Sitecore.Services.Client / Entity Service Allowed Controllers

By default any Entity Service controllers you create abide by the Sitecore.Services.SecurityPolicy setting within the Sitecore.Services.Client.config. By default this is set to Sitecore.Services.Infrastructure.Web.Http.Security.ServicesLocalOnlyPolicy making the service safe and controllers only availably locally. This will cause issues if you call your controller in a live environment outside of the local environment as it wont be accessible.

Allowed Controllers

You can patch this setting to enable all controllers, but this is not a recommended practice, as this will open all controller endpoints to the world.

Instead SSC has the idea of allowedControllers. This section within the Sitecore.Services.Client.config allow you to patch in controllers that are exempt from the ServicesLocalOnlyPolicy setting. This section allows fine control over exactly which controllers are available externally.

Using the allowed controllers setting doesn’t mean you have to sacrifice all security on your controller. After patching in your controllers into the allowedControllers section, you can apply standard authentication filters or Cors to your controller.

Below is an example of a patch file that patches a custom controller into the allowedControllers section. You will also notice many of the Sitecore modules using this allowedControllers section such as xDB and XFM (Shown at the bottom of the page).

Huge thanks to @KevinObee for explaining lots of how SSC works.

Sitecore FXM using allowedControllers

Sitecore Content Search Computed Field Pass Custom Variables

One requirement of Content Search i’ve required recently, is the ability to pass in custom variables from the computed field config element. I needed this so multiple sites can use the same computed fields, but inject settings unique to that site. For example passing in the site name to generate site specific urls. Continue reading

Sitecore SPEAK Rich Text Editor

One of the features I think has been missing from Sitecore SPEAK is a Rich Text component. This blog post is a custom Rich Text Editor I have created for Sitecore SPEAK, The underlying Rich Text Editor is provided by Tiny MCE. Continue reading

Sitecore Razor / Glass Attribute Helper Methods Fluent API

After blogging about creating some Sitecore Glass Attribute Helper Methods (Blog Post) to help front end developers add HTML attributes to Razor / Sitecore Glass Mapper controls. I had an interesting comment from Jim Noellsch, mentioning about turning the helper classes into a Fluent API.

With a Fluent API, A developer is able to chain up multiple method calls, by returning the object on each method. See an example here for a better explanation than I can give http://www.codeproject.com/Articles/640997/Fluent-interfaces-and-Method-Chaining-in-Csharp.

Continue reading

Sitecore MVC Custom ID Model Binder

In this post i’ll explain how to create a custom Model binder in ASP.net to allow you to pass in a Sitecore ID in your controller action.

For example the controller action below accepts a Sitecore ID, however .net doesn’t know how to create the ID class from the form values passed to the action. Continue reading

Sitecore Content Editor Tabs In SPEAK

Within the Sitecore Content Editor, the editor section can change context based on the type of Item you are editing. For example when a media folder item is selected, the view allows you to upload media files, a template item allow you to add fields etc. These areas are called editors.

Media Editor
Media Editor

You can define and create your own custom editors within the Content Editor and specify the type of items it is applicable to. Continue reading

Sitecore Services Client ServicesApiController

With Sitecore 7.5 and now Sitecore 8, Sitecore.Services.Client (SSC) was introduced. This has given us a flexible and powerful framework for created Web API based rest services in Sitecore (See my introduction into Entity Service (part of Sitecore.Services.Client)) Continue reading