Planet Drupal

Subscribe to Planet Drupal feed - aggregated feeds in category Planet Drupal
Updated: 49 min 21 sec ago Writing a custom authenticator in Drupal 8

Wed, 05/10/2016 - 17:39

Drupal 8 allows module developers to write their own customized authentication schemes. In this post, we shall see how we create one. Let's take a hypothetical custom authentication mechanism called the token authentication mechanism. It works like this:

The site administrator has a limited set of auto generated tokens. They issue these tokens to users who want to access the site's resources. These resources can only be accessed by giving the correct token as a part of the URL parameter, like my-page?token=ABCXYZ.

First, let's generate a module to hold our token authenticator.

drupal generate:module Enter the new module name: > Token Authentication Enter the module machine name [token_authentication]: > token_auth Enter the module Path [/modules/custom]: > Enter module description [My Awesome Module]: > Token based custom authenticator Enter package name [Custom]: > Examples Enter Drupal Core version [8.x]: > Do you want to generate a .module file (yes/no) [yes]: > no Define module as feature (yes/no) [no]: > no Do you want to add a composer.json file to your module (yes/no) [yes]: > no Would you like to add module dependencies (yes/no) [no]: > no Do you confirm generation? (yes/no) [yes]: > Generated or updated files Site path: /var/www/html 1 - modules/custom/token_auth/

Next, we need a way to store and retrieve access tokens, preferably with UI. Config entities fit this bill, so let's go ahead and create a config entity called auth_token.

drupal generate:entity:config Enter the module name [email_management]: > token_auth Enter the class of your new config entity [DefaultEntity]: > AuthToken Enter the name of your new config entity [auth_token]: > Enter the label of your new config entity [Auth token]: > Authentication Token Enter the base-path for the config entity routes [/admin/structure]: > /admin/config/system Generated or updated files Site path: /var/www/html 1 - modules/custom/token_auth/config/schema/auth_token.schema.yml 2 - modules/custom/token_auth/ 3 - modules/custom/token_auth/token_auth.links.action.yml 4 - modules/custom/token_auth/src/Entity/AuthTokenInterface.php 5 - modules/custom/token_auth/src/Entity/AuthToken.php 6 - modules/custom/token_auth/src/AuthTokenHtmlRouteProvider.php 7 - modules/custom/token_auth/src/Form/AuthTokenForm.php 8 - modules/custom/token_auth/src/Form/AuthTokenDeleteForm.php 9 - modules/custom/token_auth/src/AuthTokenListBuilder.php

We shall polish the config entity a bit to include 2 new properties, token to hold the token, a boolean flag enabled to indicate whether the token is enabled or not.


token: type: string label: 'Auth Token' enabled: type: boolean label: 'Enabled'

The token is a readonly property which is autogenerated and set at the time of creating a new entity instance.


if($auth_token->isNew()) { $auth_token->set("token", Crypt::randomBytesBase64()); } $status = $auth_token->save();

Let's create a custom authentication provider to implement token based authentication.

drupal generate:authentication:provider Enter the module name [email_management]: > token_auth Authentication Provider class [DefaultAuthenticationProvider]: > TokenAuth Provider ID [token_auth]: > Do you confirm generation? (yes/no) [yes]: > yes Generated or updated files Site path: /var/www/html 1 - modules/custom/token_auth/src/Authentication/Provider/TokenAuth.php 2 - modules/custom/token_auth/

The authentication scheme here is to allow only logged in users to view a page, provided they give a valid and enabled token as a part of the URL. This functionality partly overlaps with the cookie authentication provider which ships as a part of core. Hence, this can be built on top the cookie based authentication scheme. For any new authentication provider, we have to implement 2 functions, applies() and authenticate(). The former checks if the request has appropriate credentials needed to authenticate a request, like request headers or tokens. The latter returns a user object pertaining to the credentials.

This is how both functions play out in lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php.

public function onKernelRequestAuthenticate(GetResponseEvent $event) { if ($event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) { $request = $event->getRequest(); if ($this->authenticationProvider->applies($request)) { $account = $this->authenticationProvider->authenticate($request); if ($account) { $this->accountProxy->setAccount($account); return; } } ...

Our authentication works exactly like cookie based authentication, with an extra check on the given token. So, we override the Cookie authentication provider implementation.

public function applies(Request $request) { $token = $request->query->get('token'); return parent::applies($request) && $this->isCorrectToken($token); }

The isCorrectToken() function checks if the given token is valid and enabled against all valid tokens in the system.

protected function isCorrectToken($tok) { $query = \Drupal::entityQuery('auth_token') ->condition('enabled', TRUE); $token_ids = $query->execute(); $tokens = entity_load_multiple('auth_token', $token_ids); foreach($tokens as $token) { if($token->token() == $tok) { return TRUE; } } return FALSE; }

Our authentication provider service looks like this:

services: authentication.token_auth: class: Drupal\token_auth\Authentication\Provider\TokenAuth arguments: ['@session_configuration', '@database'] tags: - { name: authentication_provider, provider_id: token_auth, priority: 100 }

Now, let's effect this new authentication provider onto a route which we created earlier.

myroute.greeting_controller_greeting: path: 'hello/{name}' options: _auth: [ 'token_auth' ] defaults: _controller: '\Drupal\myroute\Controller\GreetingController::greeting' _title: 'Greeting' requirements: _permission: 'access content' _user_is_logged_in: 'TRUE' name: '[a-zA-z ]+'

You might note 2 important changes here. First, we explicitly specify the authentication scheme for this route as token_auth. Second, we enforce a rule saying only logged in users can see this route using the _user_is_logged_in mandate.

Rebuild the cache(make sure the token_auth module is enabled before that) and hit the above route(as a logged in user), first without the token parameter, as /hello/foo. You should get the access denied error.

Now, try with the token parameter, hello/foo?token=771iKzLs4UU8aYkOF1-TkRUvaE3P_IBqeZZl6x91D78.

The above code can be checked out here under the tag custom-auth.

$ git clone $ cd token_auth $ git checkout -f custom-auth
Categories: Elsewhere

Vardot: Learning Drupal: Your Guide to Main Resources

Wed, 05/10/2016 - 13:32
Resources Read time: 8 minutes

Drupal as a Content Management System (CMS), is known for its versatility and power. Unfortunately, it is also known to have a steep learning curve. The task of mastering the building of a Drupal-powered website can be quite daunting to novice users. The good news is that many online resources are available to help you overcome the learning challenges.

This article is your guide to the main online resources for mastering Drupal. Some resources are generally applicable to any modern Drupal releases, others are specific to Drupal 8 (the most recent release), or Drupal 7.


General resources Acquia Academy


Acquia is a company specializing in using Drupal to build enterprise websites. Drupal's original creator, Dries Buytaert, currently serves as Acquia's CTO. Acquia Academy is the training division within Acquia. It provides both free and paid training services.

The free training component comprises of videos as well as instructor-led online courses. If you want a quick introduction to Drupal 7 or 8, watch the videos. If you want a more formal course experience with exercises and reading assignments, you can take the online courses.

Drupal learners need a live Drupal website so that they can practice their skills. The Acquia training materials include instructions on how to obtain free trial access to the Acquia Drupal platform. This is a bonus to those learners who are not ready to install and run Drupal on their own machines. is a paid Drupal training website created in 2010 by Lullabot. After you become a paid member, you will have access to a library of 1,400+ Drupal videos. You can watch the videos in any browser on your desktop or mobile device, but you cannot download them. They don't offer a free trial. However, a small subset of the videos are free for you to sample.




BuildAModule is another membership-based, paid training service. It has 1,900+ Drupal videos. A very nice feature is that their videos are displayed with a clickable transcript. The transcript makes following and navigating a video much easier.

The introductory chapters in their videos are often free for you to sample. With a paid membership, you can watch, but not download, entire videos on their website.


Drupal Answers


Drupal Answers is a community-based, question-and-answer database for Drupal developers and administrators. The database contains answers to 63,000+ questions. Because of the target audience, the questions are technical in nature, and often involve how to accomplish particular tasks in Drupal. Many technical questions that Drupal beginners ask are answered there.

Drupal Answers is hosted by StackExchange, and sign-up is free.


Drupal Forums


Drupal Forums is the official question-and-answer database. In addition to technical, "how-to" support problems, this forum covers news and announcements about the Drupal community. Sign-up is free.


