Planet Drupal

Subscribe to Planet Drupal feed
Drupal.org - aggregated feeds in category Planet Drupal
Updated: 1 min 45 sec ago

Mediacurrent: Highlights From BADCamp, Part 2

Wed, 19/11/2014 - 20:07

From November 6th through the 9th, members of the Mediacurrent team headed to San Francisco for the Bay Area Drupal Camp. Hundreds of Drupal enthusiasts convened at the Palace of Fine Arts to take part in some fantastic sessions, code sprints, and all the San Francisco has to offer. Mark Casias and Matt Davis weigh in for Part 2 of BADCamp's highlights.

Categories: Elsewhere

Drupal.org frontpage posts for the Drupal planet: Drupal 7.34 and 6.34 released

Wed, 19/11/2014 - 19:39

Drupal 7.34 and Drupal 6.34, maintenance releases which contain fixes for security vulnerabilities, are now available for download. See the Drupal 7.34 and Drupal 6.34 release notes for further information.

Download Drupal 7.34
Download Drupal 6.34

Upgrading your existing Drupal 7 and 6 sites is strongly recommended. There are no new features or non-security-related bug fixes in these releases. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement. More information on the Drupal 6.x release series can be found in the Drupal 6.0 release announcement.

Security information

We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.

Drupal 7 and 6 include the built-in Update Status module (renamed to Update Manager in Drupal 7), which informs you about important updates to your modules and themes.

Bug reports

Both Drupal 7.x and 6.x are being maintained, so given enough bug fixes (not just bug reports) more maintenance releases will be made available, according to our monthly release cycle.

Changelog

Drupal 7.34 is a security release only. For more details, see the 7.34 release notes. A complete list of all bug fixes in the stable 7.x branch can be found in the git commit log.

Drupal 6.34 is a security release only. For more details, see the 6.34 release notes. A complete list of all bug fixes in the stable 6.x branch can be found in the git commit log.

Security vulnerabilities

Drupal 7.34 and 6.34 were released in response to the discovery of security vulnerabilities. Details can be found in the official security advisory:

To fix the security problem, please upgrade to either Drupal 7.34 or Drupal 6.34.

Known issues

None.

Front page news: Planet DrupalDrupal version: Drupal 6.xDrupal 7.x
Categories: Elsewhere

Károly Négyesi: Drupal 8 critical issues office hours November 14, 2014

Wed, 19/11/2014 - 19:27

cilefen begin to work on the When a content entity type providing module is uninstalled, the entities are not fully deleted, leaving broken references issue. Turned out that a necessary dependent issue is already being worked on so he was able proceed well. I am reasonably confident this issue will get resolved in due time. Sam Hermans have advanced Bulk operations does not respect entity access forward which is great but it still needs some work. Let's note that Sam "only" had a core patch reroll so far and yet he was able to move a critical forward! You could do it as well: I will be waiting for you on IRC in channel #drupal-contribute every Friday noon Pacific (9pm CET).

Categories: Elsewhere

Phase2: Make Your Product Vision Real – A Case for Incorporating Prototyping Into Your Next Project

Wed, 19/11/2014 - 17:53

As product designers and experience strategists, we research how people use systems and design products that tap into users’ natural behaviors. We want people to instinctively know how our product works.

Years of research into the human mind tells us that our brains love patterns, the repeated way in which something happens or is done. Our subconscious mind uses what we’ve learned from patterns – like turning a knob will open a door – to instinctively make decisions about what we do throughout our day. This is why we can walk or breathe without thinking about it – we spend most of our time running on autopilot.

We have an understanding of how people make decisions, but we forget to apply this knowledge when communicating our product vision to stakeholders.

There are Drawbacks to Designing in the Abstract

Experience design deliverables, or artifacts, are abstract. We too often produce artifacts, intended to build a shared understanding of a product vision, that are hard to understand. Low-fidelity wireframes and complex flow diagrams require stakeholders to think hard about what we are trying to communicate. They mentally fill in the gaps where we lack details. We consistently break Steve Krug’s number one rule: “Don’t make me think!”

Imagine how these abstract artifacts skew conversations about a product:

We show a stakeholder some wireframes and talk them through the features. Once they see them they begin to imagine the ways features will look and act based on similar products they have used.

While perfectly natural, this behavior is problematic – what we envision may be nothing like products this stakeholder has previously used. These assumptions your stakeholder makes will lead to you and your stakeholders having different expectations during product development.

You need to make artifacts as real as possible in order to elicit the most unbiased, unimpeachable feedback from users during research. You do not need to build a fully functioning product to validate your idea.You do need to eliminate or reduce the guesswork needed to understand how your product will work.

Make Your Product Vision Real

Prototyping is a great way to eliminate ambiguity so that you get the best results from user research. A prototype is a preliminary model of a product used to show a concept or validate an idea. A prototype should only contain the minimum amount of content, design and functionality needed to demonstrate how the end-product will function.

Context is key to determining fidelity of a prototype. If you are conducting user testing with a tech-savvy group of stakeholders, clickable wireframes may suffice. If you are introducing a new concept to a set of clients, then you may need a higher-fidelity, interactive web page. Your prototype should only contain the fidelity needed to have a meaningful conversation with your users about your product.

Build The Right Prototype For You

There are many different approaches to building prototypes. You can link wireframes together to show user flow with a system like inVision, or build interactive features using an open source CMS like Drupal.

When creating prototypes, make sure to include the following:

  1. The main actions that a user can take and the reactions they will receive from interactive elements.

  2. The key messages you want to communicate to users at different stages of their interaction.

  3. A programmatic way to track user behavior while they use the prototype.

Get Better Results from Your Projects

Some of the many benefits of prototyping are:

  • It produces more accurate results from user testing, allowing you to better determine what works and what doesn’t.

  • It gives you more opportunity to focus on interaction design by forcing you to have conversations about interactive elements during user research rather than development.

  • Prototypes bring less-apparent usability issues to light earlier in the development process.

  • You have a potential starting point to work from when beginning development, minimizing the amount of work that needs to be done in the long run.

John Whalen said “UX does not happen on a screen. It happens here. In the mind.” Keep that in mind (no pun intended) as you seek to build a shared understanding of, and validate, your product ideas. The more real you make the experience of interacting with your product early in the design process, the more accurate a feedback you will get from your users. For more thoughts on prototyping, check out Frederic Mitchell’s “Static Prototyping and Keeping Drupal Simple (KDS)” and “The Devil’s in The Details” by Sharon Smith!

Categories: Elsewhere

Cheppers blog: Busy Drupal weekend with a training day and a camp

Wed, 19/11/2014 - 13:54

In the middle of November there was a weekend when it was all about Drupal in Hungary. Cheppers was hosting the Drupal Global Training Day Hungary 2014 and I was one of the core organizers of Drupal Weekend Budapest 2014, so we were concerned by the success of both.

Categories: Elsewhere

Code Karate: Drupal 7 FullCalendar

Wed, 19/11/2014 - 13:49
Episode Number: 179

The Drupal FullCalendar module makes it easy to build an interactive calendar using the power of Views. The Drupal FullCalendar module uses the JQuery FullCalendar plugin to make it easy to create an event calendar that allows event dates to be changed by drag and drop.

