View Source Sensitive Data
Public & Private Attributes
By default, attributes, calculations, aggregates and relationships are private (they are marked public?: false
).
If you are working with Ash in code, reading a resource, for example using Ash.read/2
, the public/private status of an attribute is not relevant.
However, when working with api extensions like AshGraphql
and AshJsonApi
, they will only include public fields in their interfaces. This helps avoid accidentally exposing data over "public" interfaces.
Public & Private Arguments
Public/private arguments work the same way as public/private fields, except that they default to public?: true
.
This is because arguments to an action being used in a public interface would naturally be expected to be public
. If an argument is marked as public?: false
, it can only be set with Ash.Query.set_argument/3
or Ash.Changeset.set_argument/3
Sensitive Attributes
Using sensitive? true
will cause an attribute, calculation or argument to show as "** Redacted **"
when inspecting records.
In filter statements, any value used in the same expression as a sensitive field will also be redacted. For example, you might see: email == "** Redacted **"
in a filter statement if email
is marked as sensitive.
Field Policies
Field policies are a way to control the visibility of individual fields (except for relationships) as a part of authorization flow, for those using Ash.Policy.Authorizer
.
If a field is not visible, it will be populated with %Ash.ForbiddenField{}
, or will be not shown (or may show an error) in public interfaces. See the Policies guide for more.