From fc3b62ee1c8a4ac8dd8d044e78fc8d96833decf6 Mon Sep 17 00:00:00 2001 From: nrslib <38722970+nrslib@users.noreply.github.com> Date: Wed, 18 Feb 2026 10:29:39 +0900 Subject: [PATCH] =?UTF-8?q?=E8=AA=8D=E5=8F=AF=E3=81=A8=E3=83=AA=E3=82=BE?= =?UTF-8?q?=E3=83=AB=E3=83=90=E3=83=BC=E3=81=AE=E6=95=B4=E5=90=88=E6=80=A7?= =?UTF-8?q?=E3=82=BB=E3=82=AF=E3=82=B7=E3=83=A7=E3=83=B3=E3=81=AB=E3=82=B3?= =?UTF-8?q?=E3=83=BC=E3=83=89=E4=BE=8B=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- builtins/en/knowledge/security.md | 15 +++++++++++++++ builtins/ja/knowledge/security.md | 15 +++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/builtins/en/knowledge/security.md b/builtins/en/knowledge/security.md index de2b945..b9b9bc8 100644 --- a/builtins/en/knowledge/security.md +++ b/builtins/en/knowledge/security.md @@ -186,6 +186,21 @@ fun create(request: CreateRequest) { When a tenant resolver assumes a specific role (e.g., staff), the endpoint must have corresponding authorization controls. Without authorization, unexpected roles can access the endpoint and cause the resolver to fail. +```kotlin +// NG - Resolver assumes STAFF but no authorization control +fun getSettings(): SettingsResponse { + val tenantId = tenantResolver.resolve() // Fails for non-STAFF + return settingsService.getByTenant(tenantId) +} + +// OK - Authorization ensures correct role +@Authorized(roles = ["STAFF"]) +fun getSettings(): SettingsResponse { + val tenantId = tenantResolver.resolve() + return settingsService.getByTenant(tenantId) +} +``` + For endpoints with role-based branching, verify that tenant resolution succeeds on all paths. ## OWASP Top 10 Checklist diff --git a/builtins/ja/knowledge/security.md b/builtins/ja/knowledge/security.md index 1e5d91a..d51beea 100644 --- a/builtins/ja/knowledge/security.md +++ b/builtins/ja/knowledge/security.md @@ -186,6 +186,21 @@ fun create(request: CreateRequest) { テナントリゾルバーが特定ロール(例: スタッフ)を前提とする場合、エンドポイントに対応する認可制御が必要。認可なしだと、前提外のロールがアクセスしてリゾルバーが失敗する。 +```kotlin +// NG - リゾルバーが STAFF を前提とするが認可制御なし +fun getSettings(): SettingsResponse { + val tenantId = tenantResolver.resolve() // STAFF 以外で失敗 + return settingsService.getByTenant(tenantId) +} + +// OK - 認可制御でロールを保証 +@Authorized(roles = ["STAFF"]) +fun getSettings(): SettingsResponse { + val tenantId = tenantResolver.resolve() + return settingsService.getByTenant(tenantId) +} +``` + ロール分岐があるエンドポイントでは、全パスでテナント解決が成功するか検証する。 ## OWASP Top 10 チェックリスト