search

dfir-iris / iris-web

Collaborative Incident Response platform
GNU Lesser General Public License v3.0
1.05k stars 169 forks source link

[FR] Generation of GraphQL documentation #487

Open Elise17 opened 4 months ago

Elise17 commented 4 months ago

Enrich the GraphQL API with with its own documentation.

The documentation must contain all queries and mutations of Cases :

  1. query case
  2. query cases
  3. mutation caseCreate
  4. mutation caseDelete
  5. mutation caseUpdate

and also all queries and mutations of Iocs :

  1. query ioc
  2. query iocs
  3. mutation iocCreate
  4. mutation iocDelete
  5. mutation iocUpdate
Elise17 commented 4 months ago

We implemented a first version of the graphql documentation, called graphiql. Graphiql is an official graphql interface which allows you to have interactive documentation. It also allows you to send queries and see the result or detailed error messages. But we realized that using graphiql would have security impacts. In fact there would be no CSRF check and no CSP header on the nginx (even when the documentation option is enabled.)

Elise17 commented 4 months ago

We will implement the documentation with dociql (static documentation). This documentation will be generated with a configuration file.

yukh1402 commented 2 months ago

@Elise17 Did you already implement the dociql function? Is there a branch number? Thanks!