Skip to content

Bug: GraphController has no class-level @RequestMapping and bypasses service layer #316

New issue
New issue
Open
Open
Bug: GraphController has no class-level @RequestMapping and bypasses service layer#316
Labels
bugSomething isn't working
@Brad-Edwards

Description

@Brad-Edwards
Brad-Edwards
opened on Mar 15, 2026

Description

GraphController is structurally inconsistent with all other controllers:

  1. No class-level @RequestMapping — paths are inlined on each method, mixing /api/v1/admin/graph/ and /api/v1/graph/ with no organizational structure. Every other controller uses @RequestMapping at the class level.

  2. No service layer — directly injects GraphClient (a domain port interface) instead of going through a domain service. This bypasses any future validation, authorization, or auditing at the service layer. All other controllers delegate to services.

  3. Raw return typesgetAncestors and getDescendants return List<String> (raw UIDs). findPaths returns List<List<String>>. Every other endpoint returns structured DTOs. This makes these endpoints impossible to extend without breaking clients.

  4. TODO left to rot// TODO: split admin/read endpoints into separate controllers has not been addressed.

Location: GraphController.java

Traced Requirements

  • GC-G001: Ancestor-Descendant Traversal
  • GC-G004: Apache AGE Materialization
  • GC-A012: Dual API Exposure

Impact

Maintainability, API consistency, and future auth/auditing integration.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions