In this session we will use ColdBox’s built in REST BaseHandler, and with CBSecurity and Quick ORM we will setup a secure API using fluent query language - and you’ll see how Quick Quick development can be!
These slides focus on documentation for REST APIs. See http://idratherbewriting.com for more detail. For the video recording, see http://youtu.be/0yfNd7tzH2Q. This deep dive is the second slide deck I used in the presentation.
Managing the deployment of code to multiple AWS Lambda functions and updating your API Gateway methods can be manual and time consuming.
In this session, we will show you how to build a deployment pipeline to AWS Lambda using AWS CodePipeline, a continuous delivery service based on Amazon’s internal release automation tooling. We will discuss how to use versioning, which enables you to better manage the different variations of your Lambda functions and API Gateway methods in your development workflow (e.g., development, staging, and production). We will walk through how to automate the entire release process of your application from development, to staging, and finally to production; performing automated integration tests at each stage.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Andrew Baird, Solutions Architecture
Devoxx 2018 - Pivotal and AxonIQ - Quickstart your event driven architectureBen Wilcock
Devoxx Belgium 2018 - Let Pivotal and AxonIQ take you on a journey into Axon Trader. Axon Trader is a new open-source reference architecture that demonstrates how to use Spring, Axon and Pivotal Cloud Foundry to deliver evolutionary microservice applications to prod in minutes.
The accompanying YouTube video can be found here: https://www.youtube.com/watch?v=15hzHUI4WNA
"Service Worker: Let Your Web App Feel Like a Native "FDConf
Nowadays web apps become inseparable part of our everyday life. But even playing such a big role they still don’t have a lot of advantages the native ones have. Service Worker is designed to break down these barriers. Installing and updating your app, fully controlling the network cache, intercepting network responses, sending push notifications and doing backgrounds updates. All these becomes possible with Service Worker. Is your web app ready to rock?
Continuous Delivery with AWS Lambda - AWS April 2016 Webinar SeriesAmazon Web Services
Managing the deployment of code to multiple AWS Lambda functions and updating your API Gateway methods can be manual and time consuming.
In this webinar, we will show you how to build a deployment pipeline to AWS Lambda using AWS CodePipeline. We will discuss how to use versioning, allowing you to better manage the different variations of your Lambda function and API Gateway methods in your development workflow, such as development, staging, and production. We will walk through how to automate the entire release process of your application from development to staging and finally to production, performing automated integration tests at each stage.
Learning Objectives:
Understand the basics of AWS CodePipeline
Learn how to version AWS Lambda functions and API Gateway methods
Build a deployment pipeline to AWS Lambda
These slides focus on documentation for REST APIs. See http://idratherbewriting.com for more detail. For the video recording, see http://youtu.be/0yfNd7tzH2Q. This deep dive is the second slide deck I used in the presentation.
Managing the deployment of code to multiple AWS Lambda functions and updating your API Gateway methods can be manual and time consuming.
In this session, we will show you how to build a deployment pipeline to AWS Lambda using AWS CodePipeline, a continuous delivery service based on Amazon’s internal release automation tooling. We will discuss how to use versioning, which enables you to better manage the different variations of your Lambda functions and API Gateway methods in your development workflow (e.g., development, staging, and production). We will walk through how to automate the entire release process of your application from development, to staging, and finally to production; performing automated integration tests at each stage.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Andrew Baird, Solutions Architecture
Devoxx 2018 - Pivotal and AxonIQ - Quickstart your event driven architectureBen Wilcock
Devoxx Belgium 2018 - Let Pivotal and AxonIQ take you on a journey into Axon Trader. Axon Trader is a new open-source reference architecture that demonstrates how to use Spring, Axon and Pivotal Cloud Foundry to deliver evolutionary microservice applications to prod in minutes.
The accompanying YouTube video can be found here: https://www.youtube.com/watch?v=15hzHUI4WNA
"Service Worker: Let Your Web App Feel Like a Native "FDConf
Nowadays web apps become inseparable part of our everyday life. But even playing such a big role they still don’t have a lot of advantages the native ones have. Service Worker is designed to break down these barriers. Installing and updating your app, fully controlling the network cache, intercepting network responses, sending push notifications and doing backgrounds updates. All these becomes possible with Service Worker. Is your web app ready to rock?
Continuous Delivery with AWS Lambda - AWS April 2016 Webinar SeriesAmazon Web Services
Managing the deployment of code to multiple AWS Lambda functions and updating your API Gateway methods can be manual and time consuming.
In this webinar, we will show you how to build a deployment pipeline to AWS Lambda using AWS CodePipeline. We will discuss how to use versioning, allowing you to better manage the different variations of your Lambda function and API Gateway methods in your development workflow, such as development, staging, and production. We will walk through how to automate the entire release process of your application from development to staging and finally to production, performing automated integration tests at each stage.
Learning Objectives:
Understand the basics of AWS CodePipeline
Learn how to version AWS Lambda functions and API Gateway methods
Build a deployment pipeline to AWS Lambda
Things are moving fast. Sometimes you might even feel that you own comfort zone is getting of control. But in a Mobile-First, Cloud-First world, things are changing to a crazy pace and to stay on the top of your game, you need keep up with the latest and greatest technologies that are available out there. By staying up to date, you will give to yourself new options that will let you be more productive, write better code and push you in a more open and more collaborative world.
With the official shipment of Angular 2 and the current preview release of the SharePoint Framework, it is now the time to start moving towards those new technologies in your SharePoint Solutions.
In this session, we will cover the modern tool belt of the SharePoint developer by covering the SharePoint Framework as the new surface to express yourself, Angular as a Framework to enable you to build complete applications within your SharePoint modern experiences and Azure Function as the perfect server-side companion for all your Office 365 & Azure development.
This very demo-intensive session will make sure that at the end you get those 3 key takeaways :
Understand the role of the SharePoint Framework, Angular and Azure Functions in this Cloud-First, Mobile-First world
Have a complete sample where the modern tool belt is relevant and useful in a real-world scenario
Change the way you will think for your next SharePoint project
Migrate your Existing Express Apps to AWS Lambda and Amazon API GatewayAmazon Web Services
This webinar teaches you how to use Amazon API Gateway and AWS Lambda to run your existing Express.js applications with just a few lines of code. We will introduce three new features in API Gateway: proxy integrations, greedy paths, and the ANY HTTP method. Combining these features, you can configure API Gateway in a few simple clicks via the management console and express all of your logic and API definition in code.
Learning Objectives:
1. Easier migration to API Gateway and Lambda
2. New API Gateway Catch-all methods
Who Should Attend: Developers
Goal:
Minimize technical debt, code changes, and rewrites. Show stakeholders and customers the developing or fully-implemented UI as early as possible.
How:
Fake the backend. Then when the UI code is completely done, make the backend real.
Integrating Infrastructure as Code into a Continuous Delivery Pipeline | AWS ...Amazon Web Services
Ansible is a simple, but powerful automation tool with an agentless footprint that allows for the definition of architecture, intent, and policy as code that can be deployed across both on-prem and cloud infrastructure. This enables customers to extend their enterprise and applications into AWS in a way that maintains a consistent, secure posture as part of a continuous delivery pipeline. Customers can then natively integrate with AWS to seamlessly configure and deploy a range of AWS services such as Amazon Aurora, Amazon Redshift, Amazon EMR, Amazon Athena, Amazon CloudFront, Amazon Route 53, and Elastic Load Balancing from within Red Hat OpenShift across a secure, consistent hybrid cloud infrastructure. In this session, we will demonstrate how infrastructure can be instantiated with code as part of a continuous delivery pipeline and describe how that integrates with an OpenShift hybrid cloud deployment. Learn More: https://aws.amazon.com/government-education/
Similar to Itb 2021 - Bulding Quick APIs by Gavin Pickin (20)
In this session we will be learning how to start using ContentBox, and from the beginning, setup your site to be containerized and deployed with Continuous Integration to a Cloud Provider on a Docker Swarm. You will learn about Ortus Solution's ( Docker Partner ) docker images for CommandBox and ContentBox, and how to build your site, dockerize, and then deploy (using only free tools), to the cloud of your choice. If the live demo gods are on our side, I will deploy a new site to Digital Ocean at the end of this session.
Presented at Into the Box 2019
ColdBox APIs + VueJS - powering Mobile, Desktop and Web Apps with 1 VueJS cod...Gavin Pickin
For a long time, some frontend Javascript frameworks have helped you with one or two styles of Apps, but Quasar is an amazing new VueJS framework that allows you to build Single Page Apps (SPA), Server-side Rendered Apps (SSR), Progressive Web Apps (PWA), Mobile Apps (Android and IOS) through Cordova as well as Multi-platform Desktop Apps using Electron. With the Quasar CLI, you can quickly start a project, and have a single code base that can output multiple formats, as needed. Come to this session and find out how.
Presented at Into the Box 2019
AN EXERCISE IN CLEANER CODE - FROM LEGACY TO MAINTAINABLEGavin Pickin
We’ve all had those projects, the salvage project, the legacy project that we picked up, and wished we never had.
Was it written 5 years ago by that young dev with lots of passion but no big picture vision.
Was it written 6 months ago by another team, by a top gun developer who knows all the design patterns, and tried to future proof the app, only succeeding in making it impossible for anyone else to understand.
Or was it you, 2 years ago, before you joined the community and learned more about best (better) practices and you almost cannot comprehend how you used to code.
Long story short, we have all been there, but the past is history, how do we proceed from here, that’s the key. We’ll look at some of the ways you can clean up your code, and walk through some examples, and walk the journey to software craftsmanship
5 main points
What is clean code
Reading vs Writing Code
Don’t suffocate your code, let it breathe
Simple & Self Documenting Code
Lower the Cognitive Load
Most projects in CF now involve creating some type of consumable CFC Endpoint or API Service... do you Unit test your API, do you use Integration Tests on your API? How many ways do you test your API? Not all tests are created equal.
We build our CFCs and CF API to be consumed with CF Apps, Mobile Apps, Javascript apps and devices we haven’t even thought about yet. To be smart developers we need to be able to test our CFC endpoints, and the code that uses those endpoints.
We’ll learn how to test your API serverside with Testbox and Clientside with Jasmine.
With Testbox and Jasmine both using BDD, your test code can almost be isomorphic.
Attendees should have some exposure to CFCs as endpoints, or CF API creations, and consuming with other languages/devices, in this case, JavaScript.
Attendees will learn
How to use Testbox to test your CFCs 2 different ways
Different types and ways to test JavaScript
Overview of client/server side testing tools
Building testing into your workflow
You are one of many that are not testing your APIs thoroughly
Take home your very own free Vagrant CFML Dev Environment - Presented at dev....Gavin Pickin
Vagrant is a great solution for providing all of your devs a standard dev environment, but like all the other great technology out there, you have to learn it, and then implement it.
Not anymore, this session will give you a well used, documented Vagrant Setup, with the flexibility to use it for all of your future dev projects too. Learn how this Vagrant Environment is setup, and how to extend it. Kill the learning curve, and spin it up today.
This setup is being used by several devs, on several projects, and has simple flexibility built in. Drop your repos in the main folder, follow simple conventions, and add a small amount of configuration and be able to spin up your environment in minutes. This setup can configure a simple welcome page, configure the web server and cfml engine mappings, datasources, web server settings per site, host entries, and much more.
As great as this sounds, nothing is ever perfect, learn how some assumptions left me looking silly, and owing another developer a meal, and how I resolved that issue and made this vagrant setup even better.
How do I write Testable Javascript - Presented at dev.Objective() June 16, 2016Gavin Pickin
Everyone who wasn't writing JavaScript, probably is now. Atwood's Law: any application that can be written in JavaScript, will eventually be written in JavaScript.
That's great, but how do we test it? In ColdFusion we have CFCs, most languages have classes... but JavaScript doesn't have classes (yet).
So how do I write unit tests, what units are there, and how do I make my code look like that? JavaScript is a flexible language, and with great flexibility comes great complexity and responsibility. Take your JavaScript spaghetti and make it unit testable.
Attendees should have some exposure to JavaScript, but this is for the Professional Newbie... who always needs to learn and adapt.
