get_user(), when called on the client, returns all columns. This occurs even when the Users table is set to NO ACCESS from the Client side.
This can easily raise problems. For example, it’s common for apps to add internal-use columns, such as a Stripe ID, or potentially sensitive information, to the Users table, thinking that the NO ACCESS setting prevents users from seeing that information.
It doesn’t.
For now, it’s wise to move all such columns to their own table, linked back to Users. (Don’t have your Users row link to them! According to Permissions, they’ll be able to follow that link to read the data.)
However, moving your own columns doesn’t help with the Anvil-supplied columns, such as remembered_logins. My gut feeling says, don’t expose any of that on the Client side unless absolutely necessary. You never know what mischief someone will attempt when they see it. Even if they can’t do anything destructive with it, the attempts alone will create headaches.
However, changing that access now could easily break existing code. So an App should be able to “opt in” to minimizing the exposure. If you discover that your Client-side code absolutely needs stripe_id exposed, then you should be able to expose it, while keeping other columns hidden.
This request covers only Client-level code. Code with Server permissions obviously can have access to everything.