Subscribe to Drupal News feed
Drupal.org - aggregated feeds in category Planet Drupal
Updated: 16 hours 8 min ago

Nextide Blog: Maestro Use Case: Nextide Assists NASA’s Jet Propulsion Laboratory

Mon, 10/22/2018 - 12:34
NASA’s Jet Propulsion Laboratory (JPL) needed to automate an internal document approval process where any given launch of the workflow could: Have unique and a varying number of approvers. Abort the approval process immediately upon a single approver rejecting, even if other approvers have approved or have yet to view the document. Re-route rejected documents to the initiator of the approval process. Upon all assigned approvers approving the document, route the document to completion, notifying stakeholders in the process. Using Drupal and Nextide’s Maestro workflow module, JPL was able to prototype a base workflow template to automate their process. However, the missing element was the ability to implement a workflow that allows for on-the-fly selection of approvers, the number of approvers and managing the acceptance and rejection of the document.

Aten Design Group: Decoupled Drupal + Gatsby: Getting Started

Mon, 10/22/2018 - 09:53

Lately, we've been using Gatsby with Drupal for projects where we need it decoupled.

Gatsby is a unique project. It's most often evaluated as a static site generator compared to the likes of Jekyll and Hugo. While Gatsby can generate a static website, it's more accurately described as a content mesh.

Gatsby uses GraphQL to pull in one or more sources to generate site content. There is a large list of Gatsby source plugins including: Drupal, WordPress, YouTube, Twitter, Hubspot, Shopify and Google Sheets just to name a few. It's optimized for blazing fast performance. Since it's built using React, it can be used to build hybrid sites. Along with generating static pages it can also render client-side content. It can pull in dynamic data, add password protected content and take advantage of features typically not found in static generated sites.

Similar to Drupal, Gatsby is open source. It has a devoted and ever-growing community, with an expanding plug-in library which makes building your site even easier.

With this combination we can leverage Drupal as a content authoring platform and utilize Gatsby to render the frontend.

The screencasts below show how quickly you can configure a Drupal 8 website to pair with Gatsby.

With our Drupal 8 website set up, the next step is to configure Gatsby to pull the Drupal site's content.

In my next blog, I'll be covering how automate your Drupal to Gatsby content deployment to Netlify.

Download a Transcription of this Screencast

Download Transcription

Agiledrop.com Blog: Janne Kalliola: Organising CEO dinners, Drupal Business surveys and local and regional DrupalCamps

Mon, 10/22/2018 - 09:53

This week we talked with Janne Kalliola. Janne does not code, but he is a very active Drupal community contributor. Learn about CEO dinners he helps organize and what would he be working on, if he had an extra day between Thursday and Friday.

READ MORE

Sooper Drupal Themes: 9 Drupal Websites that Change the World

Mon, 10/22/2018 - 05:33

In today's article we are going to take a look at 9 of the best Drupal websites that have a big impact on changing the world, working to make it better place for everyone.

Drupal is the number one open source platform for web content management among global enterprises, governments, higher education institutes, and NGOs. It is an open source content management system (CMS) that enables complex websites to offer a large amount of information without having to compromise speed or utility. Drupal's standard features like easy content authoring, reliable performance and excellent security represent some of its biggest assets that together make it the CMS of choice for big enterprises and NGOs. Nowadays, more than 1 million websites worldwide use Drupal to combine great design with power, speed and security that the CMS provides.
 

1. NASA

Our knowledge of Space and what lies beyond our planet’s limits would be very limited without NASA. In between landing people on the Moon and studying every planet in our Solar System NASA also spends their time towards improving our daily lives, for example in health, medicine, transportation, public safety, consumer products, computer technology, environmental and agricultural resources, and industrial activity. Moreover, the technologies developed for their space missions eventually end up having huge benefits for humanity, for example the CMOS sensor built in the ‘90s to take pictures of our planet from space, enables today’s smartphone camera, high definition videos and shaped social media as we know it. NASA also has a dedicated research program called NASA Earth Science, whose main objective is to develop a scientific understanding of the Earth system and its response to natural and human-induced changes to enable improved prediction of climate, weather, and natural hazards for present and future generations.

2. Tesla

What does a car company have to do with changing the world? Tesla, founded in 2003, has continuously revolutionized the way people look at sustainable energy, focusing on infinitely scalable clean energy generation and storage products. In order to achieve its goal, Tesla manufactures a unique set of energy solutions, Powerwall, Powerpack and Solar Roof, enabling homeowners, businesses, and utilities to manage renewable energy generation, storage, and consumption. In addition, they have also developed the Gigafactory 1: a facility designed to significantly reduce battery cell costs. 
With Tesla building its most affordable car yet, Model 3, the company continues to make products accessible and affordable to more people, ultimately accelerating the arrival of clean transport and clean energy production. 
All their amazing product pages, company information, and add-on components like the forum and job board are put together in a minimalist but feature-rich Drupal website.

3. Rainforest Alliance 

The Rainforest Alliance is an international non-governmental organization whose mission is to conserve biodiversity and promote sustainable living by transforming land-use practices, business practices, and consumer behavior. Currently the NGO works with rural communities in 76 countries around the world to conserve forests, support sustainable livelihoods, and restore balance to the planet.  
In order to achieve its goals, The Rainforest Alliance has distinguished 5 issues they are focusing on:

  1. Forests - helped prevent deforestation of nearly 4.4 million hectares in high-risk landscapes and forest frontiers.
  2. Food & Farming - the organization trains farmers in some of the world's most vulnerable landscapes to farm in a way that boost crop yields, conserves forests, protects streams and rivers, and nurtures soil health.
  3. Wildlife - trained more than 1 million farmers in methods that boost the productivity of the land and prevents agricultural expansion and destruction of vital forest habitat.
  4. Climate - working towards advancing sustainable economic development through promoting climate-smart land management, greenhouse gas mitigation policies, and support national governments' participation in climate policies and frameworks.
  5. People - adopted concrete strategies to support the environmental, economic, and social health of rural communities around the world. 

