Sunday, May 30, 2010

Openbiz Cubi Menu

Cubi Menu is the core component that manages the application navigation.

Normally, a web application (or web site) hand code several navigation elements, such as menus, tabs, breadcrumb and so on. This was the way used in previous Openbiz application - manually add left menu items on each view or template.

Let's talk how the new menu system works in Openbiz Cubi.
1. Definition of menu
  • Menu is a tree structure
  • Each menu item include navigation attributes like name, title, url, icon...
2. Menu presentation on web page
Menu is tree structure. It can be presented as application tab, breadcrumb, navigation menu, sitemap on a web page.


The diagram below shows how the menu tree maps to UI elements.


3. How to add menu in your own module
Each module can add entries in Cubi menu. In module/mod.xml, there is a Menu section to add MenuItem. The key to append module menu to system menu is
  • In the top MenuItem element, set Parent="existing_menuitem". It will append this menu as a child of specified menuitem
  • Or leave the Parent="". It will tell this menu as a root first level menu item.



4. How to manage menu in the Cubi application
Once a module is loaded in the system, its menu is inserted as well. Then you can see the menu items appear on proper place like navigation menu or application tab.

If you are admin, you can manage menu items in "Menu Management" views. This will be cover in separate topic.
Posted by at No comments:

Sunday, May 23, 2010

Cubi module enhancement

The goal of Cubi module is to allow developers to write their own components and plug in to Cubi application. So each module should have its own
  • module description information
  • database tables and preload data
  • menu definition. menu tells users where to access the module functionality
  • depend-on modules who need to be installed before this module
Let's see how cubi enhance its module management. The mod.xml is the main description file. It schema has 3 major part:
  1. ACL
  2. Menu
  3. Dependency
Sample mod.xml can be found in cubi/modules/help/mod.xml

Developer can add the module specific sql in
  • mod.install.sql and
  • mod.uninstall.sql
Cubi provides a command line tool to load module. The command is cubi/install/load_module.php
# php load_module.php module_name

To help prepare fresh cubi installation data, developer can use script at cubi/install/create_cubidb.php
# php create_cubidb.php
This script create a fresh database called "cubi_install". You can dump the database to cubi/install/cubi.sql. This database will be used in installation wizard.
Posted by at No comments:

Monday, May 17, 2010

Cubi cronjob manager

Every week Openbiz makes progress on feature implementation and bug fixes. I should have worked more harder to record them in the blog.

Cronjob manager is added in Cubi. What cronjob manager does?
  • Provide a backend management UI to allow administrator to add/edit/delete command in cronjob format
  • A job manager script that reads and parses the jobs in the cronjob list, then execute them.
A cronjob defined in Cubi can have following attributes.
  • name
  • minute, hour, day, month, weekday. Unix cronjob format is used. Note: */N format is not supported.
  • command. This is the command to run in this job.
  • sendmail. This field includes the emails to be sent after completing executing the job.
  • max_run. max_run tells how many concurrent execution of this job. By default max_run=1. It means only single job can run as the same time. If max_run=0, then no limit of the concurrent job execution.
  • description
To start cronjob manager, add "cubi/bin/cronjob/cron.php" in system crontab.

cronjob log files are outputted to cubi/log. Each job will have its own log.

Cubi provides a helper command called run_svc.php that can invoke service with following format.
usage: php run_svc.php service_name method parameter1 parameter2 ...

Cronjob manager can add this command to the job list.
Posted by at No comments:

Sunday, February 21, 2010

Cubi clean url

In Openbiz baseapp, a typical url to access a view is like http://host/baseapp/bin/controller.php?view=a.b.viewname. We call it raw openbiz url.

Cubi will map cleaner urls to raw urls by adding an index.php and .htaccess under the root directory of cubi installation.

