# SharePoint SPFx: Why you shouldn't use FullMask-Check (yet)

**Update:** With the SPFx Version 1.14 the bug was [marked as fixed](https://docs.microsoft.com/en-us/sharepoint/dev/spfx/release-1.14#november-february-timeframe)

It's been over a year since I reported the  [bug on GitHub](https://github.com/SharePoint/sp-dev-docs/issues/5787), but it still exists. If you want to use the method 
`this.context.pageContext.web.permissions.hasPermission` in a SPFx component to check if the currently logged in user has full permission => `this.context.pageContext.web.permissions.hasPermission(SPPermission.fullMask)`, you always get FALSE as return value, even if you are administrator. This is due to the bitwise validation in the Microsoft code. 

The definition of this function looks like this:

```TypeScript
SPPermission.prototype.hasPermission = function (requestedPerm) { 
return requestedPerm && ((requestedPerm.value.Low & this.value.Low) === requestedPerm.value.Low) && ((requestedPerm.value.High & this.value.High) === requestedPerm.value.High); 
};```

This condition returns true:

```TypeScript
(requestedPerm.value.High & value.High) === requestedPerm.value.High
```

But this one returns false:

```TypeScript
(requestedPerm.value.Low & value.Low) === requestedPerm.value.Low
```

The reason is, that the bitwise AND returns -1 and not 4294967295

And this happens because JavaScript can only check bitwise in the range of -2147483648 to 2147483647 (see  [here](https://cwestblog.com/2011/07/27/limits-on-bitwise-operators-in-javascript/))

### Workaround

If you still want to check if a user has full access, you can use the following method instead. It checks if a user is siteadmin, or has full access:

```TypeScript
public userHasFullMask(): boolean {
        let isSiteAdmin: any = this.context.pageContext.legacyPageContext["isSiteAdmin"];

        if(isSiteAdmin) {
            return true;
        }

        let permission: SPPermission = this.context.pageContext.web.permissions;
        let fullMaskPermission: SPPermission = SPPermission.fullMask;

        return permission.value.High == fullMaskPermission.value.High && 
        permission.value.Low == fullMaskPermission.value.Low;
    }
```
