Skip to main content

Binary Level System

In this system, user permissions are managed using a binary representation. Each permission is assigned a unique bit within a binary number. By combining different permissions using bitwise operations, we can efficiently store and manage multiple permissions for a user in a single value.

For example, the permissions for a user in the database are stored as:

{
"ClubStudentsP": 513,
"ClubAttendancesP": 149,
"UserGroupP": 130,
"ClubInformationP": 1
}

Each of these numbers represents a combination of different permissions based on the binary value system. Let's break down how each of these permissions is structured using enumerations in Python.

Permission Structure

User Group Permissions (UserGroupP)

The following enum defines the permissions for user management. Each permission is a power of two, allowing multiple permissions to be combined using bitwise OR (|):

class UserGroupP(Enum):
CHANGE_USERNAME_OWN = 1 << 0 # 1
CHANGE_PASSWORD_OWN = 1 << 1 # 2
BLOCK_ACCOUNT = 1 << 2 # 4
CHANGE_USERNAME_ALL = 1 << 3 # 8
CHANGE_PASSWORD_ALL = 1 << 4 # 16
DELETE_ACCOUNT = 1 << 5 # 32
CREATE_ACCOUNT = 1 << 6 # 64
VIEW_USER_OWN = 1 << 7 # 128
VIEW_USER_ALL = 1 << 8 # 256

If a user has 130 as their UserGroupP value in the database, this value is derived from 128 + 2, which means the user has the following permissions:

  • VIEW_USER_OWN
  • CHANGE_PASSWORD_OWN

Club Information Permissions (ClubInformationP)

For club-related information, we have a similar structure:

class ClubInformationP(Enum):
REQUEST_INFORMATION_OWN = 1 << 0 # 1
REVIEW_REQUEST = 1 << 1 # 2
BEHAVIOUR_POINT_OPERATION = 1 << 2 # 4
VIEW_INFORMATION_G1 = 1 << 3 # 8
VIEW_INFORMATION_G2 = 1 << 4 # 16
VIEW_INFORMATION_AS = 1 << 5 # 32
VIEW_INFORMATION_A2 = 1 << 6 # 64
VIEW_INFORMATION_IB = 1 << 7 # 128
REQUEST_INFORMATION_ALL = 1 << 8 # 256
VIEW_REQUEST_OWN = 1 << 9 # 512
VIEW_REQUEST_ALL = 1 << 10 # 1024
VIEW_INFORMATION_ALL = 1 << 11 # 2048
CREATE_CLUB = 1 << 12 # 4096

For example, a user with a ClubInformationP value of 1 has the REQUEST_INFORMATION_OWN permission.

Club Attendance Permissions (ClubAttendancesP)

Club attendance permissions are handled as follows:

class ClubAttendancesP(Enum):
TAKE_ATTENDANCE_OWN = 1 << 0 # 1
GRADE_CLUB = 1 << 1 # 2
REQUEST_LEAVE_OWN = 1 << 2 # 4
REVIEW_LEAVE = 1 << 3 # 8
VIEW_LEAVE_OWN = 1 << 4 # 16
TAKE_ATTENDANCE_ALL = 1 << 5 # 32
REQUEST_LEAVE_ALL = 1 << 6 # 64
REVIEW_GRADE_OWN = 1 << 7 # 128
REVIEW_GRADE_ALL = 1 << 8 # 256
VIEW_LEAVE_ALL = 1 << 9 # 512

With a value of 149, the user has 128 + 16 + 4 + 1, meaning:

  • REVIEW_GRADE_OWN
  • VIEW_LEAVE_OWN
  • REQUEST_LEAVE_OWN
  • TAKE_ATTENDANCE_OWN

Club Students Permissions (ClubStudentsP)

Similarly, the student management permissions are structured as:

class ClubStudentsP(Enum):
EDIT_STUDENT_OWN = 1 << 0 # 1
EDIT_STUDENT_INFORMATION = 1 << 1 # 2
EDIT_STUDENT_ALL = 1 << 2 # 4

A value of 513 indicates that the user has 512 + 1 permissions, meaning:

  • EDIT_STUDENT_OWN
  • EDIT_STUDENT_ALL

By using this binary system, permission management becomes more efficient and scalable. Each permission can be combined into a single value, allowing for easy storage and retrieval, while maintaining the flexibility to manage permissions individually through bitwise operations.