mirror of
https://github.com/twentyhq/twenty
synced 2026-04-21 13:37:22 +00:00
9e21e55db4
## Fix resolver schema leaking between `/metadata` and `/graphql` endpoints ### Summary - Patch `@nestjs/graphql` to support a `resolverSchemaScope` option that filters resolvers at both schema generation and runtime, preventing cross-endpoint leaking - Introduce `@CoreResolver()` and `@MetadataResolver()` decorators to explicitly scope each resolver to its endpoint - Move most resolvers (auth, billing, workspace, user, etc.) to the metadata schema where the frontend expects them; only workflow and timeline calendar/messaging resolvers remain on `/graphql` - Fix frontend `SSEQuerySubscribeEffect` to use the default (metadata) Apollo client instead of the core client ### Problem NestJS GraphQL's module-based resolver discovery traverses transitive imports, causing resolvers from `/metadata` modules to leak into the `/graphql` schema and vice versa. This made the schemas unpredictable and tightly coupled to module import order. ### Approach - Added `resolverSchemaScope` to `GqlModuleOptions` via a patch on `@nestjs/graphql`, filtering in both `filterResolvers()` (runtime binding) and `getAllCtors()` (schema generation) - Each resolver is explicitly decorated with `@CoreResolver()` or `@MetadataResolver()` - Organized decorator, constant, and type files under `graphql-config/` following project conventions Core GQL Schema: (see: no more fields!) <img width="827" height="894" alt="image" src="https://github.com/user-attachments/assets/668f3f0f-485e-43f0-92be-4345aeccacb6" /> Metadata GQL Schema (see no more getTimelineCalendarEventsFromCompany) <img width="827" height="894" alt="image" src="https://github.com/user-attachments/assets/443913db-e5fe-4161-b0e7-4a971cc80a71" />
92 lines
4.8 KiB
Diff
92 lines
4.8 KiB
Diff
diff --git a/dist/interfaces/gql-module-options.interface.d.ts b/dist/interfaces/gql-module-options.interface.d.ts
|
|
index 1234567..abcdefg 100644
|
|
--- a/dist/interfaces/gql-module-options.interface.d.ts
|
|
+++ b/dist/interfaces/gql-module-options.interface.d.ts
|
|
@@ -97,6 +97,10 @@ export interface GqlModuleOptions<TDriver extends GraphQLDriver = any> {
|
|
* Extra static metadata to be loaded into the specification
|
|
*/
|
|
metadata?: () => Promise<Record<string, any>>;
|
|
+ /**
|
|
+ * When set, only resolvers decorated with a matching scope will be included in this schema.
|
|
+ */
|
|
+ resolverSchemaScope?: 'core' | 'metadata';
|
|
}
|
|
export interface GqlOptionsFactory<T extends Record<string, any> = GqlModuleOptions> {
|
|
createGqlOptions(): Promise<Omit<T, 'driver'>> | Omit<T, 'driver'>;
|
|
diff --git a/dist/schema-builder/graphql-schema.factory.js b/dist/schema-builder/graphql-schema.factory.js
|
|
index f349a6e..425815c 100644
|
|
--- a/dist/schema-builder/graphql-schema.factory.js
|
|
+++ b/dist/schema-builder/graphql-schema.factory.js
|
|
@@ -32,6 +32,7 @@ let GraphQLSchemaFactory = GraphQLSchemaFactory_1 = class GraphQLSchemaFactory {
|
|
else {
|
|
options = scalarsOrOptions;
|
|
}
|
|
+ this.typeDefinitionsGenerator.clearTypeDefinitionStorage();
|
|
lazy_metadata_storage_1.LazyMetadataStorage.load(resolvers);
|
|
type_metadata_storage_1.TypeMetadataStorage.compile(options.orphanedTypes);
|
|