Drupal 8 Links & Resources


Drupal 8 Links is an aggregator website which collects links to Drupal-8-related resources. It has 120+ links to code examples, blog posts, videos, and podcasts. This is a great resource for Drupal 7 practitioners who want to update their knowledge to Drupal 8.


Beginner’s resources Drupal First Time User Guide


If you are a first-time Drupal user, this user guide is a great starting point. It is a community-maintained document. So, don't be surprised that this document is written with varying levels of details on a variety of topics. Some topics are substantiated with original text while others are links to external webpages.

You will find well-formed opinions from people who had done it and are now contributing back their experience in the form of best practices. For instance, you will find publishing workflow suggestions as well as a list of which contributed modules to learn.


Drupal Installation Profile and Distributions


Drupal beginners are often confused about which contributed modules to use and how to configure them to implement a particular type of service, e.g., e-commerce. The good news is that you can download pre-packaged Drupal distributions that are tailored for some common services. This article provides details on how to create installation profiles and distributions for Drupal 7. Although beginners may not need to package their own distributions at the early stage of learning, you will find the overview useful, especially the link to existing distributions that you can install and try out.


Exploring Themes in Drupal 8

This article explains how to create a starter theme in Drupal 8. It begins with an overview of starter themes and learnes you to work with libraries.


Site builders' resources What is a Drupal Site Builder?


This podcast explains the basic roles in Drupal development, namely, site builders, front-end developers, and back-end developers. It also explores the basic skill requirements for each role. If you are new to Drupal development, this will help you plan your career path.


Basic Site Building Concepts

Before you actually start developing a Drupal website, it is highly recommended that you read this article to get familiar with the concepts and terminology of Drupal. This article is especially helpful if you have some previous background in WordPress. You already know about modules, pages, and posts. But, with Drupal, you need to learn some new concepts such as nodes, content types, blocks, views, hooks, and articles.


How to Build a Website with Drupal

This article does not teach you how to create contents for your Drupal website. Instead, it focuses on how you should do the initial setup and configuration. For example, you will learn how to customize the title and slogan for your website, change the theme, and import basic contributed modules. This article was written for Drupal 7.


Developers' resources Drupal API Reference

Drupal is highly extensible. You can use the Drupal API to customize its most minute behavior.
All Drupal developers should bookmark the official API documentation portal. The documentation there is generated directly from the comments embedded in the source code. It is the most up-to-date and accurate source of information about the Drupal API.


What is a Drupal Developer?


This article is a perfect, written companion to the aforementioned podcast "What is a Drupal Site Builder?" It discusses the 3 main roles in Drupal development (site builders, front-end developers, and back-end developers), and the corresponding skill sets required. In addition, it introduces the non-development roles which you will see in a large Drupal project. Examples are system administrators, testers(QA), project managers, and user-experience (UX) designers. Toward the bottom of the article, you will find some good advice on growing your Drupal career.


Become a Drupal Developer

This article is best described as a lesson plan on how to become a Drupal developer. You will find links to video tutorials on  Note that only some of the videos are free.

The emphasis is on back-end PHP development. Drupal 7 information is presented in the beginning of the article; Drupal 8, near the end.

The plan to become a Drupal developer includes the learning of PHP coding fundamentals as well as the Drupal APIs. Also, it advocates the learning of tools to increase productivity and promote teamwork. The tools include git, Drush, and Composer.


Guide to Theming in Drupal

This guide is your launchpad for learning how to change the theme of a Drupal 7 (or 8) website. It contains links to both as well as third-party resources. The guide is community-maintained.


Introduction to Drupal 8 Configuration Management

This article first explains what configuration management (CM) means with respect to a Drupal website. Then, it expounds on the changes introduced by Drupal 8 to CM. You will find the CM video embedded in the article very useful.


Custom training resources

Private training is available if you want a training program that is customized to your specific Drupal needs and requirements. Vardot is an Acquia Training Partner which delivers customized professional training.

Tags:  Drupal Drupal Planet Training Title:  Learning Drupal: Your Guide to Main Resources
Categories: Elsewhere

Drupal Blog: Drupal 8.2.0 is now available

Wed, 05/10/2016 - 11:57

Drupal 8.2.0, the second minor release of Drupal 8, is now available. With Drupal 8, we made significant changes in our release process, adopting semantic versioning and scheduled feature releases. This allows us to make extensive improvements to Drupal 8 in a timely fashion while still providing backwards compatibility.