In this episode you will learn:

Tags: DrupalDrupal 7Drupal PlanetUI/Design
Categories: Elsewhere

Modules Unraveled: 127 Using Entity Pilot for Content Staging in Drupal 8 with Lee Rowlands - Modules Unraveled Podcast

Wed, 19/11/2014 - 07:00
Published: Wed, 11/19/14Download this episodeEntity Pilot
  • What is Entity Pilot?
    • I’ve been working on Entity Pilot since February, and have slowly been working through my backlog of features - but now its ready for Beta testers so that’s why I here on the show.
  • How does Entity Pilot work?
    • The basic premise is you create your content like normal and then create a new departure. You can add the content to your departure in logical groups, or you can create one departure for each piece of content - its a pretty flexible workflow. So if you were working on a new product launch you might create all of that content on your staging site. You’d be able to see what the site will look like with the new content, preview the front-page and landing pages etc.
  • You’re using airport terminology, like “baggage”, “departure” and “arrival”. Can you break those down, and explain what each one entails?
    • Passengers
    • Baggage
    • Departure - When you create the departure the baggage handler service takes care of adding the dependencies - so if you create a node, any terms or images it requires, or the author account are automatically added as baggage.
    • Arrival - On another site, you setup your Entity Pilot account and then create a new Arrival. This presents you with the list of your flights that exist in Entity Pilot for your account. After selecting the flight for the arrival, you move to the approval stage.
    • Customs - The approval stage presents you with a list of content on the incoming flight. Each item can be previewed and if it matches existing content on the site the administrator is able to view a diff of the changplanet-drupal the desired items to import are selected and imported either immediately, or via background processing.
  • How does this work in a team?
  • Talk about security
  • Pricing
Use Cases
  • For marketing: Prepare content for a product launch on the staging site. Land the content on the live site on launch day.
  • For editors: Share content between your sites. Write content once and adapt to any site in your network.
  • For developers: Deploy content when you deploy code. Use real content not lorem ipsum. Solid APIs to integrate into your custom deployment workflow or code.
Episode Links: Lee on drupal.orgLee on TwitterEntity Pilot on Twitterlarowlan on IRCEntity PilotTags: Content StagingDrupal 8planet-drupal
Categories: Elsewhere

Large Robot: Better Sleep Through Web Security

Wed, 19/11/2014 - 03:09

This Thursday I'm presenting on Better Sleep Through Web Security, an in-depth overview of web security, what to do do if your website is hacked, and how to sleep better by following basic web security best practices.

It's at the beautiful Fuller Theological Seminary in Pasadena, California, and there's a video conference for those who can't attend in person. The meeting is from 6-8pm Pacific Time and we'll launch into the security talk after some quick intros and raffle prizes.

It's been about a year since I last gave a talk on internet security and the recent Heartbleed, Shellshock and POODLE (and now the "Drupalgeddon" vulnerabilities that hit the mainstream news in Forbes, the BBC and The Register), have prompted me to dust off my slides and update them for some of the internet security threats we face today.

This particular presentation goes into some detail about the "Drupalgeddon" vulnerability, officially known as SA-CORE-2014-005. It allows attackers with specialized knowledge to send requests to any unprotected Drupal website that result in arbitrary SQL execution, which in turn may lead to privilege escalation, arbitrary PHP execution and total server control. Scary stuff.

I hope you can join me. If you haven't heard of Drupal or aren't interested in general web application security, you can skip this one (unless, of course, you just like the sound of my voice). If, however, you make websites for either fun or profit, this is a great chance to get up to speed on some security best practices, including common attack vectors, what to do if your site gets hacked, and the the differences between security and privacy.

Tags: Planet Drupalinternet securityDrupal
Categories: Elsewhere

Exaltation of Larks: Is Drupal Secure? Drupalgeddon and Our Approach to Security at Exaltation of Larks

Tue, 18/11/2014 - 22:09

Is Drupal secure software? You may have heard about the significant security announcement nicknamed “Drupalgeddon” and are wondering where Drupal fits in today’s fast-changing world of internet threats, enterprise software and risk management.

We stand by Drupal’s security record and recommend it for a variety of business cases. To put our money where our mouth is, our cofounder and chief tin-foil-hat fashionista, Christefano Reyes, is presenting Better Sleep Through Web Security. this Thursday, November 20th, at the San Gabriel Valley Drupal Meetup.

Thanks to a the Greater Los Angeles Drupal user group and its sponsors, this meetup is hosted on the beautiful Fuller Theological Seminary campus in Pasadena, California, and also have a video conference for those who can attend only by video conference or phone.

