This time, we will check out the improved Orchard Core documentation pages for the Orchard Core AI Agent Module, and move enabling and disabling users to the users list! Don't forget that you can apply to be a speaker at this year's Orchard Harvest!

This time, you can see a demo about the Carousel Widget in the Lombiq UI Kit! But first, let's take a look at our other topics, such as the new filters in Fluid and adding OAuth 2.0 Pushed Authorization Requests support to the OpenID module!

This time, you can see a fascinating demo about the Model Context Protocol (MCP) Client Feature! But first, let's take a look at our other topics, like improving Title Part settings by hiding the Pattern field if it doesn't apply and adding a badge if the user's email address is not confirmed.

Add deployment for Microsoft Account, deprecate Site Owner permission, and retain Administrator Role as a System Role, and our Open-Source Orchard Core Extensions solution is updated to Orchard Core 2.0! Check out our post for the details!

Adding content item and widget alternates based on the alias and slug, retiring AssignRoles and AssignRole_{RoleName} permissions, and a demo about the URL Rewriting Module are the topics for this week. Let's check them out in detail!

When you have an ASP.NET Core application, that publishes content often and has different users, it’s a good idea to keep track of what is happening in the app: What changes? What content gets deleted or published by who? Who logged in, and when, did somebody fail to log in repeatedly using a wrong password? Who changed the settings?For example: Imagine you're managing a news portal where multiple articles are being written and published daily. One day, an article titled "Breaking News: Major Policy Change Announced" was accidentally deleted. It was a high-traffic piece, and its sudden disappearance created confusion among readers and the team. As an administrator or perhaps an owner, you want to restore the article, then find out what happened and who made this change. The answer is: Orchard Core and its Audit Trail module.Are you new to Orchard Core? It's a great open-source framework and CMS built on ASP.NET Core. Check out the official getting started docs.The Audit Trail module logs key changes and events in the system, such as content creation, deletion, and login failures. It also allows tracking changes to content, restoring previous versions, and recovering deleted items. It’s all extensible too, so you can add more features with some coding. Let’s see how to use it!First, go to Configuration → Features and make sure the Audit Trail feature is enabled. Optionally, if you also want to track user events (like somebody logging in etc.) you can enable the Users Audit Trail feature too. Please note that enabling the Users Audit Trail feature will automatically enable the base Audit Trail feature, as it is a dependency of the Users Audit Trail. After this, you can access the audit trail settings under Configuration → Settings → Audit Trail. You can see three tabs on the top: Events, Trimming, and Content. Let’s start with Events. Here you can see the events that will trigger an audit trail record, and by default, all of them are enabled. The first set of events is tied to content, so content item creation, removal, etc. You can disable any of those if you want. The second set of events is for the user. This set of events only appears if you enable the Users Audit Trail feature too. These are for user activities, so login, failed login, etc. You can also select to record the client's IP address. We recommend erring on side of caution, and starting with everything enabled, and only disable certain events if it turns out that they’re just noise for your site.Now take a look at the other tab, Trimming. If a site has a lot of activity, perhaps it’s good to delete audit trail logs after a year or so, since the records can eat up a lot of space in the database (it won’t really get slower, but depending on your hosting provider, you may need to pay more). The trimming setting allows you to do that. The default trimming option is 90 days. So any audit trail event that is logged and older than 90 days will be deleted from the database. To avoid trimming you can select the Disable trimming task option. In the Last run field, you can see the most recent time the trimming task was executed.Now, check the content tab. Here you can see the types of content for which events are logged. You can freely disable or enable any of them. In our example, some are enabled, but some are disabled. This is because we configured the audit trail settings in the startup recipe. For example, see this startup recipe in our open-source Lombiq Walkthroughs module. Of course, if you have different content types than our example site, you will see them on this screen. But remember, if a content type is disabled here, its events won’t be recorded (like deletion). Not all content types may be important for you to track. For example, if you're not actively using a particular content type, you might want to disable the logging of it to reduce unnecessary noise. Only track what’s necessary to balance performance and insight. For instance, in the image, just to name one, the tracking of the Layout Injection content type is disabled. This is because it’s a widget that is only used in one place, and it won’t be updated ever likely.Additionally turning on the Audit Trail feature will add a content part called Audit Trail part. This part as the description says: “Allows editors to enter a comment to be saved into the Audit Trail event when saving a content item.” If you add this part to the content type, you will see a new field for a comment, what you can use to add some explanation about the current content change. Staying with the news portal example, each time an editor revises, they can leave a comment in the audit trail explaining what was changed and why. For example, "I reworked the intro paragraph for clarity." This is all good, but how one can see the actual logs? Well, it’s pretty simple, now there is a new tab in the admin menu called Audit Trail. In this example, we had a page content type and audit trail turned on from the beginning. When I set up the site I created an admin user and I logged in. After that, I created a page content item, published it, and deleted it. You can restore deleted content items from the audit trail, so that’s what I did next. Then I renamed the title of the page. You can see all that from the logs: Returning to the example at the beginning:One day, an article titled "Breaking News: Major Policy Change Announced" was accidentally deleted.If the audit trail was turned on for that content type, now there is a solution! Go to the audit trail logs, you will see who deleted it and you can also restore it, correcting all the mistakes.For more audit trail features check out our open-source Orchard Core extension for the Audit Trail module: Lombiq Audit Trail Extensions. Did you like this post? It's part of our Orchard Core Nuggets series where we answer common Orchard questions, be it about user-facing features or developer-level issues. Check out the other posts for more such bite-sized Orchard Core tips and let us know if you have another question!

