Blog posts by Mark Hall

Working with docker and containers - .NET 5 Series, Part 3

Tue, 21 Sep 2021 03:46:39 GMT

Introduction to Optimizely .NET 5 Series

Welcome everyone to a series of posts about the upcoming releases of .Net 5 compatible commerce and content clouds.

Introduction

Welcome everyone to the third post in a series of posts about the upcoming releases of Optimizely .Net 5. In this post we will explore creating docker images of Optimizely applications and running them in containers.

Install Tools

When working with docker you will need to install the docker tools for you operating system environment. Please note if you work for a large organization you will need to license the software. If you are using Windows you will want to make sure you have the Windows subsystem for linux installed and enabled since we will be building linux images. Finally, we will be using foundation-mvc-cms for the example so please clone or download zip file.

Creating the .env file

We need to create an .env file for the variables that will be used in the image creation. Please place the file src/Foundation.

sa_password=Episerver123!
database_name=foundation.cms
site_port=44387
web_tag=foundation.mvc.cms
sql_tag=foundation.db

Creating the Docker Compose File

The first thing we need to do is to create the docker-compose.yml file. This file is responsible for defining the images and creating the container instances of the images. This file should be placed on the root of the website in the src/Foundation folder.

version: "3"
services:
  sql:
    build:
      dockerfile: ./docker/Sql.Dockerfile
      context: .
    # comment out below lines if you want to expose sql server port for using with other tool like sql server management studio
    ports:
      - "1549:1433"
    environment:
      SA_PASSWORD: ${sa_password}
      ACCEPT_EULA: "Y"
      DATABASE_NAME: ${database_name}
    image: foundation/db:${sql_tag}
  web:
    build:
      dockerfile: ./docker/Web.Dockerfile
      context: .
    ports:
      - "${site_port}:80"
    environment:
      ConnectionStrings__EPiServerDB: "Data Source=sql;Database=${database_name};User Id=netcoreUser;Password=epi#Server7Local;MultipleActiveResultSets=True;"
      site_port: ${site_port}
      ASPNETCORE_ENVIRONMENT: "Development"
    depends_on:
      - sql
    image: foundation/web:${web_tag}

This file is creating two images, sql and web. We need to create a database server for our application as well as a web server to handle our traffic to the Optimizely application. We our passing in environment variables and docker files which describe how to build the image for the container. We can also forward ports from external application to internal container.

Creating Sql.Dockerfile

Lets create a new file called Sql.Dockerfile in src/foundation/docker.

FROM mcr.microsoft.com/mssql/server:2019-latest AS base

USER root

ENV ACCEPT_EULA=Y
ENV MSSQL_TCP_PORT=1433
EXPOSE 1433

WORKDIR /src
COPY ./docker/build-script/SetupDatabases.sh /docker/SetupDatabases.sh
RUN chmod -R 777 /docker/.

ENTRYPOINT /docker/SetupDatabases.sh & /opt/mssql/bin/sqlservr

This file is configuring the sql server image. We are using a bash script to recreate a new database as part of the container initialization. Since we have a content data file we can import the necessary content as part of the build process.

Create SetupDatabases.sh

Create a new bash script file in src/Foundation/Docker/build-script

#!/bin/bash

export cms_db=foundation.cms
export user=netcoreUser
export password=epi#Server7Local

export sql="/opt/mssql-tools/bin/sqlcmd -S . -U sa -P ${SA_PASSWORD}"
echo @Wait MSSQL server to start
export STATUS=1
i=0

while [[ $STATUS -ne 0 ]] && [[ $i -lt 60 ]]; do
    sleep 5s
	i=$i+1
	$sql -Q "select 1" >> /dev/null
	STATUS=$?
    echo "***Starting MSSQL server..."
done

if [ $STATUS -ne 0 ]; then 
	echo "Error: MSSQL SERVER took more than 3 minute to start up."
	exit 1
fi
echo Dropping databases...
$sql -Q "EXEC msdb.dbo.sp_delete_database_backuphistory N'$cms_db'"
$sql -Q "if db_id('$cms_db') is not null ALTER DATABASE [$cms_db] SET SINGLE_USER WITH ROLLBACK IMMEDIATE"
$sql -Q "if db_id('$cms_db') is not null DROP DATABASE [$cms_db]"

echo Dropping user...
$sql -Q "if exists (select loginname from master.dbo.syslogins where name = '$user') EXEC sp_droplogin @loginame='$user'"

echo Creating databases...
$sql -Q "CREATE DATABASE [$cms_db] COLLATE SQL_Latin1_General_CP1_CI_AS"

echo Creating user...
$sql -Q "EXEC sp_addlogin @loginame='$user', @passwd='$password', @defdb='$cms_db'"
$sql -d $cms_db -Q "EXEC sp_adduser @loginame='$user'"
$sql -d $cms_db -Q "EXEC sp_addrolemember N'db_owner', N'$user'"

echo Done creating databases.

This script waits for the sql server instance to be active, then tries to drop the database if it exists. Next, it will create the database and database user

Creating the Web.Dockerfile

Lets create a new file called Web.Dockerfile in src/foundation/docker.


FROM mcr.microsoft.com/dotnet/aspnet:5.0-buster-slim AS base
WORKDIR /app
EXPOSE 8000

FROM mcr.microsoft.com/dotnet/sdk:5.0-buster-slim AS build
WORKDIR /src
COPY . .
RUN dotnet restore "Foundation.csproj" --configfile ./Nuget.config

RUN dotnet build "Foundation.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "Foundation.csproj" -c Release -o /app/publish
COPY ./docker/build-script/wait_sqlserver_start_and_attachdb.sh /app/publish/wait_sqlserver_start_and_attachdb.sh
COPY ./App_Data/foundation.episerverdata /app/publish/App_Data/foundation.episerverdata

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
#wait sql server container start and attach alloy database then start web
ENTRYPOINT ./wait_sqlserver_start_and_attachdb.sh

This file is configuring the web server image. We are using a bash script to wait two minutes for the database to initialize before running the Optimizely application.

