Anonymizing response data with sibling types that doesent contain any userId

server/.sqlx/query-2ec6780ea09d3cd14aeb87aeb97d93ff9a46e71d75f7e00d6c990fd3585ed866.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT * FROM posts WHERE id = $1",
+  "query": "SELECT id, content, upvotes, downvotes, created_at, updated_at FROM posts ORDER BY created_at DESC LIMIT $1 OFFSET $2",
   "describe": {
     "columns": [
       {
@@ -10,37 +10,33 @@
       },
       {
         "ordinal": 1,
-        "name": "user_id",
-        "type_info": "Int8"
-      },
-      {
-        "ordinal": 2,
         "name": "content",
         "type_info": "Text"
       },
       {
-        "ordinal": 3,
+        "ordinal": 2,
         "name": "upvotes",
         "type_info": "Int4"
       },
       {
-        "ordinal": 4,
+        "ordinal": 3,
         "name": "downvotes",
         "type_info": "Int4"
       },
       {
-        "ordinal": 5,
+        "ordinal": 4,
         "name": "created_at",
         "type_info": "Timestamp"
       },
       {
-        "ordinal": 6,
+        "ordinal": 5,
         "name": "updated_at",
         "type_info": "Timestamp"
       }
     ],
     "parameters": {
       "Left": [
+        "Int8",
         "Int8"
       ]
     },
@@ -50,9 +46,8 @@
       false,
       false,
       false,
-      false,
       false
     ]
   },
-  "hash": "b6019471ff1989ef2f0658b0b34e683fdc706751e2bb69043544c9a4d08b5ba0"
+  "hash": "2ec6780ea09d3cd14aeb87aeb97d93ff9a46e71d75f7e00d6c990fd3585ed866"
 }

server/.sqlx/query-361a0590e46d138eba4973962c5f527ea86dc3c8640a5dc556523ff336be470e.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT * FROM comments WHERE parent_post_id = $1 ORDER BY created_at DESC LIMIT $2 OFFSET $3",
+  "query": "SELECT id, parent_post_id, parent_comment_id, upvotes, downvotes, content, created_at, updated_at FROM comments WHERE parent_post_id = $1 ORDER BY created_at DESC LIMIT $2 OFFSET $3",
   "describe": {
     "columns": [
       {
@@ -20,31 +20,26 @@
       },
       {
         "ordinal": 3,
-        "name": "author_user_id",
-        "type_info": "Int8"
-      },
-      {
-        "ordinal": 4,
-        "name": "content",
-        "type_info": "Text"
-      },
-      {
-        "ordinal": 5,
         "name": "upvotes",
         "type_info": "Int4"
       },
       {
-        "ordinal": 6,
+        "ordinal": 4,
         "name": "downvotes",
         "type_info": "Int4"
       },
       {
-        "ordinal": 7,
+        "ordinal": 5,
+        "name": "content",
+        "type_info": "Text"
+      },
+      {
+        "ordinal": 6,
         "name": "created_at",
         "type_info": "Timestamp"
       },
       {
-        "ordinal": 8,
+        "ordinal": 7,
         "name": "updated_at",
         "type_info": "Timestamp"
       }
@@ -64,9 +59,8 @@
       false,
       false,
       false,
-      false,
       false
     ]
   },
-  "hash": "345472dbe81319923bf40fc39a1f8609a54f8ba99bc55f208fb01cda5dd219f7"
+  "hash": "361a0590e46d138eba4973962c5f527ea86dc3c8640a5dc556523ff336be470e"
 }

server/.sqlx/query-f2463f3ff911698f3e841c631e8b8609408eaa32f0dcc7fb70c029339613cd07.json

@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT * FROM posts ORDER BY created_at DESC LIMIT $1 OFFSET $2",
+  "query": "SELECT id, content, upvotes, downvotes, created_at, updated_at FROM posts WHERE id = $1",
   "describe": {
     "columns": [
       {
@@ -10,38 +10,32 @@
       },
       {
         "ordinal": 1,
-        "name": "user_id",
-        "type_info": "Int8"
-      },
-      {
-        "ordinal": 2,
         "name": "content",
         "type_info": "Text"
       },
       {
-        "ordinal": 3,
+        "ordinal": 2,
         "name": "upvotes",
         "type_info": "Int4"
       },
       {
-        "ordinal": 4,
+        "ordinal": 3,
         "name": "downvotes",
         "type_info": "Int4"
       },
       {
-        "ordinal": 5,
+        "ordinal": 4,
         "name": "created_at",
         "type_info": "Timestamp"
       },
       {
-        "ordinal": 6,
+        "ordinal": 5,
         "name": "updated_at",
         "type_info": "Timestamp"
       }
     ],
     "parameters": {
       "Left": [
-        "Int8",
         "Int8"
       ]
     },
@@ -51,9 +45,8 @@
       false,
       false,
       false,
-      false,
       false
     ]
   },
-  "hash": "f68cd95363d7da716b14f430118176ed4da34e450fc07b812f6bf77073cc2128"
+  "hash": "f2463f3ff911698f3e841c631e8b8609408eaa32f0dcc7fb70c029339613cd07"
 }

