This post is from early 2016. We published an updated post on this topic in 2018, which you can read here:Authorization in GraphQLPractical methods for controlling access to the data in your APIdev-blog.apollodata.com If you like, you can read the original content of this post below!
A GraphQL schema defines types. Each type — except for scalar types like Int, Float or String — has fields which define the relationship between this type and other types (one to one, or one to many). If you think about your schema in terms of a graph, types are the nodes of your graph, and fields are edges. Scalar types have no fields, so they form the leaf nodes of your graph.
A GraphQL query is just an instruction for traversing the graph in a specific way, resulting in a tree.
When traversing a tree, you would start at the root, but a graph has no root so there is no logical starting point!
We published an updated post on this topic in 2018. Since a GraphQL query is just a set of instructions for how to traverse the graph, there are two natural options for enforcing permissions: Which edges the user can traverse and Which nodes the user can visit.
In this article, we will detail user management with roles and privileges of Nebula Graph.
In this post, I would like to show how to implement a GraphQL service for FX rates stored in Asset Control. In a subsequent article I will then make use of the GraphQL data in a small React app to generate charts for these FX rates.
I attended a talk last year by Mike Gifford where he said, “the web has actually become LESS accessible since 2011.” It’s cheap and easy for anyone to create a website these days, and hardly anyone considers accessibility. And why would you? If it’s not in your daily purview, it’s not going into your list of website requirements. Heck, most people don’t even think of the end user, Disabled or not, when creating a website.