Drupal form's #tree option

Posted by KnackForge on September 27, 2016 at 5:08pm
knackforge blog Profile picture for user vannia Drupal form's #tree option

by - Sep 27, 2016 0 Comments

Tag(s) Form API Drupal planet

There may be a need to name the form elements in an array structure how the form is built. You can see this in Ubercart checkout pane form's input elements. This is very useful when one has a large multi-part form which can be grouped easily by their POST content's array format.

Eg: panes[delivery][delivery_first_name]

A simple flag on you $form construct array will do the trick. It's the #tree option. For whichever elements you set this #tree option, the element's children will be named with full reference to its parents.

Continue reading →

Configuration Management: Theory and Practice

Posted by Nuvole on September 27, 2016 at 4:23pm
Our presentation at DrupalCon Dublin 2016

Developers often want to use Configuration Management outside its intended use case. New workflows and practices have to be established.

We've just presented a gallery of problems and solutions at DrupalCon Dublin 2016.

The room was packed, and many people were denied admission for security reasons. For them, and for those who didn't manage to come to this DrupalCon, we are making the full presentation available here:

Tags: Drupal PlanetDrupal 8DrupalConAttachments:  Configuration-Management-Theory-and-Practice.pdf

Drupal Code Standards: The t() Function

Posted by Chromatic on September 27, 2016 at 2:16pm

This is the fifth post in a series about coding standards. In this post we’ll talk about how to use translation functions in both Drupal 7 and 8. This is so essential that it deserves its own post!

Other posts in this series:

  1. Drupal Code Standards: What Are They?
  2. Drupal Code Standards: How Do We Implement Them?
  3. Drupal Code Standards: Formatting
  4. Drupal Code Standards: Documentation
  5. Drupal Code Standards: The t() function
  6. Drupal Code Standards: Object Oriented Coding & Drupal 8
  7. Drupal Code Standards: Twig in Drupal 8

What is the t() function?

The t() function allows for localization and translates a given string to a given language at run-time. When coding, you wrap your user-facing strings in this function so that they can be translated.

When do I use it?

In just about every user-facing string. This ensures that your site can be localized! When in doubt, translate everything. You might be thinking "oh, this string will never need to be translated," but 2 years later, when you’re trying to find this string that’s showing up untranslated on the site, and your shareholders want it changed, you’ll be much happier if it’s already ready to translate. I may be speaking from experience here.

What does it do?

Firstly, t() translates text at runtime if you have more than one language enabled. Depending on which placeholder you use, it runs different sanitization functions.

The t() function takes 3 parameters, 2 of which are optional. The first is the string to be translated, the second is the array of replacements, if any. The third is an array of options. From Drupal.org:

$options: An associative array of additional options, with the following elements: * 'langcode' (defaults to the current language): The language code to translate to a language other than what is used to display the page. * 'context' (defaults to the empty context): A string giving the context that the source string belongs to.

String context (or translation context) is a way to organize translations when words have 1 to many translations. From the handbook page:

What is string context?

When translating Drupal’s user interface to other languages, each original (English) string can have only one translation. This is a problem when one English word has several meanings, like "Order", which can mean the order of elements in a list, to order something in a shop, or an order someone has placed in a shop. For many languages, the string "Order" needs a different translation for each of these meanings.

You can read more about string context here.

Using Placeholders

Placeholders come from the format_string function, which is called by t().

The most common placeholder is probably @variable. This placeholder runs check_plain() on the text before replacing it. Never pass a variable through t() directly - only string literals. The short explanation for this is that the string to be translated needs to be available at runtime, and a variable may not be available and may change its value. You can find an in-depth explanation here.

You use a placeholder to insert a value into the translated text, like in this example from the Advanced Forum contrib module:

$block->title = t(
  'Most active poster in @forum', array('@forum' => $forum->name)
);

You may also use %variable, which runs drupal_placeholder() on the text, which both escapes the text and formats it as emphasized text.

In Drupal 7, !variable inserts your value exactly as is, without running any sanitization functions, so you would never want to use this on user-entered text, and only on text that has already been properly escaped.

In Drupal 8, !variable is deprecated, replaced by :variable.

In Drupal 8, :variable is escaped with \Drupal\Component\Utility\Html::escape() and filtered for dangerous protocols using UrlHelper::stripDangerousProtocols().

So now you might be wondering what to do in Drupal 8 if you do not want to escape your text at all, now that the !variable placeholder is gone. There is a way! In the placeholderFormat() function, there’s a default case. Let’s take a look at the code:

default:
        // We do not trigger an error for placeholder that start with an
        // alphabetic character.
        if (!ctype_alpha($key[0])) {
          // We trigger an error as we may want to introduce new placeholders
          // in the future without breaking backward compatibility.
          trigger_error('Invalid placeholder (' . $key . ') in string: ' . $string, E_USER_ERROR);
        }
        break;
    }

So if we use a placeholder that starts with an alphabetic character, it won’t trigger an error, but it also won’t trigger any actions. You can use any alphabetic character(s) you like for your dummy placeholder. Something easily identifiable, like TT is a good idea - and comment your code!

When don’t I use it?

In Drupal 7, there are some instances where t() is not available.

