by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    drakozero
    @drakozero
    So yes, Blazor needed something like Oqtane to help us speed up the process, specially in those different/customizable sites, with a lot of "out of the usual" code, either for online sites, or particular intranets.
    Shaun Walker
    @sbwalker
    "Blazor needed something like Oqtane to help us speed up the process" - I couldn't agree more ;)
    PoisnFang
    @PoisnFang
    Whats the plan to move to the Code-Behind pattern?
    Shaun Walker
    @sbwalker
    it is on the roadmap... but the fact that the core framework does not use the code behind pattern currently does not restrict anyone from using the code behind pattern in their own modules
    PoisnFang
    @PoisnFang
    Yeah I realize that. I was just curious if there was like a specific time frame to complete it?
    Shaun Walker
    @sbwalker
    No specific time line yet. At this stage I am trying to prioritize those items which provide much higher value to developers who are building applications on the framework, as opposed to those items which would require broad sweeping changes across the framework code base with a high risk of regression bugs and very little actual benefit to developers.
    PoisnFang
    @PoisnFang
    Makes sense to me
    Cody
    @thabaum
    Good stuff like the reads thanks :)
    Mike Casas
    @mikecasas
    Docs should be priority now that 1.0.1 is out.
    Shaun Walker
    @sbwalker
    @mikecasas I totally agree! The IIS deployment blog I wrote this week is a good example of why documentation is important - it helped 2-3 people get up and running on Oqtane. I posted in #570 this week that I would like to move forward with the docfx solution from @iJungleboy
    Shaun Walker
    @sbwalker
    I also spent some time this week building a “real world” custom module ( ie. it uses a scheduled job, third party DLLs, a JavaScript library ) and I plan to use it as the basis of a video tutorial to help module developers get started on Oqtane
    drakozero
    @drakozero
    Hey @sbwalker about the third party DLL, I found out that when deleting the module, those extra dll's remain on the server and don't get deleted. I'm partly ok with that because they are no longer being referenced, and the possible case where another unrelated module happens to also use those dll's
    I think keeping track of who uses what it's way too complicated... but maybe installing the modules in a location similar to /Modules/[module-name]/ like the resources inside wwwroot... Could that be possible? I really have no idea how the assemblies referencing thing works
    Mike Casas
    @mikecasas
    @sbwalker will the docs be in the main repo or in a stand alone repo?
    and I plan to use it as the basis of a video tutorial to help module developers get started on Oqtane
    Great
    drakozero
    @drakozero
    Emmmm... I was creating a new Module, so I decided to start based on a previous Module I had created... copy, paste, rename..... Long story short.. terrible idea, so I decided to modify the External template, that way a new module from scratch has entityId and Policies authorization, with a bonus that Client.Index.razor includes pre coded the SettingsService to get the module settings if needed... repo here if anybody want to try it or find it usefull
    PoisnFang
    @PoisnFang
    Once I get me module running in about a week and try and go through installation, I will have more feedback to give.
    I also plan on creating several open source modules in the near future
    Mike Casas
    @mikecasas
    Did the routing change to be case sensitive? I created a site 'One', when I try http://localhost:44357/one it can't find my site, and I get redirected to the main page.
    Mike Casas
    @mikecasas
    Can you have custom modules in your custom theme? I see in the cerulean theme it references controls/components from the framework, so they are guaranteed to be there, but if you have a custom theme, how can you be sure the external module is there?https://github.com/oqtane/oqtane.theme.cerulean/blob/master/Default.razor#L4-L17
    drakozero
    @drakozero
    Similar to Wordpress themes that recommends certain Plugins?
    drakozero
    @drakozero
    I think custom controls/components should be easier to implement, maybe override?? but auto install and configure custom modules... maybe seeding the DB and finding a way to copy the .nupkg during theme installation... Reading the Oqtane.Infrastructure.InstallationManager, the Themes installation, uses the same Module installation core module, with "Themes" folder, so in theory, packaging everything into a .nupkg, all modules, and custom ModuleManager, etc.... sorry for the rambling, but yeah... seems posible
    Shaun Walker
    @sbwalker
    @mikecasas there were some changes to routing to allow for Url Parameters - it is possible that as part of those changes there is a regression bug. Maybe @PoisnFang can take a look as he made the routing changes.
    @mikecasas modules and themes are designed to be independent of one another - they are combined dynamically at run-time based on configuration information in the database to create a "page". However you can develop them as part of the same assembly. And you can package them in the same Nuget package.
    @mikecasas @iJungleboy is recommending a new repo as part of #570
    Shaun Walker
    @sbwalker
    @drakozero it may be possible to use an approach where a module's DLLs ( and depencies ) are stored in subfolders of the /bin - it would require some research.
    @drakozero the external module template used in the Module Creator should be updated to use the authorization policy
    PoisnFang
    @PoisnFang
    @mikecasas @sbwalker I will take a look at the site routing and see.
    drakozero
