4952
= if b then Some x else None
5053

51-
function rule (pred: 'a -> bool) (aliases: found_aliases) (items: seq (spec 'tag 'a)): option (qualified 'tag)
54+
function rule (pred: 'a -> bool) (aliases: found_aliases) (items: seq (tagged_spec 'tag 'a)): option (qualified 'tag)
5255
= if contains (matched_by pred aliases) items then
5356
condition aliases (last_match (matched_by pred aliases) items)
5457
else
5558
None
5659

57-
function judgement (pred: 'a -> bool) (aliases: found_aliases) (items: seq (spec 'tag 'a)): option 'tag
60+
function judgement (pred: 'a -> bool) (aliases: found_aliases) (items: seq (tagged_spec 'tag 'a)): option 'tag
5861
= match rule pred aliases items with
5962
| Some (Allow tag) -> Some tag
6063
| _ -> None
6164
end
6265

6366
(* Why3 model of the sudoers::find_item function *)
64-
let find_item (items: seq (spec 'tag 'a)) (pred: 'a -> bool) (aliases: found_aliases): option 'tag
67+
let find_item (items: seq (tagged_spec 'tag 'a)) (pred: 'a -> bool) (aliases: found_aliases): option 'tag
6568
ensures { result = judgement pred aliases items }
6669

6770
= let result = ref None in

0 commit comments

Comments
 (0)