undefined | Better HN

0 pointsjondubois8y ago0 comments

One problem with GraphQL is that there can some overlap between the results of different queries so it can be wasteful. Also access control is more difficult because a GraphQL query might reference multiple different data types which have different access control rules (a user may only be allowed to see part of the query result) - So it makes access control a lot more complicated.

0 comments

lwansbrough8y ago

Facebook has a solution for over-fetching, which they call dataloader.

As for the access control problem: it's easily solved with existing features of GraphQL. GraphQL exposes a user context which can be referenced on a per-property basis and thus used to check the permissions of the user.

yen2238y ago

Those aren't trivial problems to solve in a traditional REST framework either. In GraphQL, having one whole query delivered upfront means the server can do some clever query-planning and app-level caching to efficiently fetch its required data. REST endpoints can't do that, since the queries will be spread across multiple network requests.

j / k navigate · click thread line to collapse

0 pointsjondubois8y ago0 comments

0 comments

lwansbrough8y ago

Facebook has a solution for over-fetching, which they call dataloader.

yen2238y ago

j / k navigate · click thread line to collapse