What's new in Drupal 8.2.x?

This new version includes additional experimental modules to place blocks on pages, to edit configuration related to blocks without leaving the page, to create content moderation workflows, and to use date ranges. Several smaller authoring experience, site building, and REST and decoupled site improvements are included as well. (Experimental modules are provided with Drupal core for testing purposes, but are not yet fully supported.)

Download Drupal 8.2.0

Easier to place and configure blocks on pages

The new experimental Place Block module allows placing blocks on any page without having to navigate to the backend administration form. After selecting the region for placement, block configuration can be adjusted in a modal dialog allowing full control of all the details.

There is also a much easier way to modify block configuration, with the experimental Settings Tray module. Editing a block opens a tray in a sidebar with the block's title and other settings. For the site name block, for example, you can edit the site name directly in the sidebar. For menu blocks, you can adjust the menu there.

Content moderation now included

Drupal has always supported both published and unpublished content, but more granular workflow support was not available in Drupal core. The new experimental Content Moderation module, based on the contributed Workbench Moderation project, allows defining content workflow states such as Draft, Archived, and Published, as well as which roles have the ability to move content between states.

Support for date ranges

The Datetime module included with core only supports storing single points in time. The experimental Datetime Range module provides a new field type that also allows end dates. This is important for helping contributed modules like the Calendar module to work with Drupal 8 core.

Site building, content authoring, and administrative improvements

Drupal 8.2.0 also improves stable functionality for administration, site building, and authoring. Drupal now enables revisions by default for new content types, to provide better accountability, to create a "safety net" for recovering from unintended changes, and to integrate with future workflow features. Content editors will enjoy a more seamless experience, as CKEditor's built-in dialogs are now styled to match Drupal-native dialogs, and creating any entity will always display a message linking to the new entity.

Other incremental enhancements include:

  • The user interface text has been improved on numerous administrative pages.
  • The redirection of site-wide contact forms is now configurable.
  • The comment view mode can now be selected in the display formatter form.
  • Relative URLs are converted to absolute ones in generated RSS feeds (ensuring that images and links work wherever the feeds are used).
  • Administrators can now elect to remove a module's content entities in order to uninstall the module.
  • The internal page cache has been improved for 404 responses.
Platform features for web services

The Drupal 8.2 release continues to expand Drupal's support for web services that benefit decoupled sites and applications, with bug fixes, simplified configuration, improved responses, and new features. It is now possible to read (GET) configuration entities like vocabularies and content types as REST resources, resolving a significant limitation for REST functionality in 8.1.x and earlier. Login, logout, and user registration are also now possible with REST. The authentication mechanism used by a REST Export Views Display is now configurable, and a cors.config service parameter was added for enabling and configuring cross-origin resource sharing (CORS). REST resource configuration is now also significantly simpler.

Developer API improvements

Minor releases like Drupal 8.2.0 include backwards-compatible API additions for developers as well as new features. Read the 8.2.0 release notes for more details on the improvements for developers in this release.

What does this mean to me? Drupal 8 site owners

Update to 8.2.0 to continue receiving bug and security fixes. The next bugfix release, 8.2.1, is scheduled for November 2, 2016.

Updating your site from 8.1.10 to 8.2.0 with update.php is exactly the same as updating from 8.1.7 to 8.1.8. Modules, themes, and translations may need small changes for this minor release, so test the update carefully before updating your production site.

Drupal 6 site owners

Drupal 6 is not supported anymore. Create a Drupal 8 site and try migrating your data into it as soon as possible. Your Drupal 6 site can still remain up and running while you test migrating your Drupal 6 data into your new Drupal 8 site. Core now provides migrations for most Drupal 6 data, but the migration of multilingual functionality in particular is not complete. If you find a new bug not covered by the known issues with the experimental Migrate module suite, your detailed bug report with steps to reproduce is a big help!

Drupal 7 site owners

Drupal 7 is still fully supported and will continue to receive bug and security fixes throughout all minor releases of Drupal 8.

