It is not very visible. It is sufficiently visible.
If your system allows something wrong to be done just because someone knows what the ID is, then your system is very flawed. Fix it, don’t try to invent artificial protections in sense.
Any system that doesn’t validate every little action of the user before making a decision and an action that changes status in the system is wrong. And guess what? Some 99% of systems allow users to do unexpected things and compromise to some degree what they could not do.
People need to learn to develop software in the right way and that way is never getting information here or there. You need a scientific method, structured learning, a deep understanding of the whole basis of what you’re doing and knowing what your context is, so never look for good practices.
Good practices serve as a warning for something someone has already thought about, not as a definitive guide to what to do. Most have flaws and not focus on their context.
Everything that comes from outside the system, especially those that can be triggered by a user in a legitimate way or should not be validated. You should only accept what is possible. One of the mistakes you make is trying to stop the wrong one. You’ll never know everything that can be wrong. Then forbid everything and accept only what is acceptable in that context.
You can see certain information if you pass the ID? Okay, then send it to her. If she can’t, don’t send it. If you can in a given circumstance, if you can if she is a person with a certain credential, okay, then check that she meets the criteria before you send it. This becomes even more important if it can change the data.
If the datum is changed, does it need extra permission from someone? In some cases it does, so take an extra step. Anyway record everything that was changed, or even accessed in most cases.
There are situations where an alert system is a middle ground between just recording what was done and asking someone to authorize the action. There is a mechanism called handle and it’s a term that almost no programmer uses, a huge mistake.
al ça da
female noun
Limit of powers granted.
Jurisdiction, supremacy.
[Figured] Sphere of . action.
Appeal.
Walking court that administered justice and raised grievances.
"", in Dicionário Priberam da Língua Portuguesa [online],
2008-2013, https://www.priberam.pt/dlpo/al%C3%A7ada [consulted in
28-07-2018].
Using client validation is sufficient?
It is your backend that must decide what is valid. Everything on the front is subject to change. If the client can see the ID, change and pass another ID as if it were "valid" pro backend, then your system has severe crashes.
– Sam