I am about to set up a REST interface into a database for the first time. I only want to allow certain entities to be queried and only certain fields to be returned from those entities.
I don’t want anybody to be able to query metadata for anything but the entities/fields I allow.
How is this done? How do I disable the default CRUD capabilities?