Axelerant Blog: Drupal 9.1 Is Here: Are You Ready to Upgrade?

Planet Drupal - Wed, 2021/06/09 - 1:44pm

As expected, Drupal 9.1 was released on schedule at the closure of 2020. We have already talked about the Drupal 9 release and how it’s a testament to the predictable and reliable nature of the Drupal release cycle. Drupal 9.1 takes a step forward by adding more features and releasing them as predicted.

In this blog, we will be discussing the new improvements and more that will follow. 

Is it worth upgrading?

The Drupal 9.1 stable release was out as expected on Dec 2nd, 2020. We previously advocated that if you are on Drupal 8.9, you needn’t hurry to upgrade to Drupal 9.0 as you would not see many new features. But that’s changed.

Drupal 9.1 adds exciting features and updates along with support for PHP 8 (we have previously written about making Drupal 9 compatible with PHP 8).

It’s also worth upgrading as Drupal 9.1 brings significant changes in the user interface for both sighted users and assistive technology.

Categories:

Axelerant Blog: Upgrade Drupal to PHP 8: Compiling extensions

Planet Drupal - Wed, 2021/06/09 - 1:44pm

In the last article, we discussed the changes required to get Drupal 9.1 running on PHP 8. At that time, we got the Drupal 9.1 dev release working on PHP 8.0.0 RC4 with a few patches. Since then, a lot has changed with many of those patches being committed and Drupal 9.2 dev open for development. But we’ll talk about all of that at a later date. Today, let’s look at getting some of the common PHP extensions and configure it to run with Drupal.

We left off at a point where we have plain Drupal 9.1 running on a plain PHP 8 RC4 setup. Drupal doesn’t require any extensions, not in PHP core, and that means we only had to enable extensions like gd, MySQL, and others to have Drupal 9.1 running. With that, we were able to install Umami and use the site without any problems at all. To enable those extensions, we only needed our docker-php-ext-enable script, which is part of the PHP base Docker imageSee the Dockerfile in the reference repository for the source code (lines 41-52). Installing other extensions that are not part of the PHP core is not quite that simple. Think of it this way: if a module is present in Drupal core, you can install it right after downloading Drupal. But if it is a contrib module, you have to download and install it separately. It’s the same thing with PHP extensions.

Why test with extensions?

Just as you probably wouldn’t have a Drupal site with at least one contrib module, you probably wouldn’t have a PHP installation without a few of the common extensions. Drupal core utilizes some of these extensions when they are available (such as APCu and YAML), which yields better performance. This means that even though the extensions are not technically required, you would most likely have them.

Categories:

Ben's SEO Blog: The Metatag Module

Planet Drupal - Wed, 2021/06/09 - 1:00pm
The Metatag Module

https://www.drupal.org/project/metatag

Credits & Thanks

Thank you to:

Tracy Cooper Wed, 06/09/2021 - 06:00
Categories:

ComputerMinds.co.uk: Context-aware blocks

Planet Drupal - Wed, 2021/06/09 - 12:54pm

Defining your own Drupal block plugins in custom code is really powerful, but sometimes you can feel limited by what those blocks have access to. Your block class is like a blank canvas that you know you'll be pulling data into, but how should you get that data from the surrounding page? Often you have to resort to fetching the entity for the current page (e.g. on a node page), in order to get the values out of its fields that you want to display. Plugins can actually have a context passed to them directly - which can be common things like the logged-in user, or the node for the page being viewed. Let's have a look at how to tell Drupal what your plugin needs, so you don't have to do the donkey work.

If you've created a block plugin, you'll already be aware of the annotation comment just above the class name at the top of your PHP file. It might look something like this:

<?php namespace Drupal\mymodule\Plugin\Block; use Drupal\Core\Block\BlockBase; /** * Show some fields for the current page in a block. * * This block can be placed anywhere on the page, so the fields could appear in * a sidebar, etc. * * @Block( * id = "specialityfields", * label = @Translation("Special fields"), * context_definitions = { * "node" = @ContextDefinition("entity:node", label = @Translation("Node")), * } * ) */ class SpecialityFields extends BlockBase {

Spot that last property in the annotation: the context_definitions part. That's where the block is defined as requiring a node context. The 'entity:node' part tells Drupal that the context should be a node; Drupal supports it just being 'entity' or various other things, such as 'language' or even 'string'. You can very easily get hold of the context for your block, e.g. in the build() method of your class, allowing your block to adapt to its surroundings:

/** * {@inheritdoc} */ public function build() { $entity = $this->getContextValue('node'); return $entity->field_my_thing->view(); }

I've used a very simple tip from our article on rendering fields for the output of this method. But the key here is the use of $this->getContextValue('node');. Our block class is extending the BlockBase base class, which gives us that getContextValue() method to use (via ContextAwarePluginTrait, which you could use directly in your plugin class if you're not extending BlockBase). The 'node' parameter that we've passed to it should match the key of the context definition array up in the class annotation - it's just a key that you could rename to anything helpful. Plugins can specify multiple contexts, so distinguish each with appropriate names.

