activeadmin-graphql 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 7280a88a1db044b52f0b7d41ba523f165516d8dd11d7aab97f4f3ea857f1237b
+  data.tar.gz: 35cdf2b394b11536301ca4f405f794ad27e50a6d530386331a26a9a2748e2c7e
+SHA512:
+  metadata.gz: e363650ebc0646cb24e5fac85d954c175555e1f6a827c697a20d21e07bcb05fc60439d42a676f0987a3141fdd6fadd8e9fce17c2ba2b2308446f5b3b7c4e3c1c
+  data.tar.gz: 4fd30f0ae38793a83e9524429648e3c30d8b414ad9c2003ffed16680d39c21cab6505a13cd8fb17083b175f030fdfd5623e12b8af48c0814d77562cdcca88e8a

data/CHANGELOG.md

@@ -0,0 +1,6 @@
+# Changelog
+
+## 0.1.0
+
+- Initial release: GraphQL API for ActiveAdmin extracted from the `activeadmin` fork, usable as `gem "activeadmin-graphql"` alongside `activeadmin` and `graphql`.
+- Docs: full guide in [`docs/graphql-api.md`](docs/graphql-api.md), including a “Migrating GraphQL clients” section (enum names, typed CRUD inputs, `ActiveAdminKeyValuePair` lists). Links from an optional ActiveAdmin fork or doc site are mainly for discovery.

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,31 @@
+# Code of Conduct
+
+## Our Pledge
+
+We pledge to make participation in the activeadmin-graphql community a harassment-free experience for everyone. We operate on principles of mutual respect, privacy, and authentic engagement. We value substantive contributions and clarity on intentions.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment include:
+
+- Authenticity: Engaging with genuine curiosity and admitting uncertainty rather than feigning knowledge.
+- Responsible innovation: Taking full responsibility for any content or code contributed, whether manually written or generated by automation tools.
+- Gentle correction: Responding politely to errors. We view mistakes as opportunities for learning, provided they are addressed with humility.
+- Inclusive language: Using language that welcomes diverse perspectives and respects the privacy and identity of all participants.
+
+Examples of unacceptable behavior include:
+
+- Harassment: Public or private harassment, trolling, or insulting comments.
+- Weaponized complexity: Using jargon or overwhelming volume (including automated spam) to silence others.
+- Publishing private information: Sharing others' data or personal context without explicit permission.
+
+## Artificial Intelligence & Automation
+
+In accordance with our commitment to collective awareness:
+
+- Contributors are responsible for the accuracy and security of any AI-generated artifacts they submit.
+- "The AI wrote it" is not a valid excuse for introducing bugs, security vulnerabilities, or bias.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@kiskolabs.com. All complaints will be reviewed and investigated promptly and fairly.

data/CONTRIBUTING.md

@@ -0,0 +1,27 @@
+# Contributing Guidelines
+
+Thank you for your interest in contributing to activeadmin-graphql.
+
+## How to Contribute
+
+### 1. Reporting Issues
+
+- Verify accuracy: Before posting, verify your information. Avoid generalizations.
+- Use structured inputs: Provide clear goals, constraints, and reproduction steps.
+
+### 2. Pull Request Process
+
+- Scope: Keep PRs focused on a single goal.
+- Context: Explain why the change is necessary.
+- Testing: Run the RSpec suite (see the README for Appraisal and parallel test commands).
+
+### 3. Review Process
+
+- We encourage productive friction. Expect questions about your approach.
+- If a reviewer suggests a change, view it as mutual aid, not criticism.
+
+### Artificial Intelligence & Automation
+
+1. You are the author: You act as the responsible agent for any code you submit. You must review, debug, and understand every line.
+2. Manage cognitive load: Do not submit massive, unreviewed automated dumps.
+3. Security: Never feed project secrets or private context into public AI models.

