# Authorization Bypass Through User-Controlled Key (CWE-639)

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

**Stack:** Go

- Prevalence: उच्च बार-बार शोषित
- Impact: क्रिटिकल 1 क्रिटिकल गंभीरता वाले नियम
- Prevention: प्रलेखित 8 फिक्स उदाहरण

**OWASP:** Broken Access Control (A01:2021-Broken Access Control) - #1

## Description

Retrieval of a user record usually occurs in the system based on some key value. When a value that is directly specified by the user is used to look up that record, the key value can be modified to access records belonging to other users.

## Prevention

3 Shoulder डिटेक्शन नियमों पर आधारित Authorization Bypass via User Key के लिए रोकथाम रणनीतियाँ।

### Go

Validate resource ownership before allowing modifications using user-supplied IDs

Validate resource ownership before database access using user-supplied IDs

Verify resource ownership before returning data accessed by user-supplied identifiers

## Warning Signs

- [HIGH] User can access other users' resources without authorization
- [HIGH] horizontal privilege escalation where users can access or modify other users' resources
- [HIGH] User-supplied ID used to access resource without authorization check
- [HIGH] IDOR vulnerabilities where user-supplied IDs access resources without authorization checks
- [MEDIUM] route parameters flowing to data access without visible ownership verification

## Consequences

- एप्लिकेशन डेटा पढ़ना
- एप्लिकेशन डेटा संशोधित करना
- विशेषाधिकार प्राप्त करना

## Mitigations

- सीधे डेटाबेस keys के बजाय अप्रत्यक्ष संदर्भों (mapping) का उपयोग करें
- सत्यापित करें कि वर्तमान उपयोगकर्ता को अनुरोधित संसाधन तक पहुँचने की अनुमति है
- हर अनुरोध पर उचित पहुँच नियंत्रण जाँच लागू करें

## Detection

- Total rules: 8
- Critical: 1
- Languages: go, javascript, typescript, python

## Rules by Language

### Go (3 rules)

- **Horizontal Privilege Escalation** [HIGH]: Detects horizontal privilege escalation where users can access or modify other users' resources.
  - Remediation: Validate resource ownership before modification.

```go
if profile.UserID != currentUserID {
    return errors.New("unauthorized")
}
```

Learn more: https://shoulder.dev/learn/go/cwe-639/privilege-escalation
- **Insecure Direct Object Reference (IDOR)** [HIGH]: Detects IDOR vulnerabilities where user-supplied IDs access resources without authorization checks.
  - Remediation: Validate ownership before accessing resources.

```go
if requestedID != currentUserID && !isAdmin(currentUserID) {
    return errors.New("unauthorized")
}
```

Learn more: https://shoulder.dev/learn/go/cwe-639/idor
- **Potential IDOR - Generic Data Access** [MEDIUM]: Detects route parameters flowing to data access without visible ownership verification.
  - Remediation: Verify ownership before returning data.

```go
if order.UserID != currentUserID {
    c.JSON(403, gin.H{"error": "Forbidden"})
    return
}
```

Learn more: https://shoulder.dev/learn/go/cwe-639/idor-generic