* Noah Misch (noah@leadboat.com) wrote:
> On Fri, Apr 01, 2016 at 10:12:12PM -0400, Stephen Frost wrote:
> > and there's no such thing as a "token user" concept. There's an enum,
> > one value of which is "TokenUser" and that's what we're asking the OS to
> > provide us info about, but I'd argue that if we're going to refer to the
> > textual enum representation then we should spell it just exactly as the
> > enum has it.
> >
> > If we don't want to use "TokenUser" then I'd suggest that "user token"
> > is a more accurate term to use, as we had before this change. There is
> > no such thing as a "token user", as far as I'm aware, in GSSAPI, SSPI,
> > or general access token lingo.
>
> "User token" has definitely been wrong. We already possess the user token at
> the moments of these error messages, because we pass the user token as the
> first GetTokenInformation() argument. We're retrieving information about the
> "user" that pertains to a particular "token", hence "token user." A verbose
> description is "could not get user associated with access token."
Ok, "user token information" would still be better than "token user"
which has a completely different connotation, as I see it.
> I see some advantages of writing "TokenUser", as you propose. However, our
> error style guide says "Avoid mentioning called function names, either;
> instead say what the code was trying to do." Mentioning an enumerator name is
> morally similar to mentioning a function name.
That's a fair point, but it doesn't mean we should use a different
spelling for the enumerator name to avoid that piece of the policy. I
certianly don't see "token user" as saying "what the code was trying to
do" in this case.
Thanks!
Stephen
