GraphQL for Admin UI and for public API

[ttsirkia]

This is a discussion about the current internal architecture, documentation and about possible plans for KeystoneJS Next.

If I understand correctly, currently the same GraphQL API is used both for the Admin UI and any other UI which uses GraphQL to fetch the data for the real UI of the application. The default URL for the Next.JS app, for example, even has /admin/api in the URL. The same access control rules are applied for both.

What if I would like to have two separate GraphQL APIs. One for Admin UI and another for anonymous or restricted access for registered users but still have totally different access rules?

In most cases, I would allow all actions to be done via Admin UI (if the user has access to it) but have much more strict rules for the public part. One approach could be that in every place there is a rule that isAdmin === true will grant the access and then another set of rules to cover non-admin users but this becomes easily quite complex . Currently all the rules are only in List and Field level so there is not any quick way to define two different profiles, for example, and expose these profiles out by using two separate GraphQL APIs.

Is there any nice way to do this at the moment and/or is this something which is about to change in the next major release? It would be great to have to separate APIs for access control reasons and to avoid using URLs having /admin in public parts of the app. Also, separating the APIs would help to leave completely out those Lists which are not meant to be used from public side but are used by the internal logic of mutations, for example, but still something which should be visible in Admin UI.

Also, two separate URLs would give more possibilities to work with middleware and NginX to have separate rules or publish only the public API to Internet and leave the API for Admin UI to be accessible only in localhost.

[VinayaSathyanarayana]

Role based access control is the way