BDD Testing and Automating from the trenches - Presented at Into The Box June...Gavin Pickin
In this session, we'll learn what TDD and BDD testing is in CFML and ColdFusion, using Testbox. We'll look at some of the myths surrounding testing, and how to get started with testing, and how it can make you more efficient, improve code quality, code confidence, and how automation can make your life as a developer more pleasant than what you face currently, living in the trenches
How do I write Testable Javascript so I can Test my CF API on Server and ClientGavin Pickin
Everyone who wasn't writing JavaScript, probably is now. Atwood's Law: any application that can be written in JavaScript, will eventually be written in JavaScript.
We build our CFCs and CF API to be consumed with AJAX, and like Server Side, we need to be able to test our CFC endpoints, and the Javascript that uses them. With Testbox and Jasmine both using BDD, your test code can almost be isomorphic.
Take your JavaScript spaghetti and make it unit testable. Test your API on Server and Client.
Just Mock It‚ Mock what? What Mock?
Learn What is Mocking, and how to use Mocking with ColdFusion testing, development, and continuous integration. Look at Mocking and Stubbing with a touch of Theory and a lot of Examples, including what you could test, and what you should test‚ and what you shouldn't test (but might be fun).
Presented at IntoTheBox.org conference May 2014 (no recording available)
Recorded 9/24/14 as part of ColdBox Developer Week Free online conference
http://experts.adobeconnect.com/p5ultotjtxu/
Presented at dev.Objective() http://www.devobjective.com/
May 14, 2015
11:30 AM - 12:30 PM
More info and resources related to presentation available here
http://www.gpickin.com/devobj2015/testablejavascript/
Everyone who wasn't writing JavaScript, probably is now. Atwood's Law: any application that can be written in JavaScript, will eventually be written in JavaScript. That's great, but how do we test it. In ColdFusion we have CFCs, most languages have classes... but JavaScript doesn't have classes (yet). So how do I write unit tests, what units are there, and how do I make my code look like that.
JavaScript is a flexible language, and with great flexibility comes great complexity and responsibility. Take your JavaScript spaghetti and make it unit testable.
Attendees will learn
Different types and ways to test JavaScript
Structuring your JavaScript to be unit testable
Overview of testing tools
Building testing into your workflow
You are one of many that are not testing your JavaScript
Attendees should have some exposure to JavaScript, but this is for the Professional Newbie... who always needs to learn and adapt.
Presented at dev.Objective() http://www.devobjective.com
May 15, 2015
1:45 PM - 2:45 PM
More info and resources related to presentation available here
http://www.gpickin.com/devobj2015/cordovahooks/
Working in the web world, we have workflows and tools we are used to. We edit, save f5 reload to test our work as we go. Working with mobile, even Hybrid Mobile, is a very different workflow. Cordova lets us build hybrid apps but how do you test them, how do you interface with the Cordova build process, how do you debug. This session helps you go from "hello world" demo, to a professionally built app.
Attendees will get the following out of the session:
Learn about Cordova hooks and how to use them
Integrate js-hint into prepare / build process for code validity
Integrate testing into prepare / build process
Learn to debug a Cordova Hybrid Mobile app
Look at some other hooks and tools useful for your Cordova app.
Gotchas from real world experience
It would be useful if you have looked at, or built a hello world demo, with Cordova or PhoneGap.
Setting up your Multi Engine Environment - Apache Railo and ColdFusionGavin Pickin
Presented at cf.Objective() May 2014.
More info and resources related to presentation available here
http://www.gpickin.com/cfo2014/
Description of Target Audience
Are you a developer looking to setup Multiple CFML Engines in your Development or Server Environment, and after reading all of the different blogs out there, just want a walk through, to help clear things up, well, this session is for you.
Assumed Knowledge
None required, although basic installation / configuration or a web server and cfml engine would be easier to follow along.
Objective of the Topic
To give the audience all the knowledge and resources they need to be able to go home and install their own multiple cfml engine environment.
This topic will help walk the audience through dos and don'ts, and with a step by step on how to get Apache, Railo and Coldfusion to all play nicely together. There are many blogs out there showing users how to set up one engine, or another, but this session will help clear up the process. We will install Apache and connect to Coldfusion, Railo and a Railo Cluster, and install a small App to help manage the Websites, Apache, and Connectors, to save you diving into the CONF files continuously.
