Drupal

SA-CORE-2018-002 Mitigation

New Drupal Modules - 26 April 2018 - 2:12am

*****************************************************
THIS MODULE DON'T REPLACE CORE UPDATE. PLEASE ALWAYS KEEP YOUR CORE AND MODULES UPDATED
*****************************************************

Description
===========
This module search suspicious query strings, and block then responding 403
Mitigate https://www.drupal.org/sa-core-2018-002

Categories: Drupal

Matt Glaman: Enabling RESTful web service interfaces in Drupal 8

Planet Drupal - 26 April 2018 - 2:00am
Enabling RESTful web service interfaces in Drupal 8 Drupal 8 ships with the RESTful Web Services module which allows you to expose various API endpoints for interacting with your Drupal site. While the community is making a push for the JSON API module, I have found the core' RESTful module to be pretty useful when I have custom endpoints or need to implement Remote Procedure Calls (RPC) endpoints. However, using the module and enabling endpoints is a bit rough. So, let's cover that! Also note, this blog covers the content from the introduction of the Web Services chapter from the Drupal 8 Development Cookbook.
Categories: Drupal

Elfsight FAQ Module

New Drupal Modules - 26 April 2018 - 12:35am

Introduction
Elfsight FAQ Module is a simple and easy-to-use FAQ for those who want to provide answers to the most frequent customer questions and deliver more details about their business. Install the module to your website and use it to combat any doubts and increase the number of leads.

Elfsight FAQ module allows to shape a structured question-answer list with easily accessible information and to display it most effectively on your website. Make your FAQ user-friendly and handy for readers to provide them with the info they are looking for.

Categories: Drupal

ECK Access Own

New Drupal Modules - 25 April 2018 - 11:11pm

ECK Access Own appends capability to specify owner access to view, edit and delete for the entities created by Entity Construction Kit.

Categories: Drupal

Marketo JS Forms Integration

New Drupal Modules - 25 April 2018 - 10:47pm

This module allows you to create Marketo form blocks on your Drupal sites.

This module comes with a new field type so each entity can have it's own unique form.

The provided CKEditor plugin allows editors to easily embed a Marketo Form into content by adding the token:

[marketo-form:FORM_ID

Categories: Drupal

ECK Permissions

New Drupal Modules - 25 April 2018 - 8:01pm

ECK Permissions simplifies the administration permissions for Entity Construction Kit. The module appends a tab for each entity in administration interface that allows to edit relevant to that entity permissions.

Categories: Drupal

Drupal Association blog: Promote Drupal - Starting with Drupal.org Redesign

Planet Drupal - 25 April 2018 - 5:48pm

You may have noticed that the Drupal.org front page has a new look. It’s just the start of our Promote Drupal Initiative that focuses on getting new decision makers to fall in love with Drupal. We started this work with the front page redesign, which is detailed below. 

We will accelerate this initiative and do so much more once we reach the $100,000 goal of the Promote Drupal Fund. This allows us to put the staff and resources in place to coordinate a multi-prong Drupal promotion with community members. 

Good news! We are more than halfway to our $100,000 goal. Thank you early supporters for investing in this fund. 

Together, let's show the world just how amazing Drupal is for organizations.  

Invest in the Promote Drupal Fund today! About the New Drupal.org Front Page

Come for the software; stay for the community is Drupal community’s long time tagline and remains at the heart of the project. It resonates because so many of us chose Drupal as our CMS and then we fell in love with the community. We want more people to take this journey and it starts with getting more people to adopt Drupal. 

That is why the Drupal Association updated the Drupal.org front page. Today, it is oriented to serve the various types of decision makers and influencers who are considering Drupal for their organization – and who will hopefully be our new community members. You may have heard about this project in our public board updates, Supporting Partner updates, or other channels. If not,  this post should provide ample insight. 