The migration path from Drupal 7 to 8 is not complete, especially for multilingual sites, so you may encounter errors or missing migrations when you try to migrate. That said, since your Drupal 7 site can remain up and running while you test migrating into a new Drupal 8 site, you can help us stabilize the Drupal 7 to Drupal 8 migration path! Testing and bug reports from your real-world Drupal 7 sites will help us stabilize this functionality sooner for everyone. (Search the known issues.)

Translation, module, and theme contributors

Minor releases like Drupal 8.2.0 are backwards-compatible, so modules, themes, and translations that support Drupal 8.1.x and Drupal 8.0.x will be compatible with 8.2.x as well. However, the new version does include some changes to strings, user interfaces, and internal APIs (as well as more significant changes to experimental modules). This means that some small updates may be required for your translations, modules, and themes. See the announcement of the 8.2.0 release candidate for more background information.

Categories: Elsewhere

Annertech: Wow, What a DrupalCon. Observations from a First Time Speaker

Wed, 05/10/2016 - 11:55
Wow, What a DrupalCon. Observations from a First Time Speaker

This year's DrupalCon, in my home town of Dublin, was a brand new experience for me. As a seasoned DrupalCon Veteran, (my first DrupalCon was in Paris in 2009), I thought I knew the ropes - how to choose sessions, what to expect, how to party like a bad-ass... I thought I knew what I would get out of it. Man, was I wrong.

Categories: Elsewhere

Drop Guard: It was us a pleasure! #DrupalConDublin

Wed, 05/10/2016 - 10:00
Dublin, 27. Sept. 2016. “Describe the DrupalCon in just one word!” - “EXCITING!”

First of all, I want to thank everyone who made my first DrupalCon this awesome and extra special!

Our whole team enjoyed a week full of new experiences, great sessions and - of course - old and new friends! The place, Dublin, was perfect to “seal” a new friendship or strengthen an old one with a good morning coffee (thanks to Commerce Guys by actualys and Mailchimp, the two coffee break sponsors!) or a good cold Guinness (I tried to remember the bar names, but actually I guess I sealed a lot of new friendships..).

Drupal Drupal Planet Drupalcon Drupal 8 Events Security
Categories: Elsewhere

Chapter Three: Exploring Drupal 8 in Jupyter Notebook

Wed, 05/10/2016 - 01:03

Jupyter notebooks are used in data science for exploring / documenting / presenting data. If you haven't heard of Jupyter maybe you have by it's former name, iPython notebook. Since there are multiple "kernels" supported it was renamed to Jupyter ( for Julia-Python-R ). There is support for 3rd party kernels such as the Ruby kernel and thanks to the Jupyter-PHP project on github we can add PHP to the list.

Categories: Elsewhere

Linnovate: DrupalCamp TLV 2016

Tue, 04/10/2016 - 22:27

Hello fellow Drupalers,

As the dust setteles upon Drupalcon Ireland we wish to invite you to a sunnier location in the middle of the winter.
Come join us for <strong>DrupalCamp TLV 2016</strong> at November 29th in Tel Aviv, Israel !

The conference site ws set up by Royi from Gizra and can be seen here -

We have great sessions proposed from around the world including Bojan from Drupal Commerce and Michael Schmid from Amazee and of course Amitai, Aron, Royi and many more.

Early bird tickets season ends in October 15th so register or get your organization to sponser you asap.

See you in sunny Israel in November!

Categories: Elsewhere

Isovera Ideas & Insights: Introducing "Ask Isovera"

Tue, 04/10/2016 - 21:51
We are pleased to announce a new way to get insights from the Isovera team AND get your own questions answered. "Ask Isovera" will feature 90 second video shorts - answering questions on Drupal, UX, strategy, or maybe even the meaning of life. We look forward to providing helpful information and letting folks get to know more about the Isovera team. Send questions to
Categories: Elsewhere

Drupalize.Me: Another Version of Drupal 8

Tue, 04/10/2016 - 19:42

It's that time again. October 5th brings the second minor version of Drupal 8 since moving to a semantic versioning release schedule. We've taken the time to dig through the change records and release notes (in order to make sure our tutorials stay up to date) and we want to share some of the new features and functionality you can look forward to when you upgrade to version 8.2.

