So I’m trying to make a Python app that’s sort of like a set theory calculator (i.e. the union of two sets, intersection, complement, etc.). I want to have a text field that, when executed, is evaluated like Python expressions, with braces and all turned into sets. When the new sets are computed, the result will be printed on-screen. However, I want to make sure the user doesn’t enter any Python commands that may screw the whole app (or worse; system) up, whether intentionally or not. He should only be able to enter the following;
- Set operations (union, difference, cardinality, etc; I will provide buttons for the math symbols and use regexes to make it proper under the hood)
- Sets (which, in turn, can only hold the following elements; other sets, tuples, integers, real numbers, alphabetic characters, and strings).
To give you an idea, this is what input and output should look like (this app will be with a GUI, I just use terminal style for convenience):
>>> {1, 2, a} - {a}
{1, 2}
Any tips? Or should I just implement a mini-language which I turn into Python commands?
I’d go with the mini language that you can translate into python commands.
If you want to represent sets with {} notation, you would just make sure that every non-numeric value contained within the brackets is treated like a string (to avoid security risks). Nested brackets would be instantiated as frozen sets as sets are unhashable and cannot be nested.
Operands between parsed sets should probably be limited to: