Ignore field only for data rest #2475
Description
You may not want a certain repository, a query method on a repository, or a field of your entity to be exported at all. Examples include hiding fields like password on a User object and similar sensitive data. To tell the exporter to not export these items, annotate them with @RestResource and set exported = false.
[...]
to skip exporting a field, you can annotate the field with @RestResource(exported = false), as follows:
@Entity
public class Person {
@Id @GeneratedValue private Long id;
@OneToMany
@RestResource(exported = false)
private Map<String, Profile> profiles;
}but this doesn't seems to work, not with association nor with "normal" attributes:
if I have defined an entity like
package vito.prove.spring.classic;
import java.util.List;
import org.springframework.data.rest.core.annotation.RestResource;
import jakarta.persistence.*;
import lombok.*;
@Entity
@Data
@NoArgsConstructor
@AllArgsConstructor(staticName = "of")
public class Person {
@Id
@GeneratedValue
private Long id;
@OneToMany(fetch = FetchType.EAGER)
@RestResource(exported = false)
private List<Profile> profiles;
@RestResource(exported = false)
private String label;
}where I want to "hide" both profiles and label fields from a rest repository; yet in the rest interface I see that the endpoints still return all the fields
{
"profiles": [
{
"label": "profile 1"
}
],
"label": "person 1",
"_links": {
"self": {
"href": "http://localhost:8080/persons/1"
},
"person": {
"href": "http://localhost:8080/persons/1"
}
}
}keep in mind that I also use the same entity in a "normal" controller+service-based rest interface in the same application, so I cannot really use the jackson annotations, because they will hide the fields also there