fix(security): require ADMIN role for /api/performance/db-metrics (#718)#840
fix(security): require ADMIN role for /api/performance/db-metrics (#718)#840pharwasz wants to merge 2 commits into
Conversation
…nafcode#718) - Add requireAuth() check 401 for unauthenticated requests - Add hasPermission(user, ANALYTICS_VIEW) check 403 for non-admin roles - Enhance getUserFromRequest() helper in authMiddleware.ts - Add role-based tests covering anonymous, student, instructor, and admin
|
@pharwasz Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
|
kindly recheck now |
|
Great job so far There’s just one blocker — the workflow is failing. Could you take a look and fix it so all checks pass? Happy to review again once that’s done. |
Alright will fix that |
2 participants
Summary
Closes #718
/api/performance/db-metricswas returning database pool statistics (total connections, idle connections, wait counts) to any unauthenticated caller. This leaked infrastructure capacity data useful for timing attacks and exposed the fact that a PostgreSQL pool is in use along with its current load.Changes Made
src/app/api/performance/db-metrics/route.tsrequireAuth()check — returns HTTP 401 if no valid session/Bearer token is presenthasPermission(user, Permission.ANALYTICS_VIEW)check — returns HTTP 403 if the user lacks the required rolesrc/lib/authMiddleware.tsgetUserFromRequest()helper to extract user from Bearer token oruser-rolecookieUserobject with role information for downstream authorization checkssrc/lib/auth/acl.tsADMINrole is grantedANALYTICS_VIEWpermissionsrc/app/api/performance/db-metrics/__tests__/route.test.ts(new file)STUDENTrole → 403INSTRUCTORrole → 403GUESTrole → 403ADMINrole → 200 with metricsAcceptance Criteria
Type