Create wait_sqlserver_start_and_attachdb.sh

Create a new bash script file in src/Foundation/Docker/build-script

sleep 120s
    echo "Connection string:" $ConnectionStrings__EPiServerDB
    echo "Site port:" $site_port
dotnet Foundation.dll

Building and running the image

Run the following commands to build the images and run them in containers.


cd src/foundation
docker-compose up

This will take a couple minutes to the first time it is run. After building the image, it will run the containers and allow you to browse the site or connect to the database using SQL Management studio from the host machine.

http://localhost:44387/


Server:127.0.0.1,1549
Username: sa
Password: Sa password from .env file

Using DXP bacpac file

In DXP in the pass portal, you have the option of exporting the database to a bacpac file which you can use to import into the container. Lets update the Sql.Dockerfile and SetupDatabases.sh script to import the bacpac file instead of creating new database

Sql.Dockerfile 
FROM mcr.microsoft.com/mssql/server:2019-latest AS base

USER root

ENV ACCEPT_EULA=Y
ENV MSSQL_TCP_PORT=1433
EXPOSE 1433
RUN apt-get update && apt-get install unzip -y

RUN wget -O sqlpackage.zip https://go.microsoft.com/fwlink/?linkid=2165213 \
    && unzip sqlpackage.zip -d /tmp/sqlpackage \
    && chmod +x /tmp/sqlpackage/sqlpackage

COPY database.bacpac /tmp/db/database.bacpac 

WORKDIR /src
COPY ./docker/build-script/SetupDatabases.sh /docker/SetupDatabases.sh
RUN chmod -R 777 /docker/.

ENTRYPOINT /docker/SetupDatabases.sh & /opt/mssql/bin/sqlservr

SetupDatabases.sh
#!/bin/bash

export cms_db=foundation.cms
export user=netcoreUser
export password=epi#Server7Local

export sql="/opt/mssql-tools/bin/sqlcmd -S . -U sa -P ${SA_PASSWORD}"
export dac="/tmp/sqlpackage/sqlpackage /a:Import /tsn:localhost,1433 /tdn:${DATABASE_NAME} /tu:sa /tp:${SA_PASSWORD} /sf:/tmp/db/database.bacpac"
echo @Wait MSSQL server to start
export STATUS=1
i=0

while [[ $STATUS -ne 0 ]] && [[ $i -lt 60 ]]; do
    sleep 5s
	i=$i+1
	$sql -Q "select 1" >> /dev/null
	STATUS=$?
    echo "***Starting MSSQL server..."
done

if [ $STATUS -ne 0 ]; then 
	echo "Error: MSSQL SERVER took more than 3 minute to start up."
	exit 1
fi
echo Dropping databases...
$sql -Q "EXEC msdb.dbo.sp_delete_database_backuphistory N'$cms_db'"
$sql -Q "if db_id('$cms_db') is not null ALTER DATABASE [$cms_db] SET SINGLE_USER WITH ROLLBACK IMMEDIATE"
$sql -Q "if db_id('$cms_db') is not null DROP DATABASE [$cms_db]"

echo Dropping user...
$sql -Q "if exists (select loginname from master.dbo.syslogins where name = '$user') EXEC sp_droplogin @loginame='$user'"

echo Creating databases...
$dac
rm /tmp/db/database.bacpac
echo Creating user...
$sql -Q "EXEC sp_addlogin @loginame='$user', @passwd='$password', @defdb='$cms_db'"
$sql -d $cms_db -Q "EXEC sp_adduser @loginame='$user'"
$sql -d $cms_db -Q "EXEC sp_addrolemember N'db_owner', N'$user'"

echo Done creating databases.

Next you will need to download the bacpac file and rename to src/Foundation/database.bac

Run the following commands to build the images and run them in containers.


cd src/foundation
docker-compose up

Conclusion

Today we demonstrated how easy it is to containerize and Optimizely application. We can use these techniques to allow for easy configuration of development environments or for production environments. We can also leverage DXP tools to be able to quickly get a solution running in a container for diagnosing issues.

Starting a new project - .NET 5 Series, Part 2

Wed, 04 Aug 2021 04:01:23 GMT

Introduction to Optimizely .NET 5 Series

Welcome everyone to a series of posts about the upcoming releases of .Net 5 compatible commerce and content clouds.

Getting started with upgrade-assistant

Starting a new project

Working with docker and containers

Introduction

Welcome everyone to the second post in a series of posts about the upcoming releases of Optimizely .Net 5. In this post we will explore starting a new project. Optimizely Content and Commerce clouds have always been relatively easy to setup a new project, and .Net 5 is no different. Lets take a look at whats changed compared to full framework.

Install Tools

When working with .Net 5, Microsoft provides tools to create and manage .Net 5 applications. These tools are actually .Net 5 applications themselves, which allow them to run on all operating systems. In the full framework version, Optimizely relied on Visual Studio extensions and visual studio powershell to install new projects and update schema. This of course will not work in .Net 5 because Visual Studio is not available on all the operating systems that can run .Net 5 applications.

 dotnet new -i EPiServer.Net.Templates::1.0.0-pre-020039 --nuget-source https://pkgs.dev.azure.com/EpiserverEngineering/netCore/_packaging/beta-program/nuget/v3/index.json --force

 dotnet tool install EPiServer.Net.Cli --global --add-source https://pkgs.dev.azure.com/EpiserverEngineering/netCore/_packaging/beta-program/nuget/v3/index.json --version 1.0.0-pre-020034

(Note please use the beta feed for the preview packages until they are pushed to the normal Optimizely feed.)

Understanding the tools

The first tool we are installing are Optimizely project templates. .Net 5 allows the developers the abiility to create a new project template using the dotnet new command. There are many templates out there to help scaffold different types of .Net 5 applications. For Optimizely, we provide empty cms and empty commerce projects.

The second tool is the Optimizely CLI tool. This is a tool for creating database and database users as well as updating connection strings in appsettings.json. It is important to note that this tool does not install any schema, it just creates the database and the user. The schema is auto installed for the connection string if it does not find the schema it needs to run the application.

Creating the project

If the run command fails with missing assembly add beta feed package source to nuget.config on the root of the project folder and rerun.

Lets create a new cms project.

dotnet new epicmsempty --name ProjectName
cd projectname
dotnet-episerver create-cms-database ProjectName.csproj -S . -E 
dotnet run

Now lets create a new commerce project.

dotnet new epicommerceempty --name ProjectName
cd projectname
dotnet-episerver create-cms-database ProjectName.csproj -S . -E
dotnet-episerver create-commerce-database ProjectName.csproj -S . -E --reuse-cms-user
dotnet run

Foundation

If you prefer to start with one of the foundation projects we have .Net 5 branches available. These branches will move to develop once the software is General Availabiility.

Foundation

foundation-mvc-cms

Closing Thoughts

Getting started with a new Optimizely project is as easy as ever. It is even easier for the non windows users who used to struggle with virtual machines to run the software locally. With the cross plaform capabilities it is now possible to develop on your favored operating system. In a future post we go a step further and explore how we leverage containers to run Optimizely.

Getting started with upgrade-assistant - .NET 5 Series, Part 1

Wed, 28 Jul 2021 20:37:27 GMT

Introduction to Optimizely .NET 5 Series

Welcome everyone to a series of posts about the upcoming releases of .Net 5 compatible commerce and content clouds.

Getting started with upgrade-assistant

Starting a new project

Working with docker and containers

Introduction

Welcome everyone to the first post in a series of posts about the upcoming releases of Optimizely .Net 5. In this post we will explore the upgrade-assistant tool from Microsoft. This tool allows for developers to upgrade their .net full framework applications to .NET 5 and beyond. It is also built to be extensible so ISV's can add extensions to make it easier to for their customers to upgrade their solutions. Optimizely has created its own extension library to automate common Optimizely specific fixes when moving to .NET 5 and beyond. Lets dive into how to use the tool to ugrade your solution.

Install Tools

Install the latest vesion of the upgrade-assistant

 dotnet tool install -g upgrade-assistant

or upgrade

dotnet tool update -g upgrade-assistant

Grab the latest release of Optimizely upgrade-assistant-extensions and unzip the file to a location of your computer (ex C:\temp\epi.source.updater). Technically you should be able to point the zip file instead of extracting, but there seems to be a bug in upgrade-assisant at the moment for that.

Make sure to add the beta feed to you nuget config before running the tool. Upgrade-asstant will use the defined package sources when looking for packages to update that are compatiable with .NET 5

https://pkgs.dev.azure.com/EpiserverEngineering/netCore/_packaging/beta-program/nuget/v3/index.json

Upgrade the solution

upgrade-assistant upgrade {projectName}.csproj --extension "{extensionPath}" --ignore-unsupported-features

You can point to solutiion file if you are upgrading more than project. It is important to note that this tool is not meant to complete and handle all errors. There are some fundamental differences between full framework and .NET 5 that make it impossible to automate everything. It should however handle all the mundane repetitive tasks that can be automated, allowing the developer to worry about fixing the larger issues. Also, after using a couple of times on solutions, I tend to use the non-interactive mode which speeds up the process. I would not use this mode until you have used the tool a couple of times and understand what the tool is doing.

Closing Thoughts

I want to thank Microsoft for developing such a great tool. We started with a couple ideas on how we could make the upgrade easier for our customers to .NET 5 and upgrade-assisant was the end result. As I have been following the project, I have seen many nice additions in the journey to .NET 5 and beyond. I am super exicted about the .NET Multi-platform App UI (MAUI) and see they are adding support for migrating WPF and Xarmin apps to the new maui framework through upgrade-assistant.

Fallback languages for catalog content

Fri, 17 Apr 2020 18:54:55 GMT

I recently had a partner ask me how they could get catalog content to work with fallback languages. I figured this would be a tough task as been on the roadmap for awhile but tried to give this a shot. I went looking into resuing the ContentLanguageSetting used in Cms but quickly found the it relies on content being stored in the content tables in the CMS. The partner use case only needed to fallback to a neutral version if the country specific locale did not exist. This alllowed me to tackle using code.

Here is a gist of the code that was used.

Please note the two Get overloads in FallbackLanguageSettingsHandler as this is waht determines the fallback and replacement languages. Here you could read from config or elsewhere if you need to have more business rules around which languages to choose. Also note you need to set the strictLanguageRouting="false" in episerver section.

Hopefully this helps someone else trying to do the same thing.

ServiceApi Customers and Organizations Extended

Wed, 15 Aug 2018 21:03:08 GMT

Recently I helped a couple of partners who needed to be able to update custom properties on customers and organizations using the service api. I sent them some code and thought I would share here for anyone else who might need. Hopefully soon this will be in the product as it is on the backlog.

Since there is seven files I created a sample project on my github where you can see the extensions

https://github.com/lunchin/EPiServer.ServiceApi.Extended.Sample

To use the extensions, install the repo and refer to the API folder and specifically CustomerExtendedController. This api controller exposes the new endpoints. Next weill use postman to demonstarte how to use the new endpoints.

First we need to get the token for our request

2. Next we will do a get on the contacts to make it easy to do an update the contact. Make sure you add the authorization bearer token you received from the previous request

3. Finally lets update the contact with a PUT. First I show the body payload and then the request in postman.

{
        "FirstName": "Order",
        "LastName": "Manager",
        "Email": "manager@unknowdomain.domain",
        "RegistrationSource": "john",
        "PrimaryKeyId": "3e6c1665-3d09-49f6-8c1a-fc91e7341dae",
        "Addresses": [],
        "MetaFields": [
            {
                "Name": "Created",
                "Type": "DateTime",
                "Values": [
                    "2018-06-06T11:28:28.2170000-07:00"
                ]
            },
            {
                "Name": "Modified",
                "Type": "DateTime",
                "Values": [
                    "2018-06-06T11:28:28.2170000-07:00"
                ]
            },
            {
                "Name": "CreatorId",
                "Type": "Guid",
                "Values": [
                    "d4af0b76-3ea8-4a3a-86ea-22d4b3ca2552"
                ]
            },
            {
                "Name": "ModifierId",
                "Type": "Guid",
                "Values": [
                    "9c28ec95-fdec-41e9-aa1e-8acfcc58c074"
                ]
            },
            {
                "Name": "FullName",
                "Type": "Text",
                "Values": [
                    "Order Test"
                ]
            },
            {
                "Name": "UserId",
                "Type": "Text",
                "Values": [
                    "String:manager"
                ]
            }
        ]
    }

Simple Content Synchronization

Thu, 09 Aug 2018 01:28:34 GMT

I recently received a question from a partner trying to implement a requirement for having no live edits on the production server. I have received this question a few other times so I thought I would see if I could come up with a solution that would work. This example is a really simple solution and should probably be extended for production use. For example a service bus should be used for the change set and maybe azure logic apps or scheduled job to read the queue and process it.