The research

Over the last two years, the Drupal Association iterated to improve the front page to better communicate with the audience who comes to the front page – evaluators. We could tell they were evaluators because they click on the content that someone needs to evaluate Drupal: Case studies, Try Drupal, etc. While there are roughly 2 million unique visitors to Drupal.org each month, about 350,000 of those uniques are visiting the front page. 

With 93% of Drupal.org traffic being anonymous, what we didn’t know was “who were these evaluators and what did they need to fall in love with Drupal faster?”

Over the last six months we set out to answer those questions in order to inform a front page redesign. Research included:

  • Cross reference traffic with audience insight tools to know who is coming to the site (using our own implementation of Do-Not-Track to ensure user privacy is respected)
  • Industry research to understand who the CMS buyers and influencers are now
  • Interviews with agency owners to understand who they sell to (job function)
  • Persona research, especially front page user research about the key personas coming to evaluate Drupal
Identifying  our evaluators

What we found was that the majority of Drupal.org front page visitors have technical positions (developer to C-level) and they work for end users (like corporations, governments, universities, etc.) or agencies.  These were not surprising findings. 

What was notable was that a significant amount of visitors worked in marketing and communications. This persona is the marketer and they are the people who use a CMS to generate leads for their business, gain engagement around their company’s brand and content, and drive online sales conversions. 

The lead marketer is the Chief Marketing Officer and they are a new business decision maker for CMS. Many agencies are now selling to the CMO in addition to the CIO. When looking at industry reports, this isn’t surprising. Gartner and other industry reports show that the CMO spends nearly the same amount on technology as the CIO. It’s more and more the CMO or marketing technologist who determines what MarTech tools their team uses to drive their business. This includes their CMS, personalization, analytics, social, and more. 

Based on this initial research, we knew the Drupal.org front page had to serve three evaluator personas: developer, agency, and marketer.  The next question to answer was: “How do we design the evaluator experiences for these different audiences”?  This started our persona and user research. 

Understanding our evaluators

We used the research listed above to understand what these evaluators think, feel, and need when choosing Drupal. Below is a summary of our findings and how they informed the evaluator experience we created for the three personas. Note, there are many evaluation paths. Below provides a simple and consolidated view. 

End user technical decision maker and influencers

The technical decision maker is the CIO or Director of Engineering for an end user organization (e.g. corporation, government, university, etc.). They ultimately decide if the organization is going to standardize on a platform. Our interviews showed that they care about performance, security, maintenance, etc. A common theme showed they have a criteria scorecard. With or without a committee they shortlist CMSes. Then, they send their developers to get information and bring it back. These developers are influencers – very important people for us to cater to. 

If open source was one of the CMS criteria, then Drupal is often short listed. The developer goes to the Drupal.org front page to get information that the CIO requested such as case studies (to find out if their peers or companies of similar size use Drupal), analyst reports, and comparison sheets (e.g. Drupal vs Sitecore). Plus, this developer wants to Try Drupal so they can see how it works and decide if it is  a tool they want to work with.  From this point, there are many other steps like finding an agency in the Drupal.org marketplace to work with. 

The user research showed that the front page needs to amplify more recognizable brand name case studies and give more detail about the power of Drupal by industry. The research as well as Matthew Grasmick’s blog shows that we need a better Try Drupal experience. Plus, we need to provide a comparison sheet that that speaks to a technical person. 

While there was a need for Drupal to show up in analyst reports, there is also the understanding that Gartner and Forrester will only include software that generates income (via proprietary software license fee). Drupal being open source is not considered by these analysts (yet). So – no analyst report for now.  

Marketing decision maker and influencer

To understand this persona, we talked to CMOs and marketing technologists – the marketing people who select and maintain their marketing tools. What we found is that they want to hear how a CMS can help them achieve their business goals around lead generation, brand proliferation, customer engagement, and sales conversions. They want their team to have tools that are easy to use so they can make a fast impact doing things like pushing out press releases or new marketing campaigns. Plus, they want their teams to have autonomy so they can make the changes they need all on their own and without IT. The marketing decision makers’ needs are very different from the technical decision maker. 