Why am I qualified to Present
I have been programming Coldfusion for over 14 years, and having been Team Lead and responsible for Server Install, Maint and Configuration for the last 13 years at 2 companies, I have been involved with the day to day coding in Coldfusion, but also the one in the firing line if Coldfusion server is not performing as required.
Recently my team and I have undertaken a migration Project of 100+ CFML websites (varying types and age), in which testing multiple CFML engines was required, I setup our Dev Staging and Production servers, as well as our Local Developer environments.
I built a couple of tools to help manage the setup, which I will share with the audience.
What Will the Audience Learn
- Basic Apache Config
- How to Install Coldfusion and extract the Connector
- How to Install Railo (instances) and extract the Connector
- How to Setup and Connect to a Railo Cluster
- How to edit the Apache and Tomcat Conf files to make them easier to maintain
- How to use my small App to Manage the Apache / Tomcat configurations
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
1. Building Quick APIs
by Gavin Pickin
https://github.com/gpickin/itb2021-building-quick-apis
2. Building Quick APIs
by Gavin Pickin
https://github.com/gpickin/itb2021-building-quick-apis
3.
4. Gavin Pickin
Who am I?
• Software Consultant for Ortus Solutions
• Work with ColdBox, CommandBox, ContentBox
APIs and VueJS every day!
• Working with Coldfusion for 22 years
• Working with Javascript just as long
• Love learning and sharing the lessons learned
• From New Zealand, live in Bakersfield, Ca
• Loving wife, lots of kids, and countless critters
@gpickin
5. What is this talk?
We will setup a secure API using fluent query language - and
you’ll see how quick Quick development can be!
We will use
● ColdBox
● ColdBox’s built in REST BaseHandler
● Route Visualizer
● CBSecurity
● Quick ORM
6. What is this talk not?
● We will not be adding an API to a Legacy Site
● We will not be adding an API to a non ColdBox site
● It is not my CF Meetup Talk “Building APIs with
ColdFusion Part 1”
https://www.youtube.com/watch?v=UdgRt8HIKD0
BUT YOU COULD DO ALL OF THESE THINGS
WITH THE KNOWLEDGE FROM THIS TALK
7. Why should I give this talk?
• I build a lot of APIs for Customers
• I have seen many different ways to build an API
• I’m going to share some of the lessons I have learned.
• I try to present in step by step follow along later
format that I think you’ll love
• Hopefully you’ll learn something
• Hopefully it will be useful.
8. What is an API?
API is an application programming interface
More commonly when someone says API today they think of
an JSON API, usually we hope for a REST API but not always.
APIs can be xml, soap, but it’s very common to talk about
JSON apis, and that’s what we’re talking about today.
Although most of it is relatable.
9. REST JSON API vs JSON API
What is REST
REST is acronym for REpresentational State Transfer. It is
architectural style for distributed hypermedia systems and
was first presented by Roy Fielding in 2000 in his famous
dissertation.
All REST are APIs but not all APIs are REST.
10. Guiding Principles of REST
● Client–server
● Stateless
● Cacheable
● Uniform interface
● Layered system
The key abstraction of information in REST is a resource. Any information
that can be named can be a resource: a document or image, a temporal
service, a collection of other resources, a non-virtual object (e.g. a person),
and so on. REST uses a resource identifier to identify the particular resource
involved in an interaction between components.
11. What App are we working on?
SOAPBOX API - An API for a twitter clone we built for our ColdBox Zero to Hero Training.
14. Let’s update our .env
● Change the connection string to match our DB - soapboxapi
● Change the DB_DATABASE to match our DB - soapboxapi
● Change ports, user name and password to match
15. Let’s start our server
That port matches the testbox runner in the box.json
http://127.0.0.1:53163/ - our site
http://127.0.0.1:53163/tests/runner.cfm - our tests
box start port=53163
16. Let’s plan our API
What is an Example URL - /api/v01/users
We’re going to make API a module with a V01 module inside of it.
