BitWise Operations

Guest · Jan 23, 2006

Hello all.

I'm currently in the middle of writing a web app and I've come to some
security aspects that I'd appreciate some help with.

I'd like to use some form of BitWise opration on the persons security. For
example, if the following permissions exist in the system:

0: None
1: Add Member
2: Edit Member
4: Delete Member
8: Add Company
16: Edit Company
32: Delete Company

and my user had permissions to Add and Edit a member, they would have the
number 3 (1 + 2) associated with them, another user may have permissions
number 12, to delete a member and add a company.

But how do i effectivky 'decode' this number. So if i pass 12 to some
method, how do I work out that it evaluates to Delete a member and Add a
company?

Any help, or indeed other ideas and example would be much appreciated.

Thanks all,

Jon

ThunderMusic · Jan 23, 2006

I use the following (in c#, but can be used in vb)

public boolean HasRight(int RightMask, int RightToTest)
{
if (Convert.ToBoolean(RightMask & RightToTest))
{
return true;
}
else
{
return false;
}
}

I use the & unary operator. So the (RightMask & RightToTest) operation will
be equal to RightToTest if the bit is set to 1 and to 0 if the bit is not
set to 1.

I hope it helps

ThunderMusic

Karl Seguin [MVP] · Jan 23, 2006

Here's an example you might find helpful:

[Flags()]
public enum Permissions
{
None = 0,
AddMember = 1,
EditMember = 2,
DeleteMember = 4,
ManageMember = AddMember | EditMember | DeleteMember,
AddCompany = 8,
EditCompany = 16,
DeleteCompany = 32,
ManageCompany = AddCompany | EditCompany | DeleteCompany,
All = ManageMember | ManageCompany
}

public class User
{
private Permissions _permission = Permissions.None;

public User(Permissions permission)
{
this._permission = permission;
}
public bool IsAllowed(Permissions permissionToCheck)
{
return (permissionToCheck & _permission) == permissionToCheck;
}
}

you can then do stuff like:

User user = new User(Permissions.AddMember | Permissions.DeleteCompany);
//create the user and set the his/her permissions

and then check it via:
user.IsAllowed(Permissions.EditMember);

Karl

Guest · Jan 24, 2006

Chaps,

Thanks to both of you for your help, really helpful.

Jon

Karl Seguin said:
Here's an example you might find helpful:

[Flags()]
public enum Permissions
{
None = 0,
AddMember = 1,
EditMember = 2,
DeleteMember = 4,
ManageMember = AddMember | EditMember | DeleteMember,
AddCompany = 8,
EditCompany = 16,
DeleteCompany = 32,
ManageCompany = AddCompany | EditCompany | DeleteCompany,
All = ManageMember | ManageCompany
}

public class User
{
private Permissions _permission = Permissions.None;

public User(Permissions permission)
{
this._permission = permission;
}
public bool IsAllowed(Permissions permissionToCheck)
{
return (permissionToCheck & _permission) == permissionToCheck;
}
}

you can then do stuff like:

User user = new User(Permissions.AddMember | Permissions.DeleteCompany);
//create the user and set the his/her permissions

and then check it via:
user.IsAllowed(Permissions.EditMember);

Karl

--
MY ASP.Net tutorials
http://www.openmymind.net/

Jon said:

Hello all.

I'm currently in the middle of writing a web app and I've come to some
security aspects that I'd appreciate some help with.

I'd like to use some form of BitWise opration on the persons security. For
example, if the following permissions exist in the system:

0: None
1: Add Member
2: Edit Member
4: Delete Member
8: Add Company
16: Edit Company
32: Delete Company

and my user had permissions to Add and Edit a member, they would have the
number 3 (1 + 2) associated with them, another user may have permissions
number 12, to delete a member and add a company.

But how do i effectivky 'decode' this number. So if i pass 12 to some
method, how do I work out that it evaluates to Delete a member and Add a
company?

Any help, or indeed other ideas and example would be much appreciated.

Thanks all,

Jon

Click to expand...

BitWise Operations

Guest

ThunderMusic

Karl Seguin [MVP]

Guest