   Date and time: November 20, 2014 at 6pm Pacific Time
   Location: Fuller Theological Seminary, at 135 N Oakland Ave
Pasadena, CA 91101 (Building “Glasser 110”)
   Video conference: https://glad.zoom.us/j/129319220
   Phone: +1 415-762-9988 or +1 646-568-7788
   Meeting ID: 129 319 220

Better Sleep Through Web Security

Christefano Reyes presents Better Sleep Through Web Security, an in-depth overview of web security, what to do do if your website is hacked, and how to sleep better by following basic web security best practices.

The “Drupalgeddon” vulnerability has been covered in mainstream news including Forbes, the BBC and The Register, and has brought web security, frequently an overlooked part of web development, back to the center stage.

This particular vulnerability, officially known as SA-CORE-2014-005, allows attackers with specialized knowledge to send requests to any unprotected Drupal website that result in arbitrary SQL execution, which in turn may lead to privilege escalation, arbitrary PHP execution and total server control.

Topics that will be covered in this presentation include:

  • Security vs. Privacy
  • Common Attack Vectors
  • Drupal’s security record and the Drupal Security Team
  • SA-CORE-2014-005 (also known as “Drupalgeddon”)
  • I’ve Been Hacked! Now What?
  • Best Practices for Helping Others and Yourself
  • Resources
  • Questions / Answers

Christefano is one of the founders of Exaltation of Larks, a Drupal design and engineering firm with a worldwide team of Drupal experts; and Droplabs, an open source-friendly coworking space and business incubator near Downtown Los Angeles. As an advocate of open source software and self-declared meetup junky, he helps organize meetups and conferences all over the Greater Los Angeles Area, including the Los Angeles Chess meetup and LA Geek Dinners.

If you haven’t heard of Drupalgeddon or don’t know if your Drupal sites have been updated since the announcement, please stop reading and see the SA-CORE-2014-005 FAQ immediately. You can contact us for any questions related to Drupal maintenance and support, including security services, at 888-527-5752 and via our Contact form.

read more

Categories: Elsewhere

Mediacurrent: Highlights From BADCamp, Part 1

Tue, 18/11/2014 - 21:48

From November 6th through the 9th, members of the Mediacurrent team headed to San Francisco for the Bay Area Drupal Camp. Hundreds of Drupal enthusiasts convened at the Palace of Fine Arts to take part in some fantastic sessions, code sprints, and all the San Francisco has to offer. Below is Part 1 of their weekend highlights.

Categories: Elsewhere

Greater Los Angeles Drupal (GLAD): Drupalgeddon followup and Security Presentation on November 20th in Pasadena, CA

Tue, 18/11/2014 - 21:40

As you may have heard, Drupal has recently had a significant security announcement nicknamed "Drupalgeddon". You may not have heard, though, that here in Los Angeles, California, we're dedicating a portion of several upcoming meetups to web security and helping provide our group members with any resources they need.

If you can make it, please join us this week for a special presentation, Better Sleep Through Web Security. It's this Thursday, November 20th, at 6pm in Pasadena, California.

If you haven't heard of Drupalgeddon or don't know if your Drupal sites have been updated since the announcement, please stop reading and see the SA-CORE-2014-005 FAQ immediately. You need to take action and contact a service provider about protecting your Drupal site and hosting environment.

   Date and time: November 20, 2014 at 6pm Pacific Time
   Location: Fuller Theological Seminary, at 135 N Oakland Ave
Pasadena, CA 91101 (Building "Glasser 110")
   Video conference: https://glad.zoom.us/j/129319220
   Phone: +1 415-762-9988 or +1 646-568-7788
   Meeting ID: 129 319 220

This meetup will have a video conference for those who can attend only by video conference or phone. The video conference is with Zoom, one of our many great sponsors, and you can join with iPhone, Android, PC and Mac at https://glad.zoom.us/j/129319220

Better Sleep Through Web Security

Christefano Reyes presents Better Sleep Through Web Security, an in-depth overview of web security, what to do do if your website is hacked, and how to sleep better by following basic web security best practices.

