Our blog contains the activity stream of Orchard Dojo: general news, new resources or tutorials are announced here.

Featured tags

IIS
API
SMS
SEO
All tags >

Lucene index rebuild and reset steps, Lombiq GitHub Actions - This week in Orchard (21/10/2022)

Lucene index rebuild and reset steps, update all action bars, utilize ContentTypeExtensions, and a demo about the Lombiq GitHub Actions project! Do we need to tell more about the content of our current post? Let's jump into the recent news of Orchard Core! Orchard Core updates Lucene index rebuild and reset steps Currently, when we are creating a search index from a recipe it doesn't build the index. This causes issues with Lucene and Elasticsearch where the Queries won't return any results, and also Elasticsearch will log an issue about "all shards failed" if nothing has been indexed yet in its indexes. It would be nice to be able to trigger an index to be rebuilt or reset from a scheduled background task as a one-time-only task. And from now on, you will find two new recipe steps that will help you with that: The Reset Lucene Search Index Step resets a Lucene index. The Rebuild Lucene Search Index Step rebuilds a Lucene index. You can find more information about how you can use these new recipe steps in the Orchard Core documentation. Update all action bars We have some improvements regarding the action bars on the admin UI of Orchard Core. As you can see on the screen below, there was a lot of wasted space between the search box and the New button. There was an extra round space between the filter icon and the search box and we also had uneven spaces, as you can see. The other thing is when using a mobile phone to manage contents (or any view with an action bar), the search input on the top shows up very small because of the wasted space between the search box and the New button. And here you can see the updated action bar. You can see that all of the mentioned issues are resolved like the search box is now longer, and we have equal spaces. Utilize ContentTypeExtensions We have had a static class called ContentTypeExtensions for a while now in the source, which contains several useful extensions. Like shortcuts to tell that the given content type is creatable, versionable, has stereotypes, and so on. Here the goal was to use the newly added extensions ContentTypeExtensions across the solution. Demos Lombiq GitHub Actions The Lombiq GitHub Actions project contains extensions that make a lot of things very easy in an Orchard Core or an Orchard Core-based project. If you don't know GitHub Actions or aren't entirely clear with the terminology, GitHub actions are GitHub's automation platform or CI/CD platform. Orchard Core of course also uses it to run various builds. And how you define a pipeline there is by creating workflows and/or composite actions. Workflows are what actually run, and actions are something that you can add on your own as well, these are things that workflows can call. Workflow is kind of like a program, and action is like a library that your program calls into. And of course, actions can be third-party as well. The point here is that you can use GitHub actions to automate a lot of things, like .NET builds, running tests, and doing various verifications on a pull request, and you can also do all kinds of modularization between these builds. And what we have under this project are workflows and actions. Workflows that you can call from your own workflows. Pretty much like one-liners, for example, to run the .NET build and execute a test. Actions are the building blocks that you can also use if you just want to have something specific. And we have quite a lot of actions and workflows here. Let's check out the workflow called Build and Test Orchard Core solution workflow! Here you can see how you use it. The example above is not even a minimal usage actually, it can be even shorter. This can be your GitHub Actions workflow in your own repository with an Orchard Core application, where you execute the workflow that we provide here. This is actually used in Orchard Core Commerce as well. If you check out the build-and-test.yml file inside the repository, you will find all the code that is necessary to run such builds. If you check out the details of a pull request inside the Commerce repository, you will see there are builds for Ubuntu and Windows as well. These are all the automated checks that we run. This is quite a long build because it's not just a .NET build, it also runs all kinds of static code analysis. It verifies that .NET packages are consolidated, and it also runs unit and UI tests with SQL Server and Azure Storage actually. And the Lombiq GitHub Actions projects contain a lot more than that! Are you interested in the details of what you can achieve if you use this project in yours too? If your answer is yes, or you want to know more about this automation platform check out this recording on YouTube for more! News from the community Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 365 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

New AddDataMigration extension, show the container's header for List Part - This week in Orchard (13/10/2022)

Add notes in the documents on how to configure YesSql, and show Bag Part content when the post request generates errors in the Bag Part. New AddDataMigration extension method, demo about showing the container's header for List Part, and many more are waiting for you in our current post! Orchard Core updates Add notes in the documents on how to configure YesSql We have a page in the Orchard Core documentation that describes how you can run SQL queries by creating a DbConnection instance and obtaining a custom ISqlDialect from IStore from the YesSql namespace in the YesSql.Abstractions package. Or how you can handle prefixed tables. Now this page has been updated with a new section that describes how you can configure YesSql by configuring YesSqlOptions. Show Bag Part content when the post request generates errors in the Bag Part Assume we have a content type (ex., Product) with a Bag Part attached. The user creates new or edits existing products and provides invalid data for items within the Bag Part. The post request fails validation which is great! However, the Bag Part will be rendered in a collapsed state. So, the user is left wondering where the error is until the user uncollapses the Bag Part and sees the highlighted error. The solution here is when rendering the Bag Part, we should uncollapse the Bag Part if there is an error in any of its contents. We can try this one out easily. Let's say we have a site set up with the Agency recipe (that recipe contains the Landing Page content type which has several Bag Parts attached) and edit the content definition of the Service content type. Here we edit the Icon Class Text Field and make it required. Now it's time