data/LICENSE.md

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Andrei Makarov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,49 @@
+# activeadmin-graphql
+
+GraphQL HTTP API for [ActiveAdmin](https://activeadmin.info), built with [graphql-ruby](https://graphql-ruby.org). Register resources as usual, optionally add a `graphql do ... end` block, enable the endpoint per namespace, and get a schema with queries and mutations aligned with ActiveAdmin authorization and filters.
+
+## Setup
+
+```ruby
+# Gemfile (graphql-ruby is pulled in by activeadmin-graphql)
+gem "activeadmin"
+gem "activeadmin-graphql"
+```
+
+```ruby
+# config/initializers/active_admin.rb
+ActiveAdmin.setup do |config|
+  config.namespace :admin do |admin|
+    admin.graphql = true
+    # admin.graphql_path = "graphql" # default: POST /admin/graphql
+  end
+end
+```
+
+Bundler loads this gem as usual; that requires `graphql-ruby` and wires ActiveAdmin routing and DSL for GraphQL.
+
+Documentation: [docs/graphql-api.md](docs/graphql-api.md) covers the endpoint, schema, `graphql do … end`, authorization, composite PKs, visibility, and dataloaders. For an older GraphQL integration, see “Migrating GraphQL clients” in that guide (enum type names, typed mutation inputs, key/value lists vs JSON).
+
+## Development
+
+Tests use a minimal Rails app under `spec/dummy` with SQLite (`:memory:` in test; each [parallel_tests](https://github.com/grosser/parallel_tests) worker is a separate process with its own DB). From the gem root:
+
+```bash
+bundle install
+bundle exec appraisal install   # generates gemfiles/*.gemfile from Appraisals
+bundle exec rubocop
+bundle exec parallel_rspec spec # or: bundle exec rspec
+# or
+rake rubocop
+rake spec
+```
+
+Matrixed Rails versions use [Appraisal](https://github.com/thoughtbot/appraisal): `gemfiles/rails72.gemfile`, `rails8ruby34.gemfile`, and `rails8truffleruby.gemfile` pin Rails 7.2 / 8.1 (integration tests follow the `spec/dummy` app, which is tested from 7.2 upward). Run `bundle exec appraisal rspec` to execute RSpec in each gemfile context, or `bundle exec parallel_rspec spec` locally for faster multi-process runs on the current bundle.
+
+[Trunk](https://docs.trunk.io) config lives in `.trunk/`; CI runs `trunk` via `.github/workflows/trunk.yml`. Releases: `usr/bin/release.rb` (RuboCop, Appraisal RSpec across gemfiles, `gem build` / `gem push`, git tag, `gh release`).
+
+No local ActiveAdmin checkout is required; the dummy app depends on the published `activeadmin` gem like a normal host app.
+
+## License
+
+MIT — see [LICENSE.md](LICENSE.md).

data/activeadmin-graphql.gemspec

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require_relative "lib/active_admin/graphql/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "activeadmin-graphql"
+  spec.version = ActiveAdmin::GraphQL::VERSION
+  spec.authors = ["Andrei Makarov"]
+  spec.email = ["contact@kiskolabs.com"]
+  spec.summary = "GraphQL API extension for ActiveAdmin (graphql-ruby)."
+  spec.description = "Exposes ActiveAdmin resources and pages as a graphql-ruby schema with an HTTP endpoint per namespace."
+  spec.license = "MIT"
+  spec.platform = Gem::Platform::RUBY
+  spec.required_ruby_version = ">= 3.2"
+
+  repository_url = "https://github.com/amkisko/activeadmin-graphql"
+
+  spec.homepage = repository_url
+  spec.metadata = {
+    "homepage_uri" => repository_url,
+    "source_code_uri" => "#{repository_url}/tree/main",
+    "changelog_uri" => "#{repository_url}/blob/main/CHANGELOG.md",
+    "documentation_uri" => "#{repository_url}/blob/main/docs/graphql-api.md",
+    "bug_tracker_uri" => "#{repository_url}/issues",
+    "rubygems_mfa_required" => "true"
+  }
+
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    %w[
+      CHANGELOG.md
+      CODE_OF_CONDUCT.md
+      CONTRIBUTING.md
+      LICENSE.md
+      README.md
+      activeadmin-graphql.gemspec
+    ].select { |f| File.file?(f) } +
+      Dir["docs/**/*.md"] +
+      Dir["app/**/*.rb"] +
+      Dir["lib/**/*.rb"]
+  end
+
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency "activeadmin", ">= 3.2"
+  spec.add_runtime_dependency "graphql", ">= 2.3"
+
+  spec.add_development_dependency "appraisal", "~> 2"
+  spec.add_development_dependency "bigdecimal"
+  spec.add_development_dependency "bundler", ">= 2"
+  spec.add_development_dependency "devise", ">= 4.9"
+  spec.add_development_dependency "parallel_tests", "~> 4.7"
+  spec.add_development_dependency "rails", ">= 6.1"
+  spec.add_development_dependency "rspec", "~> 3"
+  spec.add_development_dependency "rspec-rails", ">= 6"
+  spec.add_development_dependency "rubocop-rails", "~> 2.34"
+  spec.add_development_dependency "rubocop-rspec", "~> 3.8"
+  spec.add_development_dependency "rubocop-thread_safety", "~> 0.7"
+  spec.add_development_dependency "simplecov", "~> 0.22"
+  spec.add_development_dependency "sprockets-rails", ">= 3.4"
+  spec.add_development_dependency "sqlite3", ">= 1"
+  spec.add_development_dependency "standard", "~> 1.52"
+  spec.add_development_dependency "standard-custom", "~> 1.0"
+  spec.add_development_dependency "standard-performance", "~> 1.8"
+  spec.add_development_dependency "standard-rails", "~> 1.5"
+  spec.add_development_dependency "standard-rspec", "~> 0.3"
+end