During the installation phase, t() isn’t available, so you must use get_t(). You can do something like this:

$t = get_t();
$t(‘my string’);

Translation is also not used inside of hook_schema() or hook_menu().

In Drupal 8, t() is always available, so you can always use it.

t() and links

There are a lot of times that you may want to translate the text in a link - there are lots of ways to do this, and most of them aren’t the best. Here are some bad examples, and a good (and simple!) one.

Bad:


$do_not_do_this = t('Do not ')."" . t('link ') . ""  .t('to something like this.');


$bad = t('This is not a good way to make a @link.', array('@link' => ''. t('link') .'')); 


$dreadful = t('This is a dreadful way to make a link pointing to the Drupal API t() documentation.'); 


$awful = t('This may seem good, but it’s an awful way to link to this @doc.', array('@doc => l(t(‘documentation'), 'https://api.drupal.org'));

Good:

$good = t('Read about the t() function here.', array('@api' => 'https://api.drupal.org'));

Here’s an example from Drupal 8 Core, in the function install_check_translations() in install.core.inc:

// If the translations directory is not readable, throw an error.
    if (!$readable) {
      $requirements['translations directory readable'] = array(
        'title'       => t('Translations directory'),
        'value'       => t('The translations directory is not readable.'),
        'severity'    => REQUIREMENT_ERROR,
        'description' => t('The installer requires read permissions to %translations_directory at all times. The webhosting issues documentation section offers help on this and other topics.', array('%translations_directory' => $translations_directory, ':handbook_url' => 'https://www.drupal.org/server-permissions')),
      );
    }

In this code you can see that the tags are inside the t() function, and the url is escaped using the :variable placeholder.

It’s okay to put a little html in your t() function to simplify like this. The element can easily be moved around if the translation requires it, without needing to know any code other than which word is being linked. Our next section will talk more about keeping your text translatable.

Translation Best Practices

Writing your code and content to be translatable isn’t just a best practice, it may very well be used to actually translate your site, so sometimes you need to think from the point of view of a translator. Try not to abstract out pieces of content too much. Here’s an example. In English, you may have a blog title "Bob’s Homepage." You could want to abstract that into the following:


$username . "‘s " . t(‘Homepage.’);

What’s the problem here? In other languages, this phrase may be re-arranged. For example, in French or Spanish, it would be "Homepage de Bob." The above example would require a translator to change code. We don’t want that. So we write this:

t(‘@user’s Homepage.’, array(‘@username’ => ‘Bob’));

Now, this string can easily be changed to:

t(‘Homepage de @user.’, array(‘@username’ => ‘Bob’));

Concatenation Dos and Don’ts

In the example in the previous section, we showed where concatenating a translated string with another string can make trouble. There are some other things you want to avoid.

Don’t concatenate strings within t(). For example, don’t do this:


t(‘Don’t try to join’ . ‘ ‘ . @num . ‘ ‘ . ‘strings.’, array(‘@num’ => ‘multiple’));

Even if you think you have to, there is a better way.

And don’t concatenate t() strings and variables - you don’t need to!

Don’t do this:


t(‘This is a complicated way to join ’) . $mystring . t(‘ and translated strings’);

Additionally, the above would give you a codesniffer error because you should not have leading or trailing whitespace in a translatable string.

Do this:

t(‘This is a simple way to join @mystring and translated strings’, array(‘@mystring’ => ‘whatever my string is’));

This is how the t() function is designed to be used! Going around it defeats the purpose of using it at all.

Drupal 8 & Twig

In Drupal 8, the essential function and its use are the same. Wrap text in your module code in t(‘’), with the same optional placeholder and options arrays. As noted in the placeholders section, !variable has been deprecated and replaced with :variable.

With Drupal 8, we have the introduction of the Twig templating engine, and with that, new ways format our text for translation.

The simplest way is to pipe your text through |t. Here’s an example from the Devel contrib module:


 
    {{ 'Name'|t }}
    {{ 'Path'|t }}
    {{ 'Info file'|t }}
  

In the above code, we can see the text in the table headers piped into the translation function, just as it would be passed through t() in Drupal 7. You can also use |trans interchangeably with |t. You can use a {% trans %} block to translate a larger chunk of text or use placeholders. These blocks can also handle logic for plurals. Here’s an example from Drupal 8 Core:

{{ view.label }}

{% if displays %} {% trans %} Display {% plural displays %} Displays {% endtrans %}: {{ displays|safe_join(', ') }} {% else %} {{ 'None'|t }} {% endif %}

Here we can see that the template appropriately shows the translated text for “Display” or the plural, “Displays.”

From Drupal.org:

Values are escaped by default. The 'passthrough' filter can be used to skip escaping. The 'placeholder' filter can be used to form a placeholder. The default behavior is equivalent to @ in t(), while 'passthrough' matches ! and 'placeholder' matches %.

This comes from Twig, and is not yet commonly used in Drupal, but its usage with placeholders is similar to t(). Here’s an example from Drupal 8 Core:

 {% set includes = includes|join(', ') %}
  {% if disabled %}
    {{ 'Includes:'|t }}
    
  • {% trans %} Enabled: {{ includes|placeholder }} {% endtrans %}
  • {% set disabled = disabled|join(', ') %} {% trans %} Disabled: {{ disabled|placeholder }} {% endtrans %}
{% else %} {% trans %} Includes: {{ includes|placeholder }} {% endtrans %} {% endif %}

In the above code, we can see the use of the placeholder in Twig. The set lines set the placeholders to be used later in the code. The |placeholder filter indicates that a replacement is to be made.

