Filter sensitive information from public API endpoints

Parent: [EPIC] Web API to meet radio requirements (aura#372 - closed)

These fields should be filtered from any public API endpoints and only be available to authenticated sessions:

• Field email on all records
• Timeslot field memo: This should only be available to authenticated users
• Entity User (not to be mixed up with profile details, which still should be public)
• Entity Cba (CBA settings assigned to the user, not to be mistaken with the show/episode CBA Ids)

Compare the documentation here: https://docs.aura.radio/en/latest/user/admin/roles-and-permissions.html#public-visibility-of-data

changed milestone to %1.0-alpha5 — Capable Capybara

added P2 discuss labels

marked this issue as related to aura#221 (closed)

changed milestone to %1.0-alpha6 — Wondrous Whale

mentioned in issue aura#372 (closed)

changed the description

changed the description

changed milestone to %1.0-alpha7 — Helpful Hedgehog

changed milestone to %1.0-alpha6 — Wondrous Whale

changed the description

added To Do label

assigned to @eigenwijsje

added size:m label

changed the description

removed discuss label

added Cycle [6/24] label

added Doing label and removed To Do label

added To Do label and removed Doing label

added Doing label and removed To Do label

added ready-for-testing label and removed Doing label

• Field email on all records
• Timeslot field memo: This should only be available to authenticated users
• Entity User (not to be mixed up with profile details, which still should be public). This is not needed User are only visible to authenticated request,
• Entity Cba (CBA settings assigned to the user, not to be mistaken with the show/episode CBA Ids)

This was quick, wow!

Tested & closing. Thank you @eigenwijsje!

closed

removed ready-for-testing label