The first thing I did was create an initialization module for listening to the publish events. There is some code to check if these events should run. This appsetting should only be set on the staging server that is to be used for content changes.

using EPiServer.Core;
using EPiServer.Core.Transfer;
using EPiServer.Enterprise;
using EPiServer.Framework;
using EPiServer.Framework.Initialization;
using EPiServer.Logging;
using EPiServer.ServiceLocation;
using Newtonsoft.Json.Linq;
using System;
using System.Collections.Generic;
using System.Configuration;
using System.IO;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading;
using System.Threading.Tasks;

namespace EPiServer.Reference.Commerce.Site.Infrastructure.Initialization
{
    [InitializableModule]
    [ModuleDependency(typeof(Web.InitializationModule))]
    public class PublishSync : IInitializableModule
    {
        private ServiceAccessor<IDataExporter> _dataExporterAccessor;
        private IContentLoader _contentLoader;
        private const string SettingPageFiles = "ExportPageFiles";
        private const string SettingRecursively = "ExportRecursively";
        private const string SettingPageLink = "ExporterPageLink";
        private const string SettingIncludeContentTypeDependencies = "ExportIncludeContentTypeDependencies";
        private string _username;
        private string _password;
        private string _stagingUrl;
        private ILogger _logger = LogManager.GetLogger(typeof(PublishSync));

        public void Initialize(InitializationEngine context)
        {
            if (!bool.TryParse(ConfigurationManager.AppSettings["contentStaging:Enabled"], out var stagingEnabled))
            {
                return;
            }

            _stagingUrl = ConfigurationManager.AppSettings["contentStaging:ProductionUrlBase"];
            _username = ConfigurationManager.AppSettings["contentStaging:Username"];
            _password = ConfigurationManager.AppSettings["contentStaging:Password"];
            _dataExporterAccessor = context.Locate.Advanced.GetInstance<ServiceAccessor<IDataExporter>>();
            _contentLoader = context.Locate.Advanced.GetInstance<IContentLoader>();

            var events = context.Locate.Advanced.GetInstance<IContentEvents>();
            events.PublishedContent += Events_PublishedContent;
        }

        public void Uninitialize(InitializationEngine context)
        {
            var events = context.Locate.Advanced.GetInstance<IContentEvents>();
            events.PublishedContent -= Events_PublishedContent;
        }

        private void Events_PublishedContent(object sender, ContentEventArgs e)
        {
            if (e.Content is PageData || e.Content is BlockData || e.Content is MediaData)
            {
                Task.Run(() => ExportItem(e.Content, _dataExporterAccessor(), _contentLoader));
            }
        }

        private async Task ExportItem(IContent content, IDataExporter exporter, IContentLoader contentLoader)
        {
            var exportedFileLocation = Path.GetTempFileName();
            var stream = new FileStream(exportedFileLocation, FileMode.Create, FileAccess.ReadWrite, FileShare.None);
            var settings = new Dictionary<string, object>();
            settings[SettingPageLink] = content.ContentLink;
            settings[SettingRecursively] = false;
            settings[SettingPageFiles] = true;
            settings[SettingIncludeContentTypeDependencies] = true;

            var sourceRoots = new List<ExportSource>();
            sourceRoots.Add(new ExportSource(content.ContentLink, ExportSource.NonRecursive));

            var options = ExportOptions.DefaultOptions;
            options.ExcludeFiles = false;
            options.IncludeReferencedContentTypes = true;

            IContent parent;
            contentLoader.TryGet(content.ParentLink, out parent);

            var state = new ExportState
            {
                Stream = stream,
                Exporter = exporter,
                FileLocation = exportedFileLocation,
                Options = options,
                SourceRoots = sourceRoots,
                Settings = settings,
                Parent = parent?.ContentGuid ?? Guid.Empty
            };

            if (state.Parent == Guid.Empty)
            {
                return;
            }

            try
            {
                exporter.Export(state.Stream, state.SourceRoots, state.Options);
                exporter.Dispose();
                await SendContent(state.FileLocation, state.Parent);
            }
            catch (Exception ex)
            {
                exporter.Abort();
                exporter.Status.Log.Error("Can't export package because: {0}", ex, ex.Message);
            }
        }


        private async Task SendContent(string file, Guid parentId)
        {
            var token = await GetToken();
            if (string.IsNullOrEmpty(token))
            {
                return;
            }
            using (var client = new HttpClient())
            {
                client.BaseAddress = new Uri(_stagingUrl);
                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
                var content = new MultipartFormDataContent();
                var filestream = new FileStream(file, FileMode.Open);
                content.Add(new StreamContent(filestream), "file", "Import.episerverdata");
                var response = await client.PostAsync($"/episerverapi/import/cms/content/{parentId}", content);
                if (response.StatusCode != HttpStatusCode.OK)
                {
                    _logger.Error(response.Content.ReadAsStringAsync().Result);
                }
            }
        }

        private async Task<string> GetToken()
        {
            using (var client = new HttpClient())
            {
                client.BaseAddress = new Uri(_stagingUrl);
                var fields = new Dictionary<string, string>
                {
                    { "grant_type", "password" },
                    { "username", _username },
                    { "password", _password }
                };
                var response = await client.PostAsync("/episerverapi/token", new FormUrlEncodedContent(fields));
                if (response.StatusCode == HttpStatusCode.OK)
                {
                    var content = response.Content.ReadAsStringAsync().Result;
                    var token = JObject.Parse(content).GetValue("access_token");
                    return token.ToString();
                }
            }
            return null;
        }

        private class ExportState
        {
            public string FileLocation { get; set; }
            public IDataExporter Exporter { get; set; }
            public ExportOptions Options { get; set; }
            public Stream Stream { get; set; }
            public IList<ExportSource> SourceRoots { get; set; }
            public Dictionary<string, object> Settings { get; set; }
            public Guid Parent { get; set; }
        }
    }
}

Next I added an endpoint to be able to update the content with the changeset. This makes use of some service api classes so a reference to the package will be needed to create the endpoint.

using EPiServer.Core;
using EPiServer.Enterprise;
using EPiServer.ServiceApi.Configuration;
using EPiServer.ServiceApi.Extensions;
using EPiServer.ServiceApi.Util;
using EPiServer.ServiceLocation;
using EPiServer.Web.Internal;
using System;
using System.IO;
using System.Net;
using System.Net.Http;
using System.Threading.Tasks;
using System.Web.Http;
using System.Web.Http.Description;

namespace EPiServer.Reference.Commerce.Site.Features.Rest
{
    public class ImportController : ApiController
    {
        private static readonly ApiCallLogger _logger = new ApiCallLogger(typeof(ImportController));
        private readonly PermanentLinkMapper _permanentLinkMapper;
        private readonly  ServiceAccessor<IDataImporter> _dataImporterAccessor;

        private const string InvalidMediaTypeMessage = "Wrong Media Type";

        public ImportController(PermanentLinkMapper permanentLinkMapper, ServiceAccessor<IDataImporter> dataImporterAccessor)
        {
            _permanentLinkMapper = permanentLinkMapper;
            _dataImporterAccessor = dataImporterAccessor;
        }

