Thread: Re: [COMMITTERS] pgsql: Refer to a TOKEN_USER payload as a "token user, " not as a "user

* Noah Misch (noah@leadboat.com) wrote:
> Refer to a TOKEN_USER payload as a "token user," not as a "user token".
>
> This corrects messages for can't-happen errors.  The corresponding "user
> token" appears in the HANDLE argument of GetTokenInformation().

I'm not at all convinced that this is an improvement.  I understand that
it's a "can't happen" case, but we're calling out to a OS function and
as much as things "can't happen" they do, in fact, occationally happen,
and there's no such thing as a "token user" concept.  There's an enum,
one value of which is "TokenUser" and that's what we're asking the OS to
provide us info about, but I'd argue that if we're going to refer to the
textual enum representation then we should spell it just exactly as the
enum has it.

If we don't want to use "TokenUser" then I'd suggest that "user token"
is a more accurate term to use, as we had before this change.  There is
no such thing as a "token user", as far as I'm aware, in GSSAPI, SSPI,
or general access token lingo.

Thanks!

Stephen

On Fri, Apr 01, 2016 at 10:12:12PM -0400, Stephen Frost wrote:
> * Noah Misch (noah@leadboat.com) wrote:
> > Refer to a TOKEN_USER payload as a "token user," not as a "user token".
> > 
> > This corrects messages for can't-happen errors.  The corresponding "user
> > token" appears in the HANDLE argument of GetTokenInformation().
> 
> I'm not at all convinced that this is an improvement.  I understand that
> it's a "can't happen" case, but we're calling out to a OS function and
> as much as things "can't happen" they do, in fact, occationally happen,

They do, yes.  I mentioned that for the purpose of hinting that this commit
does not warrant release notes coverage.

> and there's no such thing as a "token user" concept.  There's an enum,
> one value of which is "TokenUser" and that's what we're asking the OS to
> provide us info about, but I'd argue that if we're going to refer to the
> textual enum representation then we should spell it just exactly as the
> enum has it.
> 
> If we don't want to use "TokenUser" then I'd suggest that "user token"
> is a more accurate term to use, as we had before this change.  There is
> no such thing as a "token user", as far as I'm aware, in GSSAPI, SSPI,
> or general access token lingo.

"User token" has definitely been wrong.  We already possess the user token at
the moments of these error messages, because we pass the user token as the
first GetTokenInformation() argument.  We're retrieving information about the
"user" that pertains to a particular "token", hence "token user."  A verbose
description is "could not get user associated with access token."

I see some advantages of writing "TokenUser", as you propose.  However, our
error style guide says "Avoid mentioning called function names, either;
instead say what the code was trying to do."  Mentioning an enumerator name is
morally similar to mentioning a function name.

* Noah Misch (noah@leadboat.com) wrote:
> On Fri, Apr 01, 2016 at 10:12:12PM -0400, Stephen Frost wrote:
> > and there's no such thing as a "token user" concept.  There's an enum,
> > one value of which is "TokenUser" and that's what we're asking the OS to
> > provide us info about, but I'd argue that if we're going to refer to the
> > textual enum representation then we should spell it just exactly as the
> > enum has it.
> >
> > If we don't want to use "TokenUser" then I'd suggest that "user token"
> > is a more accurate term to use, as we had before this change.  There is
> > no such thing as a "token user", as far as I'm aware, in GSSAPI, SSPI,
> > or general access token lingo.
>
> "User token" has definitely been wrong.  We already possess the user token at
> the moments of these error messages, because we pass the user token as the
> first GetTokenInformation() argument.  We're retrieving information about the
> "user" that pertains to a particular "token", hence "token user."  A verbose
> description is "could not get user associated with access token."

Ok, "user token information" would still be better than "token user"
which has a completely different connotation, as I see it.

> I see some advantages of writing "TokenUser", as you propose.  However, our
> error style guide says "Avoid mentioning called function names, either;
> instead say what the code was trying to do."  Mentioning an enumerator name is
> morally similar to mentioning a function name.

