
Research
Security News
The Landscape of Malicious Open Source Packages: 2025 Mid‑Year Threat Report
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.
odoo12-addon-graphql-base
Advanced tools
.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png :target: https://odoo-community.org/page/development-status :alt: Beta .. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html :alt: License: LGPL-3 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github :target: https://github.com/OCA/rest-framework/tree/12.0/graphql_base :alt: OCA/rest-framework .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png :target: https://translation.odoo-community.org/projects/rest-framework-12-0/rest-framework-12-0-graphql_base :alt: Translate me on Weblate .. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png :target: https://runbot.odoo-community.org/runbot/271/12.0 :alt: Try me on Runbot
|badge1| |badge2| |badge3| |badge4| |badge5|
This modules enables the creation of GraphQL <https://graphql.org/>
__ endpoints.
In itself, it does nothing and must be used by a developer to
create the GraphQL schema and resolvers using
graphene <https://graphene-python.org/>
__,
and expose them through a controller.
An example is available in the graphql_demo
module.
Table of contents
.. contents:: :local:
To use this module, you need to
This module does not attempt to expose the whole Odoo object model. This could be the purpose of another module based on this one. We believe however that it is preferable to expose a specific well tested endpoint for each customer, so as to reduce coupling by knowing precisely what is exposed and needs to be tested when upgrading Odoo.
To start working with this module, we recommend the following approach:
GraphQL basics <https://graphql.org/learn/>
__graphene <https://graphene-python.org/>
__, the python library
used to create GraphQL schemas and resolvers.graphql_demo
module in this repo, copy it,
adapt the controller to suit your needs (routes, authentication methods).Building your schema
The schema can be built using native graphene types.
An ``odoo.addons.graphql_base.types.OdooObjectType``
is provided as a convenience. It is a graphene ``ObjectType`` with a
default attribute resolver which:
- converts False to None (except for Boolean types), to avoid Odoo's weird
``False`` strings being rendered as json ``"false"``;
- adds the user timezone to Datetime fields;
- raises an error if an attribute is absent to avoid field name typing errors.
Creating GraphQL controllers
The module provides an odoo.addons.graphql_base.GraphQLControllerMixin
class to help you build GraphQL controllers providing GraphiQL and/or GraphQL
endpoints.
.. code-block:: python
from odoo import http
from odoo.addons.graphql_base import GraphQLControllerMixin
from ..schema import schema
class GraphQLController(http.Controller, GraphQLControllerMixin):
# The GraphiQL route, providing an IDE for developers
@http.route("/graphiql/demo", auth="user")
def graphiql(self, **kwargs):
return self._handle_graphiql_request(schema)
# Optional monkey patch, needed to accept application/json GraphQL
# requests. If you only need to accept GET requests or POST
# with application/x-www-form-urlencoded content,
# this is not necessary.
GraphQLControllerMixin.patch_for_json("^/graphql/demo/?$")
# The graphql route, for applications.
# Note csrf=False: you may want to apply extra security
# (such as origin restrictions) to this route.
@http.route("/graphql/demo", auth="user", csrf=False)
def graphql(self, **kwargs):
return self._handle_graphql_request(schema)
Bugs are tracked on GitHub Issues <https://github.com/OCA/rest-framework/issues>
.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us smashing it by providing a detailed and welcomed
feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20graphql_base%0Aversion:%2012.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>
.
Do not contact contributors directly about support or help with technical issues.
Authors
* ACSONE SA/NV
Maintainers
This module is maintained by the OCA.
.. image:: https://odoo-community.org/logo.png :alt: Odoo Community Association :target: https://odoo-community.org
OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.
.. |maintainer-sbidoul| image:: https://github.com/sbidoul.png?size=40px :target: https://github.com/sbidoul :alt: sbidoul
Current maintainer <https://odoo-community.org/page/maintainer-role>
__:
|maintainer-sbidoul|
This module is part of the OCA/rest-framework <https://github.com/OCA/rest-framework/tree/12.0/graphql_base>
_ project on GitHub.
You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
FAQs
Base GraphQL/GraphiQL controller
We found that odoo12-addon-graphql-base demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.
Security News
ESLint now supports HTML linting with 48 new rules, expanding its language plugin system to cover more of the modern web development stack.
Security News
CISA is discontinuing official RSS support for KEV and cybersecurity alerts, shifting updates to email and social media, disrupting automation workflows.