In this basic case of using a node, the chances are that you're just wanting to use the node that the current page is for. Drupal core has 'context provider' services - one of which provides exactly that. Most basic Drupal installations probably won't have other context providers that provide nodes, so the node just gets automatically passed through, without you having to do anything else to wire it up. Brilliantly, the block will only show up when on a node page, regardless of any other visibility settings in the block placement configuration. You can bypass that by flagging that the context is optional in its definition - spot the 'required' key:

context_definitions = { "node" = @ContextDefinition("entity:node", required = FALSE, label = @Translation("Node")), }

A slightly more interesting example is for users, as Drupal core can potentially provide two possible contexts for them:

  1. The currently logged-in user, or at least the entity object representing the anonymous user if no-one is logged in.
  2. The user being viewed - which will only be available when visiting an actual user profile page.

When there are more than one possible contexts available, block placement configuration forms offer the choice of which to use. So you might want a block in a sidebar on profile pages to show things to do with the user who owns that profile - in which case, select the 'User being viewed' option in the dropdown. Otherwise the data your block shows will just be about you, the logged-in user, even when looking at someone else's profile. Internally, your selection in the dropdown gets stored as the context mapping, which you can see in the exported configuration files for any context-aware block (including those automatically selected due to only one context being available).

If all this talk of Contexts is reminding you of something, it's because the concept was brought into core after being used with Panels in older versions of Drupal. Core's Layout Builder now uses it heavily, usually to pass the entity being viewed into the blocks that represent fields etc that you place in each section. For anyone that really wants to know, those blocks are defined using a plugin deriver - i.e. a separate class that defines multiple possible block plugins, dynamically. In the case of Layout Builder, that means a block is dynamically created for every field an entity can have. If you use plugin derivers, you might need dynamically set up context definitions too. So in the deriver's getDerivativeDefinitions() method, you could have something like this, the PHP equivalent of the regular block's static annotation:

/** * {@inheritdoc} */ public function getDerivativeDefinitions($base_plugin_definition) { $derivative['context_definitions'] = [ 'node' => new ContextDefinition('entity:node', $this->t('Node')), ]; $this->derivatives['your_id'] = $derivative; return $this->derivatives; }

I've only lightly touched on context provider services, but you can of course create your own too. I recently used one to provide a related 'section' taxonomy term to blocks, which pulls from an entity reference field that nearly all entity types & bundles on a site had. The blocks display fields from the current page's parent section. It made for a common interface separating that 'fetching' code from the actual block 'display' code. I recommend understanding, copying & adapting the NodeRouteContext class (and accompanying service definition in node.services.yml) for your case if you have a similar need.

I hope this awareness of context allows your blocks to seamlessly adapt to their surroundings like good chameleons, and maybe even write better code along the way. I know I've had many blocks in the past that each had their own ways of pulling relevant data for a page. Contexts seem like the answer to me as they separate fetching and display data, so each part can be done well. Getting creative with making my own context types and context providers was fun too, though probably added unnecessary complication in the end. Let me know in the comments what context-aware plugins enable you to do!

 

Photo by Andrew Liu on Unsplash

Categories:

Bounteous.com: Speaking at Drupal Events: A Non-Code Way to Contribute to Drupal

Planet Drupal - Tue, 2021/06/08 - 6:16pm
Explore different ways to get involved in the Drupal community including speaking at Drupal events through the eyes of first-time speaker Irene Dobbs.
Categories:

Specbee: Building Secure Drupal Websites with the Password Policy Module

Planet Drupal - Tue, 2021/06/08 - 1:04pm
Building Secure Drupal Websites with the Password Policy Module Kiran Singh 08 Jun, 2021 Top 10 best practices for designing a perfect UX for your mobile app

 

Website’s security is never (and should never be) an afterthought. A breached website does not just cause a loss in revenue but also in reputation. A secure website is one that has been developed keeping in mind different ways it could be broken into.

For this, we must ensure that the security checklist is handled before the launch and also after the launch of the site. One of the most important steps to ensure a secure Drupal website is to make certain that users have and maintain strong password policies. Out of the box, Drupal does not enforce a strong password policy. By default, you can choose to set easy (and weak passwords). But this behavior is not recommended especially for users who have content administration and other higher privilege permissions.

And that’s where the Drupal Password Policy module shines. It enables site admins to set strong password policies and enforce restrictions to a website. The Password policy module is a contributed Drupal module that is compatible with Drupal 9 as well.

Installing the Password Policy Module

Step 1: Install the Password Policy module using composer or download from here.

$ composer require 'drupal/password_policy:^3.0@beta'

Note: Before installing the password policy module, make sure you have installed and enabled the Ctools module.

Step 2: Enable the downloaded module using drush or Drupal UI.

Through the Drupal UI, head to the module listing page. Under the Security tab, you will find the password policy module with submodules. Enable the first Password Policy module and then the submodules as per your requirement.

Configuration

To configure your recently installed and enabled Password policy module, go to Configuration → Security → Password Policy. Here you will add password policies for various roles with different constraints as per your requirement.

Now give a Policy name and set password reset days. If you don't want to the password to expire, set the Password reset days as 0 days.

After this, you can add constraints and configure it through the Constraints settings tab. Note that the submodule that you added in security modules listing will list in the Constraints dropdown.

Let’s implement this with an example for better understanding. I need to add a password policy for an author role that enforces that the password must contain a minimum of 3 characters from the subsequent character types: lowercase letters, uppercase letters, digits, special characters, a minimum of 1 special character and the password length must be a minimum of 8 characters.

 

 

 

Once you have configured the above constraints, apply it to the author role.

Click on the Finish button to create your new password policy. You have now successfully created a password policy for the author role.

As hackers and bots are getting more sophisticated and powerful, you cannot protect your website with just one layer of security. The best kind of security is the one with multiple security layers and one of the most important layers is the password protection policy layer. Drupal’s Password policy module offers tons of flexibility for admins to create various types of policies and enforce constraints. Drupal is widely known for the security it offers and Specbee is committed to leveraging the best security features provided by Drupal. Contact our Drupal experts to know how we can help you build more secure and robust digital experiences.

Drupal 9 Drupal 9 Module Drupal Development Drupal Module Drupal Planet Drupal Tutorial Drupal Shefali ShettyApr 05, 2017 Subscribe For Our Newsletter And Stay Updated Subscribe

Leave us a Comment

  Shefali ShettyApr 05, 2017 Recent Posts Building Secure Drupal Websites with the Password Policy Module Image Configuring your Drupal Project on CircleCI – An Introduction Image Adding custom oEmbed providers to remote video media source with Drupal 9 & Drupal 8 oEmbed Providers module Want to extract the maximum out of Drupal? TALK TO US Featured Success Stories

A Drupal powered multi-site, multi-lingual platform to enable a unified user experience at SEMI.

link

Discover how our technology enabled UX Magazine to cater to their massive audience and launch outreach programs.

link

Discover how a Drupal powered internal portal encouraged the sellers at Flipkart to obtain the latest insights with respect to a particular domain.

link

Categories:

Danny Englander: Drupal 8 & 9 Theming: How to Render and format JSON Data With PHP and Twig Using the JSON Field Module

Planet Drupal - Tue, 2021/06/08 - 9:00am

There's a neat little Drupal module called JSON Field and recently, I had a chance to play around with it. Out of the box, JSON field is a just a plain field where JSON data can be input and output on a web page. On its own, the module does not do much beyond just printing the raw data formatted as JSON. However, I got to thinking it would be nice to nicely format the data with HTML. In this article, I will show you how I accomplished this with both a preprocess function and some custom code in Twig.

Getting started

First, you'll want a Drupal 8 or 9 instance running. In the root of your project, run:

composer require drupal/json_field

Note, if you get an error, you may need to append a version number, for example:

composer require drupal/json_field:1.0-rc4

Next, enable the module and create a new field on an entity, for example on a page content type. When I created my field, I chose the option, JSON stored as raw JSON in database

Next, input some JSON data, for sample data, I like to use Mockaroo. (At a high level, I could envision using the Drupal Feeds module to import JSON data in bulk and mapping it to a JSON field but I have not tested this.)

An example of the Mockaroo interface showing mock data being generated Create a preprocess function

We are rendering this data in a node so I have a basic node preprocess function setup below with a sub-theme of Olivero called Oliver. Within this, we will leverage Xdebug to examine the data up close. We write this code in our theme's .theme file.

<?php /** * @file * Functions to support theming in the Oliver theme. */ /** * Prepares variables for node templates. */ function oliver_preprocess_node(array &$vars) { // Custom ...
Categories:

Lucius Digital: How to limit the taxonomy terms in 'Exposed Drupal Views filters', to the tags that are used in included nodes, in multiple Views

Planet Drupal - Mon, 2021/06/07 - 8:10pm

Last month we implemented the 'Resources' page on iias.asia, as you can see: you can filter the Resource nodes on this page in the right of the screen. This is a Drupal View with exposed filters, which are placed via a block via Twig Tweak module.

There is a 'Region' Filter and a 'Tags' taxonomy reference field, which are also used in other content types. 

We only wanted to show used terms in the drop downs.

So, there are other pages (Views) that also implemented this tag as a filter (like the Alumni page). But of course: those pages have other content types, so 'used tags' are also different.

So here is how we limited the used tags, per Drupal View, this article gave us a kickstart.

YOURMODULE.module:
Categories:

Jacob Rockowitz: How are the Webform module's Open Collective funds being spent?

Planet Drupal - Mon, 2021/06/07 - 5:08pm

My last blog post thanked the collective's individual backers and supporting organizations for their financial support. Now I would like to break down how the collected funds were spent to tag the Webform module's latest release.

Tracking my time

To provide the most value to backers, I opted to track my time in five-minute increments in the hopes that the amount of work that goes into maintaining the Webform module can be better understood. Tracking these smaller increments also shows how solving a problem or providing support is a multistep process, which begins with triaging issues.

Triaging issues

Triaging the Webform module's issue queue has proven to be one of the most challenging tasks related to maintaining the Webform module. I have struggled with wrangling the issue queue, nudging people in the right direction, and now I am finally putting my foot down when I feel people are taking advantage of open source. Admittedly, I was getting burned out when dealing with people who did not appreciate the value of my open source work. Fortunately, I see now that many people value my open source work, and they want to see me compensated for my time.

The overall challenge to wrangling the Webform module's issue queue is that everyone has different levels of experience in Drupal. Organizations are trying to build unique and complex digital experiences. If you combine this with the fact that we are an international community, the result is that issue...Read More

Categories:

Jacob Rockowitz: How are the Webform module's Open Collective funds being spent?

Planet Drupal - Mon, 2021/06/07 - 5:08pm

My last blog post thanked the collective's individual backers and supporting organizations for their financial support. Now I would like to break down how the collected funds were spent to tag the Webform module's latest release.

Tracking my time

To provide the most value to backers, I opted to track my time in five-minute increments in the hopes that the amount of work that goes into maintaining the Webform module can be better understood. Tracking these smaller increments also shows how solving a problem or providing support is a multistep process, which begins with triaging issues.

Triaging issues

Triaging the Webform module's issue queue has proven to be one of the most challenging tasks related to maintaining the Webform module. I have struggled with wrangling the issue queue, nudging people in the right direction, and now I am finally putting my foot down when I feel people are taking advantage of open source. Admittedly, I was getting burned out when dealing with people who did not appreciate the value of my open source work. Fortunately, I see now that many people value my open source work, and they want to see me compensated for my time.

The overall challenge to wrangling the Webform module's issue queue is that everyone has different levels of experience in Drupal. Organizations are trying to build unique and complex digital experiences. If you combine this with the fact that we are an international community, the result is that issue...Read More

Categories:

Lemberg Solutions: 11 Lesser Known Drupal Commerce Modules That Will Improve Your Online Store

Planet Drupal - Mon, 2021/06/07 - 12:39pm
In our recent post, Lemberg’s Drupal engineer Mykhailo Gurei shared a step-by-step process of creating a basic online store using Drupal 9 and Commerce. That store included some of the most essential features of any ecommerce website, like cart, order, checkout, payment, shipping, promotions, and more.
Categories:

Matt Glaman: What is the deployment identifier in Drupal?

Planet Drupal - Mon, 2021/06/07 - 5:44am

Did you know that Drupal has a deployment identifier? This deployment identifier triggers different actions in Drupal and can be used to streamline your Drupal deployments. In this video, I will walk through how the deployment identifier is used and how you set it.

Categories:

robertroose.com: Helpful tools for Drupal web designers and site builders

Planet Drupal - Fri, 2021/06/04 - 3:24pm

In this post I share the tools I use to design and build Drupal websites. Ranging from design applications such as Figma to Chrome extensions which help you test your Drupal site.

Categories:

Community posts: Drupal Community Update - June 2021

Planet Drupal - Fri, 2021/06/04 - 1:17pm

Continuing our series highlighting the work of initiative groups across the Drupal community, this month we are catching up with six more groups:

  1. DrupalCon Europe Advisory Group, by Imre Gmelig Meijling
  2. Drupal Trivia, by Stella Power
  3. Bugsmash, by Kristen Pol
  4. Decoupled Menus, by Théodore Biadala
  5. Project Browser, by Mihaela Jurković
  6. Security Team, by Tim Lehnen

The takeaway message this month is that there are some key opportunities to get involved and help grow the Drupal community with fun and interesting contribution. Certainly, helping Stella with the curation of questions for one of the most fun parts of the Drupal year, Trivia, has to be a highlight!

If you spot a place where your skills fit, don’t hesitate to contact either the group’s spokesperson, or Community Liaison, Rachel Lawson.

DrupalCon Europe Advisory Group, by Imre Gmelig Meijling What have been your priorities in the last three months?

Together with DrupalCon Europe Advisory Group, Kuoni, the Drupal Association and many local camp organisers and passionate Drupal volunteers from Europe and around the world, we have been working on DrupalCon Europe 2021.

While still being a COVID year and people getting weary of online events and sitting behind screens all day, DrupalCon will happen. We all need that place to connect and share, albeit online.

European Drupal camps are uniting with DrupalCon so Drupal enthusiasts will have 1 major conference to go to. Speakers, sponsors and attendees won't have to take up so much effort to organize an online event themselves. Instead they can team with the DrupalCon team and the international community to create one big experience with a lower threshold to go yet another online event. Plus a bigger, international reach.

The world will see Drupal still going strong at DrupalCon and they will get a chance to connect with various regions and Drupal communities.

And what has been your greatest success in the last three months?

It's been so great to see European Drupal Associations and community leaders get together to talk about maintaining a strong Drupal experience in Europe. Getting European countries as well as other international communities working together to create a united Eurovision Drupal experience is something that is really great!

What has been your greatest challenge in the last three months?

It's been a challenge to align European communities and camps and have as many as possible to team up with DrupalCon 2021. It's not so much about making money or spending time to create the experience, rather having one strong Drupal message and letting the world know Drupal is here to stay.

Do you have a "call to action" you want to make to the Drupal Community?

Please take a look at where DrupalCon and the local camps are at and see if it's possible for your camp, association or local community to team up. This can be very small and with little effort.

It's about uniting in common cause: the more camps will underscore this by teaming up, the stronger Drupal will come out of it.

Drupal Trivia, by Stella Power What have been your priorities in the last three months?

The main priority in the last three months was, of course, writing the questions for Trivia Night at DrupalCon North America, as well as creating the picture clues.

And what has been your greatest success in the last three months?

Another very successful Drupal Trivia night at DrupalCon North America

What has been your greatest challenge in the last three months?

The greatest challenge was writing the quiz questions. It takes a lot of work, not just in writing the questions themselves, but also formulating the rounds so you hit the right mix of topics and the right difficulty level. Of course, the switch to the online/virtual format has also been a bit of a challenge - a different way of writing the questions is required.

Do you have a "call to action" you want to make to the Drupal Community?

Yes! I'm looking for someone else to help write the questions! It takes a fair bit of preparation work, so if someone would be willing to contribute their time to help write and curate the questions, with a view to taking on the role of being the primary question curator for one of the DrupalCons each year.

Bugsmash, by Kristen Pol What have been your priorities in the last three months?

Recent priorities for the Bug Smash team have been to prepare for the DrupalCon North America initiative keynote and contribution event in April, including recruiting mentors, as well as our regular activities of issue triage and bug smashing. One fun thing we do each meeting is we nominate issue "targets" for the team to work on. These issues cover the gamut from views to form caching to ajax to media and so much more.

To see recent issue targets, our meeting transcripts are available in the issue queue.

But, one of the great things about the Bug Smash Initiative is that you have complete freedom to work on what you want and there are a wide variety of issues to choose from. Each person focuses on whatever interests them or fits within their available time. One person like mohit_aghera may focus on writing tests while others may focus on issue triage or accessibility reviews or testing.

And what has been your greatest success in the last three months?

The Bug Smash team has had some great successes over the last few months. The DrupalCon contribution event was a great way to mentor new contributors and onboard them to the initiative. larowlan ran an introduction workshop based on pameeela's Bug Smash presentation previously given at the Sydney Drupal user group. As a result of DrupalCon's success, we've had new team members jump into our Slack channel and start contributing!

Looking at the issue queue, there were more than 600 core issues worked on in the last 3 months with almost half of those fixed or closed. One fun issue that got fixed was from 2005! Big thanks to lendude and quietone for continuing to improve our bug statistics tools so we can better understand our initiative's impact. A fun fact from quietone during the May initiative meetings was there had been a ~584 year reduction in total number of years of all open bugs in the previous month! Whoa!

What has been your greatest challenge in the last three months?

At the biweekly Bug Smash meeting, we always ask about people's challenges during the previous fortnight. Some of them are fun personal distractions like new puppies or watching America's Cup, or not so fun life things like dealing with expensive car problems. Sometimes it's other Drupal activities that take people away from Bug Smash work like other initiatives or April's full-on DrupalFest activities.

From a more tactical viewpoint, finding "low hanging fruit" issues can sometimes be a challenge when we are trying to find quick wins. Or, we'll end up focusing on new issues rather than trying to get issues we've already worked on "over the fence". But, there is one challenge that you, the reader, can help with, and that's getting issues reviewed. If you have time to help, manually testing and reviewing fixes is immensely helpful. Search the queue for anything tagged as Bug Smash Initiative with status of "Needs review".

But, all in all, the number one challenge for the Bug Smash team is usually time… not enough of it. And, often, that's due to work being particularly busy. We highly encourage organizations who benefit from Drupal to free up some of their team's time to help on initiatives like Bug Smash. And, we highly recommend you read our very own Derek Wright's blog post on why organizations should support the Bug Smash Initiative.

Do you have a "call to action" you want to make to the Drupal Community?

A very simple call to action is simply attending one of the Bug Smash meetings. We meet every two weeks in Slack and it's asynchronous, so you can still participate afterwards within a 24 hour window. They are very well-organized thanks to jibran who typically runs the meetings and are transcribed by quietone, so everyone can get credit for participating. You can introduce yourself and ask questions, and we'll help you get acclimated. You can also review the helpful Bug Smash Initiative documentation to learn more (https://www.drupal.org/community-initiatives/bug-smash-initiative/workin...), thanks largely to the writing efforts of dww with help from other team members.

The Bug Smash docs specifically have a section on "how to help" (link to https://www.drupal.org/community-initiatives/bug-smash-initiative/workin...) but, as mentioned above in our challenges, if you are keen on helping review, that would be a great focus. Issue review involves reviewing code and/or manually testing the latest code fix works.

Based on the success of DrupalCon North America, we hope to have more mentored contribution events this year, so keep your eyes open or pop into the bugsmash Slack channel to check in on the status. If you are interested in helping mentor at these events, we very much welcome that contribution as well. Hope to see you soon!

Decoupled Menus, by Théodore Biadala What have been your priorities in the last three months?

We published the results of the decoupled survey that shed some light into what sort of things people use and expect from Drupal when used in a decoupled fashion.

On the Technical side we have the decoupled menus module published that provides the missing pieces for API consumption of menus. This was started in contrib to try out a few things, when things are stable enough we’ll propose it for addition in Drupal Core to provide this for everyone. There are also a couple of helper JS libraries: Decoupled menu parser, Linkset.

The team also spent a significant amount of time preparing for DrupalCon, making sure we have things for people to do, test, and help.

And what has been your greatest success in the last three months?

The thing that tied everything together was DrupalCon, where Baddý Sonja Breidert, Liam Hockley, Gabe Sullice, Juanluis Lozano, Brian Perry, Joe Shindelar did an amazing job of preparing and running the Decoupled Day.

We’ve had very good participation on the different workshops and some great examples of menu consumption based on the decoupled menus module:

A solid start at the documentation structure was made as well.

What has been your greatest challenge in the last three months?

Producing documentation has been a challenge, people prefer writing code!
DrupalCon helped with seeing what needs to be documented, the survey helped with what people expect, and what kind of tools people use.