The CMO or marketing technologist’s decision making process starts with the need to drive business and have the right tools to do this. Often they bring in a marketing consultant to provide a brand or business strategy. As part of the strategy implementation recommendation, the consultant may recommend a new CMS or other MarTech tool

In the absence of bringing in a business consultant, the CMO / marketing technologist will do their own research, coming up with a scorecard focused on the marketing team’s needs (content authoring experience, ease of use, impact, business ROI). They will read technologist blogs that provide product comparisons. Then, they go to the product websites to get product comparison sheets that have a marketing/business focus, watch videos known as sizzle reels and they watch videos that show what it is like to use the tool from the marketing team’s perspective. They also want to see case studies, but they want to read about the product’s business impact. They do not want to read about which modules were used. Plus, they want to learn about how a product is used in their industry. After their interest is peaked, they want to talk to someone who can answer their questions and give them a demo. 

The CMO or marketing technologist also gets recommendations from their influencers; individuals on the marketing team. They ask if anyone used the tool and if they liked using it and want to use it again. These individuals on the marketing team have a lot of power in deciding if a tool is selected or if a tool remains in their department. If they can’t use the tool well to make the business impact they must make, then they will replace that product. 

As you can see, these two decision makers within an end user organization have different evaluation paths and are choosing software based on different criteria. This means we need to offer them unique paths with different value propositions and resources that resonate with each one. 

Agency evaluator

We love when an agency choses Drupal. They provide an adoption multiplier by getting more clients to use Drupal. Plus, they are the ones who decide to have a contribution culture and encourage their staff to contribute back. 

It is often the organization’s tech lead who decides which CMS to use for their clients. That title can range from the CEO to the solution architect. This persona has similar evaluator needs as the technical end user. What is different is that they also keep in mind what their clients are asking for in terms of technology choices and functionality. 

General Drupal.org user research

Whichever persona we interviewed, there were some common themes that came up. They are:

  • There are way too many calls to action. “I don’t know what you want me to do first.”
  • The page is trying to serve too many types of people. “It’s not clear what is the page’s goal.”
  • The language on the page makes me feel like this site is not for me
  • When I click on things I don’t get what I expect to get
  • The main navigation is confusing
  • The page feels very 1990s and needs to be modernized and have a personality (not corporate, please)
Turning feedback into a redesign

After all that research and feedback, it was clear that the time was now for redesigning the Drupal.org front page. 

With all this research, we decided to

  • Modernize the look and feel, which was done by the amazing sixeleven who donated their services.
  • Streamline the front page to reduce the calls to action
  • Add evaluation paths for developers, marketers, and agencies that take them to landing pages that are tailored for their evaluation needs.
  • Highlight more big name case studies
  • Expand the industries pages
  • Use community marketing assets like the Acquia video to provide a better evaluation experience for marketing personas.
  • Update the main navigation so it is user-centric for those evaluating Drupal, Building with Drupal, and participating in the community.
What this redesign doesn’t do

We knew that we alone could not create all of the resources that are needed to effectively support each evaluation path. While we did use resources from the business community, there are many gaps such as videos that show the content authoring experience. 

Promote Drupal Fund

We will complete this work via the Promote Drupal Initiative. We can begin once we reach our $100,000 goal for the Promote Drupal Fund. Funding will allow us to put the staff and resources in place to coordinate a multi-prong Drupal promotion. Contribute today!

What About The Sponsored Content

Yes, Drupal.org is funded by placing relevant and contextual content in the evaluation path. Try Drupal is a great example. We also highlight great case studies from our Premium and Signature Supporting Partners.  Evaluators can still find our community case studies and we will amplify strong ones on the front page, too.  We started this approach in 2014 and will continue to find ways to highlight the power of the community’s work while also finding ways to generate income through sponsored content so we can grow our Promote Drupal investments.

What about the Community Resources?

Come for the software; Stay for the community – as we improve the evaluation path, we need to make it easy for these new users to find their way to the community – to understand the power and passion of our community as well as join us in our efforts. Our Community Liaison, Rachel Lawson, will begin to work with a community group this year to improve drupal.org/community<https://www.drupal.org/community>. Much of the improvements will be guided by the feedback from the community governance group and their very useful discussions and insightful recommendations.

File attachments:  persona final.png front page screenshot.jpg
Categories: Drupal

Beacon

New Drupal Modules - 25 April 2018 - 1:22pm
Categories: Drupal

Lullabot: The Blue Drop and the Red Pill

Planet Drupal - 25 April 2018 - 1:20pm
In this episode, Matthew Tift discusses DrupalCon Nashville, the movie *The Matrix*, and various ways to understand the Drupal community. He plays clips from the Driesnote and Steve Francia's keynote, describes some of his experiences at DrupalCon, and offers ideas for what it might mean to understand "the real" Drupal.
Categories: Drupal

roomify.us: Tutorial: using BEE for Tours, Classes and Appointments

Planet Drupal - 25 April 2018 - 11:33am
BEE makes it easy to quickly implement all kinds of booking & reservation use cases. We've created a new video that walks you through setting up reservations for classes using BEE and Drupal 8.
Categories: Drupal

Valuebound: Visualising Drupal Security Advisory Data

Planet Drupal - 25 April 2018 - 11:30am
Drupalgeddon 2.0 brought a lot of focus on the Drupal security initiative and its practices. The way the security team was proactive with respect to disclosure,  the way it was communicated to the developers, community and press was commendable. In addition to all these the communication was continuous.

The vulnerability which started off with a risk score of 21/25 on March 28th was upgraded to 22/25 on April 13th and was finally marked as 24/25 on April 14th. If you are interested in what changed across these days for the score to vary you can checkout the revisions and…

Categories: Drupal

Platform.sh: Another Drupal security update: We've still got you covered

Planet Drupal - 25 April 2018 - 10:54am
Another Drupal security update: We've still got you covered Crell Wed, 04/25/2018 - 17:54 Blog

The Drupal project today released another security update to Drupal 7 and 8 core, SA-CORE-20108-004. It is largely a refinement of the previous fix released for SA-CORE-2018-002 a few weeks ago, which introduced a Drupal-specific firewall to filter incoming requests. The new patch tightens the firewall further, preventing newly-discovered ways of getting around the filters, as well as correcting some deeper issues in Drupal itself.

We previously added the same logic to our own network-wide WAF to address SA-CORE-2018-002. With the latest release we've updated out WAF rules to match Drupal's updates, and the new code is rolling out to all projects and regions as we speak.

The upshot?

  1. You really need to update Drupal to 7.59 or 8.5.3 as soon as possible. We believe that some of the attack vectors fixed in the latest patch cannot be blocked by a WAF. See our earlier post for quick and easy instructions to update your Drupal 7 or 8 sites on Platform.sh in just a few minutes.

  2. Still, most of the attack vectors fixed in the latest release are covered by the WAF. That should help keep your site safe from most attacks until you can update. But please, update early and often.

Stay safe out there on the Internet!

Larry Garfield 25 Apr, 2018
Categories: Drupal

myDropWizard.com: Critical Drupal core security update for SA-CORE-2018-004 (including Drupal 6!)

Planet Drupal - 25 April 2018 - 9:53am

Today, there is a Critical security release for Drupal core to fix a Remote Code Execution (RCE) vulnerability. You can learn more in the security advisory:

Drupal core - Critical - Remote Code Execution - SA-CORE-2018-004

This issue also affects Drupal 6 (although, less severely than Drupal 7 or 8). So, we're also making a Drupal 6 Long-Term Support (D6LTS) release of Drupal core and the Filefield module.