The "Drupalgeddon" vulnerability has been covered in mainstream news including Forbes, the BBC and The Register, and has brought web security, frequently an overlooked part of web development, back to the center stage.

This particular vulnerability, officially known as SA-CORE-2014-005, allows attackers with specialized knowledge to send requests to any unprotected Drupal website that result in arbitrary SQL execution, which in turn may lead to privilege escalation, arbitrary PHP execution and total server control.

Topics that will be covered in this presentation include:

  • Security vs. Privacy
  • Common Attack Vectors
  • Drupal's security record and the Drupal Security Team
  • SA-CORE-2014-005 (also known as "Drupalgeddon")
  • I've Been Hacked! Now What?
  • Best Practices for Helping Others and Yourself
  • Resources
  • Questions / Answers

Christefano is one of the founders of Exaltation of Larks, a Drupal design and engineering firm with a worldwide team of Drupal experts; and Droplabs, an open source-friendly coworking space and business incubator near Downtown Los Angeles. As an advocate of open source software and self-declared meetup junky, he helps organize meetups and conferences all over the Greater Los Angeles Area, including the Los Angeles Chess meetup and LA Geek Dinners.

We hope to see you at Thursday's meetup!

Tags: DrupalgeddonDrupageddonSan Gabriel Valley DrupalPlanet Drupal
Categories: Elsewhere

Stanford Web Services Blog: BADCamp 2014: Caryl’s Highlights

Tue, 18/11/2014 - 18:00

BADCamp is one of the highlights in my Drupal world. It’s like a Drupalcon (Drupal Convention) with lots of people and sessions, but more low key. It’s a great way to meet people and to learn more about Drupal. Here are some of my highlights:

Higher Ed Summit

This was a great chance to learn about the issues facing many of our colleagues at other universities.

Categories: Elsewhere

Stanford Web Services Blog: BADCamp 2014: Megan's take-aways from the Front End Summit

Tue, 18/11/2014 - 18:00

During BADCamp this year, I participated in the Front End Summit. We learned about Drupal 8, had a series of lightning talks, and a lively panel featuring a diverse range of voices from the Drupal front end community. Here are some of my take-aways.

Drupal 8 Core Rocks

Learning more about Drupal 8, it’s exciting to see that so many of the modules we work with in our “toolkit” on Stanford Sites have been moved into core in Drupal 8, like Menu Block, for example. It validates the direction we are going with Sites and with our stack.

Categories: Elsewhere

Stanford Web Services Blog: BADCamp 2014: Joe's take-aways from the Higher Ed Summit

Tue, 18/11/2014 - 18:00

We’ve got a first timer here! I attended the Higher Ed Summit at my first ever BADCamp this year. I learned about Drupal’s presence on numerous college campuses, software as a service, building tools, project management, and Drupal communities. Here are just a few of my take-aways.

Categories: Elsewhere

Stanford Web Services Blog: BADCamp 2014: Linnea's thoughts from the Higher Ed Summit

Tue, 18/11/2014 - 18:00

During BADCamp this year, I participated in the Higher Ed Summit. We learned about how other universities are rolling out Drupal and central web policies through a panel discussion, had a series of lightning talks, a number of birds-of-a-feather discussions, and two featured talks. Here are some of my take-aways.

Categories: Elsewhere

Stanford Web Services Blog: BADCamp 2014: John's highlights

Tue, 18/11/2014 - 18:00

This year marked the 8th Bay Area Drupal Camp (BADCamp), and likewise it was my 8th year attending. BADCamp is one of the largest Drupal events other than DrupalCon itself, and I am always amazed at the sheer size of the event, the generosity of the sponsors, the hard work of the volunteers, and the quality of all the participants.