● Add modules_app folder for this apps custom modules
● Add modules_app/api folder with ModuleConfig.cfc
● Add modules_app/api/modules/api-v01 folder with ModuleConfig.cfc
API - V01
17. Let’s build out our API V01 Module
● Add modules_app/api/modules/api-v01/config Folder with Router.cfc
● Setup the base route of “/” to go to main.index
● Add api-v01/handlers/main.cfc which extends coldbox.system.RestHandler
● Add index event in the main handler
● Index event should sets data in the response object to welcome the user to
the api.
http://127.0.0.1:53163/api/v01
API - V01
18. Let’s plan our API
USER resource
GET /api/v02/users - get a list of users
POST /api/v02/users - create a new user
GET /api/v02/users/:userID - get a single user
POST /api/v02/users/:userID - update a single user
DELETE /api/v02/users/:userID - delete a single user
API - V02
19. Add User Resource to Router.cfc
resources(
resource = "users",
handler = "users",
parameterName = "userID",
only = [ "index", "show", "create", "update", "delete" ]
);
API - V02
22. Secure our CUD Actions
Let’s use CBSecurity to lock down our non READ functionality
● CREATE
● UPDATE
● DELETE
API - V03
23. Install CBSecurity
Add the Config to your config/ColdBox.cfc
Add a JWT Secret incase .env has a blank one
Add “api-v03:main.index” for “invalidAuthenticationEvent”
Add “api-v03:main.index” for “invalidAuthorizationEvent”
API - V03
box install cbsecurity
24. Add Secured Metadata
function create( event, rc, prc ) secured{
event.getResponse().setData( "Create Users" );
}
API - V03
26. Updating Redirects for API Authentication
and Authorization Issues
You should really setup your main ColdBox app for an HTML page and
your API module for an API page
Add settings to the API-v04 Module Config
Add “api-v04:main.index” for “invalidAuthenticationEvent”
Add “api-v04:main.index” for “invalidAuthorizationEvent”
API - V04
27. Updating Redirects for API Authentication
and Authorization Issues
http://127.0.0.1:53163/api/v04/users/?_method=post
Now we are redirected to an API Handler
You can add new methods for onInvalidAuth and or
onInvalidAuthorization to be more specific in your responses
API - V04
28. Install and Configure Quick
add a datasource definition in Application.cfc
API - V05
this.datasource = "soapboxapi";
box install quick
30. Quick is Smart
● Quick guesses the table is named Users because the entity is User
● Quick guesses the Primary Key is ID
● Quick uses the Datasource defined in the Application.cfc
● Quick can make a Virtual Service for us from a WireBox Injection
property name="userService" inject="quickService:User@api-v05";
Quick does a lot for us
API - V05
31. Show a User
function show( event, rc, prc ){
event.paramValue( "userID", 0 );
event.getResponse().setData(
userService
.findOrFail( rc.userID )
.getMemento()
);
}
API - V05
33. What if we can’t find that User?
http://127.0.0.1:53163/api/v05/users/x
404 response
API - V05
34. Return a list of Users
function index( event, rc, prc ){
event.getResponse().setData(
userService
.asMemento()
.get()
);
}
API - V06
35. What is asMemento()
asMemento() is a special function that tells quick you want to map over
all of the objects in the array, and call getMemento() on all of the items
.get().getMemento() doesn’t work because .get() returns an array
As memento is essentially the following done for you.
