Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
com.yahoo.elide:elide-graphql
Advanced tools
Opinionated APIs for web & mobile applications.
Read this in other languages: 中文.
Elide is a Java library that lets you setup model driven GraphQL or JSON API web service with minimal effort. Elide supports two variants of APIs:
Elide supports a number of features:
Control access to fields and entities through a declarative, intuitive permission syntax.
JSON-API & GraphQL lets developers fetch entire object graphs in a single round trip. Only requested elements of the data model are returned. Our opinionated approach for mutations addresses common application scenarios:
Filtering, sorting, pagination, and text search are supported out of the box.
Elide supports multiple data model mutations in a single request in either JSON-API or GraphQL. Create objects, add them to relationships, modify or delete together in a single atomic request.
Elide supports analytic queries against models crafted with its powerful semantic layer. Elide APIs work natively with Yavin to visualize, explore, and report on your data.
Explore, understand, and compose queries against your Elide API through generated Swagger documentation or GraphQL schema.
Customize the behavior of data model operations with computed attributes, data validation annotations, and request lifecycle hooks.
Elide is agnostic to your particular persistence strategy. Use an ORM or provide your own implementation of a data store.
More information about Elide can be found at elide.io.
To try out an Elide example service, check out the elide-spring-boot-example project.
Alternatively, use the elide-standalone-example project which allows you to quickly setup a local instance of Elide running inside an embedded Jetty application.
The simplest way to use Elide is by leveraging JPA to map your Elide models to persistence:
The models should represent the domain model of your web service:
@Entity
public class Book {
@Id
private Integer id;
private String title;
@ManyToMany(mappedBy = "books")
private Set<Author> authors;
}
Add Elide annotations to both expose your models through the web service and define security policies for access:
@Entity
@Include(rootLevel = true)
@ReadPermission("Everyone")
@CreatePermission("Admin OR Publisher")
@DeletePermission("None")
@UpdatePermission("None")
public class Book {
@Id
private Integer id;
@UpdatePermission("Admin OR Publisher")
private String title;
@ManyToMany(mappedBy = "books")
private Set<Author> authors;
}
Add Lifecycle hooks to your models to embed custom business logic that execute inline with CRUD operations through the web service:
@Entity
@Include(rootLevel = true)
@ReadPermission("Everyone")
@CreatePermission("Admin OR Publisher")
@DeletePermission("None")
@UpdatePermission("None")
@LifeCycleHookBinding(operation = UPDATE, hook = BookCreationHook.class, phase = PRECOMMIT)
public class Book {
@Id
private Integer id;
@UpdatePermission("Admin OR Publisher")
private String title;
@ManyToMany(mappedBy = "books")
private Set<Author> authors;
}
public class BookCreationHook implements LifeCycleHook<Book> {
@Override
public void execute(LifeCycleHookBinding.Operation operation,
LifeCycleHookBinding.TransactionPhase phase,
Book book,
RequestScope requestScope,
Optional<ChangeSpec> changes) {
//Do something
}
}
Map expressions to security functions or predicates that get pushed to the persistence layer:
@SecurityCheck("Admin")
public static class IsAdminUser extends UserCheck {
@Override
public boolean ok(User user) {
return isUserInRole(user, UserRole.admin);
}
}
To expose and query these models, follow the steps documented in the getting started guide.
For example API calls, look at:
Analytic models including tables, measures, dimensions, and joins can be created either as POJOs or with a friendly HJSON configuration language:
{
tables: [
{
name: Orders
table: order_details
measures: [
{
name: orderTotal
type: DECIMAL
definition: 'SUM({{$order_total}})'
}
]
dimensions: [
{
name: orderId
type: TEXT
definition: '{{$order_id}}'
}
]
}
]
}
More information on configuring or querying analytic models can be found here.
Security is documented in depth here.
Please refer to the contributing.md file for information about how to get involved. We welcome issues, questions, and pull requests.
If you are contributing to Elide using an IDE, such as IntelliJ, make sure to install the Lombok plugin.
Community chat is now on discord. Join by clicking here.
This project is licensed under the terms of the Apache 2.0 open source license. Please refer to LICENSE for the full terms.
Intro to Elide video
Create a JSON API REST Service With Spring Boot and Elide
Custom Security With a Spring Boot/Elide Json API Server
Logging Into a Spring Boot/Elide JSON API Server
Securing a JSON API REST Service With Spring Boot and Elide
Creating Entities in a Spring Boot/Elide JSON API Server
Updating and Deleting with a Spring Boot/Elide JSON API Server
FAQs
Elide GraphQL integration
We found that com.yahoo.elide:elide-graphql demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.