Application Builder

Blog
Application Builder
Wednesday, October 18, 2017PrintSubscribe
OAuth Wizards, RTF, DNN Integration, Enhanced Quick Find, New Folder Structure, and more.

Code On Time release 8.6.6.0 brings about a new folder structure, RTF support in Touch UI, OAuth registration wizards, built-in integration with DotNetNuke, enhanced Quick Find with history and auto-suggestions. User interface of the generated apps has also changed in subtle ways.New features of Code On Time 8.6.6.0

Keep reading to find out what’s new!

Native Client Apps

The release sets up the stage for the upcoming Native Client Apps (NCA). NCA is a hybrid app composed of HTML,  JavaScript, CSS, and native platform-specific executable that can be installed on a mobile device. NCA makes HTTP requests  to the sever-side components of the application to read-write data. Apps generated with the release 8.6.6.0 have a folder structure compatible with the platform-specific executables designed and developed by our team.

New folder structure of apps created with Code On Time release 8.6.6.0

Folders css, fonts, images, js, and pages are transferred as-is to the mobile device upon installation of the app directly from the server deployment. Various application framework components were added and enhanced to support self-updatable NCA executables.

Presently Code On Time generator produces apps composed of HTML, JavaScript, CSS, and server-side code written in C# or Visual Basic. Apps are hosted on a Microsoft IIS web server and can be accessed via modern web browsers from mobile and desktop devices. Starting with the release 8.7.0.0 (see notes at the end of the post) we will introduce generation of Native Client Apps for distribution via Apple App Store, Google Play Store, and Window App Store.  Also Chromium-based native Windows Apps will be supported for Windows 7 and all other compatible versions of Microsoft OS as alternative to Windows App Store.

Theme Enhancements

The release intoduces numerous subtle Light theme enhancements. The toolbar is now a little taller. The selection indication colors are borrowed from the theme accent. Feedback response is expressed via background color changes.

New “Dark” theme will become available soon to double the theming choices. We are also considering configurable “dark” theme variations to allow custom “main” themes.

All future themes will share the same color accents.

Simple Search With SuperPowers

Quick Find has been greatly enhanced to offer search history, auto suggestions, and field level search.

Auto-suggestions in Quick Find of apps created with Code On Time

Enter the first letters of the field name separated with a colon symbol from the search sample to limit the search scope.

Field-level search in the app created with Code On Time and Touch UI

RTF (Rich Text Format)

Built-in Rich Text editor without any external dependencies is now available in Touch UI. Simply set the Text Mode property of a data field to Rich Text to enable displaying and editing of formatted content.

Built-in Rich Text Editor in a Touch UI app build with Code On Time

“See All” to Fullscreen

Summary data views will open in “fullscreen” mode when “See All” option is selected. This screenshot shows a summary view of suppliers.

Summary view of records in an app with Touch UI

A fullscreen infinite “grid” of suppliers without paging is displayed when the user taps “See All” in the right top corner or when the user taps on the pager area.

Infinite view of records in the app created with Code On Time

Previously a modal view of data items was displayed instead.

User Avatars

App administrators can now upload user photos directly into the built-in conent management system of the app. First enable CMS for your project. Next ;ogin as administrator and navigate to Site Content. Upload a custom image and set its name to the name of the corresponding user and leave .PNG or .JPG extension. Set Path to sys/users. If the user logs out and logs in again, then the image is automatically displayed on the app toolbar.

Uploading a user photo into Content Management System on an app created with Code On Time

The same mechanism is automatically engaged upon Single Sign On (SSO) with Facebook, Google, Windows Live, DotNetNuke, etc.

Automatic Focus and Modal Fullscreen

Developers are now able to set a focus on an arbitrary field in a form by specifing focus-auto tag. The field will be focused in edit/new mode.

Frequently requested feature to display forms in “fullscreen” mode is now a part of the framework. Developers can specify modal-fullscreen tag on the form view to accomplish this effect.

A fullscreen editForm1 view in edit mode with the automatic focus on the second field is shown in the screenshot.

A fullscreen form view with the focus automatically set on the second field in an app created with Code On Time

CMS + OAuth Registration

Content Management System now supports OAuth Registration wizards to enable easy registration of external OAuth providers in the apps to enable SSO and optional communication services. Custom wizard forms are now available for Facebook, Google, Windows Live, Microsoft Graph, SharePoint, Identity Server, and DotNetNuke.

