---
v3: don't mark @key fields as @external

 .gitignore                                    |   3 +-
 Makefile                                      |   1 +
 api/go.mod                                    |   6 +-
 api/go.sum                                    |   2 +
 api/gqlgen.yml                                |   7 +-
 api/graph/entity.resolvers.go                 |  38 ++++
 api/graph/model/project.go                    | 109 ++++++++++++
 api/graph/model/tracker.go                    |  89 ++++++++++
 api/graph/model/user.go                       |  14 ++
 api/graph/schema.graphqls                     |  82 +++++++--
 api/graph/schema.resolvers.go                 | 123 +++++++++++--
[message trimmed]

---
v3: don't mark @key fields as @external

 .gitignore                     |   1 +
 api/gqlgen.yml                 |   7 +-
 api/graph/entity.resolvers.go  |  45 +++++++++++++
 api/graph/model/participant.go |   4 +-
 api/graph/model/tracker.go     |   2 +
 api/graph/model/user.go        |  19 ++----
 api/graph/schema.graphqls      | 119 ++++++++++++++-------------------
 api/graph/schema.resolvers.go  |  76 +++++++--------------
 api/loaders/generate.go        |   2 +-
 api/loaders/middleware.go      |  18 ++---
 api/webhooks/legacy.go         |   2 +-
[message trimmed]

---
v3: rename Entity to Actor, use federation version 2

 .gitignore                     |  1 +
 api/gqlgen.yml                 |  7 ++--
 api/graph/entity.resolvers.go  | 27 ++++++++++++++
 api/graph/model/oauthclient.go |  2 ++
 api/graph/model/user.go        |  1 +
 api/graph/schema.graphqls      | 64 ++++++++++++++++++++--------------
 api/graph/schema.resolvers.go  | 10 +++---
 7 files changed, 77 insertions(+), 35 deletions(-)
 create mode 100644 api/graph/entity.resolvers.go

diff --git a/.gitignore b/.gitignore
[message trimmed]

---
 schema.sql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/schema.sql b/schema.sql
index 33623d2..89617a4 100644
--- a/schema.sql
+++ b/schema.sql
@@ -355,7 +355,7 @@ CREATE TABLE user_webhook_subscription (
 	created timestamp without time zone NOT NULL,
 	url character varying(2048) NOT NULL,
 	events character varying NOT NULL,
-	user_id integer REFERENCES "user"(id), ON DELETE CASCADE
+	user_id integer REFERENCES "user"(id) ON DELETE CASCADE,
[message trimmed]

Cool, thanks for letting us know!

On Mon Dec 19, 2022 at 7:20 AM EST, Drew DeVault wrote:
> Given that we already set the auth method to internal in this case

This is necessary for the entity resolvers used by the GraphQL
federation gateway. We want to prevent others from accessing the entity
resolvers to prevent enumerating entities by ID. The gateway doesn't use
internal authentication to make requests to services; it simply forwards
the Authentication header as-is. We could make the gateway use internal
authentication, but I don't think that all queries/mutations support
internal authentication (e.g. webhook creation currently doesn't work
with internal authentication).

On Fri Dec 9, 2022 at 4:05 AM EST, Conrad Hoffmann wrote:
> Unless I am missing something I think we should be easily able to use a 
> different identifier here which is known before uploading, so we could 
> upload files right to their final destination. My suggestions would be 
> either a UUID, or something like the SHA sum of the site ID in the DB 
> (which is known at upload time).

I think using a UUID is a reasonable approach. We could either scrap the
SHA256 entirely or maintain a mapping from SHA256 to UUID in the
database.

The cause seems to be that proxy.golang.org is having issues.

Works for me.

Correction: you should use site.Root.GetPage instead of
.site.Root.GetPage.