Drupal 6 core security update

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

This fix is both for Drupal 6 core and the Filefield module. This is because the Drupal 7 & 8 fixes include changes to the core 'file' module, which isn't in Drupal 6 core, but an equivalent fix applies to the Filefield module.

Here you can download:

If you have a Drupal 6 site, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install security updates for contrib modules (even though they won't necessarily have a release on Drupal.org).

Categories: Drupal

Lullabot: Should you Decouple?

Planet Drupal - 25 April 2018 - 9:44am

One of the major topics of discussion in the Drupal community has been decoupled (or headless) Drupal. Depending on who you ask, it’s either the best way to build break-through user experiences, or nothing short of a pandemic. But what exactly is a decoupled architecture?

A decoupled content store splits the content of a website from how it is displayed into multiple independent systems. Decoupled sites are the logical evolution of splitting content from templates in current CMSs. Decoupled architectures started to become mainstream with the publication of NPR’s Create Once, Publish Everywhere (COPE) series of articles. Other media organizations including Netflix have seen great benefits from a decoupled approach to content.

Like many other solutions in computer science, decoupling is simply adding a layer of technical abstraction between what content producers create and what content consumers see.

Technical decision makers face an important choice when evaluating Drupal 8. When an existing site is upgraded to Drupal 8, how do we decide if we should decouple the site or not? Before we decide to work on a decoupled implementation, it’s critical that everyone, from developers and project managers, to content editors and business leaders, understand what decoupling is and how to ensure a decoupled effort is worth the technical risk.

Why Decouple?

I’ve seen many people jump to the conclusion that decoupling will solve problems unrelated to a decoupled architecture. Decoupling doesn’t mean a website will have a cleaner content model or a responsive design. Those are separate (though relevant) solutions for separate problem sets.

These are the specific advantages of a decoupled architecture for a large organization:

  • Clean APIs for mobile apps: Since the website front-end is consuming the same APIs as mobile apps, app developers know that they aren’t a second-tier audience.
  • Independent upgrades: When the content API is decoupled from the front-end, the visual design of a website can be completely rebuilt without back-end changes. Likewise, the back-end systems can be rebuilt without requiring any front-end changes. This is a significant advantage in reducing the risk of replatforming projects, but requires strict attention to be paid to the design of the content APIs.
  • APIs can grow to multiple, independent consumers: New mobile apps can be created without requiring deep access to the back-end content stores. APIs can be documented and made available to third parties or the public at large with little effort.
  • Less reliance on Drupal specialists: Drupal is a unique system in that front-end developers need to have relatively deep understanding of the back-end architecture to be effective. By defining a clear line between back-end and front-end programming, we broaden our pool of potential developers.
  • Abstraction and constraints reduce individual responsibilities while promoting content reuse: Content producers are freed from needing to worry about exact presentation on every single front-end that consumes content. Style and layout tweaks are solely the responsibility of each front-end. Meanwhile, front-end developers can trust the semantics of content fields and the relationships between content as determined by the content experts themselves.
Here Be Dragons

At the beginning of a decoupled project, the implementation will seem simple and straight-forward. But don’t be fooled! Decoupled architectures enable flexibility at the cost of simplicity. They aren’t without risk.