The Rainforest Alliance currently runs Drupal 8 on their main site, and Drupal 7 on the business site. Its smart, simple and beautiful layout with a focus on structured data makes for an easy navigation and accessible information for the site visitors.

4. Doctors without Borders


Doctors without Borders, or Médecins Sans Frontières (MSF) was officially founded in December 1971. At the time the organization consisted of 300 volunteers: doctors, nurses, and other staff, including 13 founding doctors and journalists. Over the years, MSF has grown to be an independent, global movement providing medical aid where it's needed most, implementing the right to medical care regardless of gender, race, religion, creed, or political affiliation. 
To assure their global presence and respond as fast as possible to the emergencies, Doctors without Borders has 21 offices located all over the world, followed by offices in Geneva and two United Nations liaison offices. Up and ready for every situation, MSF makes sure to have the necessary resources in order at all time, such as:

  • Pre-packed disaster - kits ready for transportation within hours
  • Supply centers across the globe - four logistical centers based in Europe and East Africa plus stores of emergency materials in Central America and East Asia
  • Cost-reducing logistics - a dedicated staff who negotiates with appropriate officials to insure the import taxes on medication are correct and material delivered as quickly as possible

Currently MSF employs more than 30,000 people across the world and has treaded over a hundred million patients - with 8.25 million outpatient consultations being carried out in 2014 alone. In 1999, Doctors without Borders was awarded a Nobel Prize for World Peace in recognition of the organization's pioneering humanitarian work on several continents.
The MSF site is a prime example of a complex website that embraces the power of Drupal. Strong multisite capabilities, proven track record of handling high traffic and its flexibility were few of the reasons Drupal was chosen as their website CMS. 

5. International Committee of the Red Cross

The International Commitee of the Red Cross, or ICRC, is an independent, neutral organization providing humanitarian protection and assistance for victims of armed conflict and other situations of violence. The ICRC also fights to prevent suffering by promoting and strengthening humanitarian law and universal humanitarian principles. Established in 1863, the ICRC is at the origin of Geneva Conventions and the International Red Cross and Red Crescent Movement. Through its activity, the organization addresses a wide variety of global issues such as economic security, restoring family links, water and habitat, access to education, health, sexual violence, forensic science, mine action and building respect for the law. The legal basis of any action undertaken by ICRC stands as follows: 

  • The four Geneva Conventions and Additional Protocol confer on the ICRC a specific mandate to act in the event of international armed conflict. In particular, the ICRC has the right to visit prisoners of war and civilian internees. The Conventions also give the ICRC a broad right of initiative
  • In non-international armed conflicts, the ICRC enjoys a right of humanitarian initiative recognized by the international community and enshrined in Article 3 common to the four Geneva Conventions
  • In the event of internal disturbances and tensions, and in any other situation that warrants humanitarian action, the ICRC also enjoys a right of initiative, which is recognized in the Statutes of the International Red Cross and Red Crescent Movement. Thus, wherever international humanitarian law does not apply, the ICRC may offer its services to governments without that offer constituting interference in the internal affairs of the State concerned

ICRC picked Drupal as their CMS because it provides their team with tools for easy management, large number of features and reliable performance, which makes a site managing easy and provides a great digital experience for the visitors.

6. Rotary

Rotary is a global network of 1.2 million neighbors, friends, leaders, and problem-solvers united by one goal: unite people and take action to create a lasting, meaningful change. It is a non-political and non-sectarian organization open to anyone, regardless of their race, color, creed, religion, gender, or political reference. Rotary consists of 34,000+ member clubs worldwide, as well as 1.2 million individuals, known as Rotarians, who all work towards solving important global problems, such as: fighting disease, growing local economies, promoting peace, providing clean water, saving mothers & children and support education. 
The object of Rotary is to encourage and foster the ideal of service as a basis of worthy enterprise and, in particular, to encourage and foster:

  • The development of acquaintance as an opportunity for service.
  • High ethical standards in business and professions, the recognition of the worthiness of all useful occupations, and the dignifying of each Rotarian's occupation as an opportunity to serve society.
  • The application of the ideal of service in each Rotarian's personal, business, and community life.
  • The advancement of international understanding, goodwill, and peace through a world fellowship of business and professional persons united in the ideal of service.

    Rotary chose Drupal as the primary CMS for their website due to its flexibility and extensibility. The wide variety of modules and distributions assist Rotary with the best web technology solutions for providing, managing and distributing content.

    7. Global Impact | Charity.org

    Global Impact is a non-profit organization based in the United States who works with hundreds of public and private sectors workplace, assisting in campaigns to generate funding for an alliance of more than 100 of the most respected international charities. Some of the affiliated charities include CARE, Doctors without Borders, Heifer International, Save the Children, the U.S. fund for UNICEF and and World Vision. The organization builds partnerships and raises resources that help the world's most vulnerable people. Global Impact focuses on supporting programs related to global issues such as: clean water, disaster relief and resiliency, economic development, education, environmental sustainability, global health and child survival, human trafficking, hunger, malaria, women and girls. Since its founding in 1956, Global Impact generated more than $1.8 billion for people in need. In 2016 alone, the organization raised more than $42 million in total contributions, helping more than 45 corporate and nonprofit partners accomplish their philanthropic goals by providing advisory and and backbone services.