That's a fair point, but it doesn't mean we should use a different
spelling for the enumerator name to avoid that piece of the policy.  I
certianly don't see "token user" as saying "what the code was trying to
do" in this case.

Thanks!

Stephen

Stephen Frost <sfrost@snowman.net> writes:
> * Noah Misch (noah@leadboat.com) wrote:
>> I see some advantages of writing "TokenUser", as you propose.  However, our
>> error style guide says "Avoid mentioning called function names, either;
>> instead say what the code was trying to do."  Mentioning an enumerator name is
>> morally similar to mentioning a function name.

> That's a fair point, but it doesn't mean we should use a different
> spelling for the enumerator name to avoid that piece of the policy.  I
> certianly don't see "token user" as saying "what the code was trying to
> do" in this case.

FWIW, "token user" conveys entirely inappropriate, politically incorrect
connotations to me ;-).  I don't have any great suggestions on what to use
instead, but I share Stephen's unhappiness with the wording as-committed.
        regards, tom lane

On Fri, Apr 01, 2016 at 11:07:01PM -0400, Tom Lane wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > * Noah Misch (noah@leadboat.com) wrote:
> >> I see some advantages of writing "TokenUser", as you propose.  However, our
> >> error style guide says "Avoid mentioning called function names, either;
> >> instead say what the code was trying to do."  Mentioning an enumerator name is
> >> morally similar to mentioning a function name.
>
> > That's a fair point, but it doesn't mean we should use a different
> > spelling for the enumerator name to avoid that piece of the policy.  I
> > certianly don't see "token user" as saying "what the code was trying to
> > do" in this case.
>
> FWIW, "token user" conveys entirely inappropriate, politically incorrect
> connotations to me ;-).  I don't have any great suggestions on what to use
> instead, but I share Stephen's unhappiness with the wording as-committed.

The wording in GetTokenUser() and AddUserToTokenDacl() seems fine; let's
standardize on that.  Also, every GetTokenUser() failure has been yielding two
messages, the second contributing no further detail.  I'll reduce that to the
usual one message per failure.

nm

* Noah Misch (noah@leadboat.com) wrote:
> On Fri, Apr 01, 2016 at 11:07:01PM -0400, Tom Lane wrote:
> > Stephen Frost <sfrost@snowman.net> writes:
> > > * Noah Misch (noah@leadboat.com) wrote:
> > >> I see some advantages of writing "TokenUser", as you propose.  However, our
> > >> error style guide says "Avoid mentioning called function names, either;
> > >> instead say what the code was trying to do."  Mentioning an enumerator name is
> > >> morally similar to mentioning a function name.
> >
> > > That's a fair point, but it doesn't mean we should use a different
> > > spelling for the enumerator name to avoid that piece of the policy.  I
> > > certianly don't see "token user" as saying "what the code was trying to
> > > do" in this case.
> >
> > FWIW, "token user" conveys entirely inappropriate, politically incorrect
> > connotations to me ;-).  I don't have any great suggestions on what to use
> > instead, but I share Stephen's unhappiness with the wording as-committed.
>
> The wording in GetTokenUser() and AddUserToTokenDacl() seems fine; let's
> standardize on that.  Also, every GetTokenUser() failure has been yielding two
> messages, the second contributing no further detail.  I'll reduce that to the
> usual one message per failure.

This approach works for me.

Thanks!

Stephen

Stephen Frost <sfrost@snowman.net> writes:
> * Noah Misch (noah@leadboat.com) wrote:
>> The wording in GetTokenUser() and AddUserToTokenDacl() seems fine; let's
>> standardize on that.  Also, every GetTokenUser() failure has been yielding two
>> messages, the second contributing no further detail.  I'll reduce that to the
>> usual one message per failure.

> This approach works for me.

OK by me, too.
        regards, tom lane