ChallengeHardGo

User Data Export Handler

Scenario

A GDPR-compliant data export endpoint lets users download their own account data. Every export must be audit-logged for compliance before the response is delivered. The response payload must exclude internal fields such as the hashed password and admin flag.

Business expectation

Every successful data export must be recorded in the audit log before the HTTP response is written. If the audit log is unavailable, the export must not be delivered. Only the account owner or an admin may request an export.

Security expectations

Exported records must not include credentials or privilege metadata. PasswordHash and IsAdmin are internal fields and must never appear in export responses. In Go, embedding User directly into the export type includes every json-tagged field.

22 lines

export/types.go

Internal User record and UserExport response type.

// Package export serves GDPR data export requests for authenticated users.

package export

import "time"

// User is the full internal user record stored in the database.

// PasswordHash and IsAdmin must not appear in any user-facing export.

type User struct {

	ID           string    `json:"id"`

	Email        string    `json:"email"`

	DisplayName  string    `json:"display_name"`

	PasswordHash string    `json:"password_hash"`

	IsAdmin      bool      `json:"is_admin"`

	CreatedAt    time.Time `json:"created_at"`

// UserExport is the payload returned to the requesting user.

// It must contain only fields approved for user-facing disclosure.

type UserExport struct {

	User

	ExportedAt time.Time `json:"exported_at"`

No findings yet

Click on a line number in the code to add a finding

You need to log in or sign up to submit.

You can inspect the challenge for free, but AI review and results require an account.

Sign inorSign up