    Currently running Drupal 7, Global Impact's website handles the large amount of information shared on the website with ease, the web pages feel light and the loading times are minimal.

    8. CARE International

    Founded in 1945 in the U.S, CARE is a nonsectarian, impartial, and non-governmental organization who currently works in 79 poor and developing countries, helping people in need to find a better, poverty-free life. Thanks to the years of experience in the industry CARE International recognized that poverty is a direct result of absence of rights, opportunities and assets, due to social exclusion, marginalization and discrimination. Also one of their primary focus is empowering women after realizing that women play a big role in fighting poverty: by empowering women, entire families and communities can be lifted out of poverty. Until 2020, CARE is committed to being a key part in making sure that:

    • 100 million women and girls exercise their rights to sexual, reproductive and maternal health and a life free from violence
    • 30 million women to have greater access to and control over economic resources
    • 20 million people affected by humanitarian crises receive quality, life-saving humanitarian assistance.
    • 50 million poor and vulnerable people increase their food and nutrition security and their resilience to climate change

    The organization is planning to achieve the following by focusing on 3 key roles: providing and transferring expertise (particularly in the areas of women's economic empowerment, humanitarian action, inclusive governance, gender equality and resilience); multiplying impact; and raising funds to achieve CARE's goals. 

      All the information related to the company, its achievements and goals are packed into a flawless website structure, making the best out of the tools that Drupal provides to create a pleasurable experience for the visitors. 

      9. The Chinese University of Hong Kong

      The Chinese University of Hong Kong (CUHK) is a comprehensive research university with a global vision and mission to combine tradition with modernity. To maximize the impact and the benefits it brings to society, CUHK has adopted a 2016-2020 strategic plan to become a world-class university recognized as a centre of excellence for developing cutting-edge research and emerging interdisciplinary strengths that have global impact and significant contributions to society. CUHK focuses on researching four major areas that will address some of the most pressing issues humankind faces:

      1. China Studies - as China takes centre stage in the world's economic, cultural and political arenas, CUHK works towards unovering the opportunities and challenges of China's global development and its impact on the world from the synergistic perspectives of humanities, social science, business and law.
      2. Translational Biomedicine - translate advances in biomedical research for the betterment of physiological, behavioral or psychological health
      3. Information and Automation Technology - develop data science and artificial intelligence into innovative technologies for the benefit of human life
      4. Environment and Sustainability - achieve low carbon and active healthy living with Information and Communication Technologies and integrated environmental and socio-economic sustainability

      Besides using Drupal for running their website, CUHK is also using our product Glazed Builder. While Glazed Builder is not yet used for the main website it is used to quickly design and build faculty sites and special event websites. For example Glazed Builder and Glazed Theme were recently used for rapid deployment of the memorial website of Nobel Prize winner Sir Charles K. Kao. We're honored to have been a part in the honoring of the founding father of broadband internet.

      The mission and dedication towards making the world a better place, as well as the extent these organizations go in order to achieve their goals is both astonishing and inspiring. By using Drupal to communicate and display a colossal amount of information in a way that's accessible and easy to navigate through for the audience, they are also supporting one of the largest open source CMS community - who works together towards improving the digital world.

      Web Omelette: Lazy loaded services in Drupal 8

      Mon, 10/22/2018 - 03:32

      Inheriting from Symfony (in principle but not implementation), Drupal 8 allows us to define certain services as lazy. Why? Well why the hell not?!

      Sometimes, our services get big. Not necessarily in the number of things they do (hopefully not) but in the time it takes for them to get instantiated. As you know, when we define a service and make it a dependency of something else, the service container will instantiate that service and inject it where it is needed. And this happens whether on that particular request that service is used or not.

      For example, let’s imagine you have a Controller with 2 public methods used for 2 distinct routes. Most likely, when one method gets hit for the route, the logic of the second one doesn’t run. And even if only the second one depends on an injected service, the latter gets instantiated in both cases regardless.

      Of course, for “popular” services like the EntityTypeManager or form builders this is not a big deal. For one, they are probably going to be instantiated anyway for other parts of the request. And second, they are not expensive to construct. Well, they probably are but anyway, see point 1. However, if we have our custom service as a dependency which is used only for that one route, it doesn’t make sense to have it instantiated for both routes. Especially if it is expensive to do so — heavy on resources. Enter lazy services.

      Lazy services basically “tell” the container:

      Ok, I need to be injected, sure, but unless I’m not used, please don’t construct me… mkay?

      So how does this work in practice? Let’s see an example.

      Assume this service:

      namespace Drupal\module_name; class MyHeavyService implements HeavyServiceInterface { /** * This be slow. */ public function __construct() { sleep(4); } /** * Does something, doesn't matter what. */ public function doSomething() {} }

      A few things to note here:

      • It’s important to have an interface. Without one, this won’t work. You’ll see in a moment why.
      • The constructor does, for some reason, take an expensive nap.
      • It’s not important what the API of the service does.

