TYPO3 v13.1—The Surfer’s Starterkit
Today we published the second sprint release of the v13 series: TYPO3 version 13.1. You can now consolidate site configurations as Site Sets and reuse…
The general scope of the initiative meeting was focused on integrating GraphQL API into TYPO3 core. Preliminary an internal API — used by developers — shall be established to allow retrieving structured data. Due to possible additional dimensions like languages and workspaces this API must resolve proper relations according to the given context.
To expose that API as a public web interface (e.g. to be used by modern client frameworks like Angular, VueJS or React) additional aspects have to be considered — most important to be named is a permission layer to control access of data exposed to the public. Current ideas are based on Symfony‘s “security-acl” package to grant or deny access on various concepts like table, field, folders, files, etc.
During the implementation process of inferencing semantics and implicit behavior of $TCA properties, participants identified the demand of structuring current $TCA much better — aspects related to schema (storage), processing (validation) and representation (rendering in user-interface) are target to be separated further.
TYPO3's mechanisms for storing relationships supports three different types — comma-separated values (CSV) stored at the originator, foreign keys stored at the referenced subject and many-to-many relations stored in a specific intermediate table (MM).
In the worst case scenarios CSV storage only contains identifiers without storing their concept — thus, the according relationship can only be determined by evaluating the current $TCA settings and is not robust to adjustments. JSON data-types became available with MySQL 5.7 and would allow storing specific information as well as being used in database JOINs as well. Doctrine DBAL already supports these data-types — however there is no cross-database implementation of statements like JSON_CONTAINS to be used in QueryBuilder.
The possibility to determine permissions on a per-table or per-table-field level currently is only available for backend users and backend user groups. To broaden the application scope and expose a semi-public endpoint to GraphQL, it is required to ensure that only defined information can be retrieved. Thus, the permission concepts need to be decoupled from backend users and any user record in general. Composer package „symfony/security-acl“ provides a flexible concept, based on access-control-lists (ACL), for dynamically managing those requirements concerning permission handling.
Resolving multiple content dimensions like languages and workspaces requires detailed knowledge about the implementation — especially when it comes to resolving relationships — it has been mentioned earlier already that these can be persisted as comma-separated values, foreign keys and using an intermediate table. Correct information can only be retrieved by following the principles of retrieving „default values“ and overlaying them for each according context (language and/or workspace). To remove query complexity and possibly allow direct queries — e.g. using JOINs — the semantical meaning of workspace placeholders shall be reevaluated again.
All in all the participants were able to define next steps for the persistence initiative, shape the concepts to be used and developed a preliminary roadmap. Want to be part of it? Get in touch.
Today we published the second sprint release of the v13 series: TYPO3 version 13.1. You can now consolidate site configurations as Site Sets and reuse…
5 February 2024, I attended a workshop in Brussels, Belgium, with representatives from many large open-source projects. With one person from each…
AI will change content management forever. At T3CON23, speakers demonstrated AI-powered CMS features far beyond text and image generation.
April's episode of the Official TYPO3 Podcast.
TYPO3 Rector has become an indispensable tool when upgrading TYPO3 instances from one major version to another. My colleagues and I joined the TYPO3…
2023 showed us that it is important for TYPO3 to keep policy makers better informed. This event in Brussels, Belgium, was a source of new knowledge…