this.typeDefinitionsGenerator.generate(options);
|
|
diff --git a/dist/schema-builder/storages/type-definitions.storage.js b/dist/schema-builder/storages/type-definitions.storage.js
|
|
index a19dee7..466ee86 100644
|
|
--- a/dist/schema-builder/storages/type-definitions.storage.js
|
|
+++ b/dist/schema-builder/storages/type-definitions.storage.js
|
|
@@ -81,6 +81,10 @@ let TypeDefinitionsStorage = class TypeDefinitionsStorage {
|
|
}
|
|
return;
|
|
}
|
|
+ clear() {
|
|
+ this.inputTypeDefinitionsLinks = null;
|
|
+ this.outputTypeDefinitionsLinks = null;
|
|
+ }
|
|
};
|
|
exports.TypeDefinitionsStorage = TypeDefinitionsStorage;
|
|
exports.TypeDefinitionsStorage = TypeDefinitionsStorage = tslib_1.__decorate([
|
|
diff --git a/dist/schema-builder/type-definitions.generator.js b/dist/schema-builder/type-definitions.generator.js
|
|
index d5423f1..701a3b2 100644
|
|
--- a/dist/schema-builder/type-definitions.generator.js
|
|
+++ b/dist/schema-builder/type-definitions.generator.js
|
|
@@ -26,6 +26,9 @@ let TypeDefinitionsGenerator = class TypeDefinitionsGenerator {
|
|
this.generateObjectTypeDefs(options);
|
|
this.generateInputTypeDefs(options);
|
|
}
|
|
+ clearTypeDefinitionStorage() {
|
|
+ this.typeDefinitionsStorage.clear();
|
|
+ }
|
|
generateInputTypeDefs(options) {
|
|
const metadata = type_metadata_storage_1.TypeMetadataStorage.getInputTypesMetadata();
|
|
const inputTypeDefs = metadata.map((metadata) => this.inputTypeDefinitionFactory.create(metadata, options));
|
|
diff --git a/dist/services/resolvers-explorer.service.js b/dist/services/resolvers-explorer.service.js
|
|
index 1234567..abcdefg 100644
|
|
--- a/dist/services/resolvers-explorer.service.js
|
|
+++ b/dist/services/resolvers-explorer.service.js
|
|
@@ -43,6 +43,15 @@ let ResolversExplorerService = ResolversExplorerService_1 = class ResolversExplo
|
|
filterResolvers(gqlAdapter, wrapper, moduleRef) {
|
|
const { instance } = wrapper;
|
|
if (!instance) {
|
|
return undefined;
|
|
}
|
|
+ const resolverSchemaScope = this.gqlOptions.resolverSchemaScope;
|
|
+ if (resolverSchemaScope && wrapper.metatype) {
|
|
+ // Default to 'metadata' for unscoped resolvers (e.g. nestjs-query auto-generated CRUD)
|
|
+ // TODO: remove this fallback once nestjs-query is deprecated
|
|
+ const scope = Reflect.getMetadata('RESOLVER_SCHEMA_SCOPE', wrapper.metatype) || 'metadata';
|
|
+ if (scope !== resolverSchemaScope) {
|
|
+ return undefined;
|
|
+ }
|
|
+ }
|
|
const prototype = Object.getPrototypeOf(instance);
|
|
@@ -147,5 +154,14 @@ let ResolversExplorerService = ResolversExplorerService_1 = class ResolversExplo
|
|
getAllCtors() {
|
|
const modules = this.getModules(this.modulesContainer, this.gqlOptions.include || []);
|
|
const resolvers = this.flatMap(modules, this.mapToCtor).filter(Boolean);
|
|
- return resolvers;
|
|
+ const resolverSchemaScope = this.gqlOptions.resolverSchemaScope;
|
|
+ if (resolverSchemaScope) {
|
|
+ return resolvers.filter((ctor) => {
|
|
+ // Default to 'metadata' for unscoped resolvers (e.g. nestjs-query auto-generated CRUD)
|
|
+ // TODO: remove this fallback once nestjs-query is deprecated
|
|
+ const scope = Reflect.getMetadata('RESOLVER_SCHEMA_SCOPE', ctor) || 'metadata';
|
|
+ return scope === resolverSchemaScope;
|
|
+ });
|
|
+ }
|
|
+ return resolvers;
|
|
}
|