Skip to content

Security/db entities have readable fields defined (#25404)#25576

Merged
luk-kaminski merged 1 commit into7.0from
backport-7.0/security/db_entities_have_readable_fields_defined
Apr 14, 2026
Merged

Security/db entities have readable fields defined (#25404)#25576
luk-kaminski merged 1 commit into7.0from
backport-7.0/security/db_entities_have_readable_fields_defined

Conversation

@luk-kaminski
Copy link
Copy Markdown
Contributor

@luk-kaminski luk-kaminski commented Apr 8, 2026
edited
Loading

Description

Backporting #25404 to 7.0.
(cherry picked from commit 720557e)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Refactoring (non-breaking change)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have requested a documentation update.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.

@luk-kaminski @claude
Security/db entities have readable fields defined (#25404)
86f28f7 
* Add readableFields to DbEntity annotation and enforce in suggestion service

Add a `readableFields` attribute to `@DbEntity` that declares which MongoDB
document fields may be exposed through general-purpose services like
`MongoEntitySuggestionService`. Sensitive data (passwords, tokens, internal
configs) is excluded from each entity's readable list.

`MongoEntitySuggestionService` now validates requested fields against the
readable list via `EntityPermissionsUtils.areFieldsReadable()` and returns
an empty response when a non-readable field is requested.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Readable fields corrected for data node, decorator and access token

* Corrected readable fields for other entities

* Corrections to Claude-generated code

* _id field is added as readable

* Removed unused methods from EntitySuggestionService

* Removed service parameter that has been never used in the code...

* Additional safety in MongoCollectionExportService, despite the fact it is only used with investigations collection now

* Changelog added

* Permission utils return false on empty or null field collection, to avoid possibility of MongoDB projection returning complete document

* HTTP 400 status code on attempt to read unreadable or non-existing fields

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
(cherry picked from commit 720557e)
@luk-kaminski luk-kaminski marked this pull request as ready for review April 8, 2026 13:42
@luk-kaminski luk-kaminski merged commit b1fdf27 into 7.0 Apr 14, 2026
17 checks passed
@luk-kaminski luk-kaminski deleted the backport-7.0/security/db_entities_have_readable_fields_defined branch April 14, 2026 06:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@janheise janheise janheise approved these changes

@dennisoelkers dennisoelkers Awaiting requested review from dennisoelkers

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@luk-kaminski @janheise