Headless CMS (T3DD19)

Headless CMS (T3DD19)

Artus Kolanowski and Susanne Moog present the current state of headless in TYPO3 and perspectives for the future.

49bd2b00c40883d5a6ddc3119a282fe6?s=128

psychomieze

August 01, 2019
Tweet

Transcript

  1. Headless CMS Susanne Moog susanne.moog@typo3.com @sasunegomo TYPO3 Developer Days 2019

    Artus Kolanowski kolanowski@piccobello.com
  2. Outline 1. Introduction 2. Use cases 3. Current approaches 4.

    Perspectives for the future 5. Talk
  3. Introduction

  4. A closer look at the definition ▪ “Headless” is the

    absence of an graphical user interface ▪ Ambitions to decouple the application architecture ▪ Machines take place of the users instead Back End UI Front End Templates Plugins Back End UI API Traditional CMS Headless CMS
  5. Explanation attempt(s) for the trend Multiple Channels ▪ Social media

    ▪ Internet of things Flexibility ▪ UI technologies ▪ Stakeholder needs Scalability ▪ Large projects ▪ Long-living projects
  6. Jack of all trades? ▪ Higher technical proficiency ▪ Lack

    of visualization ▪ Bigger budgets
  7. Use cases

  8. Use Cases ▪ SPA/Frontend Frameworks ▪ Omnichannel ▪ 3rd party

    integrations ▪ “Frontend Agency”
  9. Current approaches

  10. As type / rendering definition

  11. As JSON View

  12. With PSR-15 middlewares

  13. What’s missing? ▪ Convenient Read API / Default Data Models

    ▪ Write API ▪ Access / Rights Management
  14. Perspectives for the future

  15. Headless operations ▪ Query & Mutation ▪ Introspection ▪ Context

    awareness
  16. Persistence Initiative ▪ Handling localization, workspaces and permissions combined is

    complex ▪ Unified persistence layer is missing ▪ Lack of a generic permission layer
  17. Persistence Layer ▪ Unified data schema definition ▪ GraphQL as

    query language ▪ Context as part of a query
  18. GraphQL Query { tt_content( filter: "pid = 123 and CType

    = `image`", order: "header ascending" ) { header image { # sys_file_reference [0..*] title uid_local { # sys_file [1] identifier } } } }
  19. Entity Reader use TYPO3\CMS\GraphQL; $entityReader = new EntityReader(); $result =

    $entityReader->execute( '...', # GraphQL Query new Context([ 'language' => new LanguageAspect(2, null, LanguageAspect::OVERLAYS_ON) ]) );
  20. Permission Layer ▪ Policy-based access control ▪ Define and overwrite

    policies through YAML ▪ Expression language for policy targeting ▪ Multiple combining algorithms ▪ Decision related actions
  21. Policy Definition TYPO3: CMS: Policy: description: 'Root policy set.' algorithm:

    highestPriority policies: Admin: target: 'hasAuthority("backend.role", "ADMIN")' description: 'Administrator policy' priority: 100 rules: [ {effect: permit} ]
  22. Policy Decision use TYPO3\CMS\Security\Policy\PolicyDecision; use TYPO3\CMS\Security\Policy\PolicyDecisionPoint; $policyDecisionPoint = new PolicyDecisionPoint();

    $policyDecision = $policyDecisionPoint->authorize([ 'resource' => ..., # e.g. `be_users` 'action' => ..., # e.g. `read` ]); if ($policyDecision->isApplicable() && $policyDecision->getValue() === PolicyDecision::PERMIT ) { ... }
  23. Talk

  24. Sources ▪ https://trends.google.com/trends/explore?dat e=all&q=headless%20cms ▪ https://github.com/typo3-initiatives/graphql ▪ https://github.com/typo3-initiatives/security

  25. Sources / Further Reading ▪ https://usetypo3.com/json-view.html ▪ https://extensions.typo3.org/extension/slim_ty po3/ ▪

    https://usetypo3.com/psr15-middleware-in-typ o3.html ▪ https://typo3.org/community/teams/typo3-de velopment/initiatives/persistence/
  26. Thank you!