graphql_compose_debug
Security covered
Provides debug queries for GraphQL Compose entity type fields. This module allows developers to inspect field metadata and generate GraphQL query patterns for any entity bundle.
Requirements
- Drupal 10.1+
- PHP 8.1+
- GraphQL Compose
Usage
This module adds a debugEntityFields query to the GraphQL API that returns field metadata for any entity type and bundle.
Query Example
query GetNodeFields {
debugEntityFields(entity_type: "node", entity_bundle: "article") {
success
errors {
message
}
fields
graphql_query_single
graphql_query_multiple
}
}
Response
{
"data": {
"debugEntityFields": {
"success": true,
"errors": null,
"fields": {
"body": {
"type": "text_with_summary",
"required": false,
"cardinality": 1,
"label": "Body",
"graphql_field": "body"
},
"field_tags": {
"type": "entity_reference",
"required": false,
"cardinality": -1,
"label": "Tags",
"graphql_field": "tags"
}
},
"graphql_query_single": "nodeArticle",
"graphql_query_multiple": "nodeArticles"
}
}
}
Return Values
-
success(Boolean): Whether the query was successful -
errors(Violation): Any validation or permission errors -
fields(Json): Field metadata including:-
type: The Drupal field type -
required: Whether the field is required -
cardinality: The field cardinality (1 for single, -1 for unlimited) -
label: The field label -
graphql_field: The GraphQL field name as generated by GraphQL Compose
-
-
graphql_query_single: The GraphQL query name for a single entity -
graphql_query_multiple: The GraphQL query name for multiple entities
Permissions
The module uses Drupal's permission system. Users must have either:
- The "administer {entity_type} fields" permission for the specific entity type, or
- The "administrator" role
Security
This module is intended for development and debugging purposes. It exposes field metadata that could be sensitive. Consider:
- Disabling this module on production environments
- Restricting GraphQL access appropriately
- Using role-based access controls