View mapping syntax:
  • /cubi/a/x maps to /cubi/bin/controller.php?view=a.view.XView. Example: /cubi/system/userList
  • /cubi/a/x_y maps to /cubi/bin/controller.php?view=a.view.XYView. Example: /cubi/system/user_list
  • /cubi/a/x/number maps to /cubi/bin/controller.php?view=a.view.XView&fld:Id=number. Example: /cubi/system/user_detail/5
  • /cubi/a/x/word_number maps to /cubi/bin/controller.php?view=a.view.XView&fld:word=number
If .htaccess is not recognized by web server (e.g. installed on IIS), then you need to do the following:
  • Add "?" right after /cubi/. This assumes that index.php is the default script configured in web server. For example, http://host/cubi/?/system/user_list
  • Or add "index.php?" right after /cubi/. For example, http://host/cubi/index.php?/system/user_list
Posted by at No comments:

Saturday, February 20, 2010

Cubi new openbiz.js

In previous openbiz baseapp, clientUtil.js is the main js library to support openbiz browser end logic. It handles Ajax call, form behavior, popup, dialog, richeditor, auto suggestion ... When more functions are inserted in the js file, the code get more messy. Cubi replaces clientUtil.js with openbiz.js in order to get the browser code more organized.

The code structure in openbiz.js
  • Openbiz - main Openbiz namespace. It manages the form objects and provide entry of openbiz ajax call
  • Openbiz.ActionType. It defines the action types of openbiz ajax call.
  • Openbiz.Form. Each openbiz form instance will have a javascript Openbiz.Form instance
  • Openbiz.TableForm. This is the js instance of openbiz List/grid form.
  • Openbiz.Net. It provides network related functions like ajax call.
  • Openbiz.Window. It manages popup, dialog logic.
  • Openbiz.Util. It has some utility functions.
  • Openbiz.Menu. It has functions to show and hide context menu
  • Openbiz.CKEditor. It has functions that integrate CKEditor with ajax call.
  • Openbiz.AutoSuggest. It has functions that initiates autosuggestion control
  • Openbiz.Validator. It has functions that validate user entries on client side only.
With the replacement of clientUtil.js to openbiz.js, there will be some change needed on the existing template, code that worked with clientUtil.js. For example.
  • Replace CallFunction with Openbiz.CallFunction in the list template file
Most changes are done in the openbiz code already to work with the new openbiz.js.

Openbiz.js introduce another importance changes.
  • User JSON in all ajax call.
Posted by at No comments:

Cubi metadata naming convention

Before Cubi, Openbiz developers can name their metadata with any name. For example, an user list form can be named as
  • FM_UserList.xml
  • f_userlist.xml
In Cubi, metadata name follows the syntax as "NameType". For the user list form, Cubi will use
  • UserListForm.xml
The advantage of this name besides its clarity is that its custom form class can have the same name. To define a custom class, you just need to set
in the UserListForm.xml
Then add UserListForm.php in the same directory.

Sample metadata names from Cubi/modules/system directory
For DataObject metadata
/do/UserDO.xml
/do/RoleDO.xml

For Form metadata
/form/UserListForm.xml
/form/UserEditForm.xml
/form/UserNewForm.xml

For View metadata
/view/UserListView.xml
/view/UserEditView.xml
/view/UserNewView.xml
Posted by at No comments:

Wednesday, January 27, 2010

Cubi Access Control (ACL)

Cubi will extend the existing Openbiz access control approach by allowing administrator the manage role access to system resources. The following chapter outlines how ACL is managed in Cubi.

Basic ideas: define how a role can access application resource.

1. Define resource and its actions
In each module, it can have mod.xml under the module root directory. In mod.xml, there can be a "ACL" section which can have multiple resources. Each resource can have more than 1 actions. For example,
<ACL>
<Resource Name="User">
<Action Name="Administer_Users" Description="Administration of users"/>

2. Link Access resource action to Object
In each Openbiz object, developer can set Access attribute to certain resource action. For example,
<EasyView Name="UserListView"... Access="User.Administer_User">
gives the administer user access to the system.view.UserListView

3. Assign Role permission to resource action
In the role detail page, user can pick "Allow" or "Deny" to all available resource actions. Say, we give role "member" a "Deny" to User.Administer_User. Then when a user with member role tries to access the RoleListView, an access deny page will shown to the user.