Open Registration Authentication for Microsoft SharePoint is displayed below.

OAuth registration form for Microsoft SharePoint integration of an app created with Code On Time

You will find implementation of the OAuth Wizards under ~/js/surveys/cms folder. Take a look to see how the wizards are working and build your own surveys.

We will be adding more custom editors for CMS content to enable easy runtime configuration of data controllers, pages, access control rules, workflow register, and much more.

Cloud On Time Connector for DotNetNuke

An app created with any edition of Code On Time can now be integrated with a popular content management system DotNetNuke. DNN allows easy deployment of customer-facing web portals built with Microsoft.NET. 

Just a few lines of code are now included in every generated app to allow easy integration with DotNetNuke portal instances. The portal administrator must install the free module Cloud On Time Connector for DNN available on our website. The application administrator will have to configure the app for integration. Integration with DNN is discussed in details if you follow the links.

We have also developed a collection of video tutorials to provide step-by-step guidance for the process of integrating DotNetNuke and apps created with Code On Time.

Watch a brief intro to learn how to rapidly build database forms, reports, apps for DotNetNuke portals. Use the links above to find the full details and instructions.

 

Applications generated with Unlimited edition can also be integrated with Microsoft SharePoint Online (Office 365) in a similar fashion.

You may not need a full featured portal as the front end for your app, but be assured that the technology making integration with DNN and SharePoint possible has singificant implications. Soon you will be able to use Code On Time to build your own apps that act as providers of identity information such as users, roles, and various custom data properties. It will be possible to create custom business applications that outsource user/role management to the identity provider app via OAuth. Apps acting as identity consumers will not have a built-in user management and will defer authentication and authorization decisions to the identity provider application created with Code On Time.  This will greatly simplify user management and enhance application security when large collections of apps are developed. This mechanism is the core component of the upcoming Cloud Edition of the v9, the next generation app builder of mobile and desktop apps. The new Cloud Identiy component of generated apps will become the default universal option for “Authentication and Membership” instead of ASP.NET Membership.

See Also

The following bug fixes, enhancements, and new features were introduced:

  • Light theme has been enhanced to use the “grey” background for visual response on click/touch with additional accent colors from to indicate the “selected” state of the elements of user interface.
  • There is no gap between modal pages and screen edge if the screen width is less than 480px.
  • Rich Text Formatting is now available in Touch UI when the Text Mode of a data field is set to Rich Text.
  • Read Only When expression works correctly when the field is specified in the Copy property of the lookup field.
  • List/Grid/Cards display a text-only tooltip limited to 300 characters.
  • Fixed. Model Builder sets up the sort expression of the baseline data controller view grid1 according to the order of the fields.
  • Enhanced rendering on Windows 10 tablets and horizontal touch-scrolling in grid view style.
  • Property Visible When of tabbed categories works correctly in Touch UI with container-level data views and DataView fields in forms. Tabs in forms will continuosly respond to changes to the fields used in Visible When expressions. Tabs of container-level data view fields will respond only to the initial values of the master row.
  • Switching between tabs will maintain the scroll position in forms even when the tabs reveal a small amount of content to prevent “jumping” effect.
  • Forms templates created by the framework at runtime will not include data-visibility attribute on field and category elements unless there is a Visible When expression on the corresponding object of the data controller.
  • JSON serialization of dates now uses String.Format method instead of DateTime.ToString to prevent culture related exceptions for some date values.
  • Globalization scripts are now included explicitly in the framework file set under ~/js/sys/culture folder of the app. If only the en-US culture is supported in the app, then the folder does not exist. New culture files are automatically generated when globalization settings of the project are changed. Calendars Hijri and UmAlQura are incuded directly in the corresponding globalization script as needed.
  • Controller MyProfile now includes culture-specific translated resources.
  • Added German membership translations - Thank you Peter Teutsch.
  • Fixed the double selection of auto-complete with the mouse in Touch UI on Mac OSX.
  • Fixed issue with custom session state with "DELETE * FROM..."
  • OAuth login using token in cookie and auto login causing redirect loop has been fixed.
  • Added check to fix issue with EnsureFieldValues when no values are submitted (Export, Download, etc).
  • Added JSON serialization support for the fields of type “Date” to work the same as “DateTime”.
  • Application framework now implements GetIdentity, GetManifest, GetManifestFile to support the native client apps.
  • Tag focus-auto will cause the form to set the focus on the corresponding data field in the form in new/edit mode on devices with a mouse pointer.
  • Tag modal-fullscreen will cause the form view to open as “fullscreen” modal view when the screen width allow “modal” presentation.
  • Ensured that the field outputs use the proper model name when available, instead of column name.
  • Added default user roles to user accounts created by external authentication.
  • Added new OAuth Registration Surveys to SiteContent.
  • Password recovery is denied if user has "Source: \w" in the comment (i.e. came from SSO source).
  • SiteContent is now sorted by FileName, Path.
  • Disabled ASP.NET request validation. Added RequestValidationService class as a replacement.
  • Client Framework now HTML-encodes the entire request. The server-side framework HTML-decodes the request to prevent HTML injection on HTTP level.
  • DotNetNuke integration via OAuth and Cloud On Time Connector for DotNetNuke is introduced in the apps. DNN tokens are now persisted in the database. OAuthHandler can now set email separately from the username.
  • Classic UI: Mandatory dropdownlist/radiobuttonlist/listbox will display NULL option if the field value is null. This will force the user to make a choice.
  • Touch UI: "N/A" text is not displayed in mandatory dropdownlist/radiobuttonlist/listbox when the field with null value is activated. Instead the placeholer is displayed in the empty input text box.
  • Fixed. Operation "$lastweek" missing from RowFilterOperations.
  • It is now possible to use culture-specific “comma” in decimal values on iOS devices when entering numbers.
  • Fixed left sidebar shifting with glyphicon icon.
  • New methods added to SiteContentFile: WriteAllBytes, WriteAllText, Exists, Delete.
  • User pictures (avatars) can now be saved in CMS as "sys/users/[UserName].(jpg|png)".
  • Quick Find now supports auto-suggestions, history, and field-level search. Improved search results for "search anywhere" and "search in field".
  • Universal Input: Refactored for speed the implementation of "change" function that monitors lookup input.
  • Ensured application name is "/" for apps using ASP.NET membership.
  • Publish will re-ask permissions if expired or incorrect.
  • Fixed. “Required” Tooltip shows up incorrectly when the field is on an inactive tab.
  • Search On Start works in Summary mode.
  • New tag search-on-start-simple will force search to be displayed in "simple" mode instead of "advanced". Advanced is the default mode for "Search On Start".
  • Client framework ignores HTTP error codes < 0 frequently causes by user navigating away when a data request is still in progress.
  • Ensure date picker closes after selection if no time component in Touch UI.
  • Context Values are passed as External Filters to enable additional server-side analysis and filtering similar to https://codeontime.com/learn/data-controllers/fields/context-field/implicit-lookup-filters-with-filter-expression.
  • It is now again possible to specify literal values on the right side of mappings in "Context Fields" expression in Touch UI.
  • Application Framework: Legacy security attribute legacyCasModel of "trust" element is restored to enable better performance of Report Viewer on more secure Windows Servers.
  • Folder structure of generated apps has changed:.
    • All javascript goes under ~/js with /js/sys and /js/daf folders.
    • All touch CSS goes under ~/css.
    • Lowercase pages, reports, controls.
    • Method sm_ResolveScriptReference has been removed from Site.cs(vb), and instead sm.AjaxFrameworkMode = Disabled for both ASPX and HTML projects.
  • Renamed import-1.0.0.0.js to touch-import.js. Included jQuery 2.2.4 into release.

Next

Monitor our roadmap 2017 updates over this weekend to see what is coming next (Native Client Apps for mobile devices, Chromium-based client for Windows, Offline Data Processor, etc.)

    Monday, October 16, 2017PrintSubscribe
    Rich Text in Touch UI

    By default any HTML content stored in the database table column will be displayed in the raw format with the tags plainly visible to the end user. Rich text mode will force the framework to prevent encoding of the values and let the browser to render the content with the formatting. Property Text Mode of a data field  enables rich text formatting when set to Rich Text. End users will have access to the text formatting options available on the special toolbar displayed when the field is focused on the form.

    Rich Text Editor in apps with Touch UI.