        [Route("episerverapi/import/cms/content/{id:guid}", Name = "mh_UpdateContent")]
        [HttpPost]
        [ResponseType(typeof(Guid))]
        [AuthorizePermission(Permissions.GroupName, Permissions.Write)]
        public virtual async Task<IHttpActionResult> PostCmsImport(Guid id)
        {
            if (!Request.Content.IsMimeMultipartContent())
            {
                _logger.Error(InvalidMediaTypeMessage, Request.CreateResponseException(InvalidMediaTypeMessage, HttpStatusCode.UnsupportedMediaType));
                throw Request.CreateResponseException(InvalidMediaTypeMessage, HttpStatusCode.UnsupportedMediaType);
            }
            
            var file = await Request.GetUploadedFile(UploadPaths.IntegrationDataPath);
            var destinationRoot = _permanentLinkMapper.Find(id);
            if (destinationRoot == null)
            {
                return Ok(id);
            }

            var importerOptions = ImportOptions.DefaultOptions;
            importerOptions.KeepIdentity = true;
            importerOptions.ValidateDestination = true;
            importerOptions.EnsureContentNameUniqueness = true;
            importerOptions.IsTest = false;
            var importer = _dataImporterAccessor();
            Security.PrincipalInfo.RecreatePrincipalForThreading();
            var state = new ImporterState
            {
                Destination = destinationRoot.ContentReference,
                Importer = importer,
                Options = importerOptions,
                Stream = new FileStream(file.LocalFileName, FileMode.Open)
            };

            var message = await ImportFileThread(state);
            if (string.IsNullOrEmpty(message))
            {
                return Ok(id);
            }
            else
            {
                throw Request.CreateResponseException(message, HttpStatusCode.InternalServerError);
            }
        }

        private Task<string> ImportFileThread(ImporterState state)
        {
            return Task.Run(() =>
            {
                try
                {
                    state.Importer.Import(state.Stream, state.Destination, state.Options);
                    return "";
                }
                catch (Exception ex)
                {
                    _logger.Error("Can't import data because, ", ex);
                    return ex.StackTrace;
                }
            });
        }
    }

    public class ImporterState
    {
        public ContentReference Destination { get; set; }
        public IDataImporter Importer { get; set; }
        public Stream Stream { get; set; }
        public ImportOptions Options { get; set; }
    }
}

Hide Sites in Page Tree for editors without Create or Edit Access rights

Wed, 16 May 2018 20:04:25 GMT

Recently I was asked by a customer how they could hide sites in the page tree for users without edit access. I thought this was easily done using access rights, but I was wroing as the content still shows but cannot be edited since everyone has read access. After some googling I found this article which was for CMS 6R2. I tried removing the everyone role read access, but that led to the none of the sites showing in the page tree.

Next I tried the next forum post which led to this article. The code below is a continuation of the code found on the blog post by Thomas Krantz. Please note that this code only cares about pages so editors will still have access to commerce content, blocks, media, etc. It is also required either Edit or Create access to show the tree.

using EPiServer.Cms.Shell.UI.Rest.ContentQuery;
using EPiServer.Core;
using EPiServer.Data.Dynamic;
using EPiServer.Filters;
using EPiServer.Security;
using EPiServer.ServiceLocation;
using EPiServer.Shell.ContentQuery;
using System.Collections.Generic;
using System.Linq;

namespace EPiServer.Reference.Commerce.Site.Infrastructure
{
    [ServiceConfiguration(typeof(IContentQuery))]
    public class MyGetChildrenQuery : GetChildrenQuery
    {
        private readonly IContentRepository _contentRepository;
        private readonly IContentQueryHelper _queryHelper;
        private readonly LanguageSelectorFactory _languageSelectorFactory;

        public MyGetChildrenQuery(IContentQueryHelper queryHelper, IContentRepository contentRepository, LanguageSelectorFactory languageSelectorFactory) 
            : base(queryHelper, contentRepository, languageSelectorFactory)
        {
            _contentRepository = contentRepository;
            _queryHelper = queryHelper;
            _languageSelectorFactory = languageSelectorFactory;
        }

        public override int Rank => 100; 

        protected override IEnumerable<IContent> GetContent(ContentQueryParameters parameters)
        {
            if (((parameters.References == null) || !parameters.References.Any()) && ContentReference.IsNullOrEmpty(parameters.ReferenceId))
            {
                return Enumerable.Empty<IContent>();
            }

            var selector = _languageSelectorFactory.AutoDetect(true);
            IContent content = null;

            if (!ContentReference.IsNullOrEmpty(parameters.ReferenceId))
            {
                content = _contentRepository.Get<IContent>(parameters.ReferenceId) as PageData;
                if (content == null)
                {
                    return base.GetContent(parameters);
                }
                if (content.ContentLink.ID == 1 || (FilterAccess.QueryDistinctAccessEdit(content, AccessLevel.Edit) || FilterAccess.QueryDistinctAccessEdit(content, AccessLevel.Create)))
                {
                    return GetChildren(parameters, parameters.ReferenceId, selector);
                }
                return Enumerable.Empty<IContent>();
            }

            var filteredContent = new List<IContent>();
            foreach(var link in parameters.References.ToList())
            {
                content = _contentRepository.Get<IContent>(link) as PageData;
                if (content == null)
                {
                    filteredContent.AddRange(base.GetContent(parameters));
                    continue;
                }
                if (!FilterAccess.QueryDistinctAccessEdit(content, AccessLevel.Edit) || !FilterAccess.QueryDistinctAccessEdit(content, AccessLevel.Create))
                {
                    continue;
                }
                filteredContent.AddRange(GetChildren(parameters, parameters.ReferenceId, selector));
            }
            return filteredContent;
        }

        private IEnumerable<IContent> GetChildren(ContentQueryParameters parameters, ContentReference parentId, LanguageSelector selector)
        {
            IEnumerable<IContent> children = null;

            if (parameters.TypeIdentifiers != null && parameters.TypeIdentifiers.Any())
            {
                // Get by type and concatenate into one list
                children =
                    parameters.TypeIdentifiers.Select(i => TypeResolver.GetType(i, false))
                        .Where(type => type != null)
                        .SelectMany(type => GetChildrenByType(type, parentId, selector))
                        .Distinct()
                        .Where(x => FilterAccess.QueryDistinctAccessEdit(x, AccessLevel.Edit) || FilterAccess.QueryDistinctAccessEdit(x, AccessLevel.Create));
            }
            else
            {
                children = _contentRepository.GetChildren<IContent>(parentId, selector)
                    .Where(x => FilterAccess.QueryDistinctAccessEdit(x, AccessLevel.Edit) || FilterAccess.QueryDistinctAccessEdit(x, AccessLevel.Create)); ;
            }

            return (children ?? Enumerable.Empty<IContent>());
        }
    }
}

Here is how the access rights or setup for the site in questions.