Access attribute can be given to View, Form, Element, DataObj.
Posted by at No comments:

Saturday, January 23, 2010

Cubi Menu module (1)

Menu plays a key role in any application. Not only it helps user to navigation the application, it also help to organize content.

Generally Menu can be classified into 2 types:
  • Static menu. Menu items are hard-coded in page, template, metadata files or source code. User cannot change the menu in the application.
  • Dynamic menu. Menu is generated from the database and user can configure menu in the application.
Static menu is simple and widely used in most applications where navigation in the application is designed in the product. While dynamic menu is commonly used in content rich systems (like CMS, forum ...) where the site administrator can configure menu to let user to navigate into growing content.

Cubi is going to support both static and dynamic menus. In Cubi first release, static menu will be supported. In Openbiz 2.4, there are 3 different types of navigation components.
  • Tab. Include top-level application tab and in page tab (2nd level)
  • Menu. It support pull down menu up to 3 levels
  • Tree. It organize menu items in tree style
All 3 of components are currently have their own metadata even though they are telling the same things internally. In Cubi, we will have a separate Menu module. It is featured with
  1. Same metadata for tab, menu and tree.
  2. Different template to render tab, menu or tree.
  3. Have "Application tab" and "Admin menu" for Cubi to use.
Menu metadata can use the one in openbiz baseapp.

<menu Name="" Class="" TemplateEngine="PHP" TemplateFile="">
<menuitem url="" target="" text="a" icon="a.gif">
    <menuitem url="" target="" text="a1" icon="a1.gif">
Posted by at No comments:

Thursday, January 21, 2010

Add more security on the server actions

Openbiz framework makes it open for browser client to invoke the server object method through Ajax call. Of course, developers can add rules to protect different actions (e.g. use UpdateCondition and DeleteCondition in 2.3 and use ACL control in Cubi), people may want to have some easier approach to filter out unsafe actions triggered from the browser.

Here is the proposal for so called "safe actions filter" on Openbiz 2.4. This will be released in the 2.4 SVN before Feb.

First, only Form object method calls from browser are allowed. Other objects method calls are blocked by the controller.

Second, EadyForm class will have a new method
public function getMethodsWhiteList()
This method returns a list of methods that are exposed to browser client. By default EasyForm will compose the list with:
  • All methods that are defined in the form metadata EventHandlers. Say you have 2 EventHandlers of 2 button elements on user.AccountForm. They link to methods "editAccount" and "resetPassword". Then only these 2 methods are in the white list.
  • Some safe methods like "selectRecord" which is usually not linking to a event handler.
When an server action is invoked (through Ajax for example), the controller will check if the target object is a form object, then check if the called method is in the white list. This approach will give more security on the server side logic.

getMethodsWhiteList() can be overrided by your any form class to implement custom logic.
Posted by at No comments:

Tuesday, January 19, 2010

Cubi - PHP Applicaiton Platform

Cubi is a php application platform. It is actually a application built on Openbiz. The goal of Cubi is to provide commonly used functionality in a platform level. It will boost the productivity of Openbiz-based application development.

Cubi 0.1 is planned to release on Feb 2010. It will include the following features.

- User management. Administer user and assign roles to user
- Role management. Administer role and assign role with ACL. Permission
control is done here by assigning Module actions to Role
- Module management. Load new module, reload module, check module
resource actions which is related to ACL
- Email queue and log
- Cronjob manager (not done yet)
- Event log manager
- New naming convention of metadata files
- Menu module. This is to manage application menus. (not started yet,
might not be in first release)

User login and my account
- User login
- Forget password and password reset email
- User registration and welcome email
Posted by at No comments:
Subscribe to: Posts (Atom)