    The formatted text will also be visible in the Grid and List view styles.

    Rich Text formatting in visible in Grid and List styles in apps created with Code On Time.

    If the Text Mode is set to the default value, then the formatting tags are revealed as plain text.

    By default Rich Text formatting tags are revealed in plain form.

    Button “…” displayed on the right side of the formatting toolbar will bring up a full list of formatting commands available to the user.

    The panel of RTF options activated from the built-in RTF editor in apps with Touch UI.

    Developers control the Richt Text Format (RTF) toolbar with the tags assigned to the data field.

    Tag rtf-frame will display a frame around the field content when the focus is received.

    A frame may optional surround the boundaries of Rich Text in apps with Touch UI.

    Tag rtf-toolbar-location-bottom will set the preferred location of the formatting tollbar to be at the bottom of the field in the form. This option may prove to be useful when implementing messaging forms with the the recepient and subject displayed above the field value.

    An optional location as the bottom can be specified for RTF fields in apps with Touch UI.

    Note that the framework will move the toolbar above or below the field boundaries as the user scrolls the contents of the form. The text boundaries will grow as the user types in more content.

    Tag rtf-editor will force a dedicated editor form to be displayed when user activated the field with the Text Mode set to  Rich Text. This mode may help when a long text is expected to be entered as the field value. User can press Ctrl+Enter keyboard shortcut to save the contents when edting is finished to retun to the data form.

    A dedicated rich text editor form can be activated by default or when user preses F11 while editing RTF text in apps with Touch UI.

    Tag rtf-editor-fullscreen will display a fullscreen editor window upon activation.

    A fullscreen editor can be specified as the default editing option in apps with Touch UI created with Code On Time app generator.

    The dedicated editor form can be activated by pressing F11 when the rtf-editor tag is not specified and the focus is on the Rich Text field.

    Individual commands on the toolbar can be controlled by providing a combination of rtf-command-(command-name) tags. For example, if a limited text formating is desired then rtf-command-bold rtf-command-italic rtf-command-insertUnorderedList combination of tags will transform the formatting toolbar as follows.

    Developers have a control over RTF formatting commands in apps created with Touch UI.

    The complete list of supported formatting commands is presented in the table.

    Tag Description
    rtf-command-formatBlock-p Formats text as a paragraph. This option is avialable in under Format drop down on the toolbar.
    rtf-command-formatBlock-blockquote Format text as a quotation. This option is avialable in under Format drop down on the toolbar.
    rtf-command-formatBlock-h1 Format text as Heading 1. This option is avialable in under Format drop down on the toolbar.
    rtf-command-formatBlock-h2 Format text as Heading 2. This option is avialable in under Format drop down on the toolbar.
    rtf-command-formatBlock-h3 Format text as Heading 3. This option is avialable in under Format drop down on the toolbar.
    rtf-command-formatBlock-h4 Format text as Heading 4. This option is avialable in under Format drop down on the toolbar.
    rtf-command-formatBlock-h5 Format text as Heading 5. This option is avialable in under Format drop down on the toolbar.
    rtf-command-formatBlock-h6 Format text as Heading 6. This option is avialable in under Format drop down on the toolbar.
    rtf-command-bold Format text as bold.
    rtf-command-italic Format text as italic.
    rtf-command-underline Format text as underlined.
    rtf-command-strikethrough Format text with a strike through.
    rtf-command-insertUnorderedList Format selected text as unoredered list or start a new unordered list.
    rtf-command-insertOrderedList Format selected text as ordered list or start a new oredered list.
    rtf-command-justifyLeft Align the selected text to the left.
    rtf-command-justifyCenter Align the selected text to the center.
    rtf-command-justifyRight Alight the selected text to the right.
    rtf-command-justifyFull Justify the text to fill the full width of text boundaries.
    rtf-command-indent Increase indentation of the text on the left side.
    rtf-command-outdent Decrease indentation of the text on the left side.
    rtf-command-removeFormat Remove formatting from the selected text.
    rtf-command-rtf-editor Enables an option to activate a dedicated editor for the field content.

    Additional formatting commands will be available in the future releases. Don’t hesisitate to contact customer support if specific formatting options are desired.

