Use of math in ALFA

How to get a rule like that working:

rule adminCanViewAllExams {
        condition (integerOneAndOnly(my.company.attributes.subject.rights) & 0x00000040)  == 0  
        permit
}

Syntax highlighter complains it doesn't know those items:

• & (This is a binary math operation)
• 0x00000040 (this is the hexadecimal representation of an integer)

EDIT

(adding OP's comment inside the question)

I want to keep as much as possible in my current application. Meaning, I don't want to change a lot in my database model. I just want to implement the PEP and PDP part new. So, currently the rights of the user are stored in a Long. Each bit in the number represents a right. To get the right we do a binary &-operation which masks the other bits in the Long. We might redesign this part, but it's still good to know how far the support for mathematic operations goes

XACML does not support bitwise logic. It can do boolean logic (AND and OR) but that's about it.

To achieve what you are looking for, you could use a Policy Information Point which would take in my.company.attributes.subject.rights and 0x00000040. It would return an attribute called allowed.

Alternatively, you can extend XACML (and ALFA) to add missing datatypes and functions. But I would recommend going for human-readable policies.