Solusi Keamanan HRTech

1// ✅ Secure employee data access
2@GetMapping("/employees/{id}")
3@PreAuthorize("hasPermission(#id, 'Employee', 'READ')")
4public EmployeeDTO getEmployee(@PathVariable Long id, Authentication auth) {
5    // Verify user can access this employee record
6    Employee employee = employeeRepository.findById(id).orElse(null);
7    
8    if (!canAccessEmployee(auth, employee)) {
9        throw new AccessDeniedException("Insufficient permissions");
10    }
11    
12    // Return sanitized DTO, not full entity
13    return employeeMapper.toSanitizedDTO(employee);
14}
15 
16// Sanitized DTO without sensitive data
17public class EmployeeDTO {
18    private String name;
19    private String department;
20    private String jobTitle;
21    // No sensitive fields exposed
22}

1// ❌ Vulnerable employee data endpoint
2@GetMapping("/employees/{id}")
3public Employee getEmployee(@PathVariable Long id) {
4    // No access control - any authenticated user can access any employee
5    return employeeRepository.findById(id).orElse(null);
6}
7 
8// Returns full employee object with sensitive data
9public class Employee {
10    private String ssn;
11    private String bankAccount;
12    private Double salary;
13    private String medicalInfo;
14    // ... other sensitive fields
15}

1# ✅ Secure payroll processing
2def calculate_payroll_secure(employee_id, requester_id):
3    # Verify authorization
4    if not has_payroll_access(requester_id, employee_id):
5        raise UnauthorizedAccess("No access to payroll data")
6    
7    # Parameterized query
8    query = "SELECT * FROM payroll WHERE employee_id = %s"
9    result = db.execute(query, (employee_id,))
10    
11    # Secure audit logging
12    audit_log.info({
13        "action": "payroll_calculation",
14        "employee_id": employee_id,
15        "requester_id": requester_id,
16        "timestamp": datetime.now()
17    })
18    
19    return sanitize_financial_data(result)
20 
21# Secure salary access with proper authorization
22def get_employee_salary_secure(employee_id, requester_id):
23    if not authorize_salary_access(requester_id, employee_id):
24        raise Forbidden("Access denied")
25    
26    salary_data = calculate_payroll_secure(employee_id, requester_id)
27    return mask_sensitive_data(salary_data)

1# ❌ Vulnerable payroll calculation
2def calculate_payroll(employee_id):
3    # Raw SQL with potential injection
4    query = f"SELECT * FROM payroll WHERE employee_id = {employee_id}"
5    result = db.execute(query)
6    
7    # Logging sensitive data
8    print(f"Payroll calculated for {result['name']}: ${result['salary']}")
9    
10    return result
11 
12# Exposed salary information in logs
13def get_employee_salary(employee_id):
14    salary_data = calculate_payroll(employee_id)
15    logger.info(f"Salary lookup: {salary_data}")
16    return salary_data