      For such a service, the normal service definition would look like this:

      module_name.heavy_service: class: Drupal\module_name\MyHeavyService

      If we injecting this into our Controller, any request which uses the latter will instantiate this service as well — which costs us 4 seconds a pop. So to make it lazy we just have this instead:

      module_name.heavy_service: class: Drupal\module_name\MyHeavyService lazy: true

      Lazy services work by way of proxy classes. Meaning that for each service that is declared lazy, the container expects a proxy class which is responsible for decorating the original one and only instantiate it if any of the public APIs are requested. But don’t worry, we don’t have to write another class. We have a PHP script provided by Drupal core that does this for us:

      php core/scripts/generate-proxy-class.php 'Drupal\module_name\MyHeavyService' 'modules/custom/module_name/src'

      The script takes two parameters:

      • The namespace of the service we want to create a proxy for
      • The location where it should be written

      Do note that proxy classes are dumped automatically into a ProxyClass folder located at that specified path. So this is what gets generated for our service at modules/custom/module_name/src/ProxyClass/MyHeavyService.php:

      // @codingStandardsIgnoreFile /** * This file was generated via php core/scripts/generate-proxy-class.php 'Drupal\module_name\MyHeavyService' "modules/custom/module_name/src". */ namespace Drupal\module_name\ProxyClass { /** * Provides a proxy class for \Drupal\module_name\MyHeavyService. * * @see \Drupal\Component\ProxyBuilder */ class MyHeavyService implements \Drupal\module_name\HeavyServiceInterface { use \Drupal\Core\DependencyInjection\DependencySerializationTrait; /** * The id of the original proxied service. * * @var string */ protected $drupalProxyOriginalServiceId; /** * The real proxied service, after it was lazy loaded. * * @var \Drupal\module_name\MyHeavyService */ protected $service; /** * The service container. * * @var \Symfony\Component\DependencyInjection\ContainerInterface */ protected $container; /** * Constructs a ProxyClass Drupal proxy object. * * @param \Symfony\Component\DependencyInjection\ContainerInterface $container * The container. * @param string $drupal_proxy_original_service_id * The service ID of the original service. */ public function __construct(\Symfony\Component\DependencyInjection\ContainerInterface $container, $drupal_proxy_original_service_id) { $this->container = $container; $this->drupalProxyOriginalServiceId = $drupal_proxy_original_service_id; } /** * Lazy loads the real service from the container. * * @return object * Returns the constructed real service. */ protected function lazyLoadItself() { if (!isset($this->service)) { $this->service = $this->container->get($this->drupalProxyOriginalServiceId); } return $this->service; } /** * {@inheritdoc} */ public function doSomething() { return $this->lazyLoadItself()->doSomething(); } } }

      As you can see, we have a simple decorator. It implements the same interface and has the same public methods. The latter, however, are derived automatically from the service class and not the interface. And basically, the container is injected and used to instantiate the underlying service the first time any of the public methods are called. If none are called in that request, it won’t get instantiated.

      I mentioned above that having an interface on the service is necessary. The reason is that when we inject it somewhere, we need to type hint the interface. Otherwise, the container would pass an instance of Drupal\module_name\ProxyClass\MyHeavyService which is not the same as the original Drupal\module_name\MyHeavyService.

      So now, we can inject it, type hint it with the interface and it would only get instantiated if any of the public methods are called. Neat no?

      The responsible for making all this happen is the Drupal\Core\DependencyInjection\Compiler\ProxyServicesPass compiler pass. Looking for service definitions that have been marked as lazy, it creates a new identical service definition (non-lazy) which uses the proxy class and adds that to the container instead. It’s actually not rocket science if you look at the code.

      And like many things, just because we have this available, it doesn’t mean we should use it for every service we write. Remember, if you create services used all over the place, this is useless. The criteria for whether to make your service lazy should be:

      • Is it heavy to instantiate (depends on a bunch of other services which in turn are not super popular either)?
      • Is it ever instantiated for no reason?

      Hope this helps.

      OSTraining: How to Create a Request Contact Form in Drupal 7

      Mon, 10/22/2018 - 01:02

      An OSTraining member has asked us how to create a request form in Drupal 7. They needed to process requests using this workflow:

      1. A customer fills out a form to send their request for repair or service on a specific piece of equipment.
      2. A customer service agent comments on the request to either approve or deny it.
      3. The customer gets an automatic email after his request has been processed.

      In this tutorial, I'll show you how to create a form like this.

      Drupal Atlanta Medium Publication: How to Add Blocks in Paragraphs for Drupal 8

      Sat, 10/20/2018 - 23:15
      Wouldn’t it be nice if you could add any block you want to your paragraphs?

      In years past, layout for Drupal has been in the hands of front-end developers, but over time various modules were developed that provided site-builders the ability to adjust the layout. An improvement yes, but there still wasn’t a clear cut option that empowered content editors to alter the layout during the editorial process.

      Look out! Here comes the Paragraphs Module. This module has been taking the Drupal community over by storm because it allows content editors to add pre-designed components which gives each page the option to have different layouts. One of the limitations of the Paragraphs module, is that each paragraph can only be used once, and only for the current node you are editing. This means that you can’t re-use a common paragraph such as a call to action block, email signup or contact us form, so you end up finding yourself duplicating a lot of work if you want the same block on numerous pages. While the Drupal community has been working to help solve this problem by allowing the re-use of paragraphs, there are still going to be plenty of situations where you want to insert custom blocks, views, or system blocks such as the site logo or login block.

      How do you allow your site editors to add re-used blocks into their content during the editorial process?

      Let me introduce you to the Block Field Module. Maintained by the one and only Jacob Rockowitz (you know the webform guy ), you can be assured that the code follows best practices and that there will be support. The block field module allows you to reference any block regardless of where it is coming from and the best part, you don’t have to create some hidden region in your theme in order for the blocks to be rendered.

      There are plenty of awesome articles out there that explains how to use paragraphs so I won’t get into that. To follow along with my steps be sure to have downloaded and enabled both the Paragraphs and the Block Field modules.

      Steps to Add Blocks to Paragraphs
      1. Download and Enable the Paragraphs and Block Field modules.
      2. Create a paragraph type called Block Reference (or whatever name you want)
      3. Add a new field, by selecting the Block (plugin) field type from the dropdown and save it.
      4. Go to manage display and make the label hidden.
        I always forget this step and then I scratch my head when I see the Block Ref field label above my views title.
      5. Now go to back to your content type that has the paragraph reference field and ensure the Block Reference paragraph type is correctly enabled.
        The content type with the paragraph reference field was not covered in this tutorial.
      6. When adding or editing your content with a paragraph reference field. Add the Block Reference paragraph type. Select the name of the block that you would like to reference from the dropdown hit save on the content and watch the magic happen.