to edit the predefined Landing Page content item and remove the value of the Icon Class from one of the attached Services. And as you can see here, the Service content type is uncollapsed, making it easier to identify where the error comes from. New AddDataMigration extension The goal of the new AddDataMigration extension is to shorten code like services.AddScoped<IDataMigration, CustomMigrations>(); to services.AddDataMigration<CustomMigrations>();. And if you open up a given Startup.cs file (in our case the one that sits in the AdminDashboard module), you will see the usage of this new extension. Demos Show the container's header for List Part There is a need to extend the look of the default List Part. This would mean that the buttons that allow you to edit the container content item itself and to add contained content items now will be placed in a new line on the top to make the search text box wider. These navigation buttons now appear on every page where List Part or Contained Part are used for easier navigation. Here you can see the updated page of the predefined Blog content item. And if you would like to edit the given Blog content item or create a new Blog Post, you will see these new buttons there as well on the top. But now let's edit the content definition of the Blog content type and hit edit near the attached List Part to edit the List Part itself. Here you can find a new checkbox with a hint "Check this option to show a header for the owning content." Let's put a tick in this checkbox and see what will happen when we navigate back to the list item's view. As you can see, now we have a new line here that shows the header for the owning content, meaning the header of the Blog content item, which just shows "Blog" in this case. This new line is also available on the page where you edit the blog content item itself and on the page where you create a new blog post. But let's do some tricks now! Let's say that we edit the definition of the Blog content type and add a new Media Field to it, called Logo. After we can edit our predefined blog content item and upload an image using our new Media Field. The header is simple by default, but we can override it easily using shapes! Let's say that we want to display that logo in this new line! To do that, we needed to create a new shape template called Content-Blog.Header.cshtml (we are using Razor and the technical name of this content type is Blog). Here you can see that this row contains two columns, and we would like to display the image that is selected by our Media Field called Logo in the first column. And now, the only thing to do is to navigate back to the admin UI of Orchard Core and check out the brand-new look of our Blog! If you want to try this out right now, you will find the code in this pull request. And as always, if you want to see a recording about this feature, this will be your video on YouTube! News from the community Orchard Core Commerce is now available on all DotNest sites Orchard Core Commerce is now available on all DotNest sites! A few weeks ago, we mentioned the current state of the Orchard Core Commerce module and one of the hugest improvements of adding Stripe Payment to the solution. And now you can start building your e-commerce site on DotNest! Check out our announcement for details here. Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 355 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Extend user permissions, add Contained Stereotypes Bag Part Settings - This week in Orchard (30/09/2022)

Add Contained Stereotypes Bag Part Settings to allow a user to include content types by stereotype, add Displayed Stereotypes property to Content Picker Field Settings, demo about extending the user permissions, and many more waiting for you in our current post! Orchard Core updates Add Contained Stereotypes Bag Part Settings to allow a user to include content types by stereotype When attaching Bag Part to a content type, the user must explicitly set Contained Content Types with an array of content types to be included in the Bag Part. This is good for most cases; however, it would be great to allow for setting the contained content types using Stereotype. The stereotype would be in addition to not in place of Contained Content Types. For example, we want to group all Contact Methods (phone number, address, email address, etc.) by a stereotype type called ContactMethod. All of these content types share a similar functionality which is a way to contact a person. Now we created a Person content type and attached a Bag Part to it. In this case, we had to explicitly specify each content type in the Contained Content Types. But if a new content type was added later from other feature/module, the user would have manually to edit the Bag Part settings every time/everywhere ContactMethods are used to add the new content type which isn't efficient. So now the Bag Part is more flexible. And as you can see here, now we have two radio buttons under the Contained Content Types option where the user can select Content Types or Stereotype. Add Displayed Stereotypes property to Content Picker Field Settings And this one is quite the same as the previous feature but for the Content Picker Field. For example, we want to group all to-do items (appointments, meetings) by a stereotype type called ToDoTask. All of these content types share similar functionality which is a to-do task. Now we want to use Content Picker Field in a different content type to allow the user to select a to-do-task of any kind. In this case, we have to explicitly specify each content type in the DisplayedContentTypes. But if a new content type was added later from another feature/module, the user would have to manually edit the Content Picker Field settings all time. Everywhere to-do tasks are used to add the new content type which isn't efficient. So, let's say we navigate to the editor of a Content Picker Field. And here you can say that you can select the Contained Content Types to: Display All Content Types Content Types Stereotype Add settings to form widgets There was a bug in OC. The option editor wasn't loaded when trying to add Select Input while creating a form. Also, the edit button did not open the modal that would allow you to populate the options using JSON. If the content is saved, and the page is loaded again then the modal and the options editor work just fine. Another form-related improvement is validation. When creating a form using the Form input widgets like (Input, Select, and Text Area) there is no easy way to add a label and validation elements to the input. The current approach is to add a label widget and then a validation widget which is not always ideal. We can make this process much simpler by adding settings to the Input, Select, and Text Area widgets with the following properties: LabelOption an enum value with the following