Wrapping Up

This post has a lot of what not to do, but you’ll run into a lot of creatively incorrect code when it comes to translation, and now you’ll know it when you see it. Simple is best. Remember that this function exists to give translators a list of strings to translate, and you’ll be in the right frame of mind when assembling these strings to keep them flexible and translatable!

Have some questions/comments/concerns? Experience you’d like to share? Talk to us on Twitter: @ChromaticHQ!

Keep an eye out for our next post in our Drupal Code Standards series, on Object Oriented programming in Drupal 8!

How to Get Behind the Great Firewall of China

Posted by Acquia Developer Center Blog on September 27, 2016 at 2:10pm
photo of earth

Whether you’re outside China and trying to get in, or inside China and trying to get out, a well-known barrier sits between the Chinese internal network and the wider internet. The Great Firewall of China (防火长城) acts as a giant filter between the two networks, restricting access to external sites considered unsavory by the Chinese government.

Tags: acquia drupal planet

Drupal and polymer

Posted by Attiks on September 27, 2016 at 11:42am
Drupal and polymer27-09 2016Peter Droogmans

What if there were polymer elements for custom Drupal functionality

Read more

A day at DrupalCon with Corina

Posted by Amazee Labs on September 27, 2016 at 10:21am
A day at DrupalCon with Corina

It's this time of the year again. DrupalCon Dublin is finally here. Even though it's my fourth Con already, it's always a special event.

Corina Schmid Tue, 09/27/2016 - 12:21

The conference officially only starts Tuesday but Monday for me Monday is the more important day. It's the day of setting up our booth, making sure all things arrived and in the evening there was our Amazee Story Telling Tour around Dublin. They say a picture says more than 1000 words so here are some impressions of my DrupalCon Monday:

setting up

settin up2

booth last steps

Once the booth was set up we enjoyed the welcome reception. By the way, if you want to see the finished booth make sure you come by and meet us at the exhibit hall; we're at booth 700.

fhuby

inky

To finish off the day we ventured out on our Story Telling Tour learning about Irish Tales.

sstt

stt

sttd

tt

 

Chromatic at DrupalCon Dublin

Posted by Chromatic on September 26, 2016 at 4:06pm

If you're going to be at DrupalCon Dublin this week and let's be honest, if you're reading this post, you probably are...our very own Larry Walangitan (@walangitan) will be presenting on Twig templates in Drupal 8. If you're looking to gain a thorough understanding of Twig in Drupal 8, Larry has you covered.

From Larry's session page:

Drupal 8’s theming engine is now powered by Twig, but how do we turn over a new leaf after years spent using PHPTemplate to drive our themes? It’s time to take the plunge and discover how easy it is to start working with Twig today. Let’s put Twig under the microscope and compare what’s new and what’s stayed the same! ... You'll leave this session prepared to start working with Twig templates in Drupal 8.

Larry's session starts at 5pm IST tomorrow, September 27th in the Ecocem Room.

More on Larry's session here:

Drupal 8.2 Release October 5th!

Posted by The Sego Blog on September 26, 2016 at 1:42pm
09/26/2016Drupal 8.2 Release October 5th!

Earlier this month Acquia put on a great webinar hosted by Angie Byron & Gabor Hojtsy titled All You Need to Know About Drupal 8.2 and Beyond (slides linked below).

There were many topics covered and I could not help but get super excited for some things we can look forward to in the upcoming release of Drupal 8.2 slated for October 5th 2016.

Mike's picture

Faichi at DrupalCon Dublin

Posted by Faichi.com on September 26, 2016 at 11:55am

How to QUICKLY and SAFELY deploy to the live site WITHOUT comprehensive testing!

Posted by myDropWizard.com on September 26, 2016 at 11:41am

On the one hand, you want to deploy changes to the live site QUICKLY (for, say, a Highly Critical security update).

On the other hand, you want make changes SAFELY, ie. you don't want it to break the site.

Testing is good. Automated testing is great.

But what if you simply didn't have the resources to comprehensively test the change (either manually or automatically)?

Maybe the client isn't willing to fund a project to write automated tests. Maybe you don't have the extra time or extra people to do proper QA. Whatever reason, you just couldn't do it.

Is it possible to both quickly AND safely deploy to the live site WITHOUT comprehensive testing?

... besides just crossing your fingures and hoping it doesn't break?

We think there is a way. :-) Read more to found out!

At DrupalCon? Need Help? We'll Take Care of You.

Posted by Annertech on September 26, 2016 at 10:59am
At DrupalCon? Need Help? We'll Take Care of You.

With over 2,000 people expected to be in Dublin for DrupalCon this week, it's likely that someone, somewhere is going to need some assistance. We're all very helpful people in the Drupal community and so help should easily be available. But sometimes you get caught out and can't find people nearby - you get lost, you lose your phone, you're in an area of town and haven't a clue how to get back to your home, you are locked out of your AirBnB, you've gone to kiss the Blarney Stone not realising it was 350km away!

