GraphQL Basics

Question 1

What is GraphQL?

Answer 1

GraphQL is a query language for your API.

Question 2

Compare GraphQL and REST.

Answer 2

1. Multiple round trips (REST) vs one single request (GraphQL).
2. Over fetching and under fetching (REST) vs tailor-made queries (GraphQL).
3. No need to expose a new API when a UI refactor is needed.

Question 3

What are the two main types requests of GraphQL?

Answer 3

1. Query
2. Mutation

Question 4

What is an alias?

Answer 4

You can’t query for the same field with different arguments. Aliases let you rename the result of a field with anything you want.

Question 5

What are fragments?

Answer 5

Fragments are GraphQL’s reusable units. They let you build sets of fields and then include them in multiple queries.

Question 6

How query and mutation fields are executed?

Answer 6

Query fields are executed in parallel, mutation fields run in series, one after the other.

Question 7

What GraphQL Client can do? (6 items)

Answer 7

1. Communicate with the server (send requests and receive responses)
2. Integrate with view components and update the UI
3. Cache query results
4. Handle errors and validate schema
5. Provide local state management
6. Provide pagination

Question 8

What are resolvers?

Answer 8

The resolver function is a function that resolves a value for a type/field in the GraphQL Schema.

Question 9

Four responsibilities of GraphQL Server

Answer 9

1. Schema and Resolver Functions
2. Network Layer
3. GraphQL Execution Engine
4. Batched Resolving

Question 10

3 Field Level Directives

Answer 10

1. @include
2. @skip
3. @deprecated

Question 11

Can query and mutations go in one request togehter?

Answer 11

No, they need to go separately.

GraphiQL or Apollo playground doesn’t support it, but official documentation says it could be possible in multi-operation documents.

Question 12

Is this correct

addNewSession(session: Session): Session

Answer 12

No, param session must be Input rather than Type

Question 13

How to create a mapping between Enum and the internal model?

Answer 13

Just create a resolver for GraphQL enum.

In object {ENUM: ‘mappedValue’} key is GraphQL enum whereas ‘mappedValue’ is a value from the internal model.

Question 14

Assuming that Session contains speakers taken via REST endpoint, that doesn’t work. What will be returned for:

query {
sessions {
title
id
speakers {
name
}
}
}

Answer 14

1. n errors for every session (errors section)
2. n sessions with speakers = null (data section)

Question 15

What is a Union?

Answer 15

It is a construction allowing to return of two (or more) different types.

It can be used to discard the error section and return errors or data in the data section of the response.

Question 16

What can we do with Apollo Studio?

Answer 16

Register schemas and monitor usage.

Question 17

What is operation name?

Answer 17

Any operation can be prefixed by operation type (query/mutation/subscription) and operation name.

Required in multi-operation documents.

Question 18

What are operation types?

Answer 18

1. query
2. mutation
3. subscription

Question 19

Can fragments use variables?

Answer 19

Fragments can access variables declared in the query or mutation.

Question 20

3 types of variables.

Answer 20

1. Scalars
2. Enums
3. Input types

Question 21

What is an inline fragment?

Answer 21

It’s a fragment defined withing a query. Used for interfaces and unions.

Question 22

Is it possible to find out the concrete type (when the union or interface was used)?

Answer 22

Yes, using meta field like __typename

Question 23

Is it correct

type Starship {

id: ID!name: String!

length(unit: LengthUnit! = METER): Float

}

Answer 23

No, only optional arguments can have default values.

Question 24

Is Date an official scalar type?

Answer 24

No, it has to be implemented as custom scalar type.

Question 25

Is

myField: null

valid for

myField: [String]!

?

Answer 25

No

Question 26

Do you need to provide interface fields in a type implementing an interface?

Answer 26

Yes.

Question 27

Can input type contain a field being a type?

Answer 27

No, it has to be also an input type.

Question 28

Can input type fields have arguments?

Answer 28

No.

Question 29

Can fragment refer to itself?

Answer 29

No, as this could result in an unbounded result!

Question 30

Can we return type without specifying any field?

Answer 30

No, the graph leaves must be scalar type.

Question 31

Can you ask GraphQL for a schema?

Answer 31

Yes, using __schema query.

Question 32

Why type/name is null for fields
id: ID!

friends: [String]

appearsIn: [Episode!]!

Answer 32

Because they are wrapper types (not null/list) and ofType must be used to find out what is the type.

Question 33

What is a requirement for plural identifying root fields?

Answer 33

It is a requirement that array in the response is the same size as the array passed as an argument, and that the order in the response will match the order in the argument.

Question 34

How to see changes after mutation?

Answer 34

It depends what mutation is doing.

1. For update cache will be auto-updated provided that mutation is returning mutated field
2. For insert/delete cache will have to be updated manually

Question 35

Compare Cookie Auth and Header Auth in context of vulnerability.

Answer 35

1. Cookie is vulnerable to CSRF
2. Header is vulnerable to XSS

Question 36

Where authorization can be put? (3 options)

Answer 36

1. in resolvers
2. in model
3. using schema directives

Question 37

Mention 3 threats related to using GraphQL

Answer 37

1. Multiple requests withing a short time
2. Deeply nested queries
3. Complex queries

Question 38

How to protect against query complexity in Apollo Server?

Answer 38

1. Install library graphql-validation-complexity
2. Define cost above which query is rejected
3. Use schema directive to define cost of retrieving specific fields (otherwise default one is used)

Question 39

3 Apollo client Features for Managing State

Answer 39

1. creating and updating virtual or local-only fields in GQL
2. creating and updating global or reactive variables stored in the Apollo Client instance
3. fetching local-only fields that include reactive variables resulting in full state management in your app

Question 40

Is DataLoader caching data?

Answer 40

No, it is just for batching.

Question 41

What is a DataLoader pattern?

Answer 41

1. Resolver stores id
2. Resolver returns promise
3. DataLoader request all ids