values (None, Standard, ScreenReaders). By default, None is selected to keep it backward compatible. ValidationOptions an enum value with the following values (None, Standard). By default, None is selected to keep it backward compatible. Now, if the user selects an option other than None in the settings, we’ll create the label in the same widget block. The same applies to ValidationOptions. This will make things like dragging/dropping widgets during edit and controlling the size much easier. At the same time, we output less HTML code. And if we add the validation rules, we’ll have more validation logic which makes the widgets more useful. And now, the editor of the Select Input looks like the following with the additional options. And of course, the same applies to all of the built-in form inputs. Demos Extend user permissions A couple of months back there was a need reported to have some roles to be able to edit a user and some not. And there is a conclusion that the user interface is not very flexible at the moment with the permissions. So, it kind of makes it hard if you have a unique case where you need some specific users to be able to do stuff. And also, to set up who can see what users, when you are listing the users. To be able to test out this feature with us, you have to check out this PR on GitHub. The first thing that you will notice is the new permissions regarding Users. In this case, we navigated to Security -> Roles and edited the Moderator role. There are new permissions, for example, Assign any role, Delete any user or Delete users in role - Administrator, List all users, etc. So, you can say you can list all the users, but it doesn't mean you will be able to edit all the users. If you try to edit a given user, you will notice something new here. As you can see, the user name of the user is not editable, but you can edit the email address of the given user. This is controlled by settings that you can reach under Configuration -> Settings -> User Profile Settings. As you can see, here you can allow or deny changing the user names or email addresses of the users. But now back to the users' list. Let's say we have some predefined users and made some changes regarding the permissions of the Moderator role. Now, we logged in with a user who has the Moderator role. After that, the user with the Moderator role will see something like this. First of all, you can notice that there is a little badge under every user that shows the roles the user has. You can also see that this user has permission to see users in the Editor role, but they can't edit or delete the editor user. Now let's edit the author user! Here you can see that this user can edit the settings of this user but can't fully manage the roles of the author user. They have the option to add or remove the Author role but that's it, nothing more. And we are just showing you some simple scenarios about what you can achieve and how you can customize the user permissions. If you want to see more complex scenarios, head to YouTube for a recording! News from the community Helping Global Health build an Advanced Form Builder using Form.io When Global Health from Australia approached us with the request to build an advanced form builder using Form.io, it promised to be an interesting project. They were looking to integrate this new form builder deeply into MasterCare+, their Multi-Tenanted SaaS-based platform for Health Care which is built on Orchard CMS. It would allow creating custom forms for a wide range of scenarios in the health care domain, using the advanced editing capabilities of Form.io. The solution built by Lombiq was an important step in bridging the gap between paper forms and electronic health care management. Check out the full post here! Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 354 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Add fallback alternate when a custom stereotype is used, tenant removing - This week in Orchard (16/09/2022)

Add fallback alternate when a custom stereotype is used, validate database connection before allowing a tenant to be added or set up, remove localization workaround in Data Annotation Attributes, and a demo about the upcoming tenant removing feature! Check out our post for the details! Orchard Core updates Add fallback alternate when a custom stereotype is used The idea here is that when you create a stereotype, before this change, you had to create templates for this stereotype if you intended to display or edit items of this stereotype. And now, there is a fallback shape for stereotypes such that if you don't create custom templates, it will use a standard, default template that is valid for any stereotype. How it works is just to let's use the Content shapes for anything when we don't have a custom template. It prevents showing error messages when you create a stereotype and try to create a content item from this stereotype. And you can test this one easily. Just navigate to the admin UI of Orchard Core and head to Content -> Content Definition -> Content Types, where you can find the Create new type button to define your new content type. Add a name to it and hit Create. We will not add any Parts to it right now. Set the Stereotype to Cat and hit Save. Now we can create a new Animal content item by clicking on the New button and selecting Animal under Content -> Content Items. And as you can see, Orchard Core now renders the default Content_Edit template as a fallback instead of throwing an exception. Validate database connection before allowing a tenant to be added or setup When adding a new tenant, we allow the user to set a prefix to the tables to enable reusing the same database for multiple tenets. However, we don't validate that the prefix isn't already used first. The problem with this is that it throws an exception. Let's say we have a tenant with a URL prefix test and we selected the SQLite database. Now let's create another tenant using the same URL Prefix and database preset. As you can see, now we have a validation error. But we also have validation for connection strings as well. Let's say we would like to use SQL Server and provide a connection string that is invalid. In this case, you will face an error like "The provided connection string is invalid or server is unreachable". Remove localization workaround in Data Annotation Attributes Two years ago, when Hisham Bin Ateya started the support data annotations PO localization PR, there was a long discussion to support localization in data annotations. Back in the day, Antoine Griffard did a workaround to achieve the goal by using IValidatableObject, and now it's time to remove this workaround and use the new way of doing this. This means we can remove the need of implementing the IValidatableObject from several ViewModel. And from now, on you can use some attributes which help you print