This website uses cookies to better the user experience of its visitors. Where applicable, this website uses a cookie control system, allowing users to allow or disallow the use of cookies on their computer/device on their first visit to the website. This complies with recent legislative requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer/device. To learn more click Cookie Policy.

Privacy preference center

Cookies are small files saved to a user’s computer/device hard drive that track, save, and store information about the user’s interactions and website use. They allow a website, through its server, to provide users with a tailored experience within the site. Users are advised to take necessary steps within their web browser security settings to block all cookies from this website and its external serving vendors if they wish to deny the use and saving of cookies from this website to their computer’s/device’s hard drive. To learn more click Cookie Policy.

Manage consent preferences

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Cookies list
Name _rg_session
Provider rubygarage.org
Retention period 2 days
Type First party
Category Necessary
Description The website session cookie is set by the server to maintain the user's session state across different pages of the website. This cookie is essential for functionalities such as login persistence, ensuring a seamless and consistent user experience. The session cookie does not store personal data and is typically deleted when the browser is closed, enhancing privacy and security.
Name m
Provider m.stripe.com
Retention period 1 year 1 month
Type Third party
Category Necessary
Description The m cookie is set by Stripe and is used to help assess the risk associated with attempted transactions on the website. This cookie plays a critical role in fraud detection by identifying and analyzing patterns of behavior to distinguish between legitimate users and potentially fraudulent activity. It enhances the security of online transactions, ensuring that only authorized payments are processed while minimizing the risk of fraud.
Name __cf_bm
Provider .pipedrive.com
Retention period 1 hour
Type Third party
Category Necessary
Description The __cf_bm cookie is set by Cloudflare to support Cloudflare Bot Management. This cookie helps to identify and filter requests from bots, enhancing the security and performance of the website. By distinguishing between legitimate users and automated traffic, it ensures that the site remains protected from malicious bots and potential attacks. This functionality is crucial for maintaining the integrity and reliability of the site's operations.
Name _GRECAPTCHA
Provider .recaptcha.net
Retention period 6 months
Type Third party
Category Necessary
Description The _GRECAPTCHA cookie is set by Google reCAPTCHA to ensure that interactions with the website are from legitimate human users and not automated bots. This cookie helps protect forms, login pages, and other interactive elements from spam and abuse by analyzing user behavior. It is essential for the proper functioning of reCAPTCHA, providing a critical layer of security to maintain the integrity and reliability of the site's interactive features.
Name __cf_bm
Provider .calendly.com
Retention period 30 minutes
Type Third party
Category Necessary
Description The __cf_bm cookie is set by Cloudflare to distinguish between humans and bots. This cookie is beneficial for the website as it helps in making valid reports on the use of the website. By identifying and managing automated traffic, it ensures that analytics and performance metrics accurately reflect human user interactions, thereby enhancing site security and performance.
Name __cfruid
Provider .calendly.com
Retention period During session
Type Third party
Category Necessary
Description The __cfruid cookie is associated with websites using Cloudflare services. This cookie is used to identify trusted web traffic and enhance security. It helps Cloudflare manage and filter legitimate traffic from potentially harmful requests, thereby protecting the website from malicious activities such as DDoS attacks and ensuring reliable performance for genuine users.
Name OptanonConsent
Provider .calendly.com
Retention period 1 year
Type Third party
Category Necessary
