BitWise Operations

Discussion in 'ASP .Net' started by =?Utf-8?B?Sm9u?=, Jan 23, 2006.

  1. Hello all.

    I'm currently in the middle of writing a web app and I've come to some
    security aspects that I'd appreciate some help with.

    I'd like to use some form of BitWise opration on the persons security. For
    example, if the following permissions exist in the system:

    0: None
    1: Add Member
    2: Edit Member
    4: Delete Member
    8: Add Company
    16: Edit Company
    32: Delete Company

    and my user had permissions to Add and Edit a member, they would have the
    number 3 (1 + 2) associated with them, another user may have permissions
    number 12, to delete a member and add a company.

    But how do i effectivky 'decode' this number. So if i pass 12 to some
    method, how do I work out that it evaluates to Delete a member and Add a
    company?

    Any help, or indeed other ideas and example would be much appreciated.

    Thanks all,

    Jon
     
    =?Utf-8?B?Sm9u?=, Jan 23, 2006
    #1
    1. Advertising

  2. =?Utf-8?B?Sm9u?=

    ThunderMusic Guest

    I use the following (in c#, but can be used in vb)

    public boolean HasRight(int RightMask, int RightToTest)
    {
    if (Convert.ToBoolean(RightMask & RightToTest))
    {
    return true;
    }
    else
    {
    return false;
    }
    }

    I use the & unary operator. So the (RightMask & RightToTest) operation will
    be equal to RightToTest if the bit is set to 1 and to 0 if the bit is not
    set to 1.

    I hope it helps

    ThunderMusic

    "Jon" <> wrote in message
    news:...
    > Hello all.
    >
    > I'm currently in the middle of writing a web app and I've come to some
    > security aspects that I'd appreciate some help with.
    >
    > I'd like to use some form of BitWise opration on the persons security. For
    > example, if the following permissions exist in the system:
    >
    > 0: None
    > 1: Add Member
    > 2: Edit Member
    > 4: Delete Member
    > 8: Add Company
    > 16: Edit Company
    > 32: Delete Company
    >
    > and my user had permissions to Add and Edit a member, they would have the
    > number 3 (1 + 2) associated with them, another user may have permissions
    > number 12, to delete a member and add a company.
    >
    > But how do i effectivky 'decode' this number. So if i pass 12 to some
    > method, how do I work out that it evaluates to Delete a member and Add a
    > company?
    >
    > Any help, or indeed other ideas and example would be much appreciated.
    >
    > Thanks all,
    >
    > Jon
     
    ThunderMusic, Jan 23, 2006
    #2
    1. Advertising

  3. Here's an example you might find helpful:

    [Flags()]
    public enum Permissions
    {
    None = 0,
    AddMember = 1,
    EditMember = 2,
    DeleteMember = 4,
    ManageMember = AddMember | EditMember | DeleteMember,
    AddCompany = 8,
    EditCompany = 16,
    DeleteCompany = 32,
    ManageCompany = AddCompany | EditCompany | DeleteCompany,
    All = ManageMember | ManageCompany
    }

    public class User
    {
    private Permissions _permission = Permissions.None;

    public User(Permissions permission)
    {
    this._permission = permission;
    }
    public bool IsAllowed(Permissions permissionToCheck)
    {
    return (permissionToCheck & _permission) == permissionToCheck;
    }
    }


    you can then do stuff like:

    User user = new User(Permissions.AddMember | Permissions.DeleteCompany);
    //create the user and set the his/her permissions

    and then check it via:
    user.IsAllowed(Permissions.EditMember);


