Skip to content
Santekno.com | Tech Tutorials and Trends
EN
📖 0%
29 Jul 2025 · 6 min read ·Article 29 / 125
Go

29 Mutations for Updating and Deleting Data

IH
Ihsan Arif
Writer at Santekno · Backend Engineer

title: 29 Mutations for Updating and Deleting Data: A Complete Guide with Code Examples
subtitle: Understanding the strategies, implementation, and best practices for update & delete mutations in GraphQL
author: Senior Software Engineer date: 2024-06-15

Introduction

In modern application development, especially when working with GraphQL, mutations are the primary mechanism for changing (updating) and removing (deleting) data on the server. Yet we often run into a fundamental question: “How do you implement update and delete mutations that are efficient, secure, and scalable?”

In this article, I’ll break down 29 mutations commonly used for update and delete needs—whether partial, bulk, or the routines you’ll find in production (such as soft delete, cascade delete, and partial update). I’ll also walk through code examples, comparison tables, and flow diagrams using mermaid syntax, so you’ll have a best-practices reference straight from an experienced engineer.


The Basics: What Is a Mutation?

A mutation is an operation that changes the state of your data. In day-to-day practice, mutations are used to:

  • Create data (create)
  • Modify data (update)
  • Remove data (delete)

In this article, I’ll focus on two specific mutations: update and delete.


Table: 29 Mutations for Update & Delete

Let’s start with a summary table. Modern organizations rely on many combinations of these for both update and delete workflows.

NoMutation NameTypeScopeDescription
1updateUserUpdateSingleUpdate one record
2updateUsersUpdateBulkUpdate many records
3patchUserPartialSingleUpdate some fields
4patchUsersPartialBulkPartial update of many records
5upsertUserCreate/UpdateSingleUpdate if exists, else create
6incrementScoreCustomSingleCustom: add/increment
7decrementStockCustomSingleCustom: reduce stock
8softDeleteUserSoft DeleteSingleOnly update ‘deletedAt’
9softDeleteUsersSoft DeleteBulkSoft delete many records
10hardDeleteUserHard DeleteSingleDelete data completely
11hardDeleteUsersHard DeleteBulkBulk hard delete
12archiveUserArchiveSingleMark as ‘archived’
13restoreUserRestoreSingleUn-delete/restore
14restoreUsersRestoreBulkBulk restore
15deactivateUserStatus UpdateSingleChange status (active/inactive)
16activateUserStatus UpdateSingleChange status
17banUserCustomSingleBan user
18unbanUserCustomSingleUnban user
19changePasswordSensitiveSingleChange password only
20unlinkAccountDelete LinkSingleDelete a relation between data
21cascadeDeleteCascadeSingleDelete data + related records
22purgeDeletedClean UpBulkPurge ‘deleted’ data
23reassignTaskReassignSingleUpdate to a new owner
24migrateDataMigrationBulk/SingleBulk/migration operation
25toggleFlagToggleSingleEnable/disable a flag
26overwriteProfileOverwriteSingleReplace/update the whole object
27expireSessionDeleteSingleNon-user object delete
28resetQuotaResetSingleReset quota to its initial value
29anonymizeUserPrivacySingleUpdate fields to anonymous

Keep in mind that in a real-life implementation, these mutations will vary according to your business needs, schema, and application security.


Code Example: Update Mutation

Typically, a GraphQL mutation to update user data can be as simple as the following:

graphql
1mutation updateUser($id: ID!, $input: UserUpdateInput!) {
2  updateUser(id: $id, input: $input) {
3    id
4    name
5    email
6    updatedAt
7  }
8}

Handler in Node.js (Express + Apollo):

js
1// resolver.js
2const updateUser = async (_, { id, input }, { db }) => {
3  const updated = await db.User.findByIdAndUpdate(id, input, { new: true });
4  if (!updated) throw new Error("User not found");
5  return updated;
6};

With the pattern above, you can define mutations according to which fields you want to update (whether a full or partial update).


Case Study: Bulk Update & Soft Delete

For high performance (for example, updating many records), patterns like bulk update and soft delete are commonly used.

Bulk Update Example

graphql
1mutation updateUsers($ids: [ID!]!, $input: UserUpdateInput!) {
2  updateUsers(ids: $ids, input: $input) {
3    count
4    updatedIds
5  }
6}
And its handler:
js
 1const updateUsers = async (_, { ids, input }, { db }) => {
 2  const result = await db.User.updateMany(
 3    { _id: { $in: ids }},
 4    { $set: input }
 5  );
 6  return {
 7    count: result.nModified,
 8    updatedIds: ids,
 9  };
10};


Soft Delete Implementation

Instead of removing data from the DB, a soft delete simply updates the deletedAt column:

graphql
1mutation softDeleteUser($id: ID!) {
2  softDeleteUser(id: $id) {
3    id
4    deletedAt
5  }
6}
And the server side:
js
1const softDeleteUser = async (_, { id }, { db }) => {
2  return db.User.findByIdAndUpdate(
3    id,
4    { deletedAt: new Date() },
5    { new: true }
6  );
7};
Soft delete makes recovery easier (restoreUser), along with audit logging and data security.


Flow Diagram: Soft Delete vs Hard Delete

Let’s illustrate the difference with Mermaid:

MERMAID
flowchart TD
  A[User click "Delete"] --> B{Soft Delete?}
  B -- Yes --> C[Update 'deletedAt' field]
  C --> D[Data tidak tampil, bisa restore]
  B -- No --> E[Delete from DB]
  E --> F[Data hilang permanen]

Simulation: Comparing Soft Delete & Hard Delete

FeatureSoft DeleteHard Delete
Reversible?YesNo
Audit-safe?YesNo
Space Saving?NoYes
ComplexityHarderEasier
PerformanceUsually fastVery fast

Best Practices for Update & Delete Mutations

  1. Always Validate Input
    Prevent invalid fields from being updated so that data integrity is preserved.

  2. Partial vs Full Update
    Use partial updates for efficiency and security. Don’t always expose the entire object.

  3. Bulk Operations
    Batch update/delete can speed things up, but you need to handle concurrency & rollback.

  4. Audit Log
    For any important update/delete mutation, logging is vital for forensics.

  5. Authorization Check
    Never allow update/delete mutations to run unchecked! Make sure the user actually has access.

  6. Soft Delete
    Soft delete by default, then permanently remove via routine maintenance (purge).


Conclusion

Managing update and delete mutations turns out to be far more than writing a one-line function. There are various schemas, patterns, and best practices you need to understand to keep your application modular, secure, and maintainable.
With these 29 mutation variations, you as an engineer can anticipate future business cases—without needing a massive refactor.

Don’t forget to always review and test every mutation!
If you have experience with or other unique mutation patterns, feel free to discuss them in the comments.


Happy coding, and may your data always stay safe and well-managed! 🚀


Further reading:

Related Articles

💬 Comments