    @drakozero
    @sbwalker feel free to review/compare the changes to the template I made, and include them in Oqtane, I don't know if a pull request for that is needed/necessary, I think it would be better if templates could be installable, that way there could be multiple templates, and private templates as needed Eg: Simple CRUD, With Policies, With extra services, etc.
    PoisnFang
    @PoisnFang
    @mikecasas The sites are indeed case-sensitive. But its not due to any changes I made. It looks like it has always been that way. It in the AliasController.cs
    the segments are not normalized.
    Shaun Walker
    @sbwalker
    That sounds like a bug as elements of a url should not be case sensitive.
    PoisnFang
    @PoisnFang
    Agreed
    Shaun Walker
    @sbwalker
    @drakozero if you look at the latest HtmlText module you will see that a base class and a method were introduced for making the integration of auth policies simpler. In addition you should probably be aware that there is a security flaw in the external module template you posted. The Get(int id) method needs to check that the ModuleId of the model returned matches the entityid.
    Shaun Walker
    @sbwalker
    The auth policy concept may seem a bit complicated at first - but its important to understand the 2 dimensions of it. First, when an entityid is passed on the querystring, the auth policy can use it to check the permissions for the entity type ie. [Authorize(Policy = "ViewModule")] - this would check if the user has View permissions for a Module with a specific ModuleId ( "entityid" is used generically as this auth policy can be applied to other entities as well ). If the auth policy validation is successful there is still a secondary level of validation that is often required. For example, the Get(int id) method is retrieving a specific custom entity being managed by a Module ( the id in this case is not a ModuleId ). The controller method will get the object from the repository however it needs to verify that the object is actually associated to the specific ModuleId - ie. it needs to check if (object.ModuleId == entityid). If this secondary validation is not done then a user with permissions to view a specific module's data would be able to access ANY module's data ( ie. by passing any id ). This is obviously true for other API methods as well such as Put, Post, Delete... in fact it is even more important to do the secondary validation on these methods as they modify data.
    drakozero
    @drakozero
    @sbwalker Thanks for the tips, I'm going to check the HtmlText for that info
    drakozero
    @drakozero
    Whats the difference/or similarity between ModuleId, EntityId, ModuleState.ModuleId and ModuleState.PageModuleId?
    Shaun Walker
    @sbwalker
    ModuleId represents an instance of a module in a site. Each module has its own distinct content and its own permissions. A module can be displayed on one or more pages in a site. Each instance of a module on a page is represented by a PageModuleId. ModuleState is a cascading parameter which can be used in razor components to get easy access to state such as ModuleId or PageModuleId. EntityId is a generic parameter used in some framework services that support multiple types of entities within the same API ( ie. Site, Page, Module, etc... )
    drakozero
    @drakozero
    So if I put two Modules of the same type, on the same page, each one has a different ModuleId, and when the same module is used in multiple pages (Eg. as a fixed banner or sidebar -> Display on All Pages=yes) ModuleId remains the same, but PageModuleId is different for each page?
    And EntityId is a global naming standard, that usually is equal to ModuleId, except if I understood the PageModuleId correctly, only for those cases where fine grained authorization is required for certain pages?
    drakozero
    @drakozero
    Wait.. just remembered the custom page for users option, like "My Page" that has to be the instance for PageModuleId.
    Cody
    @thabaum
    In DNN there are options for making all characters lowercase, case sensitivity and so on when a url is typed in. Should I investigate adding these features to Oqtane?
    Cody
    @thabaum
    image.png
    Shaun Walker
    @sbwalker
    I don’t think we need any admin options in Oqtane for URLs - I think we need to treat alias and page names as case insensitive... however url or querystring parameters need to be case sensitive because they could contain Base64 encoded values
    Mike Casas
    @mikecasas
    What about loading custom font files?
    namespace Oqtane.Shared
    {
        public enum ResourceType
        {
            Stylesheet = 0,
            Script = 1
        }
    }
    Mike Casas
    @mikecasas

    font.PNG

    In my custom css it references font files, but they are not found by the browser.

    Mike Casas
    @mikecasas
    When I upload my custom theme the font files are in folder along with the css and js.
    Shaun Walker
    @sbwalker
    Are you using the @font-face method to load the font in your CSS?
    Sven Reichelt
    @svreic

    @sbwalker Is there a roadmap for the next couple of weeks for oqtane? There are a couple of tickets in github that needs architectural decisions to go on with them. When will we start doing these decisions?

    e.g. I would like to start to enhance model value validation server-side as well as client-side in terms of robustness and stability. I have found that the happy path is working mostly perfect but if there are "wrong" values within the input model than this often leads to db exceptions or other errors. For versions 1.0.x this is totally fine but imho in a version 1.x some of the currently open things should be done. To do the validation we need a architectural discussion about the way we want do it.