      In conclusion, it does feel a little scary giving content editors this much freedom so it will be imperative that all views and custom blocks have descriptive names so that editors can clearly identify what blocks to reference. Overall I feel like this is a good solution for referencing existing blocks that can save a lot of time and really unleashes the power of the paragraphs module. The Drupal community continues to amaze me!

      If you are interested in contributing blog post or want to get more involved with the Atlanta Drupal Users Group (ADUG) please feel free to reach out info@drupalatlanta.org

      How to Add Blocks in Paragraphs for Drupal 8 was originally published in Drupal Atlanta on Medium, where people are continuing the conversation by highlighting and responding to this story.

      Mass.gov Digital Services: Join our growing team at Massachusetts Digital Services

      Fri, 10/19/2018 - 13:08

      Today, more than 80% of people’s interactions with government take place online. Whether it’s starting a business or filing for unemployment, too many of these experiences are slow, confusing, or frustrating. That’s why, one year ago, the Commonwealth of Massachusetts created Digital Services in the Executive Office of Technology and Security Services. Digital Services is at the forefront of the state’s digital transformation. Its mission is to leverage the best technology and information available to make people’s interactions with state government fast, easy, and wicked awesome. There’s a lot of work to do, but we’re making quick progress.

      In 2017, Digital Services launched the new Mass.gov. In 2018, the team rolled out the first-ever statewide web analytics platform to use data and verbatim user feedback to guide ongoing product development. Now our researchers and designers are hard at work creating a modern design system that can be reused across the state’s websites and conducting the end-to-end research projects to create user journey maps to improve service design.

      If you want to work in a fast-paced agile environment, with a good work life balance, solving hard problems, working with cutting-edge technology, and making a difference in people’s lives, you should join Massachusetts Digital Services.

      Check out some of our current postings here:

      Digital Strategist

      Digital Project Manager

      Web Analytics Business Analyst

      Didn’t see a good fit for you? Check out more about hiring at the Executive Office of Technology and Security Services and submit your resume in order to be informed on roles as they become available.

      Coming soon…

      Senior Drupal Developer

      Director of Technology

      Creative Director

      Senior UI/UX Designer

      https://medium.com/media/22630d8c2d462af2cdd2ec5109f6e2b5/href

      Join our growing team at Massachusetts Digital Services was originally published in MA Digital Services on Medium, where people are continuing the conversation by highlighting and responding to this story.

      OpenSense Labs: Drupal as a part of Content as a Service Strategy

      Fri, 10/19/2018 - 11:39
      Drupal as a part of Content as a Service Strategy Shankar Fri, 10/19/2018 - 21:09

      Digitisation has altered the game for content providers. Customers - whether businesses or consumers - look for bite-sized pieces of content delivered to their chosen interface anywhere and anytime. Content creators continuously need to rethink and rewire how they disseminate content across channels due to the proliferation of digital platforms, the variety, and granularity of media, and the ever-shorter attention spans of customers. And so arises the need for a Content as a Service (CaaS) solution.


      The democratisation of content and the entry of social media and the technology giants into the content business are erasing the divide between media and entertainment market segments. This is building a new ecosystem that will be driven by content-as-a-service delivery models. Drupal can offer a magnificent CaaS solution for the organisations looking to distribute content on screens, websites, mobile apps, IoT devices and beyond.

      A Peek at CaaS Source: Bloomreach

      CaaS is an architectural pattern that completely decouples the content authoring process from how it is used. Traditional CMS offers a single software to separate the data layer from the presentation of said data. Even though the presentation of the data is separated, it is still attached to the technology, delivery channels, and the capabilities supported by the software. CaaS comprises of a backend CMS that provides content authoring capabilities with APIs for delivering content to external systems.

      CaaS is an architectural pattern that completely decouples the content authoring process from how it is used.

      An efficacious content-as-a-service model enables enterprises to store content in a form and with the sort of detail which makes it easier to discover, repurpose, transform, and transmit. Today, service providers can leverage their application programming interfaces (APIs) as platforms for disseminating content.

      Simultaneously, organisations must consider the level of granularity that is needed to store and expose units of content in the most effective manner. They should track the business costs generated by individual units of content so that their content supply can be refined and new business models can be developed. Even though technology constraints must be duly assessed, content providers should understand their content’s ‘lowest common monetisation denominator’ (LCMD) and the returns on content assets.

      Executing content as a service

      CaaS is a paradigm for delivering the right amount of content to the right kind of customer at the right time via the right channel. That is:

      • Content is enough to meet the demands of the customers
      • Content is personalised
      • Content is delivered accurately when the customer needs it. Updates are done in real-time.
      • Content is delivered on the platform of choice at the right time and then swiftly and endlessly transferred from one platform/ device to another.

      A perfect CaaS model is integrated with numerous services that connect to a customer-facing platform and expose units of content on demand. These can constitute music on Apple Music, books and magazines on Amazon Kindle, or shows on Netflix. The ubiquitous nature of the IoT is expected to make CaaS indispensable as all types of data are gathered by big data platforms and made available to application developers.

      APIs are the drivers for most “X-as-a-service” ecosystems and content-as-a-service is no exception to this Source: Bloomreach

      With the increase in platforms, formats, devices, languages and locations for exposing content, the ease, speed, and efficacy of governing and delivering it must also increase. APIs can transmit data to and from any destination faster and with cost-effective ways. In the API economy, APIs are developed like products for supporting new business models. An API strategy is a collaborative effort among product and technology teams to keep a digital business strategy on track. APIs are the drivers for most “X-as-a-service” ecosystems and content-as-a-service is no exception to this.

