GraphQL Support #367
Comments
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
I think this is the most requested feature by far... and it's the one that comes up in sales conversations the most too. What would it take to add support for this? Even if just to get some of that hype-train action. π Could it really be as easy as |
The problem here is authentication and permissions. Recreating directus' granular permissions system to work with graphql is a lot of work. The next best thing we can do is make the graphql endpoint admin only and give full access to everything (no permissions check whatsoever) |
Ahh, right. I think that's a great option! So all we have to do is check that the token used is an administrator. Do we have a sense of how long this would take? I assume there are libraries written for this already. |
https://github.com/webonyx/graphql-php Came across this |
That one looks pretty good (stars, open issues, docs). @wellingguzman can you give a time estimate? |
Really looking forward to this. Having used graphql-php in the past, I think it will be a great fit. |
I do not have experience working with GraphQL, and I would love if someone with experience with GraphQL help me to implement this feature. Or If they want to implement it and open a Pull Request, I would be open to help them implement it on Directus. The idea I am looking to implement is used a GraphQL library (such as I am learning how this all works, so the sooner the help comes the sooner this feature can be implemented. |
I'm not sure if this is the best way, but my thinking is: This is a single Directus API endpoint where all parameters/options/responses are handled by the GraphQL library. This is an admin only feature (only works with admin tokens/users) and has direct database access with no limited permissions. After Directus checks the auth it let's the endpoint do what it needs to do. Any community thoughts on this approach or alternatives? |
Why remove GraphQL feature for non-admin? Also if you are an admin you have full access. Or what do you mean by direct database access? |
I don't think we can control or limit access to data with the way GraphQL works. I think it would have to bypass the Directus ACL if I'm not mistaken. I imagine this endpoint having full access to data and assumed the PHP library would simply accept database credentials (easiest and fastest way to implement). |
Why? I don't see any different from GraphQL and using query strings or json (in request body) in terms of querying or posting data. What I understand is that GraphQL is just an input data type, and the library is middleman that helps us translate that request into something the API understand. Same thing we do with JSON, we translate a JSON string to something php understand. If I am missing something how do you think GraphQL works that won't allow us to control access? As fas as I am concern, instead of:
We do something like this:
The only different is that instead of using the query string we are using GraphQL. Now, GraphQL has vast of features, as far as I am concern. I am thinking of GraphQL as an input format for what currently works on the API side.
This is another thing that I don't think makes sense to implement in the core directus, this will be a (MySQL) SQL Wrapper. |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
From my point to view, having an admin-only endpoint does not make much sense. So the implementation would have to go through the Directus ACL. Those should be anyhow included in resolvers for the individual types. The part where it is not like
|
Thanks @puco β the main reason for starting with admin-only is that it makes it easier/faster to develop. We're a small open-source team, so while we agree that full ACL would be ideal, we're trying to get this done in stages (unless someone knows of a big corporate sponsor who needs this πΈ ). Also, we're always open to contributions is anyone wants to help out! @hemratna is the lead for our GraphQL endpoint, and he's just getting started. Depending on how dynamic collections/fields are fetched to build the GQL schema, maybe honoring ACL won't be too difficult... but first we want to get a basic proof-of-concept working. |
Except, you can! Your example would be
|
Maybe I didnβt really understand what you are talking about above (I donβt know enough English), but Iβll say this: He forms api on a ready-made database. My point api: https://api.emista.online/console Well, I have difficulty creating the GraphQL bundle and react-admin due to the fact that I am not a programmer, but I need authorization, roles, and so on. I see the work of directus graphql only in this way if you implement GraphQL only as a database:
|
Hey @Pomazan-Bogdan β I think that's how @hemratna is building this. We should have a working demo soon and then we'll post a dev link here for review. |
I have a question on implementation. |
what's the good word on the status of this feature? any updates? It's the only hard sell compared to contemporaries is the lack of a graphql endpoint, and im looking forward to telling those interested on the when and the where it may be here Thanks! |
@RedactedProfile β we're squeezing it into our other work-streams:
As of now we're shooting for a Directus GraphQL beta the first week of April! |
Thank you so much for the speedy update! I look forward to it :D
β¦On Mon, Mar 25, 2019 at 10:14 AM Ben Haynes ***@***.***> wrote:
@RedactedProfile <https://github.com/RedactedProfile> β we're squeezing
it into our other work-streams:
- 2 days: Search
- 2 days: Adding support for Directus built-in collections
- 1 day: Final round of testing and code overview
As of now we're shooting for a Directus GraphQL beta the first week of
April!
β
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#367 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AA_eJ2i8i7j0dXKUsHdsn1AXUEId4cZaks5vaQPwgaJpZM4WfEis>
.
|
Love the first week of April :) |
why what happened? |
π |
hahaha apologies I had special moment, I thought @u12206050 's comment was in regards to some sort of april 1st / fools day jab or something when I wrote that |
Haha, this was our only April Fools day mis-information... |
If Directus was built on PostgreSQL it would be possible to use it with API generators, like
|
To achieve better clarity/visibility, we are now tracking feature requests within the Feature Request project board. This issue being closed does not mean it's not being considered. |
This was added in #1005 |
π¨ MIGRATED FROM REQUESTS.GETDIRECTUS.COM π¨
GraphQL support
π = 56
Created 1 year ago by @PierBover
@rijkvanzanten β π (1 year ago)
<3 this
@luminarious β (1 year ago)
As a front-end developer GraphQL feels magical every time and the performance improvements from getting only the data necessary for current view add up quickly!
@nikola66 β π (6 months ago)
It seems in the pipleline for Q2 / 2018 but really counting the days to get this!
@kosirm β π (5 months ago)
GraphQL and Microservices are most fast moving parts of the web in 2018!
@sendtogil β π (3 months ago)
plzzzzzz
@sendtogil β π (3 months ago)
plzzzzzz
@T-Specht β π (1 month ago)
Really looking forward to this feature for the usage with React
@bianpratama β π (3 weeks ago)
Can't wait!
@allanleonardjr β π (2 weeks ago)
Definitely need this!!!!
The text was updated successfully, but these errors were encountered: