Specify which columns may be accessed and queried on Eloquent model

Question

I have the following problem, I am accessing a database from someone else and he hasn't granted me permissions to all columns of the table. So now when I am querying the database like so:

Client::get(1)

It will give me the following error, which is expected because it is trying to select * while it's not allowed.

SELECT command denied to user blabla

I know that you can specify which columns to select on the query's itself, but is there anyway to do this on the model itself? So it's not even possible to get that error? Something along the lines of

$columns = ['col1', 'col2']

which would then edit these queries to select those columns instead of *? I've searched all over the internet but haven't been able to find what I need. And if it's not possible, do you guys have any workarounds for this issue?

This might be your best bet: https://stackoverflow.com/a/23612794/1561929 — Alex Harris, May 25 '17 at 20:12
@chasenyc That still requires the columns to be specified every single query — Jordy, May 25 '17 at 20:17

just_chris · Answer 1 · 2017-05-25T23:36:03.757

Have you tried the $hidden attribute for Eloquent? Specify the columns you don't want to include by adding the following into your model:

protected $hidden = ['col1', 'col2', 'etc'];

This is typically used to hide the password & token columns, I have not tested to see it actually stops calling the column altogether, it is possible that it still calls it but just exlcudes the data, nonetheless it is worth trying.

There is more info on it here: https://laravel.com/docs/5.4/eloquent-serialization#hiding-attributes-from-json

Alternatively, just try this small hack by adding this to your model:

    public function newSmallQuery()
{
    return Client::first(['Col1', 'Col2']);
}

Then just call this query instead of get() and it will just return those columns.

Specify which columns may be accessed and queried on Eloquent model

1 Answers1