Categories: Elsewhere

Jeff Geerling's Blog: Migrating 20,000 images, audio clips, and video clips into Drupal 8

Tue, 04/10/2016 - 19:09

tl;dr: If you want to skip the 'how-to' part and explanation, check out the pix_migrate example Drupal 8 migration module on GitHub.

For a couple years, I wanted to work on my first personal site migration into Drupal 8, for the last Drupal 6 site I had running on my servers. I've run a family photo/audio/video sharing website since 2009, and through the years it has accumulated hundreds of galleries, and over 20,000 media items.

The home page of the Drupal 8 photo sharing website.

Categories: Elsewhere

Valuebound: How can VR help increase revenue for Media companies?

Tue, 04/10/2016 - 18:35

Zuckerberg didn’t just invest ‘cuz its fun when he bought Oculus with $ 2Billion. VR existed in some form or the other but was either making people sick or was too costly and then Facebook bought Oculus and it changed everything.

But the question remains as to with all these investments for VR technology and the startups, how will that give an ROI and what is in it for the Media industry?

This article explores and analyses the possibilities of Virtual Reality. We also ponder as to how Media industry can make the most out of such a transition. In a previous article, we find answers to the five most basic yet important questions for VR and its Timeline.

Subscription Purchases…
Categories: Elsewhere

Valuebound: How can VR can help increase revenue for Media companies

Tue, 04/10/2016 - 18:35

Zuckerberg didn’t just invest ‘cuz its fun when he bought Oculus with $ 2Billion. VR existed in some form or the other but was either making people sick or was too costly and then Facebook bought Oculus and it changed everything.

But the question remains as to with all these investments for VR technology and the startups, how will that give an ROI and what is in it for the Media industry?

This article explores and analyses the possibilities of Virtual Reality. We also ponder as to how Media industry can make the most out of such a transition. In a previous article, we find answers to the five most basic yet important questions for VR and its Timeline.

Subscription Purchases…
Categories: Elsewhere

Agaric Collective: The door for new contributors to Drupal is still locked

Tue, 04/10/2016 - 17:09

People contributing modules or themes for listing on receive a welcome, or lack thereof, that would have driven away many of us now active in the community. With hundreds of requests moldering awaiting review, the project application process continues to be a community crisis, and it has been acknowledged as such for five years. We are casting aside the literal future of Drupal, with a likely disproportionate impact on disadvantaged contributors. Any separate process for new contributors will inherently be unequal, and will tend toward awful. Let's jump in to mitigate the damage being done and finally get a new system in place— we're closer than ever.

After a couple frustrated module makers asked me to give their projects full status, I went over to the project application review queue out of the sense that it isn't fair to everyone else to save only the two who reach out. Of course, I should have been in there all along: there were project applications which had been vetted by other volunteers and marked Reviewed & Tested by the Community four months ago. One person who contacted me was unhappy their project had passed all the hurdles and was then left lying untouched for a mere two weeks. Of course, they had started the application process nine months ago.

The door through which community members can make their first contribution of a module or theme remains locked, and not enough people have the key (nor is it clear how to get that key to more people).

Keep in mind this is only projects that have actually been reviewed. In nearly every case the person applying has fixed the issues noted and now the project has been considered by someone to be all set for approval. People trying to get to that point are even worse off. The current backlog for people waiting to get a review has projects waiting with the needs review status for nearly a year — 11 months and five days. And of course the current project application review process, despite having gone through several iterations of improvement, still garners its share of complaints when running perfectly— and it still holds new contributors to a higher standard than we hold ourselves.

Finally, some unknown but large percentage of the two thousand projects marked "Closed (won't fix)" have been put in that state automatically by a robot due to lack of activity. If a contributor leaves an application in a "Needs work" state for a month, it is unceremoniously closed without warning. (In contrast, if we don't get around to reviewing or approving a project for months, nothing automatically happens in favor of the contributor, despite written guidelines for escalating ignored issues.) It will be fun to go through all these old issues and contact the contributors letting them know they can promote their sandboxes to full project (and then changing the issue to some other status, like works as designed, to mark it), but we can't do that until the overall process is fixed. The good news is we're closer than ever.