      The value of CaaS Source: Cognizant

      The ability to precisely identify the smallest unit of content that can be stored autonomously and delivered profitably is the foundation of any CaaS model. This can be referred to as the lowest common monetisable denominator (LCMD) of content which can be tracked, tagged and reused. Through taxonomy and semantics, enterprises can store content at the LCMD level and develop an aggregate or smaller levels of the data on demand.

      So once the organisation identifies the LCMD of content the evaluation can be done on the returns from pieces of content created at that granularity, that is, returns on a content asset (RoCA).

      When can you use CaaS?

      Following are the scenarios where you can utilise the capabilities of CaaS:

      • Mobile applications: Alterations to mobile applications, most often than not, needs the application to be resubmitted to a digital distribution platform vendor like Google or Apple for the approval. CaaS system enables businesses to alter the content in these applications without having to change the application.
      • Multiple channels: CaaS enables business users to deploy the same content to several delivery channels via a singular system rather than having to maintain different systems for different channels.
      • UX flexibility: Being independent of the presentation layer, designers can freely use any technology to develop their UX and are not tied to technologies or components supported by the CMS. Javascript frameworks, that evolve at their own pace, provides developers with greater UX flexibility.
      • AI-based application: Leveraging chatbots and other AI-based applications, it is easier for robots to consume content via an API.
      Drupal as Content as a Service Source: Dries Buytaert’s blog

      If you want to enable your frontend developers to create engrossing customer experiences, Drupal’s content-as-a-service approach allows you to think outside the page-based mentality. Drupal’s CaaS solution helps in delivering reusable, future-proof content seamlessly by decoupling the back and front ends where needed.

      Moreover, frontend developers can develop better experiences with Drupal’s presentation-neutral content and RESTful API and leverage tools like Angular, Ember, Backbone and many more. Ingestion of content from third-party content, for example, from aggregators and syndicators, to bring content into your Drupal environment can be done which can be disseminated to any channel. With Drupal’s CaaS capability, content is easily consumed by other websites and application that you choose.

      It has all been possible because of the amazing work that is going on in the Drupal Community’s API-first initiative. It is actively working to advance existing and new web services web services efforts thereby making Drupal an excellent CaaS and optimal for developers. Through web services like JSON API and GraphQL or the tooling that accelerates headless application development like the Waterwheel ecosystem, Drupal as a content-as-a-service is great for developers.

      Drupal is stupendous for both editors and developers

      Drupal is stupendous for both editors and developers. The biggest advantage that Drupal has over its headless competitors is that it can be an amazing CMS for content editors to give them control over the presentation of their content and a rich headless CMS for enabling developers in building huge content ecosystems in a single package.
       
      With Drupal perpetually powering more and more websites, it is also being extracted to its full potential in order to serve content to other backend systems, native applications, single page applications, and even conversational interfaces simultaneously.

      Conclusion

      As digital transformation accelerates, content providers are altering the nuts and bolts of their content activities. As more content is delivered as a service through a myriad of APIs, more data will get generated thereby assisting content providers in creating more precise business models.
       
      Content as a service is like a treat for the developers giving them maximum flexibility in their pursuits of digital innovation. Drupal as a CaaS has been offering a great digital experience to both content editors and developers alike.
       
      Drupal experts at Opensense Labs have been powering digital transformation of businesses through Drupal development.
       
      Contact us at hello@opensenselabs.com to build great digital experiences using Drupal as Content as a Service.
       

      blog banner blog image CaaS Content as a Service Drupal CaaS Drupal Content as a Service Drupal Drupal 8 Drupal CMS API Web API API-first API-first Drupal Decoupled Drupal Headless Drupal Decoupled CMS Headless CMS Blog Type Articles Is it a good read ? On

      Acquia Developer Center Blog: Decoupling in Drupal, all the questions you had, answered by internet

      Fri, 10/19/2018 - 11:30

      Question: Decoupling Drupal… Wait, what? why? when?

       

      In a few words/points, decouple is good because:

      • Unleash of cutting edge frontend technologies
      • frontend technologies which are constantly accelerating and with which CMS’es can’t keep pace
      • Lots of front end work that does not necessarily need to change when upgrading the CMS
      • Which means also less friction between frontend and backend

       

      Question: What is all this hype about

       

      Tags: acquia drupal planet

      mark.ie: Can I Stop PatternLab Variants from Inheriting Data from their Parent Component

      Fri, 10/19/2018 - 08:01
      Can I Stop PatternLab Variants from Inheriting Data from their Parent Component

      I have a card component with a title, image, text, and link. How come all my card variants are inheriting all the values from the default one? Short answer, you don't. It's a feature, not a bug.

      markconroy Fri, 10/19/2018 - 13:01

      Where this really becomes frustrating is when you have a pattern that lists a number of items in an array. In that case, all variants will have (at least) that many items, even though you may want fewer.