Categories: Elsewhere

Phase2: Transitioning to Drupal 8 templates with Twig

Tue, 18/11/2014 - 16:08

As many of us know, Drupal 8 beta was released at the beginning of October which has given us a great preview of the goodies to come. One of those goodies is a new theme engine, Twig, which replaces PHPTemplate. Twig gives us a lot of extra power over our templates and allows us to clean up a lot of the extra cruft that PHPTemplate forced us to add.

So you may be asking, how will our brand new Drupal 8 templates look? Well they are going to be a lot leaner. The extra cruft of php tags, functions, and other miscellaneous bits are no longer needed – in fact, they don’t even work in Twig templates. Arguably, it will be easier to read at a glance what is happening in the Twig versions of Drupal templates. For a great example of how the new templates will look, we can crack open the Views module and compare the templates in the Views module 7.x version to the ones in the Views 8.x version. So let’s compare the views-view.tpl.php file from Views 7.x to views-view.html.twig file in Views 8.x.

Twig Comments

Starting from the top, lets work our way down to see what has changed. In the documentation section we can see that for the large block of comments, as well as single line comments, the {# #} syntax is used.

In the list of variables variables that are available to use, you may notice a few other changes. For example, Twig is not raw PHP, so the ‘$’ is not used at the beginning of variable names. Another change is that is that the $classes_array has been replaced by the attributes variable.

Rendering Variables

 

Moving down to line #40 we can see the first instance of a variables rendered using Twig. The double curly bracket syntax, {{ my_variable }}, tells Twig that this is a variable and it needs to be rendered out. A variation of this syntax uses dot-notation to render variables contained in an array/object. This syntax looks like {{ my_variable.property_or_element }}, which makes it extremely easy to use. Dot notation is not used in this particular Twig template.

Twig Filters

Another powerful feature of Twig is template filters. Filters allow us to do simple manipulations of variables. The syntax for using a filter is similar to the syntax for rendering a variable. The difference is that after the variable name, you insert a | (pipe), followed by the name of the filter. For an example to make a string from a variable all lowercase you would do {{ variable_name|lower }} which transform all of the characters to lowercase. If you have used templating systems from other frameworks, such as Angular.js, this syntax may look familiar to you. This particular Views template does not use filters, but you can see examples of different filters on the Twig documentation site. If none of the predefined filters satisfy your requirements, you can extend Twig to create your own filter. The Twig documentation site provides details about creating your own custom filters..

Twig Logic

Jumping to line #42, we can see the {% %} (curly-bracket and percentage symbol) syntax, which is used for template logic, such as if statements. This syntax tells Twig that we are not rendering something, but rather that we need to process some logic, such as a control structure or loop, in our template.

The Takeaway

This blog post is a high level overview of how Twig templates in Drupal 8 will look.  With Twig, we can choose to use the out-of-the box tools it provides, or we can dive in and extend it with additional features such as new filters. For more information I would highly recommend reading through the Twig documentation for designers and for developers.

Categories: Elsewhere

Drupalize.Me: Twig Filters: Modifying Variables in Drupal 8 Template Files

Tue, 18/11/2014 - 16:00
Something that's super fun about my job is that occasionally I get tasked with things like, "Learn how Twig works so you can tell us how it fits into our curriculum plans.". And I get to spend some time exploring various new features in Drupal 8, with an eye towards being able help explain them.
Categories: Elsewhere

Drupal.org Featured Case Studies: KSS Architects

Tue, 18/11/2014 - 15:42
Completed Drupal site or project URL: http://kssarchitects.com/

KSS Architects is a nationally recognized architecture firm with offices in Princeton, New Jersey and Philadelphia, Pennsylvania. KSS works with clients in the fields of education, culture, land development, urban development, and corporate environments.

After completing brand strategy for KSS, TOKY Branding + Design created a website that would better showcase the architecture firm’s personality, process, and projects. TOKY specializes in Web and print work for clients in architecture, building, and design, as well as the arts, education, and premium consumer products.

