psi.ch Relaunch Review #1

The group module and complex customization

Situation

  • The old psi.ch consists of ~180 "sub webs"
  • Only members can edit and translate content and media
  • Different languages per sub-web
  • Different publishing workflows
  • Each sub-web has admins
  • Different navigation per sub-web
  • Content snippets per sub-web (e.g. sidebar)
  • Unpublished content and sub-webs only accessible to editors

Group module

  • https://www.drupal.org/project/group
  • At the center are groups
  • Other entities are connected through relationship entities
  • Supported by default: Nodes, Users (with roles & permissions)
  • Separate module/patch: Media
  • Own integration: Paragraph library items

Influenced by Sub-Web/Group

Multilingual customization

  • Default: Groups can be translated
  • Custom: Fields for default language and allowed languages
  • Custom: Translate UI completely hidden for single-language groups, filtered when more than one
  • Various patches for core and group necessary

Drupal core multilingual patches

  • #2972308: Allow users to translate content they can edit
  • #2978048: Unpublished translations should fallback to the original language
  • #2971390: Disallow users to change content translation uid metadata field
  • #2155787: Introduce more flexible access control for content translation operations
  • #3002571: Multiple warning messages when having untranslatable fields
  • #3007288: LanguageNegotiationUserAdmin requires 'access administration pages' which is too strict
  • #2877994: Entity Links fields does not have translation support

Group patches

  • #3030187: Node translations accessible for anonymous users
  • #2984315: Media enabler

Alias & Breadcrumb

  • Pathauto: /[node:group:fie....]/[node:prim...]
  • New content is saved twice, prevent alias + redirect without group with custom alter hook
  • Special case for "home page" per group
  • Breadcrumb represents group hierarchy

     
  • Requires patch for group tokens:
    #2774827: Group tokens

Navigation & Operations

  • Each Group has a referenced menu
  • Custom menu block that fetches the menu from group, with fallback
  • Members only: Custom operations block, with actions to create content and go to group overview/content list

Creating content

  • Always happens in the context of a group
  • Editors can not create global content
  • Limited language selection and default
  • Default language and group assignment also applied to media (created through entity browser)
  • And paragraph library items
  • Filters in entity browser to groups accessible to user

Views

  • Primer: Placing article/node lists with list paragraph type (block_field)
  • Primer: Controllable exposed filters and default values
  • Custom: Active Group filter, only show articles of current Group
  • With option to include articles from other Groups
  • Challenge: Ajax requests for filters & paging

    Various views limitations & bugs:
    #2823541, #2866386

Authentication

  • PSI provides SAML 2.0 IdP
  • Integrated with SimpleSamlPHP
  • Groups are not 1:1 match to organization structure:
    • Each user is assigned to an organization unit number (e.g. 3102)
    • Each group has N numbers assigned, with wildcard support: 3***
    • Users are assigned to groups based on matching numbers
  • Users become Sub-Web Admins through a role managed in LDAP/ActiveDirectory

Downsides

  • Performance is challenging
    • node access/grants, especially with users that are in many groups
    • New content needs to be saved twice
  • Data model is a bit overkill for our (current) use cases
    • content is only a single group (exception: users)
    • no relationship fields

Demo

Questions?

Made with Slides.com