0

Inside my asp.net mvc 4.0 application, I’m creating a custom AuthorizeAttribute called “AllowAttribute”. In a nutshell, I wish to apply this attribute on certain methods (not on entire controllers) and allow that attribute to receive a bitwise fashion parameter.

I use the attribute like so (note: MemberType is an Enum)

[Allow(MyProperty = MemberType.User | MemberType.Administrator)]

The attribute itself is defined like so:

public class AllowAttribute : AuthorizeAttribute
{
    public MemberType MyProperty { get; set; }

    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (MemberContext.Current.Member == null || MemberContext.Current.Member.MemberType != this.MyProperty)
            throw new HttpException(403, "Forbidden");

        base.OnAuthorization(filterContext);
    }
}

I’m basically trying to compare the current logged in user’s MemberType with the one (or ones) passed inside the MyProperty. If the current logged in user does not match the values passed in parameter, I throw a forbidden exception.

I need some guidance on the bitwise comparison because the simple (not equal to) does not work if more than one Enum value is passed to the attribute.

Thanks

Vlince
  • 5,885
  • 7
  • 45
  • 62
  • Couldn't you change your attribute to take a list and parse the list in the attribute? Have not done something like this, but it seems that it should work. – Tommy Jul 31 '12 at 15:25
  • I suppose I could've done that but I knew another way existed without having to loop inside the List<>. I found this article in addition to Dismissle's post! http://muktadiur.wordpress.com/category/asp-net-mvc/ – Vlince Jul 31 '12 at 16:23

1 Answers1

3

If you have an enum that is the combination of multiple values:

MemberType.User | MemberType.Administrator

And you want to determine if MemberType.Administrator is set:

var myValue = MemberType.User | MemberType.Administrator;

bool isAdministrator = (myValue & MemberType.Administrator) == MemberType.Administrator;
bool isUser = (myValue & MemberType.User) == MemberType.User;

Make sure your enum is marked with the [Flags] attribute and that your values are set in powers of 2:

[Flags]
public enum MemberType
{
    None = 0,
    User = 1,
    Administrator = 2,
    SuperAdmin = 4
}

Sometimes you will see these enums listed using Hex notation as well:

[Flags]
public enum MemberType
{
    None = 0x0,
    User = 0x1,
    Admin = 0x2,
    Super = 0x4,
    ...
    Overlord = 0x10,
    SupremeOverlord = 0x20
}

This is just a matter of personal taste.

Dismissile
  • 32,564
  • 38
  • 174
  • 263
  • I also found this article that helped out! http://muktadiur.wordpress.com/category/asp-net-mvc/ Thanks – Vlince Jul 31 '12 at 16:24
  • 2
    I would recommend to use bit-shifting 'cause it's waaaay easier than typing powers of 2 or hexa values. [Here](http://stackoverflow.com/questions/8447/enum-flags-attribute) is a good explanation related to this topic, and the second most rated answer gives an overview of a good bit-shifting usage. – Flo. Jul 31 '12 at 20:16