      For illustration:

      list.twig has something like this:

      {% for list_item in list_items %}
        {{ list_item }}
      {% endfor %}

      Then list.yml has something like this:

      list_items:
        - join():
          - include():
              pattern: content-teaser
        - join():
          - include():
              pattern: content-teaser
        - join():
          - include():
              pattern: content-teaser
        - join():
          - include():
              pattern: content-teaser
        - join():
          - include():
              pattern: content-teaser
        - join():
          -- loads of more teasers for the main listing page

      Now you want to create a variant of list such as list~related-articles, but with only 2 items. You'd expect this would work
      list_items:
        - join():
          - include():
              pattern: content-teaser
        - join():
          - include():
              pattern: content-teaser

      But, no. This will still render as many items as were in the parent component. That's the beauty (a feature, not a bug) of PatternLab's inheritance system. To stop it you need to do something like this:

      list_items:
        - join():
          - include():
              pattern: content-teaser
        - join():
          - include():
              pattern: content-teaser
        -
        -
        - and so on, so each extra one is basically set to 'false'

      When we do this with a component such as a card, we might also want to have variants such as card~no-image, card~no-text, etc. In this case, we'd have a card.yml like so:

      card_title: 'My Card Title'
      card_image: ''
      card_text: 'The text of the card will go here'

      However, if we create variants, each of the items in card will be inherited to the variant. You'll notice this if you try to create one super mega component for all variants of a hero component for example (hero title, pre-title, sub-title, image, alignment, cta buttons, etc).

      In this case, what I do is create a default component card.yml or hero.yml and give it only values for items that will more than likely be in all variants (basically whatever you are going to mark as a required field in Drupal (or whatever CMS you are using)), then set all others to 'false' in the component. Now when I create variants I only need to override the specifics for that variant, since everything else that is being inherited is already set to false. I also create a 'Kitchen Sink' version of the component which shows every item in action but DO NOT create this as the default/reference component.

      My default card.yml might look like this:

      card_title: 'My Card Title'
      card_image: false
      card_text: false

      Now my variants can look as simple as:

      card~with-image.yml
      card_image: ''

      And card~long-title will be just one line:

      card_title: 'This is a long title on a card just to illustrate what happens when it wraps to more than one line'

      And that is why this is a feature, not a bug - it allows us to write variants very simply and quickly. Is there a better way of doing this? I'm not aware of one. If you are, drop it in the comments. Thanks.

      Matt Glaman: Running Drupal's Nightwatch test suite on DDEV

      Thu, 10/18/2018 - 22:29
      Running Drupal's Nightwatch test suite on DDEV Thursday 18, October 2018 mglaman

      This is the third, and final post in my series on running Drupal’s various test suites using the DDEV local development stack. Previously I covered running Drupal’s Unit, Kernel, and Functional tests and then running Chromedriver to execute the FunctionalJavascript test suite. In this post, I will talk about running the newly introduced Nightwatch.js test framework.

      ComputerMinds.co.uk: Quickly update Drupal core

      Thu, 10/18/2018 - 07:17

      If you've got a Drupal site, which you need to update quickly (for example, to address last night's security advisory!), here's a tip. Run this from the command line:

      curl 'https://github.com/drupal/drupal/compare/7.59..7.60.patch' | patch -p1

      This assumes your codebase was on Drupal 7.59 and you're currently in Drupal's root directory. If you're currently on a different version, adjust the numbers in the patch URL accordingly.

      Don't forget to still run database updates via /update.php or drush updatedb !

      The Drupal repo on github is a verbatim mirror of the official Drupal repo from git.drupal.org. Github supports comparing arbitrary git references, with the /ORGANIZATION/REPO/compare/GITREF..GITREF URL, where the reference can be a tag, branch or revision. Adding '.patch' to the end of a github URL formats the page as a patch. So I've made use of these three things to give me an exact patch of the changes needed to update Drupal core's code.

      We normally use Composer (especially for Drupal 8) or Drush make to manage our codebases, including core, which is definitely the ideal, but sometimes projects aren't organised this way for whatever reason. A simple patch like this avoids the need for drush, or even potential mistakes that can be made when running drush pm-updatecode (such as removing any customisations within core directories).

      This method is even compatible with any core patches you already have in place, which normally have to be to re-applied when upgrading core by other methods. If you have any existing changes to core that are incompatible, you'll get errors about not being able to apply anyway, which you can then resolve manually.
      (Any patches/hacks you make to core should be documented clearly somewhere, so drush make or composer-patches would be better in that scenario though!)

      You can use this method to patch from github even if your core codebase is not in version control. But if it is... always check your diffs before committing! :-)

      myDropWizard.com: Drupal 6 security update for Search Autocomplete module

      Thu, 10/18/2018 - 00:55

      As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

      Today, there is a Moderately Critical security release for the Search Autocomplete module to fix a Cross Site Scripting (XSS) vulnerability.

      This Search Autocomplete module enables you to autocomplete textfield using data from your website.

      The module doesn't sufficiently filter user-entered text among the autocompletion items leading to an XSS vulnerability.

      See the security advisory for Drupal 7 for more information.

      Here you can download the Drupal 6 patch.

      Note: We only support the 6.x-2.x branch (we don't have any customers on the 6.x-4.x branch), so that's the only one we're going to do.

      If you have a Drupal 6 site using the Search Autocomplete module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

      If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

      Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

      myDropWizard.com: Drupal 6 core security update for SA-CORE-2018-006 (and mimemail and htmlmail)

      Wed, 10/17/2018 - 19:17

      As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

      Today, there is a Critical security release for Drupal core to fix multiple vulnerabilities. You can learn more in the security advisory:

      Drupal core - Critical - Multiple Vulnerabilities - SA-CORE-2018-006

      The following vulnerabilities mentioned in the security advisory also affect Drupal 6:

      • External URL injection through URL aliases - Moderately Critical - Open Redirect

      • Injection in DefaultMailSystem::mail() - Critical - Remote Code Execution

      The first vulnerability is in Drupal 6 core, however, the 2nd is only present in the contrib modules: htmlmail, and mimemail. If you don't use those modules, you're not affected by the 2nd vulnerability.