    Karl

    --
    MY ASP.Net tutorials
    http://www.openmymind.net/


    "Jon" <> wrote in message
    news:...
    > Hello all.
    >
    > I'm currently in the middle of writing a web app and I've come to some
    > security aspects that I'd appreciate some help with.
    >
    > I'd like to use some form of BitWise opration on the persons security. For
    > example, if the following permissions exist in the system:
    >
    > 0: None
    > 1: Add Member
    > 2: Edit Member
    > 4: Delete Member
    > 8: Add Company
    > 16: Edit Company
    > 32: Delete Company
    >
    > and my user had permissions to Add and Edit a member, they would have the
    > number 3 (1 + 2) associated with them, another user may have permissions
    > number 12, to delete a member and add a company.
    >
    > But how do i effectivky 'decode' this number. So if i pass 12 to some
    > method, how do I work out that it evaluates to Delete a member and Add a
    > company?
    >
    > Any help, or indeed other ideas and example would be much appreciated.
    >
    > Thanks all,
    >
    > Jon
     
    Karl Seguin [MVP], Jan 23, 2006
    #3
  4. Chaps,

    Thanks to both of you for your help, really helpful.

    Jon

    "Karl Seguin [MVP]" wrote:

    > Here's an example you might find helpful:
    >
    > [Flags()]
    > public enum Permissions
    > {
    > None = 0,
    > AddMember = 1,
    > EditMember = 2,
    > DeleteMember = 4,
    > ManageMember = AddMember | EditMember | DeleteMember,
    > AddCompany = 8,
    > EditCompany = 16,
    > DeleteCompany = 32,
    > ManageCompany = AddCompany | EditCompany | DeleteCompany,
    > All = ManageMember | ManageCompany
    > }
    >
    > public class User
    > {
    > private Permissions _permission = Permissions.None;
    >
    > public User(Permissions permission)
    > {
    > this._permission = permission;
    > }
    > public bool IsAllowed(Permissions permissionToCheck)
    > {
    > return (permissionToCheck & _permission) == permissionToCheck;
    > }
    > }
    >
    >
    > you can then do stuff like:
    >
    > User user = new User(Permissions.AddMember | Permissions.DeleteCompany);
    > //create the user and set the his/her permissions
    >
    > and then check it via:
    > user.IsAllowed(Permissions.EditMember);
    >
    >
    > Karl
    >
    > --
    > MY ASP.Net tutorials
    > http://www.openmymind.net/
    >
    >
    > "Jon" <> wrote in message
    > news:...
    > > Hello all.
    > >
    > > I'm currently in the middle of writing a web app and I've come to some
    > > security aspects that I'd appreciate some help with.
    > >
    > > I'd like to use some form of BitWise opration on the persons security. For
    > > example, if the following permissions exist in the system:
    > >
    > > 0: None
    > > 1: Add Member
    > > 2: Edit Member
    > > 4: Delete Member
    > > 8: Add Company
    > > 16: Edit Company
    > > 32: Delete Company
    > >
    > > and my user had permissions to Add and Edit a member, they would have the
    > > number 3 (1 + 2) associated with them, another user may have permissions
    > > number 12, to delete a member and add a company.
    > >
    > > But how do i effectivky 'decode' this number. So if i pass 12 to some
    > > method, how do I work out that it evaluates to Delete a member and Add a
    > > company?
    > >
    > > Any help, or indeed other ideas and example would be much appreciated.
    > >
    > > Thanks all,
    > >
    > > Jon

    >
    >
    >
     
    =?Utf-8?B?Sm9u?=, Jan 24, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. E. Robert Tisdale

    Re: seeking bitwise operations solution

    E. Robert Tisdale, Aug 17, 2003, in forum: C Programming
    Replies:
    4
    Views:
    451
  2. Carl
    Replies:
    3
    Views:
    4,102
    John Machin
    Aug 19, 2005
  3. Chris
    Replies:
    6
    Views:
    2,413
    Daniel Pitts
    Jan 5, 2007
  4. Alan Holloway

    newbie seeks insight on bitwise operations..

    Alan Holloway, Jul 28, 2004, in forum: C Programming
    Replies:
    11
    Views:
    439
    Keith Thompson
    Jul 30, 2004
  5. Replies:
    6
    Views:
    589
    Victor Bazarov
    Apr 19, 2006
Loading...

Share This Page