Do you have a "call to action" you want to make to the Drupal Community?

By now most of the technical pieces are present and we need people to take charge of building the documentation for all this wonderful code so that it’s accessible to more people. This will in turn help us streamline the experience of consuming menu data from Drupal API.

You can head over #decoupled-menus-initiative slack channel and the Start an end-user-friendly technical documentation issue.

Project Browser, by Mihaela Jurković What have been your priorities in the last three months?

The Project Browser initiative kick off meeting was only 10 days ago! Getting started has been the main thing so far, and we can't wait to report on our further developments.

And what has been your greatest success in the last three months?

We have formed a group of people interested in contributing their ideas and efforts to the Project Browser. Several people stepped up to coordinate initial subtasks, and we started a list of potential features, the audiences they may cater to, and what might go into the Minimum Viable Product (MVP).

Our conclusion was that the Project Browser should help make Drupal more attractive to a general audience of site owners/builders as its first priority, by enabling them to easily expand the Drupal core site features through additional modules. The Project Browser will offer any audience a list of modules that is easy to understand, contains the relevant information, and filters out and sorts the modules reliably.

What has been your greatest challenge in the last three months?

The Project Browser needs to cater to multiple audiences at the same time. Our most important audience is the general public, or framed more specifically, site owners. Discovering their pain points is always a challenge. Without understanding exactly what problem we're solving for them it's difficult to prioritize the features we should focus on.

Do you have a "call to action" you want to make to the Drupal Community?

The Project Browser initiative needs input from site owners and builders who aren't experienced with the technical aspects of Drupal. If you are able to conduct interviews with some of those people (or ARE some of those people!), please come to our Slack channel (#project-browser) and share your wishes/experiences about what would make it easier to expand your Drupal site with more features.

Security Team, by Tim Lehnen

Editor’s note: has kindly stepped in to help compile this information as you may well be aware that the Security Team have been fully occupied with the recent Drupal core security release. Thanks Tim!

What have been your priorities in the last three months?

The security team has been focused on two key areas in recent months. The first is our core mission of supporting responsible disclosure of security advisories and updates in the Drupal community. The second has been preparing for the Drupal Association's release of the community tier of Drupal Steward, which will shortly be available to customers at drupalsteward.org.

And what has been your greatest success in the last three months?

In the last three months we've successfully two Drupal core security advisories, and twelve security advisories for contributed modules.

These advisories represent the hard work of Drupal core and contributed module maintainers, security researches, and the security team itself, and continue to prove that the Drupal security team is one of the best in the industry.

What has been your greatest challenge in the last three months?

Our greatest challenge came with the most recent Drupal core release, SA-CORE-2021-003. This core release came outside of the regular release window, and coincided with unplanned infrastructure instability that delayed the release. We know this impacted many members of our community waiting for the release to drop, especially those outside of US time zones, for whom the final release came quite late at night.

We've released a post-mortem blog to talk further about what happened and how we hope to mitigate these issues in the future.

Do you have a "call to action" you want to make to the Drupal Community?

To keep up to date with Drupal security information you can follow any of the channels described on the Drupal security landing page. In addition to the news page and sub-tabs, all security announcements are posted to an email list. To subscribe to email: log in, go to your user profile page and subscribe to the security newsletter on the Edit » My newsletters tab.

You can also get rss feeds for core, contrib, or public service announcements or follow @drupalsecurity on Twitter.

Lastly, you can join the #security-questions channel in Drupal Slack to ask real-time questions of other community members related to security.

Categories:

Agiledrop.com Blog: Digital strategy - B2C vs. B2B

Planet Drupal - Fri, 2021/06/04 - 9:03am

In this article, we compare the key factors of digital strategy in B2C vs. B2B, with a focus on content and marketing strategies.

READ MORE
Categories:

Talking Drupal: Talking Drupal #297 - Diversity, Equity, and Inclusion: Holding ourselves accountable

Planet Drupal - Thu, 2021/06/03 - 10:11pm

Today we are talking about Diversity, Equity, and Inclusion in the workplace.

www.talkingdrupal.com/297

Topics
  • Guest host Fatima Sarah Khalid
  • Guest Tara King
  • Tech Companies put extra focus on DEI this past year
  • Performative allyship
  • How can leaders build culture of transparency
  • Diversity in the workplace not just pipeline issue, but also retention issue
  • What do you look for in an organization
  • Drupal Diversity & Inclusion Working Group
  • Learning from mistakes
  • Holding employees and managers accountable
  • Agency requirements when responding to proposals
  • Your actions as a leader matter. If we hold ourselves and others accountable, our team will too.
Resources

Tech Leavers Study

"The Only" Study

https://talkingdrupal.com/217

https://www.drupaldiversity.com

https://www.diversifytech.co

 

Guests

Tara King @sparklingrobots

Hosts

Stephen Cross - www.stephencross.com @stephencross

Nic Laflin - www.nLighteneddevelopment.com @nicxvan

John Picozzi - www.oomphinc.com @johnpicozzi

Fatima Sarah Khalid - @sugaroverflow

Categories:

Aten Design Group: Mapping Google Groups to Drupal user roles with Google Authentication

Planet Drupal - Thu, 2021/06/03 - 9:19pm
Mapping Google Groups to Drupal user roles with Google Authentication jennifer Thu, 06/03/2021 - 13:19 Drupal

Mapping Google Groups to Drupal user roles with Google Authentication seemed like a straightforward task, but there were a few wrinkles in the process that I didn’t expect. We stumbled into the need for mapping groups to roles while performing a routine Drupal core upgrade from 8.8.5 to 8.9.13. Complications with the existing LDAP authentication’s upgrade path — and conversations with the client — steered us towards replacing LDAP with Google Authentication.

