Story #31: Validate Authorization for Object Access - Tingg - Redmine

Actions

Copy link

Story #31

open

Epic #29: Insecure Direct Object Reference (IDOR) Prevention

Validate Authorization for Object Access

Added by rashmita rout about 2 months ago. Updated about 2 months ago.

Status:

New

Priority:

High

Assignee:

Tingg BE

Target version:

Start date:

01/05/2026

Due date:

% Done:

Estimated time:

Acceptance Criteria:

1. User cannot access other users’ records

2. Unauthorized access returns error

DOR:

Story Points:

Work Type:

Feature

User Impact:

Technical Area:

Release Narrative:

Planned Sprint:

Completed In Sprint:

Spillover Reason:

Deployment Reference URL:

Description

As a system, I want to ensure users can only access objects they are authorized to. Exposing direct references to database structures means allowing parts of your application, such as modules or classes, to directly interact with database tables, columns, or other structures.

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Tingg

Custom queries

Story #31

Validate Authorization for Object Access

Updated by rashmita rout about 2 months ago

Updated by rashmita rout about 2 months ago