data/app/controllers/active_admin/graphql_controller.rb

@@ -0,0 +1,168 @@
+# frozen_string_literal: true
+
+module ActiveAdmin
+  # HTTP endpoint for the namespace GraphQL schema (graphql-ruby).
+  #
+  # Authentication runs before any GraphQL work, including introspection.
+  # Supports single operations (+application/json+ body or form params) and
+  # multiplexed batches (+application/json+ array documented by graphql-ruby).
+  class GraphqlController < ApplicationController
+    protect_from_forgery with: :exception
+
+    before_action :ensure_graphql_enabled!
+    before_action :authenticate_graphql!
+
+    def execute
+      schema = ActiveAdmin::GraphQL.schema_for(active_admin_namespace)
+
+      if multiplex_request?
+        operations = multiplex_operations
+        max_n = active_admin_namespace.graphql_multiplex_max || 20
+        if operations.size > max_n
+          return render json: {errors: [{message: "Multiplex exceeds maximum of #{max_n}"}]},
+            status: :content_too_large
+        end
+
+        results = schema.multiplex(
+          operations.map do |op|
+            {
+              query: op[:query],
+              variables: ensure_variables(op[:variables]),
+              operation_name: op[:operation_name],
+              context: graphql_context
+            }
+          end
+        )
+        render json: results.map(&:to_h), status: :ok
+      else
+        result = schema.execute(
+          query: query_string,
+          variables: ensure_variables(variables_hash),
+          operation_name: operation_name,
+          context: graphql_context
+        )
+        render json: result.to_h, status: :ok
+      end
+    end
+
+    def active_admin_namespace
+      key = request.path_parameters[:active_admin_namespace] || params[:active_admin_namespace]
+      raise ActionController::RoutingError, "Missing active_admin_namespace route default" unless key
+
+      ActiveAdmin.application.namespaces[key.to_sym].tap do |ns|
+        raise ActionController::RoutingError, "Unknown ActiveAdmin namespace: #{key}" unless ns
+      end
+    end
+
+    private
+
+    def ensure_graphql_enabled!
+      return if active_admin_namespace.graphql
+      head :not_found and return
+    end
+
+    def authenticate_graphql!
+      meth = active_admin_namespace.authentication_method
+      send(meth) if meth
+    end
+
+    def current_active_admin_user
+      meth = active_admin_namespace.current_user_method
+      send(meth) if meth
+    end
+
+    def graphql_context
+      ns = active_admin_namespace
+      {
+        auth: ActiveAdmin::GraphQL::AuthContext.new(
+          user: current_active_admin_user,
+          namespace: ns
+        ),
+        namespace: ns,
+        request: request,
+        current_user: current_active_admin_user,
+        visibility_profile: graphql_visibility_profile_for(ns)
+      }.compact
+    end
+
+    def graphql_visibility_profile_for(ns)
+      prof = ns.graphql_visibility_profile
+      return nil if prof.blank?
+
+      prof.to_sym
+    end
+
+    def multiplex_request?
+      request.post? && raw_operation_array
+    end
+
+    def raw_operation_array
+      parsed = request_body_json
+      return parsed if parsed.is_a?(Array)
+
+      params[:_json] if params[:_json].is_a?(Array)
+    end
+
+    def multiplex_operations
+      raw_operation_array.map { |payload| normalize_operation(payload) }
+    end
+
+    def normalize_operation(payload)
+      h = payload.stringify_keys
+      {
+        query: h["query"],
+        variables: h["variables"],
+        operation_name: h["operationName"] || h["operation_name"]
+      }
+    end
+
+    def query_string
+      params[:query] || request_body_hash&.dig("query")
+    end
+
+    def operation_name
+      params[:operationName] || params[:operation_name] || request_body_hash&.dig("operationName")
+    end
+
+    def variables_hash
+      params[:variables] || request_body_hash&.dig("variables")
+    end
+
+    def request_body_hash
+      json = request_body_json
+      json if json.is_a?(Hash)
+    end
+
+    def request_body_json
+      return @request_body_json if defined?(@request_body_json)
+
+      @request_body_json =
+        if request.body.nil?
+          nil
+        else
+          body = request.body.read
+          request.body.rewind
+          body.present? ? JSON.parse(body) : nil
+        end
+    rescue JSON::ParserError
+      @request_body_json = nil
+    end
+
+    def ensure_variables(raw)
+      case raw
+      when String
+        raw.present? ? JSON.parse(raw) : {}
+      when Hash
+        raw
+      when ActionController::Parameters
+        raw.to_unsafe_h
+      when nil
+        {}
+      else
+        {}
+      end
+    rescue JSON::ParserError
+      {}
+    end
+  end
+end