  • One system becomes a web of systems: A decoupled architecture is more complex to understand and debug. Figuring out why something is broken isn’t just solving the bug, but sorting out whether the problem lies in the request or in the API itself.
  • Strict separation of concerns is required to gain tangible benefits: As front-end applications grow and change, care has to be taken to ensure that front-end display logic isn’t encoded in the API. Otherwise, decoupled systems can slowly create circular dependencies. This leads to systems with all of the overhead of a decoupled architecture and none of the benefits.
  • Drupal out-of-the-box functionality only works for the back-end: Many contributed modules provide pre-built functionality we rely on for Drupal site builds. For example, the Google Analytics module provides deep integration with Drupal users and permissions, "page not found" tracking, and link tracking. In a decoupled architecture, this functionality must be rewritten. Site preview (or even authenticated viewing of content) has to be built from scratch in every front-end, instead of using the features we get for free with Drupal. Need UI localization? Get ready for some custom code. Drupal has solved a lot of problems over the course of its evolution so you don’t have to—unless you decouple.
  • The minimum team size is higher for efficient development: A Drupal site with a small development team is not a good candidate for decoupling unless content is feeding a large number of other applications. In general, decoupling allows larger teams to work concurrently and more efficiently, but doesn't reduce the total implementation effort.
  • Abstraction and constraints affect the whole business: The wider web publishing industry still has the legacy of the "webmaster". Editors are used to being able to tweak content with snippets of CSS or JavaScript. Product stakeholders often view products as a unified front-end and back-end, so getting the funding to invest in building excellent content APIs is an uphill battle. Post-launch support of decoupled products can lead to short-term fixes that are tightly coupled, negating the original investment in the first place.
The Heuristic

To help identify when decoupling is a good fit for a client, Lullabot uses the following guidelines.

Decoupled architectures may be appropriate when:

  1. The front-end teams require full freedom to structure and display the data.
  2. The front-end team does not have Drupal expertise.
  3. More than one content consumer (such as a website and multiple mobile apps) is live at the same time.
  4. Display front-ends combine data from multiple distinct API sources like CMSs, video management systems, and social media.
  5. A project consists of multiple development teams.

If a project meets some of these criteria, then we’ll begin a deep-dive into what decoupling would require.

  • Does decoupling also require a complete content rewrite, such as when migrating from legacy "full-page" CMS’s? We’ve encountered sites that haven’t made the move to structured data yet and still consist primarily of HTML “blobs.” This scenario presents a significant hurdle to decoupling, though it’s a separate problem from decoupling.
  • Does the development team have the time needed to build and document a content API with something like Swagger? Or is using Drupal as a site building (but coupled) development framework a better fit?
  • Does the web team consist primarily of Drupal developers, and will those developers continue to support the website in the future? Would the front-end team be better served by Views, Panels and the theme layer, or by a pure front-end solution like React or Angular?
  • Is there enough value in decoupling that the business is willing to change how they work to see it’s benefits?

Decoupled architectures are a great solution - but they’re not the only solution. Some of the best websites are built with a completely coupled Drupal implementation. It’s up to us as technical leaders and consultants to ensure we don’t let our excitement over an updated architecture get in between us and what a client truly needs.

Header image by Daniel Schwen CC BY-SA 4.0, from Wikimedia Commons

Categories: Drupal

Security advisories: Drupal core - Critical - Remote Code Execution - SA-CORE-2018-004

Planet Drupal - 25 April 2018 - 9:13am
Project: Drupal coreDate: 2018-April-25Security risk: Critical 17∕25 AC:Basic/A:User/CI:All/II:All/E:Theoretical/TD:DefaultVulnerability: Remote Code ExecutionDescription: 

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. While SA-CORE-2018-002 is being exploited in the wild, this vulnerability is not known to be in active exploitation as of this release.

Solution: 

Upgrade to the most recent version of Drupal 7 or 8 core.

  • If you are running 7.x, upgrade to Drupal 7.59.
  • If you are running 8.5.x, upgrade to Drupal 8.5.3.
  • If you are running 8.4.x, upgrade to Drupal 8.4.8. (Drupal 8.4.x is no longer supported and we don't normally provide security releases for unsupported minor releases. However, we are providing this 8.4.x release so that sites can update as quickly as possible. You should update to 8.4.8 immediately, then update to 8.5.3 or the latest secure release as soon as possible.)

If you are unable to update immediately, or if you are running a Drupal distribution that does not yet include this security release, you can attempt to apply the patch below to fix the vulnerability until you are able to update completely:

These patches will only work if your site already has the fix from SA-CORE-2018-002 applied. (If your site does not have that fix, it may already be compromised.)

