🔐 Controle de Usuários no Desenvolvimento Colaborativo
Aula 05
Desenvolvimento de Sistemas II
Prof. Ricardo Pires | 3º Técnico DS | 06/04/2026
🚨 CASO REAL: Bug de Produção
📰 O Incident que Parou uma Empresa
🛒 E-commerce BlueShop - Sex, 23:45h
O que aconteceu:
- Ex-funcionário ainda tinha acesso ao repositório principal
- Modificou configuração crítica do banco de dados
- Sistema indisponível por 2 horas
- Perda: R$ 50.000 em vendas perdidas
💭 Pergunta Reflexiva
Como estruturar governance técnica para
prevenir incidents como esse em equipes colaborativas?
🎯 Objetivos de Hoje
🚀 O que Vamos Conquistar
Competências Técnicas
- ✅ Implementar RBAC (Role-Based Access Control)
- ✅ Configurar políticas de segurança em repositórios
- ✅ Aplicar code review workflows com approvals
- ✅ Estabelecer governança técnica para equipes
Skills Profissionais
- 🔒 Consciência de segurança em desenvolvimento
- 👥 Responsabilidade coletiva na quality assurance
- 📋 Liderança técnica em process enforcement
- 🎯 Gestão de riscos em collaborative development
📚 Fundamentação: RBAC
🏗️ Hierarquia de Roles em Desenvolvimento
DEVELOPER ROLES HIERARCHY:
├── 👶 Contributor
│ └── Read + Fork only
├── 💻 Developer
│ └── Write to feature branches
├── 👀 Reviewer
│ └── Approve pull requests
├── 🛠️ Maintainer
│ └── Merge to main + releases
└── 🔑 Owner
└── Admin settings + user management💡 Princípio Fundamental
“Least privilege principle” - Cada user tem apenas as permissions mínimas necessárias para sua função
⚠️ O que Acontece com “Todos Admin”?
🔴 Riscos Reais
| Risk | Impact | Example |
|---|---|---|
| Accidental deletion | High | Maintainer apaga branch main |
| Unauthorized changes | High | Junior modifica prod config |
| Secrets exposure | Critical | Keys committed to repo |
| Access persistence | Critical | Ex-employee keeps access |
✅ Benefits do RBAC
- Auditabilidade: Quem pode fazer o quê
- Responsabilização: Clear ownership dos changes
- Risk reduction: Limited blast radius
- Compliance: Required para many industries
🛡️ Branch Protection
🔒 Secured Development Workflow
graph LR A[feat/login-security] -->|PR| B{CI Checks} B -->|✅ Pass| C{Code Review} B -->|❌ Fail| D[Fix Required] C -->|👍 Approved| E[Merge to main] C -->|👎 Changes Requested| F[Update PR] E --> G[🚀 Deploy] style A fill:#e1f5fe style E fill:#c8e6c9 style G fill:#fff3e0 style D fill:#ffcdd2 style F fill:#fff3e0
🛡️ Essential Protections
- Required reviews: Minimum 1-2 approvals
- Status checks: CI must pass before merge
- Admin override: Even owners follow process
- Branch deletion protection: Prevent accidents
⚙️ GitHub Branch Protection Demo
Step-by-Step Configuration
-
Settings → Branches → Add rule
-
Branch name pattern:
main -
Protection settings:
✅ Require pull request reviews before merging └── Required approvals: 1 └── Dismiss stale reviews when new commits pushed ✅ Require status checks to pass before merging └── Require branches to be up to date ✅ Include administrators ✅ Restrict pushes that create files larger than 100MB
🎯 Result: Zero direct commits to main!
🔐 Security Best Practices
🛡️ Essential Security Controls
🔑 Authentication & Authorization
Multi-Factor Authentication (MFA):
- Required for all team members
- GitHub/GitLab: Settings → Account security
- SMS, Authenticator app, or Hardware keys
Access Reviews:
- Monthly review of repository access
- Quarterly review of organization permissions
- Immediate revocation on employee departure🔍 Audit & Monitoring
Audit Trail:
- All repository activities logged
- Access: Settings → Security → Audit log
- Monitor: unusual commit times, large files, config changes
Security Scanning:
- Dependabot: dependency vulnerabilities
- CodeQL: security code analysis
- Secret scanning: prevent credentials exposure⚠️ Secrets Management
🚫 NEVER Do This
// ❌ WRONG: Hardcoded secrets
const dbConfig = {
host: "production-db.company.com",
user: "admin",
password: "super_secret_123", // 🚨 EXPOSED!
database: "sales_data",
};✅ ALWAYS Do This
// ✅ CORRECT: Environment variables
const dbConfig = {
host: process.env.DB_HOST,
user: process.env.DB_USER,
password: process.env.DB_PASSWORD, // 🔐 SECURE!
