User rights class in c++ using bitwise operators

Question

5.00/5 (2 votes)

See more:

It is a design issue. I want to implement something like UserRight class that will give a user different privileges to different controls. For example one can see CEdit control and other can't or one can edit column in the grid and other can't.
I will define table in the database with users and passwords(additional fields will be some access level fields that I want to discuss). At the start of the application user will be prompted for username and password. If it is valid user(check in database) aplication will start. At start I will retrieve access level information from the database and create single instance of the class UserRight which will contain this information. Then I will use it in the code to show or hide controls by the access level. My questions are:
What is the best way to implement this class?
Should I use simple integer to store information and use bitwise operators to determine access level?
Is it possible to keep all information in one field in table database, because for some controls I will have more than two access level options(e.g. one can see the control and can edit, one can only see and one can't see) ?
Is there any article regarding this?

Posted 3-Apr-11 16:42pm

zaeban

Add a Solution

3 solutions

Solution 1

well, i don't know what the best method would be (but no one else has provided feedback) but storing the permissions as an integer (which would give you 32bits to play with) is not a bad idea, that's the way linux manages their file permissions and as far as storage, you'll probably have to encrypt the database for security.

Posted 3-Apr-11 18:17pm

Albert Holguin

Comments

Sergey Alexandrovich Kryukov 5-Apr-11 3:30am

I voted 5. Mika is unhappy with this approach, but it's the best to combine his idea with yours.
Please see my Answer for explanation of it.
--SA

Olivier Levrey 5-Apr-11 4:04am

I agree as well. If you don't have too many or too complicated rules, a bit field should be enough. Take it big enough so you will not have bad surprises whenever you need more bits. My 5.

Sergey Alexandrovich Kryukov 5-Apr-11 4:06am

Exactly (about simple rules). And as this is a user right, the bit set is flexible and adequate.
--SA

Solution 2

Hi,

I wouldn't do this (actually did this once when there was no feasible alternatives). Instead, why not define proper classes to tell if the user has the privilege or not. Although handling integers with bitwise is slightly faster than handling collections of class instances, the performance shouldn't be an issue. You can of course create a small test-run to try how it works.

One of the main reasons for not doing this is the maintainability. It's much more simpler to understand and to modify the data when not having to work with powers of 2.

Posted 3-Apr-11 18:51pm

Wendelius

Comments

zaeban 4-Apr-11 17:04pm

Can you explain a little bit what you mean by defining a proper classes? On what ground I will define this classes? I need to gather info from database to extract privileges for single user. Do you say that I should keep instances of classes that are available for the user?
Can you describe with short algorithm whole process(from login to UserRights usage)?

1. int field in db will keep user privileges(or ?)
2. UserRights class will retrive info at logon...
3...
Keep it short. I will understand.

Sergey Alexandrovich Kryukov 5-Apr-11 3:29am

The idea is correct, but it can be combined with bit sets. (My 5 for your answer.) Please see mine...
--SA

Olivier Levrey 5-Apr-11 4:07am

I voted 4 because the idea about maintainability is good and should be chosen. Hovewer I would keep the simple data type as a storage solution for efficiency.

Sergey Alexandrovich Kryukov 5-Apr-11 4:09am

Agree with the idea. Isn't that exactly what I suggest in my Answer?
--SA

Olivier Levrey 5-Apr-11 4:16am

It is! This is why I didn't add my answer and voted 5 on yours ;)

Sergey Alexandrovich Kryukov 5-Apr-11 4:49am

Thank you again.
--SA

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sergey Alexandrovich Kryukov · Accepted Answer · 2011-04-04T21:28:00

Solution 3

I would combine the answers by Mika and Albert. It should be a class where you can add and remove privileges, but behind the facade (http://en.wikipedia.org/wiki/Facade_pattern[^]), the bit set is one of the best way to implement the notion of the set of permission. If by some reason extended requirements will fail this implementation, it will be easy to re-implement not changing the class's interface.

—SA

Posted 4-Apr-11 21:28pm

Sergey Alexandrovich Kryukov

Comments

Olivier Levrey 5-Apr-11 4:08am

Yes I agree. Clean and efficient. A 5.

Sergey Alexandrovich Kryukov 5-Apr-11 4:09am

Thank you, Olivier.
--SA

Wendelius 5-Apr-11 13:40pm

Good addition, my 5

Sergey Alexandrovich Kryukov 5-Apr-11 13:54pm

Thank you, Mika.
Teamwork :-)
--SA

Wendelius 5-Apr-11 14:24pm

Yep :)