Here is how the user permissions has been setup.

Here is the site with administrator access.

Here is the site with just site1 access.

Mixed Mode Authentication

Sun, 15 Oct 2017 18:50:05 GMT

Recently I have been asked to show a working mode authtenication as a couple partners coulld not get it working. In this post I will go through the steps of setting up mixed mode with asp.net identity and WS-Federation with Azure AD.

Azure Application Setup

First we need to setup our application in the azure portal. Click on Azure Active Directory, and then App registrations. Now click on the new app registration button. Fill out the name, application type, and sign-on url like below.

After creating then new application click on the application name to edit the application. Click on the manifest button so we can add application roles. Locate the appRoles setting and insert the appRole definitions in the array.
This is an example of approles that declare WebAdmins and WebEditors. You can modify it according to your application roles. Note that you need to generate new Guid for each role declaration.

"appRoles": [
    {
      "allowedMemberTypes": [
        "User"
      ],
      "description": "Editor can edit the site.",
      "displayName": "WebEditors",
      "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
      "isEnabled": true,
      "value": "WebEditors"
    },
    {
      "allowedMemberTypes": [
        "User"
      ],
      "description": "Admins can manage roles and perform all task actions.",
      "displayName": "WebAdmins",
      "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX",
      "isEnabled": true,
      "value": "WebAdmins"
    },
     {
      "allowedMemberTypes": [
        "User"
      ],
      "description": "Admin the site.",
      "displayName": "Admininstrators",
      "id": "XXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX",
      "isEnabled": true,
      "value": "Admininstrators"
    }
  ],

After updating the mainfest, we will need to update some settings of the application. Click on the settings button of the application. Next click on permissions and edit the required permissions. Read should be enough but you can set to write as well.

Next we need to assign membership to the application roles. In Azure Active Directory view, choose enterprise applications. Choose all applications and select the application that was just created. Select users and groups and click on the button add new user. You will then select a user and map to a role either Administrators or WebAdmins. Please note for standard Active Directory you will need to manually assign each user to a role. If you have premium AD you can map a group to a role.

Next we need to get the endpoints to use to connect to our application. Click on App registrations in the Azure Ad view. Next click the enpoints button. Copy the the Federation MetaData Document.

Now go back to app registrations and choose the application you have setup. Choose settings and the select properties. Copy the App Id Uri. Now we have the application setup and the connection values that will be needed in the setup of our WS-Fed.

Application Setup

Disable Role and Membership Providers

Disable the built-in Role and Membership providers in web.config because they do not support federated security:

<authentication mode="None" />
    <membership>
      <providers>
        <clear/>
      </providers>
    </membership>
    <roleManager enabled="false">
      <providers>
        <clear/>
      </providers>
    </roleManager>

Configure Episerver to support federation

Enable claims on virtual roles by setting the addClaims property. Also add the provider for security entities, which is used by the set access rights dialog and impersonating users. The SynchronizingRolesSecurityEntityProvider configured in the following example is using the SynchronizingUserService that is used in step 4. Also if you are using the Administrators group you want to remove or comment out the virtual role because it tried to use domain/username for authtenication.
```
<episerver.framework>
    <securityEntity>
      <providers>
        <add name="SynchronizingProvider" type ="EPiServer.Security.SynchronizingRolesSecurityEntityProvider, EPiServer"/>
      </providers>
    </securityEntity>
    <virtualRoles addClaims="true">
       
    </virtualRoles>
```

Install NuGet packages

Open Package Manager in Visual Studio and install the following packages:

Install-Package Microsoft.Owin.Security.Cookies
Install-Package Microsoft.Owin.Security.WsFederation
Install-Package Microsoft.Owin.Host.SystemWeb
Update-Package Microsoft.IdentityModel.Protocol.Extensions -Safe

Configure Identity and WSFederation

We configure the cms identity service and the ws-fed authtneication middleware. We make the Ws-Fed the default so it will challenge us to login if we go /episerver for instance. For normal site login the users will use the login and logout buttons of the web application. We also set /logout to trigger a logout of the owin middleware. Finally make sure there is no external cookie registered in the pipeline as it seems to mess up the ws-fed authenication and go into endless redirect loop. Also note you might need to explictly set TokenValidationParameters for the NameClaimType or RoleClaimType if they are not using the default ones setup for Ws-Fed. You can put a preak point in the SecurityTokenValidated callback to see what claims are being passed from Azure AD if you are not able to login correctly and update accordingly.

public class Startup
    {
        // For more information on configuring authentication,
        // please visit http://world.episerver.com/documentation/Items/Developers-Guide/Episerver-CMS/9/Security/episerver-aspnetidentity/

        private readonly IConnectionStringHandler _connectionStringHandler;

        public Startup() : this(ServiceLocator.Current.GetInstance<IConnectionStringHandler>())
        {
            // Parameterless constructor required by OWIN.
        }

        public Startup(IConnectionStringHandler connectionStringHandler)
        {
            _connectionStringHandler = connectionStringHandler;
        }

        public void Configuration(IAppBuilder app)
        {
            app.AddCmsAspNetIdentity<SiteUser>(new ApplicationOptions
            {
                ConnectionStringName = _connectionStringHandler.Commerce.Name
            });

            // Enable the application to use a cookie to store information for the signed in user
            // and to use a cookie to temporarily store information about a user logging in with a third party login provider.
            // Configure the sign in cookie.
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Login"),
                Provider = new CookieAuthenticationProvider
                {
                    // Enables the application to validate the security stamp when the user logs in.
                    // This is a security feature which is used when you change a password or add an external login to your account.  
                    OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager<SiteUser>, SiteUser>(
                        validateInterval: TimeSpan.FromMinutes(30),
                        regenerateIdentity: (manager, user) => manager.GenerateUserIdentityAsync(user)),
                    OnApplyRedirect = (context => context.Response.Redirect(context.RedirectUri)),
                    OnResponseSignOut = (context => context.Response.Redirect(UrlResolver.Current.GetUrl(ContentReference.StartPage)))
                }
            });

            app.SetDefaultSignInAsAuthenticationType(WsFederationAuthenticationDefaults.AuthenticationType);
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType
            });
            //Enable federated authentication
            app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions()
            {
                //Trusted URL to federation server meta data
                MetadataAddress = "Metadata document enpoint",
                //Value of Wtreal must *exactly* match what is configured in the federation server
                Wtrealm = "App Id Uri",
         
