Special Operators

The Endpoint Privilege Management for Unix and Linux Security Policy Scripting Language supports the special operators.

Concatenation Operator

Description

The Concatenation operator + is used to concatenate a series of one or more strings. It should not be confused with the Addition operator used in arithmetic expressions. Although both of these operators are represented by the + symbol, the Addition operator works only on integer values.

The Concatenation operator concatenates, or appends, one item to another item. If a series of strings are concatenated, they are returned in a newly created string.

FirstName = "Sandy";
LastName = "White";
UserName = FirstName + " " + LastName;

List Index Operator

Description

The List Index operator [ ], also referred to as square brackets, is used to specify a list element index number. The value of a specific list element is returned.

The first element in a list always has an index number of 0, and the second list element has an index of 1, etc. The general formula for calculating an index number is index number = element number - 1.

UserList = {"Adm1", "Adm2", "Adm3", "Adm4", "Adm5"};
CurrentUser = UserList[3];

UserList[1] = "Adm10";
Userlist[1] is set to "Adm10".

List Member Operator

Description

This list member operator, in, searches the specified list for the given string. If the string is present in the list, the result is true (1). If the string is not present, it returns false (0). Shell-style wildcards can be used in the string argument. The syntax for using this operator is result = string in list;

AdminList = {"Adm1", "Adm2", "Adm3", "root", "sys"};
runuser = (user == "sysadmin")? "root" : "sys";
test1 = "Adm1" in AdminList; # True
test2 = "sys" in AdminList; # True – matches sys in AdminList
test3 = "system" in AdminList; # False
test4 = "Adm" in AdminList; # False – only a partial match
# single character

Each string is tested to see if it is a member of a list.

Precedence Operator

Description

The Precedence operator ( ), also referred to as parentheses, is used to modify the default operator precedence. In other words, parenthesis characters force a specific expression evaluation order.

result = (6 + 4) * 2 - 4;

result = 6 + 4 * 2 - 4;

Ternary Conditional Operator

Description

The Ternary operator, represented by ?:;, is a special operator that provides a compact alternative to if statements where only an expression is required.

The Ternary operator has the syntax:

result = condition ? if-true-expression : if-false-expression;

The ternary operator works as follows:

• If condition evaluates to true, then the if-true-expression is returned.
• If condition evaluates to false, then the if-false-expression is returned.

The Ternary operator can be used as an alternative to simple if statements. The condition corresponds to the if condition. The if-true-expression corresponds to the assignment in the true part of the if statement, and the if-false-expression corresponds to the else part of the if statement.

runuser = (user == "sysadmin") ? "root" : "sys";

if (user == "sysadmin")
runuser = "root";
else
runuser = "sys";

Comma Operator

Description

The Comma operator (,) causes expressions to be evaluated from left to right and returns the value of the last expression. This operator is primarily used in loops.

for (a=0, b=1, c=2; a < 0 ; a++) <any statement>;