...get().map( (item) => { return item.getMemento() } );
API - V06
36. Reinit and check the API
http://127.0.0.1:53163/api/v06/users/
API - V06
37. Configuring Mementifier
● We don’t want to return all of the fields
● For example Password, even if it is encrypted
https://github.com/coldbox-modules/mementifier
API - V07
41. Mementifier - Inline Includes
API - V10
function index( event, rc, prc ){
event.getResponse().setData(
userService
.asMemento(
includes=[ “ID” ]
)
.get()
);
}
http://127.0.0.1:53163/api/v10/users/
42. Using Where to Filter Users
API - V11
event.paramValue( "username_filter", "" );
event.getResponse().setData(
userService
.where( "username", "like", '%#rc.username_filter#%')
.asMemento(
includes="ID"
)
.get()
);
http://127.0.0.1:53163/api/v11/users?username_filter=gp
43. Using Scope to Filter Users
API - V12
//handler - use this
userService.whereUsernameLike(rc.username_filter)
// not this
userService.where( "username", "like", '%#rc.username_filter#%')
// models/User.cfc
function scopeWhereUsernameLike( qb, filter ){
qb.where( "Username", "like", '%#filter#%' )
}
http://127.0.0.1:53163/api/v12/users?username_filter=gp
44. Using Dynamic Where to Match Users
API - V13
userService
.whereUsernameLike(rc.username_filter)
.whereUsername(rc.username)
.asMemento(
includes="ID"
)
.get()
http://127.0.0.1:53163/api/v13/users?username_filter=gp
45. Using When for Empty Variables
API - V14
userService
.whereUsernameLike(rc.username_filter)
.when( len( rc.username ), function( q ) {
q.whereUsername(rc.username)
}
.asMemento(
includes="ID"
)
.get()
http://127.0.0.1:53163/api/v14/users?username_filter=gp
46. Using When for Empty Variables
API - V14
userService
.whereUsernameLike(rc.username_filter)
.when( len( rc.username ), function( q ) {
q.whereUsername(rc.username)
}
.asMemento(
includes="ID"
)
.get()
http://127.0.0.1:53163/api/v14/users?username=gp
47. Using When for Empty Variables
API - V14
userService
.whereUsernameLike(rc.username_filter)
.when( len( rc.username ), function( q ) {
q.whereUsername(rc.username)
}
.asMemento(
includes="ID"
)
.get()
http://127.0.0.1:53163/api/v14/users?username=gpickin
48. Using ‘Or’ for Similar Filters
API - V15
userService
.whereUsernameLike(rc.username_filter)
.when( len( rc.username ), function( q ) {
q.whereUsername(rc.username)
}
.asMemento(
includes="ID"
)
.get()
http://127.0.0.1:53163/api/v14/users?username=gpickin&username_filter=luis
49. Using ‘Or’ for Similar Filters
API - V15
userService
.whereUsernameLike(rc.username_filter)
.orWhere( function(q){
q.when( len( rc.username ), function( q2 ) {
q2.orwhereUsername(rc.username)
})
})
http://127.0.0.1:53163/api/v14/users?username=gpickin&username_filter=lui
54. Inject Rant Service and Return Rants
API - V17
property name="rantService" inject="quickService:Rant@api-v17";
function index( event, rc, prc ){
event.getResponse().setData(
rantService
.asMemento()
.get()
);
}
http://127.0.0.1:53163/api/v17/rants
55. Paginate the Rants Returned
API - V18
http://127.0.0.1:53163/api/v17/rants
● We don’t want to return every record, it will only
grow longer and longer over time, and
performance will suffer
● ColdBox RESTBaseHandler already has Pagination
information
● Let’s use Quick’s Paginate function
56. Paginate the Rants Returned
API - V18
http://127.0.0.1:53163/api/v18/rants
event.getResponse().setData(
rantService
.asMemento()
.paginate(1,10)
);
57. Paginate the Rants Returned
API - V18
http://127.0.0.1:53163/api/v18/rants
event.getResponse().setData(
rantService
.asMemento()
.paginate(1,10)
);
Why do we have 2 sets of Pagination Data???
58. Use SetDataWithPagination
API - V19
http://127.0.0.1:53163/api/v19/rants
event
.getResponse()
.setDataWithPagination(
rantService
.asMemento()
.paginate(1,10)
);
59. Return Rants User Information
// Add User Relationship to Rant.cfc
function user(){
return hasOne( "User@api-v20", "id", "userID" );
}
API - V20
// Update Rants.cfc handler
event.getResponse().setDataWithPagination(
rantService
.asMemento( includes="user" )
.paginate(1,10)
);
60. Return Rants User Information
API - V20
http://127.0.0.1:53163/api/v20/rants
61. Return Rants User Information
API - V20
● Nested Fields
● What if we just want 1 field?