                TokenValidationParameters = new TokenValidationParameters
                {
                   
                    NameClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
                },
                Notifications = new WsFederationAuthenticationNotifications()
                {
                    RedirectToIdentityProvider = (ctx) =>
                    {
                        //To avoid a redirect loop to the federation server send 403 when user is authenticated but does not have access
                        if (ctx.OwinContext.Response.StatusCode == 401 && ctx.OwinContext.Authentication.User.Identity.IsAuthenticated)
                        {
                            ctx.OwinContext.Response.StatusCode = 403;
                            ctx.HandleResponse();
                        }
                        return Task.FromResult(0);
                    },
                    SecurityTokenValidated = (ctx) =>
                    {
                        //Ignore scheme/host name in redirect Uri to make sure a redirect to HTTPS does not redirect back to HTTP
                        var redirectUri = new Uri(ctx.AuthenticationTicket.Properties.RedirectUri, UriKind.RelativeOrAbsolute);
                        if (redirectUri.IsAbsoluteUri)
                        {
                            ctx.AuthenticationTicket.Properties.RedirectUri = redirectUri.PathAndQuery;
                        }

                        //if (ctx.AuthenticationTicket.Identity.Name)
                        //Sync user and the roles to EPiServer in the background
                        ServiceLocator.Current.GetInstance<ISynchronizingUserService>().SynchronizeAsync(ctx.AuthenticationTicket.Identity);
                        return Task.FromResult(0);
                    }
                }
            });
            

                        app.UseStageMarker(PipelineStage.Authenticate);
            app.Map("/Logout", map =>
            {
                map.Run(ctx =>
                {
                    ctx.Authentication.SignOut();
                    return Task.FromResult(0);
                });
            });
        }
}

Please refer to federated-security documentation for tips on troubleshooting issues.

Anonymous Project Preview

Mon, 07 Nov 2016 18:06:14 GMT

A little while ago a colleague of mine wrote an excellent post on how to create a partial route to preview specific versions of content here. Some comments wanted to see this in the context of the projects as well as be able to allow anonymous users to be able to preview the page. I created a small sample that addresses the issues in a different way then the partial route.

First we will create an interface for dealing with getting project identifiers and content. In the sample we are using the host header, but you could use cookies, session, or anything else you would like to enable. Using the url seemed most easy and less places to change the code.

using EPiServer.Core;
using System.Web;

namespace EPiServer.Reference.Commerce.Site.Infrastructure
{
    /// <summary>
    /// Helps identify project and version in the anonymous context
    /// </summary>
    public interface IPreviewProjectIdentifier
    {
        /// <summary>
        /// Gets the project version of the content, otherwsie returns the published reference.
        /// </summary>
        /// <param name="publishedContentReference"></param>
        /// <param name="httpContextBase"></param>
        /// <returns>A <see cref="ContentReference"/></returns>
        ContentReference GetProjectVersion(ContentReference publishedContentReference, HttpContextBase httpContextBase);

        /// <summary>
        /// Gets the current project id based on custom logic.  If there is no current project returns 0/
        /// </summary>
        /// <param name="httpContextBase"></param>
        /// <returns>The primary key <see cref="int"/> of the project</returns>
        int GetProjectId(HttpContextBase httpContextBase);

    }
}

Now we will create the implementation.

using EPiServer.Core;
using EPiServer.DataAbstraction;
using EPiServer.ServiceLocation;
using EPiServer.Web.Hosting;
using System.Linq;
using System.Web;

namespace EPiServer.Reference.Commerce.Site.Infrastructure
{
    [ServiceConfiguration(Lifecycle = ServiceInstanceScope.Singleton, ServiceType = typeof(IPreviewProjectIdentifier))]
    public class DefaultPreviewProjectIdentifier : IPreviewProjectIdentifier
    {
        private readonly ProjectRepository _projectRepository;

        public DefaultPreviewProjectIdentifier(ProjectRepository projectRepository)
        {
            _projectRepository = projectRepository;
        }

        public ContentReference GetProjectVersion(ContentReference publishedReference, HttpContextBase httpContextBase)
        {
            var projectId = GetProjectId(httpContextBase);
            return projectId == 0 ? publishedReference : GetProjectReference(publishedReference, projectId);
        }

        public int GetProjectId(HttpContextBase httpContextBase)
        {
            var uri = GetUrl(httpContextBase);
            if (!uri.Host.StartsWith("project"))
            {
                return 0;
            }

            var projectId = uri.Host.Substring(uri.Host.IndexOf("-") + 1, uri.Host.IndexOf(".") - (uri.Host.IndexOf("-") + 1));
            int id;
            return int.TryParse(projectId, out id) ? id : 0;
        }

        private ContentReference GetProjectReference(ContentReference publishedReference, int projectId)
        {
            var items = _projectRepository.ListItems(projectId);
            if (items == null)
            {
                return publishedReference;
            }

            var item = items.FirstOrDefault(x => x.ContentLink.ToReferenceWithoutVersion() == publishedReference.ToReferenceWithoutVersion());
            return item == null ? publishedReference : items.FirstOrDefault(x => x.ContentLink.ID == item.ContentLink.ID).ContentLink;
        }

        private static UrlBuilder GetUrl(HttpContextBase httpContext)
        {
            UrlBuilder hostUrl;
            if (httpContext != null && httpContext.Request.Url != null)
            {
                hostUrl = new UrlBuilder(httpContext.Request.Url.AbsoluteUri)
                {
                    Path = VirtualPathUtility.AppendTrailingSlash(GenericHostingEnvironment.Instance.ApplicationVirtualPath)
                };
            }
            else
            {
                hostUrl = new UrlBuilder(VirtualPathUtility.AppendTrailingSlash(GenericHostingEnvironment.Instance.ApplicationVirtualPath));
            }
            return hostUrl;
        }
    }
}

Next we need to create a custom IFilterProvider for MVC. We need to do this because the base class ContentController<T> has the AuthorizeContentAttribute. This is responsible checking the access rights of the content and will prevent an anonymous user from seeing the content.

