Ecto library has an excellent feature called
preload,it preloads the schema associations into the result set. We discuss this feature in the context of security when you have associations towards your User schema that contains security-sensitive information.
Any Ecto query will not load associated data by default. This could cause the developer some headaches at the start, but it is a very reasonable feature. As loading associations could be very performance expensive, loading associated data choice is left to a developer.
Here is an example from my Testivator.com application where we have User and Session schemas. Session belongs to User:
User schema has a lot of sensitive data, the best example is
If we just use
preload without any attributes, here is what we get:
Preload selects all attributes from associated User schema.
The first solution is to break the User schema into two schemas. One schema should associate with User schema only security attributes. But this solution requires database change, we should create and run migration file.
Preload With Query
A simpler solution is to use a query in
preload the method. We select only
The security problem is when we use query results in the controller view. Doing that, User security attributes travel from server to user Browser. And those should never leave the database in the first place.