    The implementation of rich text formatting is based on the native content editing capabilities of the modern browsers. Applicaiton frameowork will use P tag to format paragraphs accross different platforms and strip all formatting when the text is pasted from the clipboard. The implementation of rich formatting is touch friendly. The new RTF editing support will be also utilized in the upcoming page builder of the built-in Content Management System (CMS) available in the apps created with Code On Time.

    Note that variations in the implementations of content editing by browser vendors may produce a slightly different formatting output but appear the same to the end users on different platforms. An attempt to provide a unified formatting across various platforms will require creating a full featured document editor, which is not an easy task.

    There are great RTF editors out there. Many of them are with a permissive licensing. Some of the editors are already providing a decent touch-friendly user interface. We will be integrating support for the leading solutions in the future implementations of the framework. Custom RTF editors are equipped with their own extensive user interface. Therefore we will be offering external RTF editor integration as dedicated forms via rtf-editor tag extensions. External editors will display on top of the forms. If you would like to sponsor an integration of a particular RTF editing framework, then please contact customer support to request a quote.

    Tuesday, September 12, 2017PrintSubscribe
    CMS (Site Content) & OAuth Registration Form

    Open Authentication (OAuth) allows secure Single Sign-On in distributed cloud infrastructure. For example, you may build a collection of business applications that use Azure Active Directory to manage users. Individual applications do not store original user information and instead rely on Azure Active Directory to manage users, control sign-in, as well as offer password recovery, suspicious activity detection, and general account security. In this example, each custom application is registered with Microsoft Graph and maintains it’s own configuration settings to delegate user sign-in to Azure Active Directory.

    Delegated security speeds up your application development while conforming to high standards of account management and protection.

    Release 8.6.6.0 of Code On Time web app generator now offers an easy way to register authentication handlers for Google, Facebook, Windows Live, Identity Server, Microsoft Graph, SharePoint, DotNetNuke, and upcoming Cloud Identity (replacement for ASP.NET Membership in applications built with Code On Time).

    The dynamic nature of OAuth configuration requires a place to store settings in the application. Make sure to enable the Content Management System in the database of your app. Log in as admin to your app, and navigate to Site Content.

    Site Content page represents the content management system of your app.

    Click on the plus (+) button and a form will ask the type of content the user wishes to create. Two options are available – (custom) and Open Authentication Registration. Future releases will allow creating access control lists, custom pages, data controllers, user profile images, workflow register entries, etc. Developers will be able to create editors for custom content items in their applications.

    Creating a new Site Content record.

    Choose “Open Authentication Registration” option and press OK. Select the Authentication provider from the list of available options in the Open Authentication Registration form, and additional configuration parameters will be displayed.

    Selecting an authentication provider on the Open Authentication Registration wizard.

    Enter the required properties and press “Save” to register the provider.

    Open Authentication Registration form for an existing record.

    The new registration record will be displayed in the Site Content. Selecting an existing OAuth registration will reopen the Open Authentication Registration form.

    The new registration entry has been inserted. 

    User Synchronization

    When clients complete authentication with an external provider, the provider returns a username to the app. If a user account is found with a matching username in the application database, then the client is logged in as that user. If the matching user account is not found, what will happen next is determined by the provider configuration. If “Synchronize users” is enabled, a user account will be created with that username and randomly generated password and password answer. If the “Synchronize users” property is disabled, then the user is denied access to the application.

    Synchronizing users via external authentication.

    Most of the time, you will want to enable user synchronization to create “shadow” user accounts in your application database automatically. Shadow user accounts are representations of the external user identity in the application database. Changes made to these accounts will not affect the identity configuration managed by authentication provider. These accounts represent a cached user name and email. The user password, contact, and identity recovery information is not stored in the application data. If the user is deleted or renamed, then only the cached data is changed. Next sign-in authenticated by the provider will create another shadow user account.

    If synchronization of users is disabled, then you will need to create user accounts ahead of time. The passwords assigned to these accounts do not need to be known to the users. Successful authentication by a registered external provider will log in the user with a matching name to the app.

    Many applications save references to users in special columns (for example: Modified, Created, ApprovedBy, Owner, DeletedBy, etc). If authentication provider is enabled, then references to shadow user accounts will be recorded.

    User Role Synchronization

    Many OAuth providers maintain user roles. When a user is authenticated by an external provider, the provider may return a list of roles or groups assigned to that user. If “Synchronize user roles” is enabled for that authentication provider, then the reported user roles will be assigned to the user. Any shadow user roles assigned to the shadow user but not matched by the provider will be removed.