Lazy Builders in Drupal 8 - Caching FTW

Posted by qed42.com on September 26, 2016 at 8:36am
Lazy Builders in Drupal 8 - Caching FTW Body

Drupal caching layer has become more advanced with the advent of cache tags & contexts in Drupal 8. In Drupal 7, the core din't offer many options to cache content for authenticated users. Reverse proxies like Varnish, Nginx etc. could only benefit the anonymous users.  Good news is Drupal 8 handle many painful caching scenarios ground up and have given developers / site builders array of options, making Drupal 8 first class option for all sort of performance requirements.  

Lets look at the criteria for an un-cacheable content:

  • Content that would have a very high cardinality e.g, a block that needs to display user info
  • Blocks that need to display content with a very high invalidation rate. e.g, a block displaying current timestamp

In both of the cases above, we would have a mix of dynamic & static content. For simplicity consider a block rendering current timestamp like "The current timestamp is 1421318815". This rendered content consists of 2 parts:

  • static/cacheable: "The current timestamp is"
  • Dynamic: 1421318815

Drupal 8 rendering & caching system provides us with a way to cache static part of the block, leaving out the dynamic one to be uncached. It does so by using the concept of lazy builders. Lazy builders as the name suggests is very similar what a lazy loader does in Javascript. Lazy builders are replaced with unique placeholders to be processed later once the processing is complete for cached content. So, at any point in rendering, we can have n cached content + m placeholders. Once the processing for cached content is complete, Drupal 8 uses its render strategy(single flush) to process all the placeholders & replace them with actual content(fetching dynamic data). The placeholders can also be leveraged by the experimental module bigpipe to render the cached data & present it to the user, while keep processing placeholders in the background. These placeholders as processed, the result is injected into the HTML DOM via embedded AJAX requests.

Lets see how lazy builders actually work in Drupal 8. Taking the above example, I've create a simple module called as timestamp_generator. This module is responsible for providing a block that renders the text "The current timestamp is {{current_timestamp}}".

<?php
/**
* @file
* Contains \Drupal\timestamp_generator\Plugin\Block\Timestamp.
*/
namespace Drupal\timestamp_generator\Plugin\Block;
use Drupal\Core\Block\BlockBase;
/**
* Provides a 'Timestamp' block.
*
* @Block(
* id = "timestamp",
* admin_label = @Translation("Timestamp"),
* )
*/
class Timestamp extends BlockBase {
/**
* {@inheritdoc}
*/
public function build() {
$build = [];
$user = \Drupal::currentUser()->getAccount();
$build['timestamp'] = array(
'#lazy_builder' => ['timestamp_generator.generator:generateUserTimestamp', array()],
'#create_placeholder' => TRUE
);
$build['#markup'] = $this->t('The current timestamp is');
$build['#cache']['contexts'][] = 'languages';
return $build;
}
}

In the block plugin above, lets focus on the build array:

$build['timestamp'] = array(
'#lazy_builder' => ['timestamp_generator.generator:generateUserTimestamp', array()],
'#create_placeholder' => TRUE
);
$build['#markup'] = $this->t('The current timestamp is');

All we need to define a lazy builder is, add an index #lazy_builder to our render array.

#lazy_builder: The lazy builder argument must be an array of callback function & argument this callback function needs. In our case, we have created a service that can generate the current timestamp. Also, since it doesn't need any arguments, the second argument is an empty array.

#create_placeholder: This argument when set to TRUE, makes sure a placeholder is generated & placed while processing this render element.

#markup: This is the cacheable part of the block plugin. Since, the content is translatable, we have added a language cache context here. We can add any cache tag depending on the content being rendered here as well using $build['#cache']['tags'] = ['...'];

Lets take a quick look at our service implementation:

services:
timestamp_generator.generator:
class: Drupal\timestamp_generator\UserTimestampGenerator
arguments: []

 

<?php
/**
* @file
* Contains \Drupal\timestamp_generator\UserTimestampGenerator.
*/
namespace Drupal\timestamp_generator;
/**
* Class UserTimestampGenerator.
*
* @package Drupal\timestamp_generator
*/
class UserTimestampGenerator {
/**
*
*/
public function generateUserTimestamp() {
return array(
'#markup' => time()
);
}
}

As we can see above the data returned from the service callback function is just the timestamp, which is the dynamic part of block content.

Lets see how Drupal renders it with its default single flush strategy. So, the content of the block before placeholder processing would look like as follows:

<div id="block-timestamp" class="contextual-region block block-timestamp-generator block-timestamp">
<h2>Timestamp</h2>
<div data-contextual-id="block:block=timestamp:langcode=en" class="contextual" role="form">
<button class="trigger focusable visually-hidden" type="button" aria-pressed="false">Open Timestamp configuration options</button>
<ul class="contextual-links" hidden=""><li class="block-configure"><a href="/admin/structure/block/manage/timestamp?destination=node">Configure block</a></li></ul>
</div>
<div class="content">The current time stamp is
<drupal-render-placeholder callback="timestamp_generator.generator:generateUserTimestamp" arguments="" token="d12233422"></drupal-render-placeholder>
</div>
</div>

Once the placeholders are processed, it would change to:

