Hi there,
This has turned out to be a little long - so I am sorry about - and thanks for your time, in advance!
I started “investigating” ContentBox because I wanted to learn how to use the “Box” security modules and was advised that ContentBox might be a good source of learning material.
I haven’t used a CMS, before this.
My view on them was that it was for running a website (maintaining content-primarily) and/or blog. that was effectively for hosting your own “Wordpress” presence.
And while this is accurate - ContentBox is capable of a lot more…
So, this post is actually asking for two things, please…
Let me give you some context first:
I have an existing ColdBox app that I am writing and it is currently nothing more than a CRUD app.
- List DB entries via ORM objects
- Forms to insert/edit/delete DB entries via ORM objects
At the moment, at least, there is no (working) authentication/authorisation and there are any extensive “business rules” attached to any of the forms, yet either.
Q1:
Can I “embed” this (simple ColdBox app) into a “plain” ContentBox install?
From my reading it would seem to be a case of “just” treating my app as if it were any other “box” module that you might install into a ContentBox instance. Is that “pretty much” all there is to it?
(disregarding layouts/themes/etc - for the time being?)
And, Q2:
Thanks to what I am learning about ContentBox I am actually wondering if I even need to do the above…
Can I just use ContentBox to “Author” my application in a Contentbox instance, effectively turning me into a “ContentBox configurator/admin” for this task?
Let me preface this - and practically every single thing I ever post here with.
I am not being lazy.
I am happy to write any amount of code.
I am very happy to put in any amount of effort required to learn something that is new to me, or,
relearn something I have forgotten, or,
subsequently find out, I have been doing incorrectly.
I am currently writing this application from the ground-up and am happy to do so.
And sometimes I just cannot see the Ortus Forest for all the “box” trees…
Is what I am looking for missing in the docs? Or have I just found the right place in the docs?
Ortus has a lot of documentation - but I find it quite difficult to grok.
A common example of what I see in the Ortus docs is:
“When implementing an “AAA” - you can use the following example code”
For everyone with a sound working knowledge of ColdBox/xxxBox - it may well be entirely evident that THIS code snippet belongs in the handler and that the NEXT snippet goes in the model - or it belongs in the Coldbox.cfc as part of configuration… But if you don’t have that knowledge - you have absolutely no idea, because you’re completely brand new!
And to further confuse the newcomer… THIS example code is written as cfscript code… while another example a few paragraphs further along - but in the same “content” of the the docs: is written as a set of statements that belong in a server.json or similar.
There are most definitely places in the documentation where the topic is something like:
- Here is how you do it in code - in the handler
- Here is how you do, the same thing, via config - in the Coldbox.cfc
- Here is how you do, the same thing, with ENV variables…
Other times it is like:
*Here is a snippet - that belongs in the server.json
That’s OK - because if you want to use ENV vars - you know how to convert a server.json snippet to an ENV var. (Or you can at least learn “that” and thus apply the same process to every server.json example code you ever read in any Ortus docs.
But quite often/very often there just isn’t any “direction” beyond the example code.
- There is no file name
- There is no text about "this belong in your model/handler/etc)
- JUST the example snippet.
- No “title” for the snippet at all.
Let me yell out loud"
That’s not meant as a slur/insult, in any way… just the reasoning behind my questions - that I am sure at times read like : “Write my app for me - I am too lazy to do it myself”.
This is never my intent.
Anyway:
One of the application requirements is that a user upload a current driver’s license/a current CPR certification/etc.
These documents have an expiry date - so they need to be renewed.
The business requires that someone else (HR) - validate the document that was uploaded - before it is seen as being “accepted”.
Sounds very much like using the Media Library and the approval process of blog comments, combined - already available in ContentBox will solve this requirement… Woohoo!
Now, with a few reminders, please:
- I have never used a CMS before, let alone ContentBox
- I am still on my initial learning curve of ColdBox, too…
- I totally realise that ContentBox is open source…
Therefore,
- If I want something to do “A” instead of “B” - hack away as needed.
- AND: (If it is “good” / implemented well etc - consider a PR back to the project…)
Is there “ContentBox”/“Box”/“Ortus”, built-in goodness, way to do this?
I am totally happy with: “No. alter the media library yourself to include the specifics of your approval process.”
But to a large degree my question is prompted by:
I have found via my ColdBox learning via my currently simple CRUD app that there is an extensive security framework - that already exists… so I didn’t need to hand-code checks for cross-site forgery exploits. I could have utilised the appropriate cb module - that “just plugs in” with a ColdBox app, instead.
Afterall, it is tested, probably covers more “holes/exploits” than my code ever would - and even if it doesn’t - it would have served as a fantastic starting point - if I new about it!
As always - thanks again for sticking it out with me this long and I sincerely hope that my tone/intent isn’t misread, too…