database: process.env.DB_NAME,
};🛠️ Tools: GitHub Secrets, Azure Key Vault, AWS Secrets Manager
💼 Exercício 1: Audit de Segurança
(20 minutos)
🔍 Scenario: Repository “sistema-vendas”
📊 Current State Analysis
Repository Status:
├── Branch main: SEM PROTEÇÃO ⚠️
├── All developers: ADMIN RIGHTS ⚠️
├── CI/CD: OPCIONAL ⚠️
├── Secrets: HARDCODED no source ❌
├── MFA: NÃO OBRIGATÓRIO ❌
└── Access reviews: NEVER PERFORMED ❌📋 Your Mission (Groups 3-4)
15 min para analysis:
- Identificar TODOS os security risks (Priority: Alta/Média/Baixa)
- Propor solutions para os 3 mais críticos
- Estimar esforço implementation (hours/days)
- Criar action plan com timeline realistic
5 min presentations: 2 min per group
⚡ INTERVALO
10 minutos
🛠️ Exercício 2: Configuração RBAC
(25 minutos)
⚙️ Hands-On: Setup Seguro
👥 Role Assignment (4 students per group)
Student A - Repository Owner:
- Full admin access
- Manage settings & users
Student B - Maintainer:
- Merge rights to main
- Manage releases
Student C - Developer:
- Create feature branches
- Push to own branches
Student D - Reviewer:
- Approve/reject PRs
- No merge permissions⏰ Timeline
- 5 min: Repository creation + invites
- 8 min: RBAC configuration
- 7 min: Branch protection setup
- 5 min: Testing & validation
🔧 Configuration Steps
Step 1: Repository Setup
- Fork template repository (provided)
- Navigate to Settings → Manage access
- Invite classmates with specific roles
- Enable basic security features
Step 2: Branch Protection
Settings → Branches → Add rule:
Pattern: main
✅ Require PR reviews (min 1 approval)
✅ Require status checks
✅ Include administrators
✅ Restrict direct pushes
⏰ Auto-delete head branchesStep 3: Testing
- Try unauthorized operations (should fail!)
- Verify audit trail captures activities
- Test PR workflow end-to-end
🚨 Exercício 3: Incident Response
(20 minutos)
🔴 Security Incident Simulation
⚠️ ALERT: Suspicious Commit Detected
Incident Details:
├── Time: 03:00 AM (unusual hour) 🕐
├── Files: Large additions detected 📁
├── Author: Junior developer (normally 9-5) 👶
├── Changes: Database config files modified 🔧
└── Size: 50MB+ added (potential secrets) 💾🎭 Role-Playing Assignment
- 🎯 Incident Commander: Coordinate response
- 🔍 Security Analyst: Technical investigation
- ⚙️ DevOps Engineer: Implement fixes/rollback
- 📢 Manager: Communication & escalation
📋 Your Mission (15 min)
- Investigate using audit trails
- Assess impact and data exposure
- Implement immediate containment
- Plan remediation steps
- Document lessons learned
📊 Incident Response Playbook
🚨 Immediate Actions (First 5 min)
1. CONTAIN: ├── Revoke suspicious account access
├── Lock affected repository/branch
└── Notify incident team
2. ASSESS: ├── Review commit contents
├── Check for secrets exposure
└── Identify potentially affected systems
3. COMMUNICATE: ├── Alert stakeholders
├── Document timeline
└── Prepare status updates🔍 Investigation Phase (Next 10 min)
- Git history analysis:
git log --oneline --since="2 days ago" - File diff review: Look for sensitive data
- Access log analysis: When/where was access used?
- Impact assessment: What services could be compromised?
📊 Synthesis & Assessment
🎯 Quick Knowledge Check
💭 Reflection Questions
-
Qual o nível mínimo de approval required para merge crítico?
-
Como detectar compromise de developer account?
-
Que evidences provide adequate audit trail?
-
When should access permissions be reviewed?
🔄 Professional Application
"Como aplicar essas practices
em seu futuro estágio ou trabalho?"
"Que tools professionais implement
same concepts que aprendemos?"
"How to advocate for security improvements
em existing teams?"
🏆 Key Takeaways
💡 Essential Learnings
Technical Skills
- RBAC implementation protects against privilege escalation
- Branch protection enforces quality and security standards
- Audit trails enable investigation and accountability
- Security processes are more effective than security tools alone
Professional Mindset
- Security is everyone’s responsibility, not just the “security team”
- Process enforcement requires both technical and cultural change
- Incident response speed matters more than perfection
- Compliance enables professional development practices
🚀 Next Steps
Aula 06: Testing strategies + Quality assurance automation
Connection: Security governance + Automated quality gates
✅ Excellent Work!
🎯 Objective Accomplished
You now understand collaborative development security
🔜 Coming Next
Testing strategies & automated quality assurance
📞 Contato e Recursos
Professor Ricardo Pires
📧 Email: ricardo.pires@etec.sp.gov.br
🕒 Atendimento: Segunda a Sexta, 18h30 às 21h30
📍 Local: Coordenação de Informática
📚 Materials & Support
💻 Google Classroom: Materiais complementares e discussions
📖 Bibliografia: Links em material de apoio
🎯 Office Hours: Terças e quintas, 19h00-19h30
🔗 Additional Resources
- GitHub Docs: docs.github.com/security
- OWASP Guide: owasp.org/projects
- DevSecOps Practices: Course material links