server/src/db.rs

@@ -1,4 +1,4 @@
-use crate::types::{Comment, Post, User};
+use crate::types::{Post, PublicComment, PublicPost, User};
 use argon2::{
     password_hash::{rand_core::OsRng, SaltString},
     Argon2, PasswordHasher, PasswordVerifier,
@@ -37,10 +37,10 @@ pub async fn db_get_comments(
     parent_post_id: i64,
     limit: i64,
     offset: i64,
-) -> Vec<Comment> {
+) -> Vec<PublicComment> {
     sqlx::query_as!(
-        Comment,
-        "SELECT * FROM comments WHERE parent_post_id = $1 ORDER BY created_at DESC LIMIT $2 OFFSET $3",
+        PublicComment,
+        "SELECT id, parent_post_id, parent_comment_id, upvotes, downvotes, content, created_at, updated_at FROM comments WHERE parent_post_id = $1 ORDER BY created_at DESC LIMIT $2 OFFSET $3",
         parent_post_id,
         limit,
         offset
@@ -51,10 +51,10 @@ pub async fn db_get_comments(
 }
 
 /// Gets the latest posts from the database, ordered by created_at
-pub async fn db_get_latest_posts(pool: &PgPool, limit: i64, offset: i64) -> Vec<Post> {
+pub async fn db_get_latest_posts(pool: &PgPool, limit: i64, offset: i64) -> Vec<PublicPost> {
     sqlx::query_as!(
-        Post,
-        "SELECT * FROM posts ORDER BY created_at DESC LIMIT $1 OFFSET $2",
+        PublicPost,
+        "SELECT id, content, upvotes, downvotes, created_at, updated_at FROM posts ORDER BY created_at DESC LIMIT $1 OFFSET $2",
         limit,
         offset
     )
@@ -64,8 +64,12 @@ pub async fn db_get_latest_posts(pool: &PgPool, limit: i64, offset: i64) -> Vec<
 }
 
 /// Gets the post with id from the database
-pub async fn db_get_post(id: i64, pool: &PgPool) -> Option<Post> {
-    sqlx::query_as!(Post, "SELECT * FROM posts WHERE id = $1", id)
+pub async fn db_get_post(id: i64, pool: &PgPool) -> Option<PublicPost> {
+    sqlx::query_as!(
+        PublicPost,
+        "SELECT id, content, upvotes, downvotes, created_at, updated_at FROM posts WHERE id = $1",
+        id
+    )
     .fetch_one(pool)
     .await
     .ok()

server/src/types/comment.rs

@@ -10,7 +10,6 @@ pub struct NewComment {
 }
 
 /// The comment as it is stored in the database, with all the related metadata
-/// This is also the comment as it is sent to the client
 #[derive(Debug, Serialize, Deserialize, Clone, sqlx::FromRow)]
 pub struct Comment {
     pub id: i64,
@@ -24,6 +23,19 @@ pub struct Comment {
     pub updated_at: chrono::NaiveDateTime,
 }
 
+/// This is the comment as it is sent to the client, with only the public metadata
+#[derive(Debug, Serialize, Deserialize, Clone, sqlx::FromRow)]
+pub struct PublicComment {
+    pub id: i64,
+    pub parent_post_id: i64,
+    pub parent_comment_id: Option<i64>,
+    pub upvotes: i64,
+    pub downvotes: i64,
+    pub content: String,
+    pub created_at: chrono::NaiveDateTime,
+    pub updated_at: chrono::NaiveDateTime,
+}
+
 /// Query parameters for the /comments endpoint
 #[derive(Debug, Serialize, Deserialize)]
 pub struct CommentQueryParams {

server/src/types/post.rs

@@ -21,6 +21,17 @@ pub struct Post {
     pub updated_at: chrono::NaiveDateTime,
 }
 
+// The post as it is sent to the client, with only the public metadata
+#[derive(Debug, Serialize, Deserialize, Clone, FromRow)]
+pub struct PublicPost {
+    pub id: i64,
+    pub content: String,
+    pub upvotes: i64,
+    pub downvotes: i64,
+    pub created_at: chrono::NaiveDateTime,
+    pub updated_at: chrono::NaiveDateTime,
+}
+
 // These look like /posts?limit=10&offset=20 in the URL
 // Note that these are optional
 /// Query parameters for the /posts endpoint