#Hiding Values in Scaffold View

Working with Redwoodjs and created a bunch of scaffolding for users and groups of users. Unfortunately, the way I have some of the authentication and RBAC controls stored in the DB, they are showing up in the scaffolding view. I don't mind them being in the edit pages as those are auth/RBAC protected and you can only see the one you're working on, but is there a way to mask those values by some kind of definition in the schema.prisma file, so that in the general scaffold view you can't see everyone's information at a glance?

Hmm. Honestly, I think the easiest way is to simply edit the scaffolded file and remove those fields from showing.

I haven’t looked in a while so can’t remember exactly what they look like. But that’s the approach I would take

Maybe validate directives?

Oh. I was thinking to remove those fields altogether! Maybe validate would let you obfuscate data?

@tender tendon Sorry I misunderstood it myself, validate directives would allow you to check context in some way to prevent access to those fields. If you want to mask them you'd use a transformer. Check this out, where the e-mail is masked as an example:
https://docs.redwoodjs.com/docs/directives/#transformer

I knew I'd seen something like that somewhere! 🚀

First, re: " have some of the authentication and RBAC controls stored in the DB, they are showing up in the scaffolding view". Consider adding these permission fiends to a differnt model other than User, like Profile or Permission. That way you can access thr valies via Prisma, but if you don't add the profile to sdl types or expose via graphql, it won't be available to web. It grealty helps reduce thr risk that those value could leak.

You can mask via a directive, but honestly, i'd move them to a new model.

Also by moving ti a new model, you cna can much more fine grained control over who can add or edit that info.

Prisma in 5.16 is releasing an omit feature https://www.prisma.io/docs/orm/prisma-client/queries/excluding-fields again you want to match your sdl to your data to your view needs - a adl doesn't always have to map 1-to-1 to your datamodel. But omits could help shield fields from view.