Command Query Standard¶

Executive Summary¶

Command Query Standard defines how modules separate state-changing commands from read-oriented queries at the application service responsibility level.

Command Responsibilities¶

Responsibility	Requirement
Change state	Commands create, update, approve, submit, cancel, assign, or transition state.
Validate authority	Commands require authentication, authorization, entitlement, tenant context, and approval checks.
Produce events	Accepted commands may produce domain events.
Support idempotency	Retryable commands require idempotency design.

Query Responsibilities¶

Responsibility	Requirement
Read state	Queries return domain-owned views, projections, summaries, or read models.
Preserve security	Queries enforce tenant, organization, role, permission, entitlement, and classification rules.
Avoid side effects	Queries must not mutate operational state.
Use read models where appropriate	Complex reads should use governed projections instead of cross-module repository access.

Command and Query Flow¶

flowchart TB
    API[API Boundary]
    Command[Command]
    Query[Query]
    App[Application Service]
    Domain[Domain Model]
    ReadModel[Read Model]
    Event[Domain Event]

    API --> Command
    API --> Query
    Command --> App
    Query --> App
    App --> Domain
    App --> ReadModel
    Domain --> Event

Rules¶

Commands and queries may share authorization context but not responsibility.
Queries do not emit domain events.
Commands do not return internal aggregates.
API controllers translate requests into commands or queries, not direct domain calls.