I’m using code-first with entity framework for modeling and creating my db.
I’m just wondering – when I return objects to the user – I don’t want to return data sensitive fields like id
.
Should I add an atttibute like [DoNotReturn]
combined with a filter to remove this fields when returning to the user, or should I just make a whole new class which doesn’t contain these fields?
Example:
public class UserAccount { //Option 1 - Hide fields [DoNotReturn] public int Id { get; set; } [Index(IsUnique = true)] [MaxLength(50)] public string Username { get; set; } public decimal Cash { get; set; } [DoNotReturn] public Account Account { get; set; } //Contains Email / Password //Option 2 - return a `safe` version public User UserAccountToFriendly() { return new FriendlyUser(this.Username, this.Cash); } }