<div id="block-timestamp" class="contextual-region block block-timestamp-generator block-timestamp">
<h2>Timestamp</h2>
<div data-contextual-id="block:block=timestamp:langcode=en" class="contextual" role="form">
<button class="trigger focusable visually-hidden" type="button" aria-pressed="false">Open Timestamp configuration options</button>
<ul class="contextual-links" hidden=""><li class="block-configure"><a href="/admin/structure/block/manage/timestamp?destination=node">Configure block</a></li></ul>
</div>
<div class="content">The current time stamp is 1421319204
</div>
</div>

The placeholder processing in Drupal 8 happens inside via Drupal\Core\Render\Placeholder\ChainedPlaceholderStrategy::processPlaceholders. Drupal 8 core also provides with an interface for defining any custom placeholder processing strategy as well Drupal\Core\Render\Placeholder\PlaceholderStrategyInterface. Bigpipe module implements this interface to provide its own placeholder processing strategy & is able to present users with cached content without waiting for the processing for dynamic ones.

With bigpipe enabled, the block would render something like the one shown in the gif below:

Lazy builder with Bigpipe

As you can see in this example, as soon as the cached part of the timestamp block "The current timestamp is" is ready, its presented to the end users without waiting for the timestamp value. Current timestamp loads when the lazy builders kick in. Lazy builders are not limited to blocks but can work with any render array element in Drupal 8, this means any piece of content being rendered can leverage lazy builders.

N.B. -- We use Bigpipe in the demo above to make the difference visble.

PIYUESH KUMAR Mon, 09/26/2016 - 14:06

Arriving in Dublin

Posted by erdfisch on September 26, 2016 at 7:34am
Arriving in Dublin Single image:  Hydra in front of anti-racism poster in Dublin 26.09.2016 Michael Lenahan Body:  Arriving in Dublin

Drupalcon Dublin is starting this week. Particularly exciting one for me since
I went to university here about a million years ago (a.k.a. the early nineties).

This was another era entirely, before the internet. I think the arrival of the
internet changed Ireland even more than most other countries. It is mainly
rural, and stuck on the western edge of Europe on the Atlantic. "Surrounded by
water" as the song says. The water comes down from above as well. Very, very
frequently.

So Ireland remains geographically on the edge of Europe, but digitally it is
extremely connected. Companies from Silicon Valley discovered a country with a
young and educated workforce, so they set up their European operations here from
the late 1990s on.

This changed Ireland. For most of its recent history it had been a poor country
where people mostly emigrated to find work. The Catholic church had a lot of
power over society in general, the health and education systems in particular.

Now, there are many foreigners living here and you hear people from all over the
world who speak English with Irish accents. This is something that is still
quite amazing for me.

It's a privilege to be here. Thank you, erdfisch! More to come ...

Schlagworte/Tags:  planet Ihr Name Kommentar/Comment Kommentar hinzufügen/Add comment Leave this field blank

Content Modeling in Drupal 8

Posted by Greg Boggs on September 25, 2016 at 7:43pm

In many modern frameworks, data modeling is done by building out database tables. In Drupal, we use a web-based interface to build our models. This interface makes building the database accessible for people with no database experience. However, this easy access can lead to overly complex content models because it’s so easy to build out advanced structures with a few hours of clicking. It’s surprising how often Drupal developers are expected to be content modeling experts. Here’s a well-written overview of content modeling for the rest of us who aren’t experts yet.

Data Modeling Goal

Our goal when modeling content in Drupal is build out the structure that will become our editor interface and HTML output. We also need to create a model that supports the functionality needed in the website. While accomplishing this, we want to reduce the complexity of our models as much as possible.

Getting Started

One of the first things to do when building a Drupal site is to build content types. So, before you start a site build, start with either a content model or a detail page wireframe. This spreadsheet from Palantir will help you. The home page design may look amazing, but it’s unhelpful for building out content types. Get the detail pages before you start building.

Why Reduce Complexity?

The more content types you create, the more effort it will take to produce a site. Further, the more types you have, the more time it will take to maintain the site in the future. If you have 15 content types and need to make a site-wide change, you need to edit 15 different pages.

The more pages you need to edit, the more mistakes you will make in choosing labels, settings, and formatters. Lastly, content can’t easily be copied from one type to another which makes moving content around your site harder when there are many content types. So, the first thing you’ll want to do with your content model is to collapse your types into as few types as feasible. How many is that?

5 Content Types is Enough

Drupal has many built in entities like files, taxonomy, users, nodes, comments, and config. So, the vast majority of sites don’t need any more than 5 content types. Instead of adding a new content type for every design, look for ways to reuse existing types by adding fields and applying layouts to those fields.

Break Up the Edit Form

Drupal 8 allows you to have different form displays for a single content type. With either Form Mode Control or Form Mode Manager, you can create different edit experiences for the same content type without overloading the admin interface.

Now that we’ve got the goal in mind and some tools to get us there, we’ll dive into the specifics of configuring field types such as hero images and drop down lists in my next post.

Badge Pick-Up is Open

Posted by DrupalCon News on September 25, 2016 at 2:18pm

DrupalCon is here! We have registration open here at the Dublin Convention Centre until 18:00 today. We will also be open bright and early at 7:00 on Monday to kick off the first day of DrupalCon Dublin! Come on by and pick your badge and tote and make sure to join us for the Opening Reception from 17:00-19:00 where everyone is welcome.