Key modules/theme/distribution used: BreakpointsCampaign MonitorDate Popup AuthoredEntity referenceField collectionGoogle Site SearchjQuery UpdateMaxlengthMediaMediaElementMenu blockMetatagPictureTaxonomy displayTypogrifyview_unpublishedVocabulary Permissions Per RoleOrganizations involved: TOKY Branding + DesignTeam members: Daniel Korte
Categories: Elsewhere

Joachim's blog: Building Fast and Flexible Application UIs with Entity Operations

Tue, 18/11/2014 - 14:38

Now I've finished the Big Monster Project of Doom that I've been on the last two years, I can talk more about some of the code that I wrote for it. I can also say what it was: it was a web application for activists to canvass the public for a certain recent national referendum (I'll let you guess which one).

One of the major modules I wrote was Entity Operations module. What began as a means to avoid repeating the same code each time I needed a new entity type soon became the workhorse for the whole application UI.

The initial idea was this: if you want a custom entity type, and you want a UI for adding, editing, and deleting entities (much like with nodes), then you have to build this all yourself: hook_menu() items, various entity callbacks, form builders (and validation and submit handlers) for the entity form and the delete confirmation form. (The Model module demonstrates this well.)

That's a lot of boilerplate code, where the only difference is the entity type's name, the base path where the entity UI sits, and the entity form builder itself (but even that can be generalized, as will be seen).

Faced with this and a project on which I knew from the start I was going to need a good handful of custom entities (for use with Microsoft Dynamics CRM, accessed with another custom module of mine, Remote Entity API), I undertook to build a framework that would take away all the repetition.

An Entity UI is thus built by declaring:

  • A base path (for nodes, this would be 'node'; we'll ignore the fact that in core, this path itself is a listing of content).
  • A list of subpaths to form the tabs, and the operation handler class for each one

With this in hand, why stop at just the entity view and edit tabs? The operation handlers can output static content or forms: they can output anything. One of the most powerful enhancements I made to this early on was to write an operations handler that outputs a view. It's the same idea as the EVA module.

So for the referendum canvassing application, I had a custom Campaign entity, that functioned as an Organic Group, and had as UI tabs several different views of members, views of contacts in the Campaign's geographic area, views of Campaign group content (such as tasks and contact lists), and so on.

This approach proved very flexible and quick. The group content entities were themselves also built with this, so that, for example, Contact List entities had operations for a user to book the entity, input data, and release it when done working on it. These were built with custom operation handlers specific to the Contact List entity, subclassing the generic form operation handler.

An unexpected bonus to all this was how easy it was to expose form-based operations to Views Bulk Operations and Services (as 'targeted actions' on the entity). This allowed the booking and release operations to work in bulk on views, and also to be done via a mobile app over Services.

A final piece of icing on the cake was the addition of alternative operation handlers for entity forms that provide just a generic bare bones form that invokes Field API to attach field widgets. With these, the amount of code needed to build a custom entity type is reduced to just three functions:

  • hook_entity_info(), to declare the entity type to Drupal core
  • hook_entity_operations_info(), to declare the operations that make up the UI
  • callback_entity_access(), which controls the access to the operations

The module has a few further tricks up its sleeve. If you're using user permissions for your entities, there's a helper function to use in your hook_permission(), which creates permissions out of all the operations (so: 'edit foobar entities', 'book foobar entities', 'discombobulate foobar entities' and so on). The entity URI callback that Drupal core requires you to have can be taken care of by a helper callback which uses the entity's base path definition. There's a form builder that lets you easily embed form-based operations into the entity build, so that you can put the sort of operations that are single buttons ('publish', 'book', etc) on the entity rather than in a tab. And finally, the links to operation tabs can be added to a view as fields, allowing a list of entities with links to view, edit, book, discombobulate, and so on.

So what started as a way to simplify and remove repetitive code became a system for building a whole entity-based UI, which ended up powering the whole of the application.

Categories: Elsewhere

Pages