The new AddShapeTableProvider extension method and the new External Authentication Feature are the topics for this week. Don't forget to check out our newest Orchard Nuggets post about how to add workflows to an ASP.NET Core app! Let's see the details!

Today we had the first day of the Orchard Harvest 2024 conference. In this post, we would like to summarize what happened on the first day of the conference.

Allow any user to manage two-factor authentication, show recipe error instead of throwing an exception, and a demo about Dynamic index tables are the topics for the week. You can still apply to speak at Harvest 2024 and share your insights on Orchard Core's future, CMS roles, AI tools, cloud integrations, and more! Let's see the details! Orchard Core updates Allow any user to manage two-factor authentication Two-factor authentication (2FA) is now available for all users. Previously, only users with permission to access the admin area could set up their 2FA methods, although all users could still use 2FA if it was set up by an admin. To enable this change, the method IsRequiredAsync() in both the ITwoFactorAuthenticationHandlerCoordinator and ITwoFactorAuthenticationHandler interfaces has been updated to IsRequiredAsync(IUser user). Summary of changes The feature OrchardCore.Users.EmailConfirmation was removed. This feature was recently added and was enabled by dependency only. Its services have been moved up to the OrchardCore.Users feature since it is a core functional and needed by OrchardCore.Users. Using the 2FA email method now requires email confirmation using the existing email confirmation process. As mentioned, the method IsRequiredAsync() in both the ITwoFactorAuthenticationHandlerCoordinator and ITwoFactorAuthenticationHandler was changed to IsRequiredAsync(IUser user). OK, so, what does it look like in action? First of all, you have to make sure that you have at least one two-factor authentication method enabled. To do that, you have to navigate to Configuration -> Features and enable the regarding features. We enabled two modules: Two-Factor Authenticator App Method: Provides users with a two-factor authentication method through any Authentication App. Two-Factor Email Method: Provides users with a two-factor authentication method through an Email service. Orchard Core provides a third two-factor authentication method through an SMS service but these two will be enough for demonstration. After that, we need to have a user without any special roles. We created a user under Security -> Users, where we used John as the user's name. Make sure that this user is enabled to be able to log in as John. The last thing we have to do is to make sure that the Default Theme is the current site theme because that theme renders the navbar by default and includes the dropdown with the Security-related settings. And as you can see in the screen below, we logged in as John. If you click Security on the dropdown menu that we mentioned earlier, you may notice that John can enable the two-factor authentication by adding one of the below two-factor methods. The SMS is not here, because we have only enabled the App Method and the Email Method features. Show recipe error instead of throwing an exception Currently, when importing a recipe and something goes throw, implementations of IRecipeStepHandler or IRecipeEventHandler will throw exceptions to report errors if something fails to import. In a production environment, the user gets a white page, which leaves them lost on what had happened. This is no longer the recommended approach for error reporting. Now, to handle errors, we have introduced a new property named Errors in the RecipeExecutionContext. This property allows you to log errors instead of throwing exceptions. These errors should be localized and must not contain any sensitive data, as they are visible to the end user. Exceptions are still used for logging additional information, but these are not shown to the end user. Additionally, if an error occurs, a new custom exception, RecipeExecutionException, is thrown. Let's say you want to import a deployment package or import JSON from text. Assume that the JSON contains some errors in both cases. Here, you can see that Orchard Core shows the error to the user so they have feedback instead of dumping an exception or a white page. And the same applies if you want to execute a recipe that contains errors. Demos Dynamic Index Tables When using YesSql index tables, you have to build these index tables using code. This solution provides you with a way to build index tables without the need to write code. Using the admin UI, you can select the content type you want to index and you can add the table columns using a nice UI. You can also use a script to execute to build the column value mapping. Here, you can return how you wanted to be your content item indexed. In the screen below, you can see the index table for the content type called Comic Book. In the Map Script editor, we defined what we should need to return when retrieving the values inside the DisplayText, IssueVolumeNumber, and ReleaseDate columns. After that, if you do a SELECT * query for this index table, you may notice that the table contains the columns defined in the previous step. And it's just the top of everything this feature offers. If you are curious about the details, check out this demo video on YouTube for more! News from the community Orchard Harvest 2024 date and location Get ready to power up your Orchard skills at Orchard Harvest Conference 2024! Join us on September 12th-13th at the Orleans Hotel and Casino in lively Las Vegas for two days packed with learning, coding, and community fun. What can you expect at Orchard Harvest Conference 2024? Hands-On Workshops: Elevate your coding game with interactive sessions led by industry experts. Insider Insights: Learn best practices, advanced techniques, and real-world insights from qualified developers. Global Connections: Connect with fellow enthusiasts, exchange ideas, and forge meaningful relationships within the Orchard community. Special Perks: Participants get exclusive discounts on accommodations at the Orleans Hotel and Casino. Can't wait until September? Check out recordings from last year's special online Orchard Harvest on our YouTube channel here. Ready to be a part of something extraordinary? Reserve your spot today and take advantage of early-bird pricing at Orchard Harvest Conference 2024. We also opened the registration form for the speakers: https://forms.office.com/e/fewh7hh20d This year's leading themes: Leading up to a v3.0, what will the future Orchard Core look like? What's the role of a CMS nowadays (with the decoupled/headless operating models, and AI development tools) Explore some advanced topics such as Shapes, Placements, Cloud Integrations, Performance, module extensibility, etc. Showcases on implementing Orchard Core in action. We've extended the sign-up period by another 2 weeks, so if you haven't signed up yet, you can still sign up now! Apply to be a speaker until the 29th of June, midnight Anywhere on Earth! We'll notify you whether your talk is selected for Harvest in 1 or 2 weeks after the application period. The chosen speakers will receive complimentary tickets for the event. Want to support our mission? Become a sponsor! Reach out to us at [email protected] or [email protected] to explore sponsorship opportunities. Secure your spot today and get ready to level up your skills at Orchard Harvest Conference 2024! See you there! Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 473 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news about Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