Description The OptanonConsent cookie determines whether the visitor has accepted the cookie consent box, ensuring that the consent box will not be presented again upon re-entry to the site. This cookie helps maintain the user's consent preferences and compliance with privacy regulations by storing information about the categories of cookies the user has consented to and preventing unnecessary repetition of consent requests.
Name OptanonAlertBoxClosed
Provider .calendly.com
Retention period 1 year
Type Third party
Category Necessary
Description The OptanonAlertBoxClosed cookie is set after visitors have seen a cookie information notice and, in some cases, only when they actively close the notice. It ensures that the cookie consent message is not shown again to the user, enhancing the user experience by preventing repetitive notifications. This cookie helps manage user preferences and ensures compliance with privacy regulations by recording when the notice has been acknowledged.
Name referrer_user_id
Provider .calendly.com
Retention period 14 days
Type Third party
Category Necessary
Description The referrer_user_id cookie is set by Calendly to support the booking functionality on the website. This cookie helps track the source of referrals to the booking page, enabling Calendly to attribute bookings accurately and enhance the user experience by streamlining the scheduling process. It assists in managing user sessions and preferences during the booking workflow, ensuring efficient and reliable operation.
Name _calendly_session
Provider .calendly.com
Retention period 21 days
Type Third party
Category Necessary
Description The _calendly_session cookie is set by Calendly, a meeting scheduling tool, to enable the meeting scheduler to function within the website. This cookie facilitates the scheduling process by maintaining session information, allowing visitors to book meetings and add events to their calendars seamlessly. It ensures that the scheduling workflow operates smoothly, providing a consistent and reliable user experience.
Name _gat_UA-*
Provider rubygarage.org
Retention period 1 minute
Type First party
Category Analytics
Description The _gat_UA-* cookie is a pattern type cookie set by Google Analytics, where the pattern element in the name contains the unique identity number of the Google Analytics account or website it relates to. This cookie is a variation of the _gat cookie and is used to throttle the request rate, limiting the amount of data collected by Google Analytics on high traffic websites. It helps manage the volume of data recorded, ensuring efficient performance and accurate analytics reporting.
Name _ga
Provider rubygarage.org
Retention period 1 year 1 month 4 days
Type First party
Category Analytics
Description The _ga cookie is set by Google Analytics to calculate visitor, session, and campaign data for the site's analytics reports. It helps track how users interact with the website, providing insights into site usage and performance.
Name _ga_*
Provider rubygarage.org
Retention period 1 year 1 month 4 days
Type First party
Category Analytics
Description The _ga_* cookie is set by Google Analytics to store and count page views on the website. This cookie helps track the number of visits and interactions with the website, providing valuable data for performance and user behavior analysis. It belongs to the analytics category and plays a crucial role in generating detailed usage reports for site optimization.
Name _gid
Provider rubygarage.org
Retention period 1 day
Type First party
Category Analytics
Description The _gid cookie is set by Google Analytics to store information about how visitors use a website and to create an analytics report on the website's performance. This cookie collects data on visitor behavior, including pages visited, duration of the visit, and interactions with the website, helping site owners understand and improve user experience. It is part of the analytics category and typically expires after 24 hours.
Name _dc_gtm_UA-*
Provider rubygarage.org
Retention period 1 minute
Type First party
Category Analytics
Description The _dc_gtm_UA-* cookie is set by Google Analytics to help load the Google Analytics script tag via Google Tag Manager. This cookie facilitates the efficient loading of analytics tools, ensuring that data on user behavior and website performance is accurately collected and reported. It is categorized under analytics and assists in the seamless integration and functioning of Google Analytics on the website.

A Detailed Tutorial on How to Build an API App Based on GraphQL and Trailblazer: Part 2

  • 11254 views
  • 5 min
  • Apr 15, 2019
Daria R.

Daria R.

Copywriter

Sviatoslav S.

Sviatoslav S.

Ruby Developer

Share

This article is the second part of the detailed guide on how to build an API app using such technologies as GraphQL and Trailblazer. In the first part of our tutorial, we’ve discussed the benefits of the chosen technologies, set up the project, configured our gems and implemented some user features. Let’s proceed with the main features of the ToDo list.

3. Main features of the to-do list

The main entities in our to-do List will be Project, Task, and Comment. Every Project consists of a set of Tasks and every Task can contain multiple Comments.

3.1. Project features

Let’s start with creating a Project model.

After that, we can proceed to code the ‘create’ operation for a Project. Let’s start with tests:

3.1.1. Implement an operation for creating a project

The operation looks like this:

3.1.2. Implement a GraphQL mutation for creating a project

Now we need to describe the GraphQL part. And again, we start with tests:

The response will look like this:

We need to describe the GraphQL type Objects::Project:

We should mention that in our type, we described the user field of type Objects::User. This gives us an opportunity to also receive data on its author when requesting a Project object.

Add this mutation to the root mutation:

Here’s how the mutation looks:

3.1.3. Implement the operation for updating the project

Let’s write the operation for Projects::Update. Here are the tests for it:

The operation and contract are very simple:

3.1.4. Implement a GraphQL mutation for updating the project

We’ll write a mutation for updating the project the same way we wrote our mutation for creating it. Here are the tests for the project update mutation:

And here’s the response schema:

Don’t forget to add this mutation to the root mutation:

Here’s the mutation itself:

3.1.5. Implement an operation for destroying a project

The final action for Projects is destroying them.

Here’s how we write a test for the destroy operation:

The operation in this case is going to be without a contract:

Here’s what the test for the mutation to destroy a project will look like:

The response schemas:

We’ll add our new mutation to the root mutation:

Here’s the code for this mutation:

3.1.6. Updating the GraphQL Objects::User object

At this stage, we can update the GraphQL Objects::User object so that when we request data by a user, we can get their projects:

Let’s check that we can get a user’s data with their projects:

3.2. Task features

Let’s generate a model:

Writing a concept and mutations (create, update, destroy) for the Task model will be similar to doing so for the Project model; the only difference is in the model attributes. You can find more details in this commit. The GraphQL object for tasks will be as follows:

Now we can update Objects::Project with a new field:

Let’s check if we can get tasks through the project:

The next step is to create the last entity: Comment.

3.3. Comment features

This entity is responsible for adding comments to tasks.

Comments can be created and deleted. There’s nothing unique in writing an operation and mutation for deleting a Comment. The code is similar to what we wrote for Projects and Tasks. If you want to check out the whole codebase, you can find it here.

3.3.1. Implementing an operation for creating comments

When we create a comment, there’s one additional feature to consider: attachments. That’s why we’ll consider this code in detail. Let’s start with tests for operations:

For attachments, we’ll use the carrierwave gem.

Generate an uploader and mount it on the model:

Here’s what the contract and operation for creating a comment looks like:

3.3.2. Implementing a GraphQL mutation for creating a comment

Now we need to write a GraphQL mutation for creating a comment. Let’s start with tests:

Here’s what the response schemas will look like:

Now in our mutation we get a new type, Upload, that’s provided by the apollo_upload_server gem.

Here’s what the mutation for creating comments looks like:

And here’s the GraphQL object for comments:

Don’t forget to add this mutation to the root mutation:

Let’s run our tests and check that they pass. That’s it for the comments.

We have a new GraphQL object and we can update objects that we’ve created before, so in the query “me” we should get comments on each task in our projects.

To pass the tests, let’s update Objects::Task:

The basic functionality of our to-do list is completed.

4. Authorization feature

Let’s assume that we need to implement a feature for displaying all users. At the same time, a user should be able to see only data of their own projects.

We can assume that our test and response schema will be as follows:

Let’s update Objects::User so that we need to go through authorization to display projects. For authorization, we’ll use the pundit gem.

The operation used to display a user’s projects will contain Policy::Guard and looks like this:

If authorization fails, we’ll call the exception Pundit::NotAuthorizedError:

This exception will be handled by our ErrorHandler and call another exception: GraphQL::ExecutionError.

Start tests and check if they pass. This step completes the implementation of the to-do list.

Conclusion

One of the biggest advantages of GraphQL is that you don’t need to write documentation. The GraphQL scheme that we’ve described above is documentation itself.

After all the work we’ve done, we can also test our app in the GraphQL IDE with the help of the graphiql-rails gem that we installed previously. For that, we’ll start our server and go to http://localhost:3000/graphiql. To test requests with authentication, you can use the Chrome extension ModHeader.

Don’t forget to subscribe to our blog if you want more detailed tutorials on the most popular technologies, and feel free to ask questions below.

CONTENTS

Authors:

Daria R.

Daria R.

Copywriter

Sviatoslav S.

Sviatoslav S.

Ruby Developer

Rate this article!

Nay
So-so
Not bad
Good
Wow
6 rating, average 4.67 out of 5

Share article with

Comments (0)

There are no comments yet

Leave a comment

Subscribe via email and know it all first!