using EPiServer.ServiceLocation;
using EPiServer.Web.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Mvc;

namespace EPiServer.Reference.Commerce.Site.Infrastructure
{
    public class ProjectFilterProvider : IFilterProvider
    {
        private readonly FilterProviderCollection _filterProviders;
        private readonly Type _authorizeContent = typeof(AuthorizeContentAttribute);
        private readonly IPreviewProjectIdentifier _previewProjectIdentifier = ServiceLocator.Current.GetInstance<IPreviewProjectIdentifier>();

        public ProjectFilterProvider(IList<IFilterProvider> filters)
        {
            _filterProviders = new FilterProviderCollection(filters);
        }

        public IEnumerable<Filter> GetFilters(ControllerContext controllerContext,
            ActionDescriptor actionDescriptor)
        {
            var filters = _filterProviders.GetFilters(controllerContext, actionDescriptor);
            var projectId = _previewProjectIdentifier.GetProjectId(controllerContext.HttpContext);
            return projectId > 0 ? filters.Where(x => x.Instance.GetType() != _authorizeContent) : filters;
        }
    }
}

Finally we will register the filter and add a event handler to IContentRouteEvents.RoutedContent to update the content to the correct version in the context of the project.

[ModuleDependency(typeof(ServiceApi.IntegrationInitialization), typeof(EPiServer.Commerce.Initialization.InitializationModule))]
    public class SiteInitialization : IConfigurableModule
    {
        public void Initialize(InitializationEngine context)
        { 
            var providers = FilterProviders.Providers.ToList();
            FilterProviders.Providers.Clear();
            FilterProviders.Providers.Add(new ProjectFilterProvider(providers));
            
            context.Locate.Advanced.GetInstance<IContentRouteEvents>().RoutedContent += ContentRoute_RoutedContent;
            
        }

        private void ContentRoute_RoutedContent(object sender, RoutingEventArgs e)
        {
            e.RoutingSegmentContext.RoutedContentLink = ServiceLocator.Current.GetInstance<IPreviewProjectIdentifier>().GetProjectVersion(e.RoutingSegmentContext.RoutedContentLink, HttpContext.Current.ContextBaseOrNull());
        }
    }
}

Now we have a project preview for anonymous users where they can preview a live site in the context of a specific project.

http://www.screencast.com/t/FMbCw188X

New Order Events

Mon, 25 May 2015 15:57:43 GMT

Today we have released EPiServer.Commerce.Core 8.12.0 which includeds new Order Events. These events were added to help support integrations. One common use case might be sending information to your marketing automation when something is added to your basket. These are synchronous events so it is important for the subscriber to finish quickly or start async task so execution can continue. Please refer to Documentation for more information on how to use the events

Important Updates to the ServiceApi

Fri, 13 Feb 2015 17:30:13 GMT

We have released a new version of the EPiServer.ServiceApi and I wanted to highlight some important features over the last two releases. As of version 1.2.0 the ServiceApi is now split out into two packages.

EPiServer.ServiceApi - this is the base package that only has dependency to EPiServer.Cms.Core. This package will allow you to import media as well as episerverdata files.
EpiServer.ServiceApi.Commerce - this is the commerce package that has a dependency to EPiServer.Commerce.Core. This package adds functionality to import catalog content and some restful operations for workng with catalog content.

As of version 1.3.0 all actions require permissions. This means the user getting an auth token must have access to the permissions to use the functions. The permissions are done with the new permissions to functions introduced in EPiServer.Cms.Core 7.19.1. The ServiceApi has two permissions read and write. Any function that manipulates data will require write access while all other require read access. By default when instaling version 1.3.0 the administrators role is granted read and write access.

If you would like to use the ServiceApi read and write permissions in your own webapi controlllers, you can decorate your method like below. You also have the ability to create your own permissions and use with the AuthorizePermission attribute.

[Route("myroute", Name = "mymethod")]
[HttpGet]
[AcceptVerbs("GET")]
[ResponseType(typeof(IEnumerable<Models.MyModel>))]
[EPiServer.ServiceApi.Configuration.AuthorizePermission(EPiServer.ServiceApi.Configuration.Permissions.GroupName, EPiServer.ServiceApi.Configuration.Permissions.Read)]
public virtual IHttpActionResult MyMethod()
{
        if (!ModelState.IsValid)
        {
            return BadRequest(ModelState);
        }
        return Ok(ModelFactory.GetMyMethod());
}

ServiceAPi automatically registers controllers with attribute routing so this allows you to use the permissions in your own webapi controllers. We needed to add a new AuthorizePermission for webapi controllers, the one introduced in EPiServer.Web.Mvc is only for mvc controllers.

There were also some additional security updates which lead the removal of httpmodule EPiServer.ServiceApi.IntegrationAuthorizationModule.

Commerce Expression Editor Released on Github

Thu, 22 Jan 2015 10:31:49 GMT

We have released the source code for the expression editor here on github. The editor is used to create expressions for custom promotions in EPiServer Commerce. You can read the documenation here to understand how to use.

Syncing Active Directory Groups for use In EPiServer Commerce

Mon, 01 Sep 2014 12:59:58 GMT

I received a request the other day for the ability to use Active Directory Groups in Commerce Manager for permissions. While Commerce Manager uses granular permissions that will not allow this easily, there is a way to at least sync the groups and group memberships to be used in commerce manager. From there you can […]

Blog posts by Mark Hall

Working with docker and containers - .NET 5 Series, Part 3

Introduction to Optimizely .NET 5 Series

Introduction

Install Tools

Creating the .env file

Creating the Docker Compose File

Creating Sql.Dockerfile

Create SetupDatabases.sh

Creating the Web.Dockerfile

Create wait_sqlserver_start_and_attachdb.sh

Building and running the image

Using DXP bacpac file

Conclusion

Starting a new project - .NET 5 Series, Part 2

Introduction to Optimizely .NET 5 Series

Introduction

Install Tools

Understanding the tools

Creating the project

Foundation

Closing Thoughts

Getting started with upgrade-assistant - .NET 5 Series, Part 1

Introduction to Optimizely .NET 5 Series

Introduction

Install Tools

Upgrade the solution

Closing Thoughts

Fallback languages for catalog content

ServiceApi Customers and Organizations Extended

Simple Content Synchronization

Hide Sites in Page Tree for editors without Create or Edit Access rights

Mixed Mode Authentication

Azure Application Setup

Application Setup

Disable Role and Membership Providers

Configure Episerver to support federation

Install NuGet packages

Configure Identity and WSFederation

Anonymous Project Preview

New Order Events

Important Updates to the ServiceApi

Commerce Expression Editor Released on Github

Syncing Active Directory Groups for use In EPiServer Commerce