The current proposal looks solid, but it's suffering from inaction. The goals it outlines are excellent:

  • We need to remove the gate to new contribution entirely - not just kick the can to a particular elevated role, or a specific limit on the # or kind of releases a new contributor is allowed.
  • We need to continue to send strong signals about security coverage to users evaluating whether to use modules from
  • Follow-up: We need to find ways to preserve the value collaborative code review, through changes to Project Discovery to provide signals about code quality, and by providing incentives and credit for review.

I encourage anyone who cares about new people joining Drupal to work on the issues associated with this proposal, in particular the ones to allow non-git vetted users to promote sandbox projects to full project status and add a permission for creating stable releases, and grant to “git vetted” users. While my oft-stated preference is that any gates we put up must apply to all users, so we make sure they are bearable and don't forget about problems for months and years at a a time, moving the gate to a security review at a stable release has huge advantages of its own. It allows a new contributor to put their work out there without being blocked by anything. It allows a module to find its audience and have people invested in its particular functionality at the point of review, rather than have only volunteers who have no inherent stake in the functionality involved. It even lets a contributor decide whether a module has proven sufficiently useful to others to be worth going through security review.

We don't have that system yet though and we still have that huge backlog to get through. Helping other people follow the project application checklist is a great way to get better at making projects yourself— whether you have a dozen already, or don't have any yet. Just remember this is about helping applicants. To give further incentive to the review work, i've proposed including issue credits given to users in the Project Application review queue on profile pages and Marketplace rankings.

It's Rosh Hashanah, the Jewish new year, and the tradition is that we have ten days to make things right with any people we have wronged. Let's accept (again) that we as a community have wronged our potential new contributors, and make things right. Thanks.

Categories: Elsewhere

InternetDevels: Views in Drupal 8: how is the most popular module doing?

Tue, 04/10/2016 - 16:14

Since Drupal is a content management framework, so it’s worth mentioning a module which reflects the very essence of content management — the Views, of course. Simple but powerful, the Views is the most popular module, installed on over two-thirds of Drupal sites.

Read more
Categories: Elsewhere

Acquia Developer Center Blog: Retrieving and Manipulating Content with Waterwheel.js

Tue, 04/10/2016 - 15:57

In my previous blog post in this Waterwheel series, I detailed the basics of Waterwheel.js: how to set it up in server-side or client-side JavaScript, and how resource discovery can bring Drupal-backed applications and traditional Drupal implementations closer together in unprecedented ways. In this post, I explore how to manipulate content with Waterwheel.js.

Tags: acquia drupal planet
Categories: Elsewhere Drupal 8 Views: How to formulate the route name

Tue, 04/10/2016 - 13:35

This article will explain how to formulate the route name for a view because there are very few sources for the information online.

Categories: Elsewhere Blog: AGILEDROP: Drupal and the internet of things

Tue, 04/10/2016 - 08:32
What is Internet of Things (IoT)? A good and straightforward description can be found on Wikipedia “The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.” In a little simpler words the IoT is a way that everyday objects have the connection to the Internet, allowing them to receive and send data. Those things can actually be almost everything and we can already find them in many branches, like healthcare,… READ MORE
Categories: Elsewhere Blog: AGILEDROP: Drupal and the internet of things

Tue, 04/10/2016 - 08:32
What is Internet of Things (IoT)? A good and straightforward description can be found on Wikipedia “The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.” In a little simpler words the IoT is a way that everyday objects have the connection to the Internet, allowing them to receive and send data. Those things can actually be almost everything and we can already find them in many branches, like healthcare,… READ MORE
Categories: Elsewhere If you're still on Drupal 6, you should switch to Pressflow ... ASAP!

Mon, 03/10/2016 - 21:33

If you have a site that's still on Drupal 6, you're not alone. As of about a week ago, there's still over 88,000 Drupal 6 sites out there!

While support from the community ended on February 24th, the Drupal 6 Long-Term Support vendors have been hard at work, releasing over 20 security fixes for various contrib so far, including very popular modules like Views and Panels!

While the D6LTS vendors haven't released any security fixes for Drupal 6 core yet - it's only a matter of time!

If you want to be ready for it when they do, we recommend that you update to Pressflow. But that's not the only reason!

Read more to find out why and how!

