Restricted Fields Manipulation

Need

Ensure data integrity and prevent unauthorized information updates.

Context

• Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications

• Usage of Ecto for data access and manipulation

• Usage of Phoenix framework for web request handling

Description

1. Non compliant code

defmodule MyApp.EmployeeController do
  use MyApp, :controller

  def update(conn, %{"employee" => employee_params}) do
    {:ok, employee} = MyApp.EmployeeContext.update_employee(employee_params)
    render(conn, "show.html", employee: employee)
  end
end

This Elixir/Phoenix code does not check if the current user has the correct permissions to update the employee data. As a result, an attacker can initiate a request to update the data of any employee, changing critical information.

2. Steps

• Implement user authentication and permission checks.

• Before updating the employee data, ensure that the current user has the necessary permissions to do so.

3. Secure code example

defmodule MyApp.EmployeeController do
  use MyApp, :controller

  def update(conn, %{"employee" => employee_params}) do
    current_user = get_current_user(conn)
    if MyApp.EmployeeContext.can_update_employee?(current_user, employee_params["id"]) do
      {:ok, employee} = MyApp.EmployeeContext.update_employee(employee_params)
    else...

This secure Elixir/Phoenix code example includes a permissions check before updating the employee data. The can_update_employee? function checks if the current user has the necessary permissions to update the specified employee. This prevents an attacker from updating the data of any employee.

References

• 274. Restricted Fields Manipulation

On this page