GraphQLAPI/ graphql-api-for-wp

(0.7.4) 10 months ago

JavaScript

Shell

GraphQL

CSS

WordPress

PHP

graphql-server

api-server

View on GitHub

Need help with graphql-api-for-wp?

Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

GraphQLAPI

142 Stars

5 Forks

GNU General Public License v2.0

2.5K Commits

44 Opened issues

Description

[READ ONLY] GraphQL API for WordPress

Services available

Need anything else?

Contributors list

Readme

GraphQL API for WordPress

Name: graphql-api-for-wp
Brand: graphql-api-for-wp
SKU: //GraphQLAPI/graphql-api-for-wp
Rating: 2.105 (142 reviews)

Transform your WordPress site into a modern GraphQL server: graphql-api.com.

This plugin is the implementation for WordPress of GraphQL by PoP, a CMS-agnostic GraphQL server in PHP.

Installing the plugin (for production)

👀 Instructions: Installing the GraphQL API for WordPress plugin.

Development

👀 Instructions: Setting-up the development environment.

Supported PHP features

Check the list of Supported PHP features

Gutenberg JS builds

Compiled JavaScript code (such as all files under a block's

build/

folder) is added to the repo, but only as compiled for production, i.e. after running

npm run build

Code compiled for development, i.e. after running

npm start

, cannot be commited/pushed to the repo.

Building static sites

The GraphQL API for WordPress provides safe default settings, to make "live" sites secure:

The single endpoint is disabled
The "admin" fields (eg: to query posts with status "draft") are not added to the schema
Only a few of settings options and meta keys (for posts, users, etc) can be queried
The number of entities (for posts, users, etc) that can be queried at once is limited

These safe default settings are not needed when building "static" sites, where the WordPress site is not exposed to the Internet. These settings can be used instead:

The single endpoint is enabled
The "admin" fields are added to the schema
All settings options and meta keys can be queried
The number of entities that can be queried at once is unlimited

In development, to enable unsafe defaults, execute:

composer enable-unsafe-defaults

On a site in production, set in

wp-config.php

define( 'GRAPHQL_API_ENABLE_UNSAFE_DEFAULTS', true );

Or define this same key/value as an environment variable.

Modules

GraphQL API is extensible, and ships with the following modules (organized by category):

