Attempting to manage use of an internet site I produced some necessary organizations enter image description here

The aim is make use of a custom permission attribute for many controller's action approach to my MVC application.

[Permissions(PermissionType.SomePermissionName, CrudType.CanDelete)]
public ActionResult SomeAction()

With this operation I've two enums

public enum CrudType
    CanCreate = 0x1,
    CanRead = 0x2,
    CanUpdate = 0x4,
    CanDelete = 0x8,

public enum PermissionType
   SomePermissionName = 0x1,

Now I would like the technique below to check on permissions

public static bool CanAccess(RolePermissions rp, CrudType crudType)
    var pInfo = rp.GetType().GetProperties();
    var res = pInfo.FirstOrDefault(x => x.Name == crudType.ToString());
    if(res != null)
        return Convert.ToBoolean(res.GetValue(rp, null));
    return false;

It really works good but could it be dependable reflection here? Could it be a great style?
Yet another real question is about such bit of code

var permission = PermissionService.GetByName(permissionType.ToString());

Here I am looking to get a permission object from the database with a couple named constant in the PermissionType enum.
In the two cases the right work is dependent on associations between enums plus some table fields or records. On other part I've got a good mechanism of controlling logic (because it appears in my experience). Is the fact that a great way?

Inside your situation it might seem sensible to produce a readonly property ExistingPermissions for that RolePermissions class, and perform the merging from the four booleans into one CrudType within that property getter. You'll be able to simply do rp.ExistingPermissions.HasFlag(permissionToCheck).


Because of @DevDelivery for mentioning the problem - good catch. Regrettably the fixed solution is not as pretty when i was wishing for, so within this situation it could seem sensible to choose @DevDelivery's approach.

Because you have your CrudType as "bitfields", use a cleaner approach (less code and readability):

public static bool CanAccess(RolePermissions rp, CrudType permissionToCheck)
    CrudType existingPermissions = 
                                SetPermissionFlag(CrudType.CanCreate, rp.CanCreate) |
                                SetPermissionFlag(CrudType.CanRead, rp.CanRead) | 
                                SetPermissionFlag(CrudType.CanUpdate, rp.CanUpdate) |
                                SetPermissionFlag(CrudType.CanDelete, rp.CanDelete);

    return existingPermissions.HasFlag(permissionToCheck);

public static CrudType SetPermissionFlag(CrudType crudType, bool permission)
    return (CrudType)((int)crudType * Convert.ToInt32(permission));

The drawback in comparison for your option would be that you may have to change this process just in case you increase the procedures (towards the existing CanRead, etc.).

Using reflection includes a performance impact and also the late-binding implies that altering a title of the enum or property won't get caught through the compiler.

Plus, this code is very difficult to understand, thus hard to maintain.

Here you will find only 4 choices to check. An easy switch statement is simpler, faster, and cleaner.

Using reflection will make sense should you be attempting to permit changes towards the database or third-party components introducing new permissions.