● How is Mementifier getting the
data??
http://127.0.0.1:53163/api/v20/rants
62. Return Rants with SubSelect User Information
API - V21
event.getResponse().setDataWithPagination(
rantService
.addSubselect( "username", "user.username")
.asMemento()
.paginate(1,10)
);
http://127.0.0.1:53163/api/v21/rants
63. Return a Count of Rants for Users
API - V22
// Add Rants Relationship to models/User.cfc
function rants(){
return hasMany( "Rant@api-v22", "userID", "id" );
}
// Update users.cfc handler
userService
.withCount( "rants" )
.asMemento(
includes=["ID","rantsCount"]
)
.get()
http://127.0.0.1:53163/api/v22/users
69. Validate a new Rant - Handler Constraints
API - V25
var validationResult = validate(
target = rc,
constraints = { body : { required : true } }
)
if ( !validationResult.hasErrors() ) {
// Normal API Response
} else {
event.getResponse()
.setError( true )
.addMessage( validationResult.getAllErrors() )
.setStatusCode( 400 )
.setStatusText( "Validation error" );
}
http://127.0.0.1:53163/api/v25/rants?_method=post&userID=2&body=
70. Validate a new Rant - Entity Constraints
API - V26
//Rant.cfc
this.constraints = {
body : { required : true },
userID: { required : true, type : "numeric" }
};
// Handler/rants.cfc
var rant = getInstance( "Rant@api-v26" )
.fill({ body: rc.body, userID: rc.userID });
validateOrFail( rant );
var user = userService.findOrFail( rc.userID );
rant.save();
event.getResponse().setData( "Rant Created" );
71. Validate a new Rant - Entity Constraints
API - V26
http://127.0.0.1:53163/api/v26/rants?_method=post&userID=2&body=
Body is missing or empty
72. Validate a new Rant - Entity Constraints
API - V26
http://127.0.0.1:53163/api/v26/rants?_method=post&userID=xxx&body=MyRant
UserID is not numeric
73. Validate a new Rant - Entity Constraints
API - V26
http://127.0.0.1:53163/api/v26/rants?_method=post&userID=0&body=MyRant
UserID is numeric but not in User table
75. Edit a Rant - Success
API - V27
http://127.0.0.1:53163/api/v27/rants/178/?_method=put&body=Yes%20thats%20is%20right
76. Edit a Rant - Missing Body
API - V27
http://127.0.0.1:53163/api/v27/rants/178/?_method=put&body=
77. Delete a Rant
API - V28
function delete( event, rc, prc ){
event.paramValue( "rantID", 0 );
var rant = rantService.findOrFail( rc.rantID ).delete();
event.getResponse().setData( "Delete a Rant" );
}
78. Delete a Rant that doesn’t Exist
API - V28
http://127.0.0.1:53163/api/v28/rants/70000/?_method=delete
79. Delete a Rant that does Exist
API - V28
http://127.0.0.1:53163/api/v28/rants/7/?_method=delete
80. Secure the Add / Edit Rant
function create( event, rc, prc ) secured{ … }
function update( event, rc, prc ) secured{ … }
API - V29
NOT LOGGED IN
http://127.0.0.1:53163/api/v29/rants/178/?_method=put&body=hiya
81. Secure the Delete Rant with a Special Permission
API - V29
function delete( event, rc, prc ) secured="RANT__DELETE"{ … }
http://127.0.0.1:53163/api/v29/rants/7/?_method=delete
NOT LOGGED IN
83. Decorate User.cfc Entity for JWT
API - V30
/**
* A struct of custom claims to add to the JWT token
*/
struct function getJWTCustomClaims(){
return {};
}
/**
* This function returns an array of all the scopes that should be attached to the JWT
* token that will be used for authorization.
*/
array function getJWTScopes(){
return [];
}
84. Hit Generate JWT Endpoint
API - V30
http://127.0.0.1:53163/api/v30/login?_method=post
86. But Wait, there’s more (I wish)
I really wanted to show you more, but we don’t have all day.
Join me at the CF Online Meetup where I do this again, maybe
slower/better
Join me for the October Ortus Webinar as we build on top of this.
We might make a CFCasts series out of this if you like this style of
content
87. You can use images and add them opacity at 90%. This will blend the image
with the gradient background. This is a good option for subtitles also.
Testing APIs with TestBox
with Javier Quintero
Up Next