 

 

 

Drop Guard - Automatic Updates for Drupal - The Road Test!

Posted by Steve Purkiss on September 24, 2016 at 4:27pm
Drop Guard - Automatic Updates for Drupal - The Road Test! Drop Guard logo and strapline continuous security for Drupal Steve Purkiss Sat, 09/24/2016 - 17:27

Automating updates for Drupal has been a hotly debated topic for many years with a number of strong views expressed from all sides and some recent encouraging progress but as of yet still no resolution.

Due to Drupal's complexity, automating updates is not a trivial task however the importance of such functionality came to a head a couple of years back in October 2014 with the 'Drupageddon' where an exploit had been discovered in which users were told if they did not patch their system within just a few hours then it was likely their sites were toast.

As Drupal adoption continues, the pressure to implement such functionality grows and a sprinkling of commercial offerings have appeared, most notably Drop Guard which grew from an internal tool built by German Drupal web & mobile app agency Bright Solutions. Bright created the ERPAL distribution of Drupal, an all-in-one e-business backroom platform, so they know their Drupal and I was eager to try out their service. It also looks like the Drop Guard site itself is built on top of ERPAL.

As usual with Drupal there are a million-and-one things on my try-out list with more exciting stuff appearing each day, so I was excited when I saw a tweet from Drop Guard offering a free ticket to DrupalCon Dublin in return for an impartial review of their service - I wasn't planning on going but this meant I could just about justify attending, and I would finally get round to setting up automated updates for my new purkiss.com which I'd just started to build in Drupal 8.

I replied within a few seconds and won the prize! Of course now I had to do the work, so for the past month and a half I've been road-testing their service and below is my report. I'm actually writing this in the extended sprints on the Saturday before DrupalCon - I had planned on writing it before but one thing led to another and I ended up having to do some client work, but as luck and Drupal small-world would have it, one of the first Drupalers I met this morning just happens to be working on building a new user interface for Drop Guard so not only did I manage to gain a little more info on the service and company, but also a sneak peek at what looks like a much more user-friendly interface to this important service offering.

I must admit, my review would have been quite different if I hadn't seen those mock-ups, so I'm very glad I did - everything happens for a reason, etc.!

What's the offering?

Billed as "The update management system for automation and quality assurance", Drop Guard provides continuous security for Drupal, targeted at hosting providers, Drupal agencies, freelancers and non-profits - the latter of which they have recently offered a free of cost tier for, which in my mind is a very Good Thing. For individual sites they currently have three pricing option - €9pcm plus tax for up to 30 contrib modules covered, €29 for up to 70, and €59 for up to 150, plus tailored offerings for agencies. 

All packages offer the same functionality underneath - fully controllable workflow for updates, automated patch detection and application - provided you set up everything as needed, which can be done through their integration into Continuous Integration ('CI') tools and options for Secure Shell ('SSH') deployments. 

Seamless integration with the major Drupal-specific hosting providers is also part of the offering, so all-in-all a good offer for the price, considering how much time is spent on these tasks plus the knowledge that if there's an urgent update and you're not around, or asleep, or without a connection, your site(s) are safe. I do wonder what will happen as more companies launch similar services, whether it will be a race to the lowest price until core decides to provide it for free? More on that later...

A note on our value as a community

I'm going to be particularly picky with my review because I believe there is a space for this kind of value-added service in the market but I think over the next couple of years the landscape will be very different with a number of offerings, so hopefully by providing detailed feedback I can provide more value than just a review saying "it's great".

As an offering that has grown from the community I would very much like to see Drop Guard succeed and not be overtaken by something which comes along with bigger financial backing but perhaps no 'soul', and as a community I believe it's in our hands to support these kinds of community-grown offerings - if we just watch from the sidelines but don't join in their growth by helping out, recommending and of course using their service then we are not in a position to complain if they disappear.

I also really appreciate the opportunity they have given me to attend DrupalCon as it means I can be around kindred folk enjoying the many DrupalCon goings-on and get to run my BoF sessions (shameless plug: Co-op BoF Tuesday 5pm, Freelancers & Contractors BoF Wednesday 5pm, both Wicklow Room 3). I believe this kind of value sharing between companies and community is the way forward - "growing the pie for everyone" as I've heard time and again at various Drupal events. So hopefully my review will provide value to you too, please do feel free to comment using the form at the bottom of this article, it would be great to hear what your experiences, thoughts and opinions on the subject - don't be shy!