Module	Description
Endpoint
Single Endpoint	Expose a single GraphQL endpoint under `/graphql/`, with unrestricted access
Persisted Queries	Expose predefined responses through a custom URL, akin to using GraphQL queries to publish REST endpoints
Custom Endpoints	Expose different subsets of the schema for different targets, such as users (clients, employees, etc), applications (website, mobile app, etc), context (weekday, weekend, etc), and others
API Hierarchy	Create a hierarchy of API endpoints extending from other endpoints, and inheriting their properties
Schema Configuration
Schema Configuration	Customize the schema accessible to different Custom Endpoints and Persisted Queries, by applying a custom configuration (involving namespacing, access control, cache control, and others) to the grand schema
Schema Namespacing	Automatically namespace types with a vendor/project name, to avoid naming collisions
Nested Mutations	Execute mutations from any type in the schema, not only from the root
Public/Private Schema	Enable to communicate the existence of some field from the schema to certain users only (private mode) or to everyone (public mode). If disabled, fields are always available to everyone (public mode)
Access Control
Access Control	Set-up rules to define who can access the different fields and directives from a schema
Access Control Rule: Disable Access	Remove access to the fields and directives
Access Control Rule: User State	Allow or reject access to the fields and directives based on the user being logged-in or not
Access Control Rule: User Roles	Allow or reject access to the fields and directives based on the user having a certain role
Access Control Rule: User Capabilities	Allow or reject access to the fields and directives based on the user having a certain capability
User Interface
Low-Level Persisted Query Editing	Have access to schema-configuration low-level directives when editing GraphQL queries in the admin
Excerpt as Description	Provide a description of the different entities (Custom Endpoints, Persisted Queries, and others) through their excerpt
Performance
Cache Control	Provide HTTP Caching for Persisted Queries, sending the Cache-Control header with a max-age value calculated from all fields in the query
Clients
GraphiQL for Single Endpoint	Make a public GraphiQL client available under `/graphiql/`, to execute queries against the single endpoint. It requires pretty permalinks enabled
Interactive Schema for Single Endpoint	Make a public Interactive Schema client available under `/schema/`, to visualize the schema accessible through the single endpoint. It requires pretty permalinks enabled
GraphiQL for Custom Endpoints	Enable custom endpoints to be attached their own GraphiQL client, to execute queries against them
Interactive Schema for Custom Endpoints	Enable custom endpoints to be attached their own Interactive schema client, to visualize the custom schema subset
GraphiQL Explorer	Add the Explorer widget to the GraphiQL client, to simplify coding the query (by point-and-clicking on the fields)
Schema Type
Schema Admin Fields	Add "admin" fields to the GraphQL schema (such as `Root.postsForAdmin`, `Root.roles`, and others), which expose private data
Schema Self Fields	Add "self" fields to the GraphQL schema (such as `Post.self` and `User.self`), which can help give a particular shape to the GraphQL response
Schema Custom Posts	Base functionality for all custom posts
Schema Generic Custom Posts	Query any custom post type (added to the schema or not), through a generic type `GenericCustomPost`
Schema Posts	Query posts, through type `Post` added to the schema
Schema Pages	Query pages, through type `Page` added to the schema
Schema Users	Query users, through type `User` added to the schema
Schema User Roles	Query user roles, through type `UserRole` added to the schema
Schema User Avatars	Query user avatars, through type `UserAvatar` added to the schema
Schema Comments	Query comments, through type `Comment` added to the schema
Schema Tags	Base functionality for all tags
Schema Post Tags	Query post tags, through type `PostTag` added to the schema
Schema Categories	Base functionality for all categories
Schema Post Categories	Query post categories, through type `PostCategory` added to the schema
Schema Media	Query media elements, through type `Media` added to the schema
Schema Custom Post Meta	Add the `option` field to custom posts, such as type `Post`
Schema User Meta	Add the `option` field to type `User`
Schema Comment Meta	Add the `option` field to type `Comment`
Schema Taxonomy Meta	Add the `option` field to taxonomies, such as types `PostTag` and `PostCategory`
Schema Menus	Query menus, through type `Menu` added to the schema
Schema Settings	Fetch settings from the site
Schema Mutations	Modify data by executing mutations
Schema User State Mutations	Have the user log-in, and be able to perform mutations
Schema Custom Post Mutations	Base functionality to mutate custom posts
Schema Post Mutations	Execute mutations on podyd
Schema Custom Post Media Mutations	Execute mutations concerning media items on custom posts
Schema Post Media Mutations	Execute mutations concerning media items on posts
Schema Post Tag Mutations	Add tags to posts
Schema Post Category Mutations	Add categories to posts
Schema Comment Mutations	Create comments

Resources

Architectural resources

PHP Architecture

Articles explaining how the plugin is "downgraded", using PHP 8.0 for development but deployable to PHP 7.1 for production:

Service container implementation:

Building extensible PHP apps with Symfony DI

Explanation of how the codebase is split into granular packages, to enable CMS-agnosticism:

Description of how the plugin is scoped:

GraphQL API for WordPress is now scoped, thanks to PHP-Scoper!

GraphQL by PoP documentation

GraphQL API for WordPress is powered by the CMS-agnostic GraphQL server GraphQL by PoP.

Technical information on how the GraphQL server works:

GraphQL by PoP documentation.

Description of how a GraphQL server using server-side components works:

Implementing a GraphQL server with components in PHP

These articles explain the concepts, design and implementation of GraphQL by PoP:

Gutenberg

These articles explain the integration with Gutenberg (the WordPress editor).

Standards

PSR-1, PSR-4 and PSR-12.

To check the coding standards via PHP CodeSniffer, run:

composer check-style

To automatically fix issues, run:

composer fix-style

Release notes

0.9
0.8 (current)
0.7
0.6

Change log

Please see CHANGELOG for more information on what has changed recently.

Testing

To execute PHPUnit, run:

composer test

Static Analysis

To execute PHPStan, run:

composer analyse

Downgrading code

To visualize how Rector will downgrade the code to PHP 7.1:

composer preview-code-downgrade

Report issues

To report a bug or request a new feature please do it on the PoP monorepo issue tracker.

Contributing

We welcome contributions for this package on the PoP monorepo (where the source code for this package is hosted).

Please see CONTRIBUTING and CODEOFCONDUCT for details.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

Leonardo Losoviz

License

GPLv2 or later. Please see License File for more information.