Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blacklist the columns from public #2180

Closed
shushant opened this issue Jul 14, 2018 · 2 comments
Closed

Blacklist the columns from public #2180

shushant opened this issue Jul 14, 2018 · 2 comments

Comments

@shushant
Copy link

For security issues, please email support@getdirectus.com directly.

To help us resolve your issue more quickly, please use the following template:

For feature requests/voting please use the Directus Request Tool, or come chat with us through getdirectus.com. Accepted feature requests will be added to GitHub Issues for assignment.

Version Info

  • Directus version and branch (Or commit hash): 6.4.2
  • PHP version: 5.6.36
  • MySQL version: 5.7.19
  • Web server: Apache
  • OS name and version: Windows 10

Expected Behavior

I don't want certain columns to be exposed publicly

Actual Behavior

capture
Please look at the screenshot i have attached.
I have read blacklisted the attachment column but whenever i browse the endpoints that columns is still there

{
    "meta": {
        "table": "products",
        "type": "collection",
        "total": 2,
        "Deleted": 2,
        "Published": 2,
        "Draft": 0,
        "total_entries": 4
    },
    "data": [
        {
            "id": 3,
            "status": 1,
            "sort": null,
            "name": "Yoga Tips",
            "attachment": {
                "meta": {
                    "table": "directus_files",
                    "type": "item"
                },
                "data": {
                    "id": 2,
                    "status": 1,
                    "name": "00000000002.PNG",
                    "title": "Capture",
                    "location": "",
                    "caption": "",
                    "type": "image\/png",
                    "charset": "binary",
                    "tags": "",
                    "width": 476,
                    "height": 439,
                    "size": 17543,
                    "embed_id": null,
                    "user": 1,
                    "date_uploaded": "2018-07-13T09:26:42-04:00",
                    "storage_adapter": "local",
                    "url": "\/storage\/uploads\/00000000002.PNG",
                    "thumbnail_url": "\/storage\/uploads\/thumbs\/2.PNG",
                    "old_thumbnail_url": "\/storage\/uploads\/thumbs\/00000000002-PNG-160-160-true.jpg",
                    "html": null
                }
            },
            "category": {
                "meta": {
                    "table": "category",
                    "type": "item"
                },
                "data": {
                    "id": 1,
                    "status": 1,
                    "sort": null,
                    "name": "Kids",
                    "slug": "kids"
                }
            }
        },
        {
            "id": 4,
            "status": 1,
            "sort": null,
            "name": "kshushant",
            "attachment": {
                "meta": {
                    "table": "directus_files",
                    "type": "item"
                },
                "data": {
                    "id": 3,
                    "status": 1,
                    "name": "dca9ee73d2b97a10448dc82283b54e48.PNG",
                    "title": "Capture",
                    "location": "",
                    "caption": "",
                    "type": "image\/png",
                    "charset": "binary",
                    "tags": "",
                    "width": 476,
                    "height": 439,
                    "size": 17543,
                    "embed_id": null,
                    "user": 1,
                    "date_uploaded": "2018-07-13T10:24:35-04:00",
                    "storage_adapter": "local",
                    "url": "\/storage\/uploads\/dca9ee73d2b97a10448dc82283b54e48.PNG",
                    "thumbnail_url": "\/storage\/uploads\/thumbs\/3.PNG",
                    "old_thumbnail_url": "\/storage\/uploads\/thumbs\/dca9ee73d2b97a10448dc82283b54e48-PNG-160-160-true.jpg",
                    "html": null
                }
            },
            "category": {
                "meta": {
                    "table": "category",
                    "type": "item"
                },
                "data": {
                    "id": 2,
                    "status": 1,
                    "sort": null,
                    "name": "Sports",
                    "slug": null
                }
            }
        }
    ]
}

But in case of other usergroup which requires access token column is hidden from endpoint

Steps to Reproduce

Schema Dump, Logs, or Screenshots
@benhaynes benhaynes added the v6 label Oct 12, 2018
@benhaynes benhaynes mentioned this issue Oct 25, 2018
Closed
@benhaynes
Copy link
Sponsor Member

Kamino cloned this issue to directus/api

@benhaynes benhaynes mentioned this issue Oct 25, 2018
Open
@benhaynes
Copy link
Sponsor Member

Kamino closed and cloned this issue to directus/directus-6-legacy

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 5, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@benhaynes @shushant