mirror of
https://github.com/trustgraph-ai/trustgraph.git
synced 2026-04-26 00:46:22 +02:00
d35473f7f7
Introduces `workspace` as the isolation boundary for config, flows,
library, and knowledge data. Removes `user` as a schema-level field
throughout the code, API specs, and tests; workspace provides the
same separation more cleanly at the trusted flow.workspace layer
rather than through client-supplied message fields.
Design
------
- IAM tech spec (docs/tech-specs/iam.md) documents current state,
proposed auth/access model, and migration direction.
- Data ownership model (docs/tech-specs/data-ownership-model.md)
captures the workspace/collection/flow hierarchy.
Schema + messaging
------------------
- Drop `user` field from AgentRequest/Step, GraphRagQuery,
DocumentRagQuery, Triples/Graph/Document/Row EmbeddingsRequest,
Sparql/Rows/Structured QueryRequest, ToolServiceRequest.
- Keep collection/workspace routing via flow.workspace at the
service layer.
- Translators updated to not serialise/deserialise user.
API specs
---------
- OpenAPI schemas and path examples cleaned of user fields.
- Websocket async-api messages updated.
- Removed the unused parameters/User.yaml.
Services + base
---------------
- Librarian, collection manager, knowledge, config: all operations
scoped by workspace. Config client API takes workspace as first
positional arg.
- `flow.workspace` set at flow start time by the infrastructure;
no longer pass-through from clients.
- Tool service drops user-personalisation passthrough.
CLI + SDK
---------
- tg-init-workspace and workspace-aware import/export.
- All tg-* commands drop user args; accept --workspace.
- Python API/SDK (flow, socket_client, async_*, explainability,
library) drop user kwargs from every method signature.
MCP server
----------
- All tool endpoints drop user parameters; socket_manager no longer
keyed per user.
Flow service
------------
- Closure-based topic cleanup on flow stop: only delete topics
whose blueprint template was parameterised AND no remaining
live flow (across all workspaces) still resolves to that topic.
Three scopes fall out naturally from template analysis:
* {id} -> per-flow, deleted on stop
* {blueprint} -> per-blueprint, kept while any flow of the
same blueprint exists
* {workspace} -> per-workspace, kept while any flow in the
workspace exists
* literal -> global, never deleted (e.g. tg.request.librarian)
Fixes a bug where stopping a flow silently destroyed the global
librarian exchange, wedging all library operations until manual
restart.
RabbitMQ backend
----------------
- heartbeat=60, blocked_connection_timeout=300. Catches silently
dead connections (broker restart, orphaned channels, network
partitions) within ~2 heartbeat windows, so the consumer
reconnects and re-binds its queue rather than sitting forever
on a zombie connection.
Tests
-----
- Full test refresh: unit, integration, contract, provenance.
- Dropped user-field assertions and constructor kwargs across
~100 test files.
- Renamed user-collection isolation tests to workspace-collection.
165 lines
4.5 KiB
YAML
165 lines
4.5 KiB
YAML
post:
|
|
tags:
|
|
- Flow Services
|
|
summary: Rows query - GraphQL over structured data
|
|
description: |
|
|
Query structured data using GraphQL for row-oriented data access.
|
|
|
|
## Rows Query Overview
|
|
|
|
GraphQL interface to structured data:
|
|
- **Schema-driven**: Predefined types and relationships
|
|
- **Flexible queries**: Request exactly what you need
|
|
- **Nested data**: Traverse relationships in single query
|
|
- **Type-safe**: Strong typing with introspection
|
|
|
|
Abstracts structured rows into familiar object model.
|
|
|
|
## GraphQL Benefits
|
|
|
|
Compared to triples query:
|
|
- **Developer-friendly**: Objects instead of triples
|
|
- **Efficient**: Get related data in one query
|
|
- **Typed**: Schema defines available fields
|
|
- **Discoverable**: Introspection for tooling
|
|
|
|
## Query Structure
|
|
|
|
Standard GraphQL query format:
|
|
```graphql
|
|
query OperationName($var: Type!) {
|
|
fieldName(arg: $var) {
|
|
subField1
|
|
subField2
|
|
nestedObject {
|
|
nestedField
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
## Variables
|
|
|
|
Pass variables for parameterized queries:
|
|
```json
|
|
{
|
|
"query": "query GetPerson($id: ID!) { person(id: $id) { name } }",
|
|
"variables": {"id": "https://example.com/person/alice"}
|
|
}
|
|
```
|
|
|
|
## Error Handling
|
|
|
|
GraphQL distinguishes:
|
|
- **Field errors**: Invalid query, missing fields (in `errors` array)
|
|
- **System errors**: Connection issues, timeouts (in `error` object)
|
|
|
|
Partial data may be returned with field errors.
|
|
|
|
## Schema Definition
|
|
|
|
Schema defines available types via config service.
|
|
Use introspection query to discover schema.
|
|
|
|
operationId: rowsQueryService
|
|
security:
|
|
- bearerAuth: []
|
|
parameters:
|
|
- name: flow
|
|
in: path
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: Flow instance ID
|
|
example: my-flow
|
|
requestBody:
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '../../components/schemas/query/RowsQueryRequest.yaml'
|
|
examples:
|
|
simpleQuery:
|
|
summary: Simple query
|
|
value:
|
|
query: |
|
|
{
|
|
person(id: "https://example.com/person/alice") {
|
|
name
|
|
email
|
|
}
|
|
}
|
|
collection: research
|
|
queryWithVariables:
|
|
summary: Query with variables
|
|
value:
|
|
query: |
|
|
query GetPerson($id: ID!) {
|
|
person(id: $id) {
|
|
name
|
|
email
|
|
knows {
|
|
name
|
|
}
|
|
}
|
|
}
|
|
variables:
|
|
id: "https://example.com/person/alice"
|
|
operation-name: GetPerson
|
|
nestedQuery:
|
|
summary: Nested relationship query
|
|
value:
|
|
query: |
|
|
{
|
|
person(id: "https://example.com/person/alice") {
|
|
name
|
|
knows {
|
|
name
|
|
worksFor {
|
|
name
|
|
location
|
|
}
|
|
}
|
|
}
|
|
}
|
|
responses:
|
|
'200':
|
|
description: Successful response
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '../../components/schemas/query/RowsQueryResponse.yaml'
|
|
examples:
|
|
successfulQuery:
|
|
summary: Successful query
|
|
value:
|
|
data:
|
|
person:
|
|
name: Alice
|
|
email: alice@example.com
|
|
knows:
|
|
- name: Bob
|
|
- name: Carol
|
|
extensions:
|
|
execution_time_ms: "42"
|
|
queryWithFieldErrors:
|
|
summary: Query with field errors
|
|
value:
|
|
data:
|
|
person:
|
|
name: Alice
|
|
email: null
|
|
errors:
|
|
- message: Cannot query field 'nonexistent' on type 'Person'
|
|
path: ["person", "nonexistent"]
|
|
systemError:
|
|
summary: System error
|
|
value:
|
|
data: null
|
|
error:
|
|
type: TIMEOUT_ERROR
|
|
message: Query execution timeout after 30s
|
|
'401':
|
|
$ref: '../../components/responses/Unauthorized.yaml'
|
|
'500':
|
|
$ref: '../../components/responses/Error.yaml'
|