-
-
Notifications
You must be signed in to change notification settings - Fork 266
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow global resolver Middlewares #1127
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approach LGTM!
Can you please:
- add tests
- add a changelog entry
- update readme
?
Ok, tests added, and changelog.md tagged as 9.4.0 |
Hi, interesting! The only doubt I have concerns whether there is a problem regarding data security, in the sense that by doing so you offer an api that any vendor could use and intercept / listen to past data (maybe manipulate them?) without you realizing it. Is what I say correct or I miss something (maybe paranoia 😅)? Anyway thanks for the PR. |
Yes, that’s right, that’s why I need it 😅 It could also be placed at the top level (Http Kernel Middleware), in which case the library itself would not be able to ensure "its own security" |
Yes, I don't think we can act to protect in some way, it was just a thought on the matter that I wanted to share. |
@mfn Can you merge please? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've a feeling there's something missing from the PR.
A LOT of behaviour is controlled via the config file, you can define all the schemas, middlewares (resolver middlewares) and execution middlewares there.
In fact, you can already define execution middlewares per schema and global one. However, the per-schema execution middlewares completely override the global one.
Therefore I think, adding the ability to append global resolver middlewares but not exposing them in the config (resolver_middleware_append
?) seems imbalanced.
WDYT?
It's a good idea, I push new changes with possibility to use As the middleware receives the schema information as the first parameter, I do not think that it is useful to complicate the code base with management by schema, it will be enough for the middleware to do nothing if the schemaName is not suitable. |
The actual type _is_ mixed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks solid, thank you!
Summary
Add possibility to define Global Resovler Middleware using GraphQL Facade.
Usefell when external service like "Laravel Pulse" recorder want to register globally new middleware to intercept each query and track execution time.
This can be done by using the new
GraphQL::appendGlobalResolverMiddleware(YourMiddleware::class)
methodYou can see in this repo why I need: https://github.com/alancolant/laravel-pulse-graphql
Type of change:
Checklist:
composer fix-style