localized error messages. And now there is an attribute for email validation and URL validation as well. Let's see an example quickly! As you can see here, the RegisterViewModel implemented the IValidatableObject to be able to validate the properties inside the class. Now, instead of using the IValidatableObject, we can add attributes to these properties, and here comes the new EmailAddress attribute as well. As you can see from the screen, the new implementation of the ValidationAttribute can be used to validate your model by returning a localizable error message. Demos Tenant Removing The option to be able to remove tenants is a long-requested feature, and for now, we are very close to shipping this feature, thanks to Jean-Thierry Kéchichian. Let's see how it will work! For this demo, we will navigate to GitHub and checkout this branch. Now, let's add some tenants to be able to try out this feature. As you can see, we have added 3 tenants. The Agency and the Blog ones are tenants that we have already set up, but the tenant called test is waiting for setup. Here you can see that we have the Sites folder under App_Data where each of the tenants has its own folder containing the Media files for example. And now we also have a wwwroot folder under OrchardCore.Cms.Web, which contains a folder per tenant like in the previous case. This means now each tenant can manage their own cached files under wwwroot. When we remove a tenant, the logic will also remove the folder of the tenant under the wwwroot and the Sites folders. And now it's time to delete a tenant! To be able to delete a tenant, we should disable it first, which means it will be not served, and we will be able to compose an internal ShellContext with all the features that the tenant has, even if it is installed or not. You can also remove multiple tenants by using bulk actions. And this is just the surface, there are still some things to do. If you would like to see the current state of this feature and do a deep dive under the hood, check out this recording on YouTube! This feature is sponsored by Lombiq. News from the community Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 347 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Content Relationships guide, Orchard Core Commerce Stripe Payment - This week in Orchard (09/09/2022)

It's time to publish the results of the Orchard Core Commerce survey and the topics that made it into the MVP as the short-term goals. And we have just added Stripe payment integration to the checkout process! Check out our post for the details! Orchard Core updates Content Relationships guide How can you relate (connect) content items to other content items in Orchard Core? When would you use each built-in option? This new guide aims to clear up the available options by detailing: Bag Part (BagPart) for Embedding Content Items within a Parent Item Content Picker Field for Many-to-Many Relationships of Specific Items Flow Part (FlowPart) for Building Structured, Responsive Layouts List Part for One-To-Many Hierarchical Relationships Taxonomies for Categorization and Tagging Demos Orchard Core Commerce Stripe Payment Orchard Core Commerce will be an Orchard Core port and partial rewrite of the open-source Nwazet Commerce module that was built for Orchard CMS 1.x. Nwazet Commerce was initially built in 2012 by Bertrand Le Roy, loosely based on a commerce sample by Sipke Shoorstra. The initial goal of Nwazet Commerce was to power the website of the hardware startup Nwazet. While Nwazet is no longer operating, the Nwazet Commerce project went on and was further developed by a group of passionate contributors who are using the platform for their own, and their customer's websites. Like Orchard, Nwazet Commerce was built with extensibility in mind, and as such, it has its own extensions (typical examples include local tax and shipping modules). It's also pure, idiomatic Orchard. Orchard Core represents a major evolution of the Orchard design principles and is sufficiently different that running Nwazet Commerce on it will necessitate significant work. As such, the community decided that starting from a blank slate was the best way to go, so they will port Nwazet Commerce piece by piece, being careful to accurately apply Orchard Core's new design principles. The community also decided to adopt a new name that gets rid of the now obsolete origins and establishes our ambition for the module to become the go-to commerce module for Orchard Core. And at the beginning of May, we published a demo where you could see the current state of the module. This time we will see a demo about the basic implementation of Stripe Payment integration (without taxation, shipping, etc.). Stripe is a payment service provider that business owners can use to accept dozens of payment methods, from credit cards to buy now, pay later services. Stripe Payments handles the steps between a customer providing their card information and learning that their payment has been accepted. You can try out the Orchard Core Commerce solution just by cloning the repository from GitHub, or you can download it as a NuGet package as well from NuGet.org. For this demo, we will set up our site by using the OrchardCore Commerce - Development recipe, which adds some built-in content to our site that we can use during development (and during our demo of course). After, we can head to Configuration -> Features and enable the three commerce-related modules: Orchard Core Commerce: Registers the core components used by the Commerce features. Orchard Core Commerce Session Cart Storage: Registers session-based shopping cart persistence. Orchard Core Commerce Settings Currency Selector: Currency selector that uses display currency configured in settings. Useful for Dev/Test scenarios. Now we can set up the Stripe API (Configuration -> Settings -> Stripe AP) by providing the publishable and the secret key. These keys are publicly available test keys, so feel free to use them for testing and development. The Readme.md file of the Commerce module also contains these keys. Now let's navigate to Content -> Content Items to check our predefined content items. The Product is a content type that can be added to the cart, and users can pay the price of the products. We have one, called TestProduct, let's add another one called Cheese. Here you can see we can set up the name, the SKU, and the base price of the product with the currency used as well. Let's say this Cheese will cost 4.50 USD. Now it's time to add the predefined product and the Cheese to the shopping cart! You can do that by navigating the details page of a product, and after setting up the quantity, you can click on the Add to cart button. Let's say we would like to add one Cheese and one TestProduct to our shopping cart. The shopping cart is available under the /cart URL, but the site will redirect you to this URL too, if you click on the Add to cart button. As you can see here, our cart contains two items: one TestProduct with a price of $5.00 and one Cheese with a price of $4.50, which costs $9.50. It's time to pay by clicking on the Checkout button! On the checkout page, you can set up your billing address and shipping address but let's focus on the credit card field right now, which comes from the Stripe API. You can find some credit cards in the Stripe documentation and in the Orchard Core Commerce Readme that can be used for testing different scenarios. Like handling a card that has insufficient funds or which has expired. But you can also use a card that requires 3D Secure 2 authentication. The 3D Secure standard - often known by its branded names like Visa Secure, Mastercard Identity Check, or American Express SafeKey - aims to reduce fraud and provide added security to online payments. 3D Secure 2 (3DS2) introduces "frictionless authentication" and improves the purchase experience compared to 3D Secure 1. It is the main card authentication method used to meet Strong Customer Authentication (SCA) requirements in Europe and a key mechanism for businesses to request exemptions to SCA. It means you cannot pay right away because you will see Stripe's own 3DS2 authentication panel. In live mode, you can see the bank's authentication panel here. If you click on the Complete button here, you can imitate that the purchase was successful. And in that case, the module will redirect you to a "Thank you for your purchase" page. And after a successful payment, a new Order content item will be created, which you can see on the content items list. Right now, the Order content item contains an automatically generated Order Id, a list with the charges (kind, amount, charge text, etc.), and the status of the order. The order contains the billing address and the shipping address as well. And that's not everything! If you want to know more regarding the current state of the Orchard Core Commerce module, don't hesitate to check out this recording on YouTube! News from the community Orchard Core Commerce survey results and MVP As you may know, Lombiq provides stewardship for the Orchard Core Commerce module. That actually means that we will do code reviews and work on features and fixes. To have that, we started this thread and added an Orchard Core Commerce MVC planning survey. This was about asking the community what the most essential features for you would be in an Orchard Core-based e-commerce solution. And now, we have the results and published an announcement of what will be in the MVP and the short-term vision of the project. Thanks to your feedback, we have a more straightforward impression of the community's priorities, and some new developments are already coming in. Feel free to check it out and join the discussion especially related to the bigger issues like taxation or discounts. Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 345 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Admin Culture Picker, Enhance BagPart to honor permissions - This week in Orchard (12/08/2022)

Enhance BagPart to honor permissions, add permissions for the Amazon S3 module, improve the workflow function description in the document, and a demo about the Admin Culture Picker! Let's get started! Orchard Core updates Enhance BagPart to honor permissions Let's say you want some users to be able to add content items to a specific bag while others to only be able to view only existing items. Currently, any content item contained in a BagPart is always editable regardless if the contained item is securable or not. In most cases, this is fine. However, this function should also be extended to honor the security rules when the contained item is securable. This means a user with EditContent permission can add/edit items to the BagPart whereas a user with ViewContent permission only should see the content item as a read-only version "like preview" but should not be able to make any change to it. So, this addition is about enhancing the BagPart to honor permissions for the contained content types. To try this one out, set up a site using the Agency recipe which contains the Landing Page content type which has several BagParts attached. Now, let's say that users with the Editor role will not be able to edit the services section of the Landing Page. Meaning the Editor role will not have Edit permission for the Service content items. We have to do things to achieve this: Edit the Service Content Type and put a tick to the Securable check box. This means this content type can have custom permissions. Edit the permissions of the Editor role. First, revoke the Edit content for others permission. Now, make sure that the Editor has no Edit Service for others permission regarding the Service Content Type. Now we set up that users with the Editor role will not be able to edit securable content types. Let's create a user with this role and log in as this new user. Now, we need to find the predefined Landing Page content item and edit it. As you can see, this user cannot add or edit an existing Service content item by using the editor of the BagPart. They can view the content of these items, but that's all. Notice that they can edit the Portfolio content items under the Services one. Add permissions for the Amazon S3 module A few weeks ago, we mentioned the new Amazon S3 module. The Amazon Media Storage feature enables support for storing assets in Amazon S3 Bucket. The feature replaces the default App_Data file-based media store with an Amazon Media Storage Provider. And now, you will see new permissions for that module called View Amazon S3 Media Options. If you have this permission, you can access the page under Configuration -> Media -> Amazon S3 Options which lists the Amazon S3 storage options. Improve the workflow function description in the document The Workflows module provides a way for users to visually implement business rules using flowchart diagrams. Many activities have settings that can contain either JavaScript or Liquid syntax. The fields of these activities allow you to enter Liquid markup, enabling access to system-wide variables and filters, as well as variables from the workflow execution context. And several JavaScript functions are available by default to any activity that supports script expressions. This page of the documentation lists these functions. And now, this table has been updated with some lines about the setProperty, executeQuery, and log functions. Demos Admin Culture Picker Unless you have a language switcher on website pages, you could not switch a language in the admin panel. This demo is about showing you a dropdown button in the admin panel header to switch languages. First of all, open up the admin UI of Orchard and head to Configuration -> Features, and enable the Admin Culture Picker one, which provides a culture picker shape for the admin. Don't forget to enable the Localization feature too, to be able to try out this culture picker. Now you can say that your site supports multiple cultures. Head to Configuration -> Settings -> Localization -> Cultures and have at least two supported cultures. And as you can see, the dropdown now contains all the cultures that the site supports. You can switch between them, and if you choose a given language, the UI of the admin will be shown by using the words of the given language. If you would like to see this picker in action, head to YouTube for a short demo! News from the community Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 315 subscribers! We have started this newsletter to inform the community around Orchard with the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Support a read-only behavior in the content management screen, visual verification testing in the Lombiq UI Testing Toolbox - This week in Orchard (05/08/2022)

Add password to the user creation form, support a read-only behavior in the content management screen, and a demo about adding visual verification testing in the Lombiq UI Testing Toolbox! Let's get started! Orchard Core updates Add a password to the user creation form By default, apps use basic authentication to authenticate users into their site including Microsoft Identity-based apps. No user is able to authenticate/login without providing a "username" and "password". Alternatively, an admin could enable some sort of external authentication providers like Azure AD or any other providers to avoid the need to manage the authentication by the app directly. These external providers are optional and not enabled by default in Orchard Core, so creating a user with no password by default adds no value since no the user can't log in without one. Currently, when adding a new user using the admin UI, the admin has to create a user and then go to a second view to set/reset their password. This is a very awkward workflow, especially if you want to add many users. Since username/password are required by default for a user to log in, the admin should be required to provide a password rather than creating a useless user with no password. Note, the point here is that password is required to log in by default without having to enable optional additional authentication providers. Let's try it out quickly! Head to the admin UI of Orchard Core and navigate to Security -> Users. Here you will find the Add User button. Click on it! This will navigate you to the create user page, where you can find some new goodies. First of all, you can provide a password for the newly created user here. But you have the option to generate a random secure password or copy the password to the clipboard. Support a read-only behavior in the content management screen The idea here is that both Admin Menu and Content management screens should be viewable if the user has View own X, View X by others, Preview X by others, or List X content item(s) owner by all users permission. Any of these permissions should be enough to display content. View rules should be implied if one has edit, delete or publish permission; you can't delete, edit or publish if you can't view something. Making this change will easily add view-only support to the contents in the admin. Meaning, that if the user has permission to View Blog, we should list the Blog content items in the Manage Content screen, for example. To try this out, we will modify the permissions of the built-in Editor role (Security -> Roles -> Editor -> Edit). As you can see, the Editor now has no Edit content for others and Edit own content permissions, but we set these edit permissions for the Blog Content Type. Meaning the Editor can only edit the Blog content items but can view every other content item. Now, let's log in with a user with the Editor role and navigate to the Manage content screen. As you can see, this user now can see every content item in this list, but the Edit button is only available near the Blog content items. Meaning this list now shows every content item which can be viewed by this user. Demos Visual verification testing in the Lombiq UI Testing Toolbox Maybe you have already heard about the Lombiq UI Testing Toolbox, our web UI testing toolbox mostly for Orchard Core applications. Everything you need to do UI testing with Selenium for an Orchard app is here. We wrote about it several times here as well, first when we open-sourced it, when we added some Orchard Core Features tests to it, and when we added the automated monkey testing feature to it. This time we will introduce the Basic Visual verification testing in the Lombiq UI Testing Toolbox for Orchard Core. Lombiq's Open-Source Orchard Core Extensions is an Orchard Core CMS Visual Studio solution that contains most of Lombiq's open-source Orchard modules and themes, as well as related utilities and libraries. Please keep in mind that only those extensions included that use the latest released version of Orchard (i.e., the very cutting-edge ones depending on a nightly build are not yet here). This solution contains the Lombiq UI Testing Toolbox as well, so we will use this one for the demo. The BasicVisualVerificationTests.cs contains three different samples about how you can verify the content displayed on your page visually. The first one is about checking the content of the element that has the field-name-blog-image class. The second one is about checking the content of the navbar (the element that has the navbar-brand class), and the third one will check the whole content of the home page. Here you can see the page that we will test. The red texts show you the Navbar and Blog image elements. Let's verify the content of the Navbar! The Navbar contains the site name which we can provide when we set up our site. Let's try to set up our site using a different name than the Lombiq's OSOCE - UI Testing and run the test. Here you can see that the test set up the site using the Lombiq's OSOCE - UI Testing Demo site name, and our visual verification failed since the asserted element looks different from the baseline image. The baseline image was loaded from an embedded resource which you can find in the repository here. If you want a new baseline image, simply delete the existing one, and a new one will be generated on the next run. And that's not all of it! Do you want to know more about this new addition to the Lombiq UI Testing Toolbox for Orchard Core? Then check out the comments of the BasicVisualVerificationTests.cs file and this recording on YouTube! News from the community Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 309 subscribers! We have started this newsletter to inform the community around Orchard with the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Change how the permissions are grouped and sorted, provide a way to override YesSql configuration - This week in Orchard (29/07/2022)

Change how the permissions are grouped and sorted, provide a way to override YesSql configuration and additional OpenId Introspection/Revocation endpoints and PKCE to the OpenID Settings and Application UI pages! Check out our current post to read about the details! Orchard Core updates Change how the permissions are grouped and sorted When the permissions are listed during role edit/create, currently we show the feature ID instead of a name. Displaying just the feature ID is not user-friendly. Here the goal is to create a new UI for this and also to order the permissions by Feature Names. Also, for content types, then it would display the content type name instead of its technical value/ID. So, we could display:{ Content Type Display Name } Content Type - { Content Type Technical Name }. In the case of the Blog content type could be My Blog Content Type - Blog. In order to show dynamic permissions as { Content Type Display Name } Content Type - { Content Type Technical Name } we would have to change how the category is set here otherwise we don't have the content type technical name here. But how the new UI looks like now? If you head to the admin UI of Orchard Core and navigate to Security -> Roles and Edit a given role, you will see the new UI. Here you can see we have a feature with the name Media and you can find the feature ID in brackets (they can be defined in the Manifest.cs file of the module). And under the Media (OrchardCore.Media), you can find all of the permissions which were defined in this module. You will find the Page Content Type - Page header at the bottom of this screen. This means the first word here is the Display Name of the Page content type (which is Page) and the last word here is the Technical Name of the Page content type, which is Page. Provide a way to override YesSql configuration Currently, there is no way to change the configuration of YesSql in Orchard Core. From now on you will find a new YesSqlOptions class that provides options to allow one to override the defaults. Added additional OpenId Introspection/Revocation endpoints and PKCE to the OpenID Settings and Application UI pages As a basic authorization server, the OpenID module doesn't use all the features/endpoints offered by OpenIddict, like introspection and revocation. As mentioned in openiddict/openiddict-core#1359 (comment), these features can be configured by amending the OpenIddict settings via a custom plugin, but a simpler story - GUI or recipes-based - may be preferable. To see the new changes, enable the OpenID Authorization Server and the OpenID Client features and after navigate to Security -> OpenID Connect -> Settings -> Authorization server. You will find a new Require Proof Key for Code Exchange checkbox on this page, which is a global setting that applies PKCE to all registered clients whether or not the 'Require PKCE' flag was set in the Application settings page. And you can do the same when adding an OpenID Connect Application. You can add a new application under Security -> OpenID Connect -> Management -> Applications. If you click on the Add an application button and put a tick to the Allow Authorization Code Flow checkbox, you will find the Require Proof Key for Code Exchange checkbox here as well. Note: ensure that the client application and OAuth or OIDC library being used supports PKCE before enabling this option. The documentation has also been updated to show you a sample of the OpenID Connect Settings recipe step and a sample of the OpenID Connect App recipe step. News from the community Lombiq Offline event Sometimes it's not just about work but doing something just for fun. These events are specifically for this: we get together and do something cool like breaking out of an escape room, going for a go-kart ride, or playing paintball. Our latest event took place at Lake Velence. We had a nice cycling tour around Lake Velence, had lunch in a nice restaurant, and had a barbecue together at the accommodation. The next day we went on a kayak trip and did a nice trip together to the nearby hills of the lake. This was a great opportunity to update our group photo on our official website, so head to the About us page where you can see most, but not all of our team as of the summer of 2022. Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 313 subscribers! We have started this newsletter to inform the community around Orchard with the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Deployment UI improvements, display all users in the User Picker Field by default - This week in Orchard (15/07/2022)

Updating the Getting Started page, Deployment UI improvements, using proper Canonical URL in SEO Tags, displaying all users in the User Picker Field by default. Check out our current post to read about the details! Orchard Core updates Updating the "Getting Started" page of the documentation The Getting Started page of the documentation is outdated, so much so that it is not possible to get the results described. As an example, the latest version of Orchard Core 1.4.0 uses .Net 6.0, and accordingly, if you create a new empty project '.NET Core web application' with .Net 6.0, you will not have a Startup.cs file in which all the basic manipulations should take place. For new developers, this section is an important element of getting started with Orchard. And such difficulties in the guide can have a negative impact on entering a new environment. The goal here was to update this section for use on the latest stable version of Orchard Core and be sure to specify the platform versions on which it should work in case of obsolescence to be clear for which version this instruction is valid. Now, if you open up the Getting Started page of the documentation, you will see a section that helps you get started with Program.cs only using .NET 6 Framework. Add Manage Steps to the button to the deployment and add a description to the feature When viewing deployment plans on the UI, clicking the title directs the user to the manage steps page, which is great. However, there is no other indication about managing steps. In other words, the user does not know the difference between editing or managing steps. Now, there is a new button called Manage Steps that directs the user to the manage deployment steps page. This way the user can easily understand that there are 2 edit functions here (i.e., one for editing the steps and the other one for editing the deployment plan itself.) Also, the Deployment feature now has some sort of description like: Provides a way to import and export recipes. You can see both improvements on this screen. Display all users in the User Picker Field by default unless the user selects a specific role When a user attaches a User Picker Field to a content type, the field settings do not have default roles selected or have the DisplayAllUsers set to true, so in this case, the search for a user returns no records. The fix is to display all users in the User Picker Field by default to allow all users to show up. If the user wants to override that behavior, then they can specific roles to select from. Without this, no users will show up in User Picker Field unless the user edits the field and set the settings. Here we played with our favorite content type, the BlogPost, where we added a User Picker Field to it (Content -> Content Definition -> Content Types -> Blog Post -> Add Field). And that's all we haven't done any other modifications regarding the settings of the User Picker Field. Now, if you create a new blog post, you will see that the User Picker Field will list every user from the site instead of listing nobody by default. Use proper Canonical URL in SEO Tags Piers Lawson noticed that when he generates the URL of a Content Item that happens to be the Home Page, then the URL generated includes the permalink for the page. This then flows into other uses of the URL such as when the SEO module creates the og:url property or the Twitter:url. <meta content="https://localhost:44300/home-page" property="og:url" /><meta content="https://localhost:44300/home-page" name="twitter:url" /> He thought he could override this behavior by turning on the SEOMeta Part for the Content-Type used for the home page and providing a Canonical URL for the Content Item that is being used for the home page. That causes the link rel canonical to be added and set correctly but not the other tags: <meta content="https://localhost:44300/home-page" property="og:url" /><meta content="https://localhost:44300/home-page" name="twitter:url" /><link href="https://localhost:44300/" rel="canonical" /> The issue was it doesn't appear possible to set up a page to be the home page without Autoroute nor with Autoroute and a blank permalink. Now, this has been fixed in the SeoMetaSettingsHandler.cs. News from the community Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 291 subscribers! We have started this newsletter to inform the community around Orchard with the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Gulp pipeline Guide, Security module - This week in Orchard (10/06/2022)

New Gulp pipeline Guide, fix content item display coordinator when a GroupId is provided, demo about the new Security module, and many more! Check out this post for the details! Orchard Core updates Gulp pipeline Guide There is a new Guide in the documentation that explains how the Gulp pipeline works and how to use it (what files to read, what files to output and bundle). If you would like to know more about the Gulp pipeline used in Orchard Core, check out this nicely-detailed page here! Use display names in registration settings If you enable the Users Registration module, you can have some registration-related settings under Security -> Settings -> User Registration. This page contains a Configure users registration drop-down where the values that the users can see was simply the names of enum that holds the user registration types. Now with this minor fix users can see nice-looking display names in this drop-down with spaces and everything. Fix content item display coordinator when a GroupId is provided When using the IContentItemDisplayManager build-editor for a specific GroupId, the drivers for each of the corresponding part never gets called. Steps to reproduce the behavior: Create a content part that generates special results when the content.GroupId is set to test. Create a content type and attach the content part you previously created. Now create a new controller to render the content items under a specific GroupId in the controller caller the driver like so _displayManager.BuildEditorAsync(contentItem, _accessor.Updater, true, "true", "some-prefix"). The expected behavior would be that the driver for each attached part would get called. It's then the driver's responsibility to return something, nothing, or something different when the groupId is set. The fix is that now we call shapeResult.OnGroup(context.GroupId); to ensure the shape is rendered with a provided groupId. Demos Security module The Security module right now is really focusing on security-related HTTP headers. Of course, you don't need a module for that or, you can write your own. You can just add headers directly, but the point here was to provide some defaults and secondly provide a way to easily configure them from the admin. This is especially interesting of course if you have a multi-tenant application and you don't want to hand-configure everything for everybody from code. First of all, you need to navigate to the admin UI of Orchard Core and enable the Security module under Configuration -> Features. After that, you will find a new option under Security -> Settings, called Security Headers. Here you see a UI to edit the Security Headers. The admin UI is not the only way to edit them, so just as with all these technical modules, it's also possible to configure it from the appsettings. There is also an example in the documentation of how to do that. The main sections are that we have content security policy-related headers (pretty much all of those, that are supported by browsers) and permissions policy headers, everything related to various peripherals, devices, etc. And finally, we also have one configuration for referrer policy. Let's try it out quickly! Let's say we set the referrer policy to Origin. If we open up the DevTools window of Google Chrome and navigate to the Network tab, you will see that the referrer-policy value of the response is now set to origin. If you like to use it check out the latest release of Orchard Core, and if you would like to know more about this new module, head to YouTube for a recording! News from the community Orchard Core Commerce MVP planning and survey A few weeks ago, you could see a nice demo about the Orchard Core Commerce module. And in that blog post, we also mentioned that Lombiq provides stewardship for this module. That actually means that we will do code reviews and work on features and fixes. To have that, Márk Bartha (who is the project leader from our side) started this thread and added this survey. This is about asking the community what the most important features for you would be in an Orchard Core-based e-commerce solution. If you do e-commerce or if you have an opinion about e-commerce, please share your opinion here. The point of this is to try to do not all the things but focus on what is really needed first. Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 277 subscribers! We have started this newsletter to inform the community around Orchard with the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news around Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!