We want the API to be publicly readable, and there are a lot of parameters or options that can cause it to have unacceptable performance (e.g. causing full table scans on large tables, causing N+1 queries) if publicly accessible. We need to audit all the controllers and models and either:
We want the API to be publicly readable, and there are a lot of parameters or options that can cause it to have unacceptable performance (e.g. causing full table scans on large tables, causing N+1 queries) if publicly accessible. We need to audit all the controllers and models and either: