View Source Sensitive Data

Public & Private Attributes

By default, attributes, calculations, aggregates and relationships are private (they are marked public?: false). If you are working with Ash in code, the public/private status of an attribute is not relevant. However, when working with api extensions like AshGraphql and AshJsonApi, they will only include public fields in their interfaces. This helps avoid accidentally exposing data over "public" interfaces.

Public & Private Arguments

Public/private arguments work the same way as public/private fields, except that they default to public?: true. This is because arguments to an action being used in a public interface would naturally be expected to be public. If an argument is marked as public?: false, it can only be set with Ash.Query.set_argument/3 or Ash.Changeset.set_argument/3

Sensitive Attributes

Using sensitive? true will cause an attribute, calculation or argument to show as "** Redacted **" when inspecting records. In filter statements, any value used in the same expression as a sensitive field will also be redacted. For example, you might see: email == "** Redacted **" in a filter statement if email is marked as sensitive.

Field Policies

Field policies are a way to control the visibility of individual fields (except for relationships) as a part of authorization flow, for those using Ash.Policy.Authorizer. If a field is not visible, it will be populated with %Ash.ForbiddenField{}, or will be not shown (or may show an error) in public interfaces. See the Policies guide for more.