Overall the idea is simple enough: when a user signs into your Drupal site using Google Authentication, their membership(s) to various Google Groups should map to some existing Drupal user roles. This way, users in your organization who are already affiliated with various groups can be automatically assigned appropriate user permissions in your Drupal site for editing or accessing content, approving comments, re-arranging homepage promotions or whatever the case may be.

The majority of the functionality is established with just a few downloads, installations, and configurations. Our custom functionality relies on the Social API, Social Auth, and Social Auth Google modules, as well as the Google APIs Client Library for PHP. The first step is to install and enable the above mentioned modules and library. Then comes a little insider info on configuring the necessary Google Service Account, and finally a custom implementation of the EventSubscriberInterface that reacts to authentication via Social Auth to read from Google Groups memberships. Our custom code is packaged into a simple demo module you can download to get all of this working for yourself.

There are a lot of moving parts for something you’d expect to be a simple task, but in the end it’s a relatively quick setup if you know what to expect.

The devil’s in the details: Google Service Account configuration

This bit is pretty counterintuitive: Google users that authenticate via Google Authentication don’t actually have read access to their own groups. Weird, right? Where are you supposed to pull group information if the accounts can’t read their own group data from the API?

The answer is a Google Service Account. A properly configured Google Service Account can have read access to both users and their group relationship information, which allows it to act as a go-between during authentication to pull Google Group data and map it to Drupal roles. Configuring your Google Service Account isn’t self-explanatory, but luckily Joel Steidl put together the following screencast to walk you through it. Once you’ve set up the Google Service Account, you’ll just need to create and download a JSON key file to include in the code we’ll walk through further below.

Now that your Google Service Account is properly configured and your JSON key file has been safely stored away, it’s time to tie everything together with a few blocks of code that do the actual role assigning.

Role assignment during Google Authentication: The who’s who handshake

Once you’ve configured your Google Service Account and downloaded your JSON key file, you need code that reacts to Social Auth events (like a login via Google Authentication) to trigger the role mapping functionality. I’ve added some example code below that's part of a demo module that should get you 95% of the way there, although in our demo the role mapping itself — which Google Group becomes which Drupal role — is hard coded.

If you download my demo module you’ll see I’m reacting to both the USER_CREATED and USER_LOGIN events provided by the Social Auth module’s getSubscribedEvents method. This way we can reevaluate Google Group to Drupal role mappings each time a user logs in to make sure their roles and permissions stay up to date. You’ll also see that I’m verifying the user’s email address to make sure it falls within our expectations (user@your_domain.com), which you can modify or remove depending on your needs — but you want to make sure that your Google Service Account will have the appropriate access to this user’s group info.

The magic happens in the determineRoles method, where the JSON key file and the Google Service Account you setup previously will come into play. You’ll need to modify the getSecretsFile method to return your JSON key file, then change the $user_to_impersonate variable to the email address that you granted the Groups Reader role as discussed in Joel’s screencast. Finally, you'll need to update the $roleAssignment array with actual Google Group names and Drupal roles.

/** * When a user logs in verify their Google assigned group & set permissions * * @param \Drupal\user\UserInterface $givenUser * The passed in user object. * */ protected function determineRoles($givenUser) { $KEY_FILE_LOCATION = $this->getSecretsFile();   // Only run if we have the secrets file if ($KEY_FILE_LOCATION) { // 1. Admin SDK API must get enabled for relevant project in Dev Console. // 2. Service user must get created under relevant project and based on a user with // 3. User must have Groups Reader permission. // 4. Scope must get added to Sitewide Delegation. $user_to_impersonate = 'example_google_account@your_domain.com'; $client = new Google_Client(); $client->setAuthConfig($KEY_FILE_LOCATION); $client->setApplicationName('Get a Users Groups'); $client->setSubject($user_to_impersonate); $client->setScopes([Google_Service_Directory::ADMIN_DIRECTORY_GROUP_READONLY]); $groups = new Google_Service_Directory($client);   $params = [ 'userKey' => $givenUser->getEmail(), ]; $results = $groups->groups->listGroups($params);   // Hold Map for roles based on Google Groups $roleAssignment = [ "Author Group Name" => "author", "Editor Group Name" => "editor", "Publisher Group Name" => "publisher", ];   // Loop through the user's groups an add approved roles to array foreach ($results['groups'] as $result) { $name = $result['name'];   //Assign roles based on what was determined if (array_key_exists($name, $roleAssignment)) { $givenUser->addRole($roleAssignment[$name]); $givenUser->save(); } } } }

That’s it! With your modified demo module enabled, your users should get their roles automatically assigned on login. We were pretty excited to get Google Groups mapping to Drupal roles, so much so that my colleague Matthew Luzitano is considering packaging this functionality (and GUI configurations!) into a Drupal module. So if you’re not in any rush and don’t feel like browsing our demo code, you can always wait until that happens.