Step 1: Creating an account

So, on to the system itself - I was particularly interested to see how this worked as many projects I've worked on utilise CI, however apart from playing around with Jenkins for a while some time ago, I'd not had a pressing reason to set anything up for myself - it had always been something someone else had done. I soon found out I was not going to be Drop Guard's 'usual' customer as for me when I read 'Automated patch detection and application' I naively had the impression I was just going to enter a few login details and Drop Guard was going to magically work everything out for me whilst I get on a plane to go lay on a beach somewhere. As usual though, there's a little more than that to do to set everything up, but once it is then yes, perhaps it's ok to go catch that plane!Drop Guard Screen - Create Account

The account creation screen to me has a few too many fields to fill out in this current day and age where quickly lose interest - not that it has too many questions, but really all you need is an email address - the rest can be added later. For mission-critical required information, sure, but other questions seem more relevant to what Drop Guard want in order to profile you as a customer type, which don't seem to have any immediate effect on what I'm presented with after login, so I would say leave them out and let users choose once in the system. There's also a 'Promo Code' field, which to me just makes me feel like there's a promo code lying around somewhere I should be searching the net for. As I also found out later, it defaults to the account creation screen, so when you come back to the website you have to click the 'I have an account' in order to log in, I would say switch that - it's how most other sites work and if I want to create an account I have no problem in clicking a tab but it does get slightly annoying having to click every time I log back in.

There's also a link underneath the registration form to their slack channel which slightly worried me as I'm not a user of slack due to its proprietary nature - as a developer of Free/Libre Open Source Software many of my answers come from searching the web for similar situations, and unless you pay slack a lot of money, that history is not available for search so although it's a nice user-friendly interface I would much prefer to see people adoption more open solutions such as Mattermost. I presume here there are other options for support so carry on my journey.

As previously mentioned I'm going to be picky, but it's what I felt, so it's what I'm going to type - also remember with a redesign on the cards things may have changed by the time you read this!

Step 2: Adding a project

Once you've registered and confirmed your email by clicking on the link that's sent to you, a screen is presented where you can set up your first project. There's only a few fields to fill out - a name for your project, the URL of your code repository (Git only, but I'm unsure of any value supporting other code versioning systems, if they still exist) and a field for tags. This tags field threw me a little as there was no description as to how the tags would be used, I'm presuming they're if you have a number of sites then tagging is useful but I wouldn't necessarily have the field here.

Drop Guard Screen - Add a ProjectI was encouraged to see the link to the support chat, now I know I don't have to use slack to get in touch with Drop Guard if I need any help. Of course being me it's now a little annoying as I go from screen to screen as if these chat things auto-open I often think someone's there waiting for me to talk so I always end up clicking to minimise it!

I experienced problems with the system not accepting my Git URL which, after a few conversations with the Drop Guard team turned out to be browser caching issues which I believe perhaps came from the heavy in-development phase the system was at the time, and all worked well after clearing my cache so if you do by chance experience issues. Saying that though, I've just tried to add another project and it's come up with the same error - 'Git username can't contain ":" and "@" characters'. I cleared all my caches (which is a pain now I'm going to have to log in to everything again!), so no doubt I'll be approaching the Drop Guard at DrupalCon to see what the deal is - go see Drop Guard at booth #105 if you're attending!

Step 3: Site config

To enable access to your Drupal site, Drop Guard has its own module on drupal.org which you download and isntall on your site. This module provides you with a User ID and Access Token which you enter into this screen, along with the URL of your site. All very simple & has my specific details so no screen shot for this step.

Step 4: Update behavioursDrop Guard Screen - Update Behaviours

You now get to choose what type of updates you want Drop Guard to do anything with and how to handle them. I found this a little overwhelming to begin with and although there is a 'Reload best practices', I believe there could be perhaps three options available in order to provide different levels of security based on best practices. You could then delve deeper into the individual settings. I was encouraged that you can apply changes to different branches, this system really does cover all potential update workflows.

Step 5: Events

Drop Guard Screen - EventsOnce you've selected your update behaviours you now get the opportunity to attach actions to these events - request a URL, send an email, execute an SSH command, merge a branch, and create a task in project management system. You can add any number of these to each event depending on your particular workflow - for me at this moment I'm happy just being sent an email, but I can see how easy it's going to be to hook into my CI once I've set it up(!).

Step 6: IntegrationsDrop Guard Screen - Integrations

The last setup screen is if you want to connect to your project management system, which I don't have so can't really comment on the functionality other than to say I'm sure it's useful for those who do - the options at the moment are for Jira and Redmine.

Step 7: Sit back and relax!

And that's it, now it's time to sit back, relax, and let Drop Guard do the hard work for you! Although I'm only using it on a very small site it's still very useful as the Drop Guard system emails are far more descriptive than the out-of-the-box Drupal site ones so I can judge better as to whether I need to do something or not. I look forward to setting up continuous integration for my site and configuring Drop Guard to do a lot more for me. I guess I could start by just setting up a few SSH commands to run on specific events, we'll see if I have some time once I get back after DrupalCon...

Conclusion

I've really enjoyed testing the system out and communicating back and forth with the team and as mentioned look forward to integrating my own site more into the update system than it is right now and feel very confident Drop Guard will be able to deal with a number of different scenarios in any which way I want it to. That's if I manage to get to the bottom of my original issue of not being able to add a site - in this day where more of these types of services are appearing on what seems a daily basis, if I find one that works for me out-of-the-box first time, that's probably going to be the one I end up using. I do feel that you're kind of dropped in the deep end straight away and this could perhaps be split up a little more depending on the audience. In a way I felt that if you had all that knowledge already then perhaps you have your own system set-up so it's going to be a choice whether you pay for a system like this or continue down your own path.

