You're reading from GraphQL Best Practices Gain hands-on experience with schema design, security, and error handling

Product type Paperback

Published in Oct 2024

Publisher Packt

ISBN-13 9781835467145

Length 422 pages

Edition 1st Edition

Languages

JavaScript

Tools

GraphQL

Concepts

Web Programming

Author (1):

Artur Czemiel

View More author details

Table of Contents (23) Chapters

Preface

1. Part 1 - Why GraphQL?

2. Chapter 1: Unveiling the Holy Grail of Communication – GraphQL FREE CHAPTER

3. Chapter 2: Applying an AI-Friendly Approach to GraphQL

4. Part 2 - Schema-First Design Patterns

5. Chapter 3: Crafting Effective GraphQL Schemas

6. Chapter 4: Building Pipes

7. Part 3 - Exploring Possible Ways to Use GraphQL

8. Chapter 5: Transitioning from REST to GraphQL

9. Chapter 6: Defining GraphQL Transformers

10. Chapter 7: Understanding GraphQL Federation

11. Part 4 - Advanced GraphQL

12. Chapter 8: Executing Schema-First Systems

13. Chapter 9: Working on the Frontend with GraphQL

14. Chapter 10: Keeping Data Secure

15. Chapter 11: Describing Errors in GraphQL

16. Chapter 12: Documenting your Schema

17. Chapter 13: Tackling Schemas with Visualization

18. Part 5 - From an Idea to a Working Project

19. Chapter 14: From an Idea to a Working Project – Backend Development with GraphQL and TypeScript

20. Chapter 15: From an Idea to a Working Project – Frontend Integration with GraphQL and TypeScript

21. Index

Why subscribe?

22. Other Books You May Enjoy

Access pipes

The main reason why we use access pipes is to have control over which parts of the schema are available to individual groups of schema consumers. By doing this, we can see how access control will work in our system even during the graph creation phase.

To understand access pipes, we need to understand Role-Based Access Control (RBAC). RBAC is a mechanism that allows us to control access to data based on user roles. It works by assigning each user a role, which determines the resources available to them. In practice, when defining a GraphQL schema, we can specify roles for individual object types and fields. We can define different roles such as admin, user, or guest, and assign them specific read and write permissions for data using directives or we can do it with access pipes. When a user sends a GraphQL query, their role is taken into account during query execution. The GraphQL backend engine checks whether the user has the necessary permissions to resolve the specific...