Limit data exposure in public grant views (#13)

packages/nextjs/app/_components/Grants/ApprovedGrantsList.tsx

@@ -2,13 +2,13 @@
 
 import { useState } from "react";
 import { GrantItem } from "./GrantItem";
-import { GrantWithStages } from "~~/app/grants/[grantId]/page";
 import { Pagination } from "~~/components/pg-ens/Pagination";
+import { PublicGrant } from "~~/services/database/repositories/grants";
 
 const GRANTS_PER_PAGE = 8;
 
 type ApprovedGrantsListProps = {
-  approvedGrants: NonNullable<GrantWithStages>[];
+  approvedGrants: PublicGrant[];
 };
 
 export const ApprovedGrantsList = ({ approvedGrants }: ApprovedGrantsListProps) => {

packages/nextjs/app/_components/Grants/GrantItem.tsx

@@ -3,19 +3,19 @@ import Link from "next/link";
 import { GrantMilestonesModal } from "./GrantMilestonesModal";
 import { formatEther } from "viem";
 import { MagnifyingGlassIcon } from "@heroicons/react/24/outline";
-import { GrantWithStages } from "~~/app/grants/[grantId]/page";
 import { Badge } from "~~/components/pg-ens/Badge";
 import { Button } from "~~/components/pg-ens/Button";
 import { GrantProgressBar } from "~~/components/pg-ens/GrantProgressBar";
 import { Address } from "~~/components/scaffold-eth";
 import { useAuthSession } from "~~/hooks/pg-ens/useAuthSession";
 import { useWithdrawals } from "~~/hooks/pg-ens/useWithdrawals";
+import { PublicGrant } from "~~/services/database/repositories/grants";
 import { Stage } from "~~/services/database/repositories/stages";
 import { getFormattedDate } from "~~/utils/getFormattedDate";
 import { multilineStringToTsx } from "~~/utils/multiline-string-to-tsx";
 
 type GrantItemProps = {
-  grant: NonNullable<GrantWithStages>;
+  grant: PublicGrant;
   latestsShownStatus: "all" | "approved";
 };
 

packages/nextjs/app/_components/Grants/index.tsx

@@ -1,12 +1,11 @@
 import { ApprovedGrantsList } from "./ApprovedGrantsList";
-import { GrantWithStages } from "~~/app/grants/[grantId]/page";
-import { getAllGrants } from "~~/services/database/repositories/grants";
+import { getPublicGrants } from "~~/services/database/repositories/grants";
 
 export const ApprovedGrants = async () => {
-  const allGrants = await getAllGrants();
+  const allGrants = await getPublicGrants();
   const approvedGrants = allGrants.filter(grant =>
     grant.stages.some(stage => stage.status === "approved" || stage.status === "completed"),
-  ) as NonNullable<GrantWithStages>[];
+  );
 
   if (approvedGrants.length === 0) return null;
 

packages/nextjs/services/database/repositories/grants.ts

@@ -4,6 +4,7 @@ import { grants, stages } from "~~/services/database/config/schema";
 
 export type GrantInsert = InferInsertModel<typeof grants>;
 export type Grant = InferSelectModel<typeof grants>;
+export type PublicGrant = Awaited<ReturnType<typeof getPublicGrants>>[number];
 
 export async function getAllGrants() {
   return await db.query.grants.findMany({
@@ -17,6 +18,32 @@ export async function getAllGrants() {
   });
 }
 
+// Excludes sensitive information for public pages
+export async function getPublicGrants() {
+  return await db.query.grants.findMany({
+    orderBy: [desc(grants.submitedAt)],
+    columns: {
+      id: true,
+      grantNumber: true,
+      title: true,
+      description: true,
+      builderAddress: true,
+    },
+    with: {
+      stages: {
+        orderBy: [desc(stages.stageNumber)],
+        columns: {
+          id: true,
+          stageNumber: true,
+          submitedAt: true,
+          grantAmount: true,
+          status: true,
+        },
+      },
+    },
+  });
+}
+
 // Note: use only for admin pages
 export async function getAllGrantsWithStagesAndPrivateNotes() {
   return await db.query.grants.findMany({