Reported By: Fixed By: 
Categories: Drupal

Web Wash: Easily Link to Content using Linkit in Drupal 8

Planet Drupal - 25 April 2018 - 8:11am

The Linkit module allow site editors to work in a more comfortable way when linking to internal entities (i.e. content, users, taxonomy terms, files, comments, etc.) and when linking to external content as well.

The benefit of the module is that your editors won’t have to copy and paste URLs of content they're linking to, instead the module provides an autocomplete field, which they can use to search for content.

Linkit works based on a profile system. You can choose as many or as few plugins (linking options) for each profile and then assign each profile to a particular text format. This provides an extra layer of granularity, because the linking permissions are granted in the text editor and not within Linkit. That way you can add multiple roles or just one role to a Linkit profile.

Categories: Drupal

Entity Sanitizer

New Drupal Modules - 25 April 2018 - 7:19am

The Entity Sanitizer module provides the Drush entity-sanitize command. It creates (SQL) Database queries to replace all values for all fields with a standardized message. This allows you to safely reuse content structures from production databases without exposing production user content.

Categories: Drupal

mark.ie: Showing Fields in a Referenced Node Depending on the Value of a Boolean in a Paragraph Bundle

Planet Drupal - 25 April 2018 - 6:18am
Showing Fields in a Referenced Node Depending on the Value of a Boolean in a Paragraph Bundle

Mission: you have 2 fields in a Drupal paragraph bundle, one a node reference field and one a boolean field. Show certain fields in the referenced node depending on the value of the boolean field.

markconroy Wed, 04/25/2018 - 14:18

That's a question that popped up today in the DrupalTwig Slack. Here's my response, which I implemented a version of recently.  (In that particular case, we had an 'Event' content type with fields for 'address', 'phone number', etc and also a reference field for 'Amenity'. If the fields were filled in in the event content type, they were to be presented, but if they were left blank on the event content type, we had to pull in the corresponding fields for address, phone number, etc from the referenced amenity.) Anyway, my response:

{# Check the value of the boolean field #}
{% if paragraph.field_boolean.value === 'on' %}
  {# Just render the title of the referenced node #}
  {{ paragraph.field_reference.0.entity.label }}

{% else %}
  {# Render the title and the image field #}
  {{ paragraph.field_reference.0.entity.label }}
 
{% endif %}

{# Ensure that the cache contexts can bubble up by rendering the {{ content }} variable #}
{{ content|without('field_boolean', 'field_reference') }}

Just for clarity - variables in that code snippet are simply made up off the top of my head (this is what happens when answering questions on Slack). I'm sure I have things slightly wrong and you'll need to play with them to get them to work correctly.

Also, the reason for the cache contexts bit? Say thanks to Lee Rowlands from Previous Next for his blog post Ensuring Drupal 8 Block Cache Tags bubble up to the Page

Categories: Drupal

Specbee: Drupal 8.5.0 - What Is New And What To Expect!

Planet Drupal - 25 April 2018 - 5:56am

The latest version of Drupal was released with a bunch of bug fixes and some amazing new features to help your business grow. Discover what Drupal 8.5.0 means to your business and learn the advantages it holds in Drupal web development.

Categories: Drupal

Entity Parser

New Drupal Modules - 25 April 2018 - 5:45am

It convert Entity (Node,Taxonomy term and User) object complex structure to Simple Array or a Custom Type such as JSON format . This module can support paragraphs fields type type field and it is extensible to another Type Fields . This module use hook method to changed field ouput, it can be hook by type field, by name of field and by alias .

How to implement in your drupal project
- Create a Class for example EntityParserDemo.php extend Drupal\entity_parser\EntityParser

Categories: Drupal

Pages

Subscribe to As If Productions aggregator - Drupal