    Requesting a list of user roles requires adding a system account to the provider registration. The system account must have permission to access the roles or groups of authenticated users.

    If “Synchronize user roles” is enabled, press ADD SYSTEM ACCOUNT to save the registration record. You will be redirected to the authentication provider to acquire permission to read user roles.

    Synchronizing user roles via external authentication.

    If authentication is successful, the provider will redirect back to the Site Content page and update the registration record with system access tokens. The application will use the system access token to obtain shadow user roles from the authentication provider on each successful login. Access tokens do expire periodically and will need to be renewed. Simply select the provider registration and click Add System Account.

    Auto Login

    If only one authentication provider is used to confirm user identities, then consider enabling “Force users to login with this provider”. If an anonymous user tries to access this application, then the app will immediately redirect to the authentication provider for sign in. This will also happen if the user logs out.

    Enabling auto login for an external providier.

    To access the system login form and sign in with an internal user account, append “?_autoLogin=false” to the URL of the page in your browser.

    Redirect Uri and Local Redirect Uri

    The Redirect Uri property determines the address that the provider will return to after a user has been authenticated. For providers that support defining more than one Redirect Uri, the Local Redirect Uri property will be passed to the provider when the app is running in “local mode”. This automatic switching makes it easy for developers to test the authentication pipeline on a development machine, without having to publish the app.

    Specifying Redirect Uri.

    Simply type in the address of your site (myapp.azurewebsites.net), and it will be expanded to the correct full URL (https://myapp.azurewebsites.net/appservices/saas/[ProviderName]).

    Facebook

    To create a registration for OAuth integration with Facebook, the properties Client Id, Client Secret, and Redirect Uri must be specified. Client ID and Client Secret can be obtained from the Facebook Developer Dashboard. Synchronization of roles is not supported.

    Configuring Facebook OAuth Provider.

    Google

    The Google Developer Dashboard will provide the Client Id, and allow developers to generate a Client Secret. Adding system account also allows storing blob data in Google Drive by configuring the Google Drive Blob Adapter.

    Configuring Google OAuth Provider.

    Windows Live

    The Microsoft Apps Dashboard allows creating new clients and secrets. Role synchronization is not supported.

    Configuring Windows Live OAuth Provider.

    Microsoft Graph

    The Client Id and Client Secret values can be created from the Microsoft Apps Dashboard. The Microsoft Graph OAuth provider allows users to authenticate with their Windows Live, Office 365, Azure Active Directory, or SharePoint Online accounts. The Tenant ID property controls the source of external accounts. Specify the value “common” to allow all sources. Enter the specific Tenant ID of your tenant to restrict access to the app to only those accounts registered in the specific tenancy.

    Configuring Microsoft Graph OAuth Provider.

    If “Synchronize user roles” is enabled, be sure to press Add System Account to grant your app access to the roles or groups of the tenancy.

    SharePoint

    The Client Id and Client Secret properties can be acquired by navigating to “https://mysite.sharepoint.com/_layouts/15/AppRegNew.aspx”. Make sure to replace the root with your SharePoint site URL. The Client Uri property is equal to “mysite.sharepoint.com” if you are connecting to SharePoint Online.

    Configuring SharePoint OAuth Provider.

    When configuration is complete, be sure to press Add System Account to allow the app access to the SharePoint groups of each user that authenticates with your app. This also enables storing blobs in SharePoint file system via the SharePoint Blob Adapter and creating “service” data controllers from SharePoint lists in your site.

    DotNetNuke

    Configuring a DotNetNuke portal as an authentication provider requires installation of Cloud On Time Connector for DotNetNuke. Specify the authentication endpoint in the Client Uri property. Define a comma-separated list of tokens in the Tokens property. These tokens will be persisted to the SiteContent table for each user. These tokens can be accessed by calling @Profile_Token_Name in SQL business rules or GetProperty(“Token_Name”) in code business rules, replacing the colon (:) with an underscore (_).

    Configuring DotNetNuke OAuth Provider.

    Identity Server

    Be sure to consult the documentation of your Identity Server installation on how to configure authentication clients.

    Configuring Identity Server OAuth Provider.