Configure the Token provider from the corresponding provider, release notes about SectionDisplayDriver breaking changes, demo about Playwright Testing, and the registration for the Orchard Harvest 2024 conference is now open! Oh, and don't forget to join our next Orchard Core Pair Programming session! Let's see the details! Orchard Core updates Configure the Token provider from the corresponding provider Enhanced functionality has been implemented, allowing developers to control the expiration time of different tokens, such as those for password reset, email confirmation, and email change, which are sent through the email service. You may change the default values of these options by using the services.Configure<> method. For instance, to change the EmailConfirmationTokenProviderOptions you can add the following code to your project: services.Configure<EmailConfirmationTokenProviderOptions>(options => options.TokenLifespan = TimeSpan.FromDays(7)); Here you can see the EmailConfirmationIdentityOptionsConfigurations class that utilizes the EmailConfirmationTokenProviderOptions. Release notes about SectionDisplayDriver breaking changes In the past, we had a Display Drivers validation issue, which means that the drivers should always return an updated model for displaying proper data even if the model has failed to validate. As you can read in the release notes of the upcoming version, in the upcoming release, the signatures of the UpdateAsync() method within the SectionDisplayDriver base class have undergone modifications. Previously, these signatures accepted the BuildEditorContext parameter. However, with this update, all signatures now require the UpdateEditorContext instead. This alteration necessitates that every driver inheriting from this class adjusts their contexts accordingly. On this screen, you can also see the updated signatures. Demos Playwright Testing The OrchardCoreContrib.Testing repository provides a set of APIs to test the Orchard Core applications. The goal of this repository is to test out the integration with Playwright. Playwright Test was created specifically to accommodate the needs of end-to-end testing. Playwright supports all modern rendering engines including Chromium, WebKit, and Firefox. Test on Windows, Linux, and macOS, locally or on CI, headless or headed with native mobile emulation of Google Chrome for Android and Mobile Safari. If you head to YouTube, you can see a video with some sample tests as well, like how we can open a web page by creating a Playwright instance and choosing the browser, which could be Chromium, Firefox, or Webkit. After that, we must launch the browser to get the instance. Now, we can create a new page and go to this page. Here, we can check the title of the page or the inner HTML, etc. Head to the demo video mentioned to see how you can implement more complex tests using Playwright! News from the community Orchard Harvest 2024 date and location Get ready to power up your Orchard skills at Orchard Harvest Conference 2024! Join us on September 12th-13th at the Orleans Hotel and Casino in lively Las Vegas for two days packed with learning, coding, and community fun. What can you expect at Orchard Harvest Conference 2024? Hands-On Workshops: Elevate your coding game with interactive sessions led by industry experts. Insider Insights: Learn best practices, advanced techniques, and real-world insights from qualified developers. Global Connections: Connect with fellow enthusiasts, exchange ideas, and forge meaningful relationships within the Orchard community. Special Perks: Participants get exclusive discounts on accommodations at the Orleans Hotel and Casino. Can't wait until September? Check out recordings from last year's special online Orchard Harvest on our YouTube channel here. Ready to be a part of something extraordinary? Reserve your spot today and take advantage of early-bird pricing at Orchard Harvest Conference 2024. We also opened the registration form for the speakers: https://forms.office.com/e/fewh7hh20d This year's leading themes: Leading up to a v3.0, what will the future Orchard Core look like? What's the role of a CMS nowadays (with the decoupled/headless operating models, and AI development tools) Explore some advanced topics such as Shapes, Placements, Cloud Integrations, Performance, module extensibility, etc. Showcases on implementing Orchard Core in action. Apply to be a speaker until the 15th of June, midnight Anywhere on Earth! We'll notify you whether your talk is selected for Harvest until the end of June. The chosen speakers will receive complimentary tickets for the event. Want to support our mission? Become a sponsor! Reach out to us at [email protected] or [email protected] to explore sponsorship opportunities. Secure your spot today and get ready to level up your skills at Orchard Harvest Conference 2024! See you there! Building a Content Warning Module with Drew Brasher - Orchard Core Pair Programming by Lombiq We'll have the third session of Orchard Core Pair Programming by Lombiq! In these, we do an hour of pair programming with an Orchard Core community member about a project of theirs. We learn together a lot, share best practices, and write some good code. All this is live, and you can join us with your questions! Here, you can find the previous pair programming sessions, and here, you can find the stream for the upcoming one! See you at 5 PM UTC on the 21st! (On a Tuesday due to Whit Monday in Europe.) This time, Drew Brasher will join us with a Content Warning Module project that she started in this discussion. We'll start with at least a scaffolding of the module, take the following blog post as a guideline, and then build it from there. Your host and the "navigator" of the pair programming session will be Zoltán István Lehóczky. Would you like to be our guest? Just let us know! Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 471 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news about Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!