      If you have a Drupal 6 site, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

      If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

      Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

      Jacob Rockowitz: Acknowledging individuals contributing to Drupal

      Wed, 10/17/2018 - 16:20

      In my last blog post, I explained, "Why I am one of the top contributors to Drupal?" and examined my ongoing contribution to the Webform module for Drupal 8. My post was inspired by Dries Buytaert's annual who sponsors Drupal development post. Now I want to dig into that list of who’s and acknowledge other individuals contributing to Drupal.

      I am deliberately limiting the discussed contributors to people that I have had minimal or no direct interaction with online or in-person. I want to explore their contributions based on their online presence versus directly interviewing them.

      The Drunken Monkey

      I genuinely value Drunken Monkey's contribution to Drupal's Search API module.

      We rarely appreciate an API module until we have to start using them and diving into the code. The Search API module for Drupal 8 is a magnificent example of great code which conquers one of the hardest challenges in programming: naming things.

      For a recent project, I was diving into Search API's code, and Drunkey Monkey helped me out when I discovered Issue #2907518: Breakup tracking of content entities into smaller chunks to prevent memory limit issue. For the developers out there, if you read through the issue to the final patch, you will notice that Drunken Monkey manages to even improve some APIs while fixing the problem.

      The Search API Guy

      The first place to understand who is who in the Drupal community is people's user profiles. The most immediate thing that stands out about Drunkey Monkey is that he is…

      This statement is something I can relate to because I...Read More

      Security public service announcements: Drupal 7.x and 8.x release on Oct 17th, 2018 - DRUPAL-PSA-2018-10-17

      Wed, 10/17/2018 - 16:11

      The Drupal Security team has a core and contrib release window on the 3rd Wednesday of the month. This window normally ends at 5pm Eastern (9PM UTC).

      Due to unforeseen circumstances, we are extending the current window we are in by 3 hours until Oct 17th, 2018 at 8pm Eastern (11:59PM UTC).

      Security advisories: Drupal Core - Multiple Vulnerabilities - SA-CORE-2018-006

      Wed, 10/17/2018 - 12:42
      • Advisory ID: DRUPAL-SA-CONTRIB-2018-006
      • Project: Drupal core
      • Version: 7.x, 8.x
      • Date: 2018-October-17
      Description

      Content moderation - Moderately critical - Access bypass - Drupal 8

      In some conditions, content moderation fails to check a users access to use certain transitions, leading to an access bypass.

      In order to fix this issue, the following changes have been made to content moderation which may have implications for backwards compatibility:

      ModerationStateConstraintValidator
      Two additional services have been injected into this service. Anyone subclassing this service must ensure these additional dependencies are passed to the constructor, if the constructor has been overridden.
      StateTransitionValidationInterface
      An additional method has been added to this interface. Implementations of this interface which do not extend the StateTransitionValidation should implement this method.

      Implementations which do extend from the StateTransitionValidation should ensure any behavioural changes they have made are also reflected in this new method.

      User permissions
      Previously users who didn't have access to use any content moderation transitions were granted implicit access to update content provided the state of the content did not change. Now access to an associated transition will be validated for all users in scenarios where the state of content does not change between revisions.

      Reported by

      Fixed by

      External URL injection through URL aliases - Moderately Critical - Open Redirect - Drupal 7 and Drupal 8

      The path module allows users with the 'administer paths' to create pretty URLs for content.

      In certain circumstances the user can enter a particular path that triggers an open redirect to a malicious url.

      The issue is mitigated by the fact that the user needs the administer paths permission to exploit.

      Reported by

      Fixed by

      Anonymous Open Redirect - Moderately Critical - Open Redirect - Drupal 8

      Drupal core and contributed modules frequently use a "destination" query string parameter in URLs to redirect users to a new destination after completing an action on the current page. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users into being redirected to a 3rd party website, thereby exposing the users to potential social engineering attacks.

      This vulnerability has been publicly documented.

      RedirectResponseSubscriber event handler removal

      As part of the fix, \Drupal\Core\EventSubscriber\RedirectResponseSubscriber::sanitizeDestination has been removed, although this is a public function, it is not considered an API as per our API policy for event subscribers.
      If you have extended that class or are calling that method, you should review your implementation in line with the changes in the patch. The existing function has been removed to prevent a false sense of security.

      Reported by

      Fixed by

      Injection in DefaultMailSystem::mail() - Critical - Remote Code Execution - Drupal 7 and Drupal 8

      When sending email some variables were not being sanitized for shell arguments, which could lead to remote code execution.

      Reported by

      Fixed by

      Contextual Links validation - Critical - Remote Code Execution - Drupal 8

      The Contextual Links module doesn't sufficiently validate the requested contextual links.
      This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access contextual links".

      Reported by

      Fixed by

      Solution

      Upgrade to the most recent version of Drupal 7 or 8 core.

      Minor versions of Drupal 8 prior to 8.5.x are not supported and do not receive security coverage, so sites running older versions should update to the above 8.5.x release immediately. 8.5.x will receive security coverage until May 2019.

      TEN7 Blog's Drupal Posts: Episode 041: Steve Persch

      Wed, 10/17/2018 - 09:01
      It is our pleasure to welcome to the TEN7 podcast Steve Persch, lead developer advocate at Pantheon. Here's what we're discussing in this podcast: Steve's background; Celebrating a Drupal birthday; Theater background and blogging; WordPress experience; Improv comedy and Comedy Sports gaining self confidence; Experience at Palantir in Chicago; Contributing to Workbench; Discovering Git; Teaching WordPress' Guttenberg editor; What the WordPress & Drupal communities can learn from each other; The 2018 Twin Cities Open Source CMS Unconference; WordPress, Drupal & Joomla; Supporting Backdrop; Alexander Hamilton; Steve Vector (alias)

      Pages