Categories: Elsewhere

Palantir:'s Guide to Digital Governance: Properties and Platforms

Mon, 03/10/2016 - 20:58's Guide to Digital Governance: Properties and Platforms's Guide to Digital Governance brandt Mon, 10/03/2016 - 13:58 Scott DiPerna Oct 3, 2016

This is the second installment of’s Guide to Digital Governance, a comprehensive guide intended to help get you started when developing a governance plan for your institution’s digital communications.

In this post we will cover...
  • What's next after the 10,000ft view
  • What properties you need to think about
  • Applications and integrations you also need to consider 

Stay connected with the latest news on web strategy, design, and development.

Sign up for our newsletter.

Having started at the 10,000ft view to assess the digital ecosystem for our governance planning, part two of the Guide to Digital Governance begins to identify the specific properties and platforms you will need to consider within that ecosystem.

Taking the top level categories you listed for your governance plan in part one, you now will want to think of the properties and platforms within each of them. The following questions are intended to help you think through each piece carefully.

Public Websites

  • What are the websites we own that are visible to anyone on the Web?
  • Do we have any public subdomain Websites, such as
  • Do we have any micro-sites, or Websites with a URL that is different from our main site?
  • Do we have any blogs that may be hosted elsewhere, but would be considered part of our public Web presence?

Private Websites

  • What are the Websites we own that are visible to only those with access we control?
  • What are the Websites we own that are visible to only those who have access through machines running on our organization’s network?
  • Do we have any subdomain Websites, such as that require logging in?
  • Do we have any Websites for only a specific set of constituents?

Intranets and Portals

  • Do we have a network of internal-use Websites (a.k.a an Intranet), accessible only by password or by logging on to the organization’s network, or otherwise hidden (even by obscurity)?
  • Do we use any portal sites or pages as a means of aggregating links of importance for specific groups of users?

Web-Based Applications

  • Are there any web-based applications we use to perform specialized tasks, such as generating reports from data in a database or retrieving digital assets from a database?
  • Are there any online tools that we use (whether built internally or purchased from a third-party vendor as software-as-a-service (SaaS)?


  • What platforms, systems, and/or services do we use for collecting payments online?
  • What platforms, systems, and/or services do we use for selling products online?
  • Where are these located relative to our other Websites?

Social Networks

  • What are the social media networks we use to communicate to the outside world?

Digital Media

  • What are the platforms we use to create digital media, such as video, audio, and photography?
  • What are the platforms we use to distribute digital media, such as video, audio, and photography

Broadcast Email

  • What are the systems we use to send broadcast email to all or large segments of our internal group, members, staff, community, etc.?
  • What are the systems we use to send broadcast email to all or large segments of our external community, clients, constituents, etc. for the purposed of marketing and promotion?

Digital Communications Governance

  • What are the pieces that will constitute our official governance system?
  • NOTE: You may not know the answer to this one yet, so leave it empty for now.


This post is part of a larger series of posts, which make up a Guide to Digital Governance Planning. The sections follow a specific order intended to help you start at a high-level of thinking and then focus on greater and greater levels of detail. The sections of the guide are as follows:

  1. Starting at the 10,000ft View – Define the digital ecosystem your governance planning will encompass.
  2. Properties and Platforms – Define all the sites, applications and tools that live in your digital ecosystem.
  3. Ownership – Consider who ultimately owns and is responsible for each site, application and tool.
  4. Intended Use – Establish the fundamental purpose for the use of each site, application and tool.
  5. Roles and Permissions – Define who should be able to do what in each system.
  6. Content – Understand how ownership and permissions should apply to content.
  7. Organization – Establish how the content in your digital properties should be organized and structured.
  8. URLs – Define how URL patterns should be structured in your websites.
  9. Design – Determine who owns and is responsible for the many aspects design plays in digital communications and properties.
  10. Personal Websites – Consider the relationship your organization should have with personal websites of members of your organization.
  11. Private Websites, Intranets and Portals – Determine the policies that should govern site which are not available to the public.
  12. Web-Based Applications – Consider use and ownership of web-based tools and applications.
  13. E-Commerce – Determine the role of e-commerce in your website.
  14. Broadcast Email – Establish guidelines for the use of broadcast email to constituents and customers.
  15. Social Media – Set standards for the establishment and use of social media tools within the organization.
  16. Digital Communications Governance – Keep the guidelines you create updated and relevant.

We want to make your project a success.

Let's Chat.
Categories: Elsewhere