1. The authority to do the binary advantages
as we all know, the Linux operating system, x - executable permissions, w - write permission, r - read permission. Its competence values are 1,2,4, but ever wondered why it is 1,2,4 rather than 1,2,3?
OK, now is not found, 2,4 correspond to the power of 2 (2 ^ 0,2 ^ 1, 2 ^ 2), a binary manner are stored in the computer, in the calculation of the binary way will be faster. For example: If a person has permission to read and write, his authority is now 6, when it is necessary to determine whether he has write permissions, just use the 6 and 2 bitwise AND operation (6 & 2 = 2) the result is nonzero, it can be judged have this permission. When you need to determine whether he has executable permissions, just use the same 6 and 1 bitwise AND operation (6 & 1 = 0), the result is 0, it can be judged not have this permission.
6 & 2 = 2
00000110
& 00000010
----------
00000010
Or: 6 & 1 = 0
00000110
& 00000001
-----------
00000000
Why just use the user's permission value and the corresponding rights bitwise aND operation can determine whether it has permission to do this? ? Personal understood as follows: when each power of two representing a permission, and just to the corresponding bit correspondence. When the user with this permission, permission to the corresponding bit values becomes 1, then a bitwise, so as to know whether or not have this permission.
In addition to binary way can speed up, are there any other benefits of it? If an application system, how we should use the binary approach to rights management do?
Want to know the advantages of binary way would need to be compared and general methods, OK.
Do not use binary data table design: the User - user table the above mentioned id name 1 AA 2 BB 3 CC permission table the above mentioned id Method, name / url 1 View Post GET 2 posting POST 3 Edit Post Update 4 delete posts delete user - rights correspondence table ID UID Perid . 1. 1. 1 2. 1. 3
Design method using binary data table permissions: the User - User list the above mentioned id name per_value 1 AA 6 2 7 BB 3 CC 4 permission table the above mentioned id Method, name / url value 1 1 View Post GET 2 2 posting POST 3 Edit Post update 4 4 delete post delete 8 can be seen from the design of the above two tables: a middle of the table less binary way! ! ! Only two more fields: one is the corresponding authority permission value, a sum value of the rights owned by the user, so you can know - binary way can be less time-table queries.
In a general way (do not use binary mode) approach is:
Get current request URL, to give the corresponding rights object (or id)
View the current user if they contain this permission
Binary way:
The current value obtaining permission request URL, to give the corresponding rights object (permission value), the current user's rights authority value &
It can be seen: a binary way less time-table query.
If you find it on every request to the database to obtain the corresponding rights object too much trouble, you can put all the authority into the local cache, because each request will be judged, it can be regarded as hot data, you can put local cache, thus reducing database queries. at this time:
Do not use a binary way:
Every time the user needs to - permission correspondence table determines whether it has the appropriate authority, and too cumbersome to be charged all rights that they own id List <Integer> in which user
Binary manner: authority value may be taken directly from the local cache, then the user's authority value determination
- a general way binary
space List <Integer> long
time O (n) O (1)
can be seen from the list: either time or space from, the binary way are clearly advantageous! !
2. If the binary permission to do
now, you can know a way to do permission binary has a clear advantage, then the specific calculation should be what is it?
Example: AA contain user permissions value 15, the value of the current permission 8
1. determine whether it contains a permission: 15 & 8 = 0!
00001111
& 00001000
-----------
00001000
2. Add permissions: 15 | = 15 8, 15 | 31 16 =
00001111 00001111
| 00001000 00010000
------------ ----------
00001111 00011111
3. To delete a permission: 15 & (~ 8 ) = 7
00001111
~ 11110111
-----------
00000111 now that you know how to perform specific operations, but we have not a problem: rights corresponding to a 32bit integer is limited, then how should do it? ? It is long? ? Is one way, but this can be solved one-time problem? ? Is there a better way to do it? ? The answer is yes.
Combined with graded index, you can do this:
It can be seen that: each authority adds a permission bits, as classification, so now uniquely identifies the rights and permission bits can be used to identify the authority value. So this time:
the User class {public Private Integer the userId; Private String name; Private String password; // array subscript 0 to have a value corresponding to 0 permissions permission bits worth sum Private Long [] permissionSum; public Boolean the hasPermission (the Permission permission) { int position permission.getPosition = (); Long permission.getPermissionNum Number = (); ! return ((permissionSum [position] & Number) == 0); } } for each user authority value you will need to use an array is stored, which corresponds to the subscript of the permission bits 0 0 value and permissions. This is not yet converted to the problem of data structure, so the foundation is very important thing -
Original Address: https://blog.csdn.net/followmyinclinations/article/details/72123429