Skip to main content

GraphQL Implementation Details

Schema Definition

  • GraphQL schemas are defined in src/main/resources/graphql/*.graphqls files using schema-first approach.
  • Main files: queries.graphqls, mutations.graphqls, common.graphqls, users.graphqls, organizations.graphqls, teams.graphqls, workspaces.graphqls, etc.
  • Types include User, Organization, Workspace, Team, Member, BootstrapInfo, OrgPublicProfile, etc.
  • Inputs for mutations (e.g., UserInput, OrganizationInput, OrgPublicProfileInput).
  • Enums for roles, types, statuses.

Controllers

  • GraphQL controllers are in web/ subpackages (e.g., user/web/UserController.java).
  • Annotated with @Controller, @PreAuthorize("isAuthenticated()").
  • Use @QueryMapping for queries, @MutationMapping for mutations.
  • Inject service, mapper, CurrentUserContext.
  • Permissions checked via @PreAuthorize with custom evaluators like @axveroRolePermissionEvaluator.hasUserAnyOrgRole(#id, 'OWNER', 'ADMIN').

DTOs and Mappers

  • DTOs in web/dto/ (e.g., UserDto, UserInput).
  • Mappers use MapStruct, extend BaseMapper<User, UserDto, UserInput>.
  • Handle input to entity: mapper.inputToEntity(input, entity) for updates.
  • Handle entity to DTO: mapper.toDto(entity).
  • AfterMapping methods set references (e.g., set user on addresses).

Services

  • Services in main package (e.g., UserService.java).
  • Use repositories for DB access.
  • May depend on other services (e.g., KeycloakService, SlugService).
  • Handle business logic, updates, creations.
  • Do NOT inject CurrentUserContext into services. Pass currentUserId as a method parameter from the controller instead. This keeps services testable and decoupled from the HTTP request context.

Repositories

  • Extend BaseRepository or JpaRepository.
  • Custom queries for permissions, roles.
  • When querying workspace subclass-specific fields (e.g., orgId, userId), query the subclass directly: SELECT w FROM OrgWorkspace w WHERE w.orgId = :orgId.