Which of the data processing happens in the backend (server side) and which of the processing happens on the client side? I am asking this due to security considerations.
When performing a "query", I guess this is definitely a backend operation.
So mainly the question:
Which of the procesing happens on the client side and therefore needs special awareness for security considerations.
All resource queries are executed from the Retool backend, where your authentication is stored encrypted and applied to outgoing requests. From there, the return is forwarded to the fronted to be manipulated with JS and used in the app.
That means, if my resource query returns any sensitive data, you would probably recommend using a transformer to filter out that data (or even at database query level) before populating it to the frontend?
Ideally, you would be having your backend only return data that you are comfortable having available in the user's browser since the return is sent there to be processed with JS and rendered to the user