Currently I don't see the value differential between the various services, but then as said I'm not their typical client. If the aim is for hosting companies and agencies then they also have the added issue of eventually it being more cost effective in the long term to develop their own systems, but I don't really know enough about what's involved in running this service so can't comment any more than I know a site builder who's built a system that suits their needs, on their own, which manages hundreds of sites. Obviously not everyone's capable of doing that, but it's a case of hunting out that niche where this system hits a sweet spot and then developing your market from there. Or if the idea is to simply build the 'best' system then sell to some large hosting provider then I guess that's a way forward too.

As well as creating a few simple options to ease people into the service I did wonder why they don't market the system on the code security side too - as they have access to your system it would be easy to see whether the code has been changed since they last checked - to me as a user knowing if my code has changed is kinda important and could be a good 'value add' service to market - hacked protection!

It will be interesting to see this market develop, momentum is certainly gathering as I see a seemingly similar offering launched recently, plus more Drupal-specific agencies offering this service as part of their packages. With Drupal core also potentially offering at least some of this then companies in or thinking of entering this space will seriously need to think about what their USP is as there's nothing here which is 'secret sauce', it's all Free/Libre Open Source Software. Let's hope it doesn't become a race to the bottom in terms of price-point, and if it does then let's do it all in core because you can't beat Free.

Once again I'd like to thank Drop Guard for this opportunity and encourage you to try out Drop Guard for yourself, and if you're lucky enough to be in Dublin for DrupalCon then go see them at their booth!

Category Product & Service Reviews

Tags

Add new comment

Extended Sprints Info

Posted by DrupalCon News on September 24, 2016 at 9:00am

We are up and running at the Extended Sprints location.  Join us at DoSpace for lots of natural light, coffe/tea, and wifi!  

When you arrive you will see the DrupalCon signs as well as an Aikido space and we are just up the stairs.  Come across the Harp Bridge by the Convention Center, keep straight on Macken Street, and look to your left for the DrupalCon Extended Sprints signs.  If you cross under the train bridge, you've gone too far.  

Come on in and sprint from 9:00-21:00 both Saturday and Sunday.

 

 

A Drop of The Deep Water

Posted by Wuinfo on September 23, 2016 at 9:32pm

"Someone is looking for Drupal developers. Are you interested?", I asked one of my friends. "I will never touch Drupal again.", That is the most negative statement I have heard so far. Yes, Drupal has an interesting learning curve. It is not easy to master quickly. When we talk about learning Drupal, There are some of us left Drupal after many years as a Drupal developer, disappointed, frustrated. It is a sad truth some of us have worked with Drupal for many years, and still not find the beauty of her. I want to discuss how we can avoid it and how to obtain the power of Drupal quickly in an exciting way.

Here is something interesting about Drupal. After seven years into it, I found myself is still learning new thing and gain a little bit deeper understanding of it. When looking into the code of the core and contributed modules, I can see what the other developers were thinking; I saw how they tackled the problem. I have a great sense of connection with them. It is not just merely the code itself. It is a collaborated among many developers in the past, present and future. So, keep learning is the key to getting deeper inside of it.

Drupal is a tool. We are learning the skill to use this tool. It can be boring if the purpose is just to learn and understand it. It is a tool. So, the best way is to use it. Use it in the best possible way we can find. Always, find multiple solutions and choose one of the best to implement it.

Most of the requests from our customers, managers are reasonable. A lot of time, they are looking for a better user experience. It is the critical element leading to the success of a product. Enhancement of user experiences is a big thing. Never push it back off quickly. There is nothing like Drupal can't do it. Yes, we can do it. We have a lot of contributed modules to do it. If we can not find one, we build one and contribute it back to the community. So, others do not need to invent the wheel again. We take on all kinds of the challenge and find the best possible way to face it. By doing that, we dive deep inside of the water.

When it comes to working on a ticket and solving a problem, we create a patch, and there is no error. That is not sufficient. We can ask ourselves couple more questions. Are there other ways to do it? Is the way what I just did will affect other functions and will this limit the future expansion? Are there any bad things introduced down the road? Is there anything that might sabotage the whole system because of this change? We are going to find the best possible way, a native way. Always looking for the best and willing to take on challenges. It helps us learn it and getting deeper. It is how we can learn stuff that others will not get it from tutorial videos.

If your manager is not a taker and wants to burn you out, always take the challenge. When facing a problem, do not find a way to avoid it. Find as many as possible ways to address the problem. Pick one of the best one; Find a natural way that might have come with the original system design.

Solving a problem, fix a bug is not a big deal. Solve it in a right way is a deal. There are always many methods to solve a single problem, choose the right one. Do not get satisfied by fixing something with a single shot. Ask ourselves to look for more ways to it, use the best one. It is like giving away your talent to solve the problem. It leads me to a commercial ad on a Canadian TV channel. "Greatness is not what you have; it is what you give." Give your greatness to Drupal. The more you give, at the same time, the more skill you get.

Is web development hard?

Posted by Iztok Smolic on September 23, 2016 at 5:37pm

Is creating website really so hard? This is a question I get from people not in the industry after I tell what we do at AGILEDROP. My reply is that web development is hard because it is just one form of programming. And programming is hard. Difficult to learn and even more difficult to master. Why […]

The post Is web development hard? appeared first on Iztok.

Pages

Subscribe with RSS Subscribe to Drupal.org aggregator - Planet Drupal