Do you have a different approach to mapping Google Groups to Drupal roles? We’d love to hear about it! Let us know in the comments below.

Jennifer Dust
Categories:

Gbyte blog: Instanciate all classes within a namespace in Symfony and Drupal

Planet Drupal - Thu, 2021/06/03 - 11:48am

Occasionally I find myself needing plugin-like functionality, where users/downstream can throw a class into a folder and expect it to work. My script is supposed to find and instantiate these plugins during runtime without keeping track of their existence.

In a regular Drupal module, one would usually use the plugin architecture, but that comes with its overhead of boilerplate code and may not be the solution for the simplest of use cases.

Many class finder libraries rely on get_declared_classes() which may not be helpful, as the classes in question may not have been declared yet.

If you are on a Drupal 8/9 installation and want to use components already available to you, the Symfony (file) Finder can be an alternative for finding classes in a given namespace.

Installing dependencies

Ouside of Drupal 8/9, you may need to require this library in your application:

Categories:

Droptica: Mega Menu in Drupal. The Easier Way to Build It

Planet Drupal - Thu, 2021/06/03 - 11:13am

Modern websites have become more and more extensive. At some point, a user may feel confused due to a large amount of content. At the same time, the website itself starts to be hard to use. Then the need to create a convenient, easy to develop, and maintain navigation appears. The solution which will work great in this case is a mega menu.

What is a mega menu?

A mega menu is a type of navigation consisting of several levels, used on websites. The first level looks like a standard list of links, but after hovering over one of its elements, additional options are shown. These options consist not only of a list of links in the second level of navigation but often have a third or even fourth level. Sometimes there are also visible photos or even videos. A menu built in this way is visually appealing to the user and allows them to easily find their way around large websites.

Below you can see the example of how the mega menu works on the webpage built in Droopler.

  Mega menu in Drupal

In the Drupal CMS, creating a mega menu is quite a difficult task. That’s why the modules that simplify building advanced navigation were made. One of them is Mega Menu. Not only will it save you countless time creating and customizing complex navigation, but at the same time make your website amazingly impress your users.

Here’s how the Mega Menu module works: based on the default Drupal menus, the configurable mega menus are created. We can add to them submenu or even the whole blocks, using a friendly configuration interface. The additional option is the possibility to add a few columns in the submenu, setting styles, and animations.

Source: Drupal.org

However, it’s important to mention the downsides of Mega Menu. One of them is that the module uses a separate Bootstrap library. This not only increases the size of the CSS and JS files, but also conflicts with the Bootstrap library used on the websites. The second disadvantage is that the navigation built with the Mega Menu module is poorly optimized for mobile devices.

In Droopler, a Drupal distribution, we rewrote the frontend part of the module from scratch. This way, we eliminated the most significant downsides of the default Mega Menu module. On the example of Droopler, we’ll show you how you can create with this module an extensive menu for your website.

Creating an extensive menu in Droopler

Droopler is a Drupal-based distribution dedicated to building corporate websites. It contains ready-to-use elements and tools enabling quick creation of the websites.

Main menu configuration

We can find the main menu settings in the Drupal administration menu in Structure. Next, in Drupal 8 Mega Menu, we look for the Main navigation element and from this element's menu, we go to Edit links.

After going to the edit page, the working structure of the main menu appears, which we can freely edit using the "drag and drop" method. To add more levels to the menu, we need to move the secondary element to the right to create an "indentation".

Adding new blocks

To add a block to the menu, we must first add a new content block. We go to Structure -> Block Layout -> Add custom block and select the content block.

The system takes us to a form, where we add a new block. We fill out the title and the content of interest. In this case, it’ll be the title and a few links. Next, we add another block with the content and photo.

 

After adding two blocks, we need to add them to the region on the page and - at the same time – disable the display of these blocks in the region. In the Block Layout of the header section, we click Place Block, and then select from the popup window the block we want to add and click Place block. In the next step, we uncheck the show title option and save.

 

When the blocks are added to the region, we should disable them. To do this, we click Disable in the block's action menu.

 

After completing this step, we can start adding blocks to the menu. To do this, we go to Structure, Drupal 8 Mega Menu, and then click config next to the main navigation.

We are taken to the menu edit. In our case, we’ll add blocks to the "products" element. After clicking "products", a configuration panel appears on the right. We check the Submenu in it as active.

 

Now a workspace appears under "products", where we’ll add our blocks in a moment. After clicking on this element under "products", another configuration panel appears, but this time it concerns our workspace.

 

In this panel, we use the plus and minus buttons to set the number of columns in our mega menu. In the Grid field, we set the column’s width, while the Blocks field is used to select the previously added blocks.

After setting the appropriate options, we click Save and our menu should look similar to the one below.

  Summary

A mega menu is a good option for presenting to the user an advanced website’s structure or a web application. With the Droopler distribution and the Mega Menu module, we can easily build the advanced pages with a user-friendly navigation which allows us to clearly show the structure of a large website.

Categories:

mark.ie: Create a Theme Settings Page for a Drupal Theme

Planet Drupal - Wed, 2021/06/02 - 10:59pm

Theme settings are simple and powerful, here's me figuring out how to create one.

Categories: