Drupal Planet

Subscribe to Drupal Planet feed
Drupal.org - aggregated feeds in category Planet Drupal
Updated: 1 hour 57 min ago

Lullabot: Three Things Every Drupal Site Needs to Kick Ass

July 31, 2017 - 2:06pm

You’ve built a beautiful Drupal site, but will it stand the test of time? If it’s slow, hacked, or unmaintainable, it may not be the success that you hoped for.

One of the services we offer our clients is a Lullabot Best Practices Audit. As a part of that audit, we look closely at three areas of your site: Security, Performance, and Stability. In this article, I will discuss some of the questions we ask and the tools we use to grade how well your site performs.

You’re no doubt already aware of these three areas. The reason they become a focus in our audit is that they are often the neglected parts of our sites. It's easy to get in a pattern of prioritizing cosmetics, features, and bug fixes without realizing how all of those affect the foundation the site is built on. When that happens, you risk losing customers, damaging your reputation, leaking sensitive information, or perpetuating broken processes, all of which—whether you like to admit it or not—ultimately cost money.


Security is not a deliverable, it's a discipline. That means that having a secure website is not something we ever complete, but is an ongoing process to adhere to and improve. The costs of ignoring that process can be severe.

The security of your site and infrastructure is only as good as your security process. Here are a few questions we might ask about your Drupal security process as a portion of the audit:

  1. Is your security process well documented and followed?
  2. Who is monitoring Drupal Security Advisories and announcements? How?
  3. How often are security updates applied?
  4. What is the process in place for Zero-day vulnerabilities?
  5. How regular are security audits performed? 1. Are you using any automated tools to scan new work for common security vulnerabilities?
  6. Is HTTPS in use? Everywhere?

If you don't have good answers to those questions, it could mean your site and infrastructure are vulnerable to attack. In fact, it might have already been compromised without your knowledge.

Helpful tools to consider

There are some helpful tools out there to aid in performing your own audit of the security of your Drupal site.

  1. Security Review Module provides a status page on your Drupal site and Drush command to check for common security vulnerabilities such as file system permissions, XSS vulnerabilities, protection against arbitrary code execution, etc.  
  2. Hacked Module performs an audit of all core and contributed code to see if there have been modifications. 
  3. Coder Module does some basic checks to ensure that text is properly sanitized In addition to checking that coding standards are being followed.
  4. Qualys SSL Server Test is a free service that will perform a thorough analysis of a public SSL certificate and provide you with a graded result.

Some of these tools come with command line versions. By combining those with a continuous integration tool, you could set up regular and ongoing security testing of your code and configuration.


We all want fast sites. Among other things, a fast site means happier users and higher search engine rankings. If your site makes you or your organization money, having a slow site means higher page abandonment, and ultimately lost revenue.

None of us have slow sites on purpose. Performance issues can arise gradually over time without an obvious reason for how and when they began. Spending time or money to investigate and fix performance issues can be deemed less important than more desirable or “measurable” initiatives.

Here are a few questions we might ask as a part of an audit:

  1. Are frontend and backend performance being monitored? With what?
  2. What sort of caching layers are in place?
  3. Do you have analytics that show traffic patterns, such as country of origin, graphs of throughput over time, and the like?
  4. Have you had any recent site outages that you suspect are performance issues?
  5. Are you aware of slow pages or interactions on the site?
  6. Have users complained about any slowness?
  7. Are there any libraries or methods used to increase frontend performance?
  8. What sort of image optimizations are being done?
  9. Are there ways that you optimize performance for different screen sizes (mobile/tablet/desktop)?
Helpful tools to consider

There are some helpful tools out there to aid in performing your own audit of performance.

  1. XHProf or the Tideways PHP Profiler: PHP profiling tools that can help you identify bottlenecks on specific pages. XHProf works with PHP 5.6 and below, whereas the Tideways PHP profiler is compatible with PHP 7 and below, and can act as an XHProf replacement. There is an associated Drupal module that I recommend (along with this patch if you have a lot of AJAX interactions), or you can use either with xhguiTip: look at exclusive wall time to find the functions that are the slowest on a page.
  2. New Relic or similar: We love New Relic for being able to monitor traffic and performance in real time, create alerts for specific events, and dive deep into function traces to isolate bottlenecks. In addition, it gives you the ability to create customized dashboards to display pretty charts and graphs from performance data on your site. New Relic can monitor browser, application, server performance, and more. There are New Relic alternatives that likely offer similar features. Choose a tool and use it.
  3. Google's PageSpeed InsightsYSlow, or similar: Tools that give you practical advice on how to improve the front-end performance for your users. It may suggest reducing the number of requests by using image sprites or combining JavaScript files, or it might recommend simplifying the DOM to reduce the number of elements the browser needs to parse. It goes through a whole set of tests and gives you practical suggestions that can sometimes lead to easy performance gains.

When we investigate the stability of your site, we look at the architecture of the site, the breadth, and depth of developer documentation, the quality of the site's code, and the process by which that code gets written and deployed to production. When best practices aren't followed in these areas, it can result in a platform with a slow development cycle, fragile releases that require everyone to be present in case anything goes wrong, and vendor lock-in, forcing you to work with only developers that understand the unique complexities of your site. Even if nothing brings the site down during a release, that is a very expensive process, and optimizing it can save your organization time, money, and heartache.

Here are a few questions we might ask as a part of an audit:

  1. What documentation exists on the site architecture, development process, and deployment process? How well is it maintained? Who has access to it? 
  2. Does the development team have agreed upon coding standards?
  3. Do the developers peer review each other's code?
  4. Is there automated testing or human testing as a part of the development and deployment process? Does that testing happen before or after the code is merged in?
  5. How much of the release process is scripted or automated?
  6. How many people are typically present for a release?
  7. Does the site go down often? If so, are root cause analysis (RCA) documents provided by the development or infrastructure team?
  8. Does your team have a well-documented rollback procedure?
  9. How does your team deal with technical debt?
Helpful tools to consider 

Here are some tools we use that help us sleep at night.

  1. Linting tools can get all of your developers in agreement on code formatting, which helps tremendously in the peer review process, and ultimately in the stability of your site. EditorConfig is a nice emerging format that can be used to enforce agreed upon standards in your developer’s actual text editors or IDEs. In addition, Drupal Code Sniffer (which is a part of Coder module) can be used in those same text editors to ensure that Drupal code is following Drupal coding standards. While having your developers use these linting tools in their editors is fantastic, ideally they should also be a part of an automated test that runs on every pull request.
  2. Automated Testing using PHPUnit, Behat, Nightwatch, or other mixture of functional and unit testing tools can improve the stability of the platform immensely. While the initial investment may seem costly at first, the money saved over time is significant, and the peace of mind is priceless.
  3. Tugboat or another continuous integration tool can build complete working websites for new features or bug fixes before they get merged. That means your QA team or stakeholders can sign off on things before they ever make it into your codebase. In addition, it can run the linting and automated tests you implemented above and report the results back to the developer before that code gets reviewed or merged. Saved time is saved money.
Your website's success

Security, performance, and stability are the unsung heroes of your website's success. When they are neglected, it can cost dearly. Whether it's a damaged reputation, customers lost, services hacked, or just plain stress from the platform, these all ultimately mean lost revenue. Take some time to invest in your website's success by performing a Best Practices audit on your site.

Next steps

The above is a sample of some of the things we might investigate as a part of a Best Practices audit, but your website and needs are unique. We hope this article serves as either a blueprint to design your own audit, or the start of a conversation to get some help where you need it. We collaborate with you on our Best Practices audits to best fit your project’s needs.

If you're thinking of performing your own Best Practices Audit, let us know in the comments below. If you'd like some help from Lullabot, reach out—we'd love to partner with you in writing your website's success story.

Categories: Blogs

ThinkDrop Consulting: Cultivating the Aegir Community at DrupalGovCon17

July 31, 2017 - 12:35pm

Every time there is a big DrupalCamp or Con we submit sessions thinking we will talk about our open source hosting and testing platform, DevShop. The specific theme for each talk usually aligns with whatever the latest features are, or is just a general (boring) overview of the features.

This year, for DrupalGovCon 2017, I wanted to simplify things, and I didn't want to rattle on about what DevShop does and how. I submitted a short and simple session submission: Host your Own with Open Source.

I also came to DrupalGovCon this year with a different goal in mind. Usually I'm just out there proselytizing DevShop. This year, I'm committed to cultivating our community around Aegir & DevShop.

As software developers and systems admins, we don't necessarily enjoy the marketing side of things. As a free software community, all of us contributors are volunteers, so any time spent (we feel) is usually best used on developing the platform. As a free software community, we spend almost zero time and probably exactly zero dollars on marketing.

So if you are at DrupalGovCon, I'd love to talk about what it would take to get you involved in our niche community of Open Source Hosting & Testing. We know Aegir has it's pain points, but we aren't going anywhere, and the next generation is just around the corner.

My session is on Wednesday at 10AM, I'd love to see you there.

Get in touch here or hit me up on twitter!

Tags: DrupalGovConPlanet Drupaldevshop
Categories: Blogs

LevelTen Interactive: Intern Chronicles: Brandon Reid's Summer Internship Experience as a Developer

July 31, 2017 - 12:18pm

When I first joined LevelTen, I had no prior experience with Drupal and I knew the internship was going to be a learning experience from the start. Now that I'm in the last week of the program, I didn't realize how much I would learn outside of Drupal. Like how to be a more efficient developer, how to develop proactively in a remote environment, learning the design process from start to finish of a website, and the business aspect of working in web development. Below I describe these learning experiences in a bit more detail.


A more efficient web developer

My...Read more

Categories: Blogs

Nextide Blog: Maestro Workflow Engine for Drupal 8 - An Introduction

July 31, 2017 - 11:42am
Maestro Workflow Engine for Drupal 8 - An Introduction randy Mon, 07/31/2017 - 10:42 If you can flowchart it, we can automate it! The Maestro Workflow Engine for Drupal 8

The Maestro Workflow Engine for Drupal 8 is now available as a Beta download!  It has been many months of development to move Maestro out of the D7 environment to a more D8 integrated structure and we think the changes made will benefit both the end user and developer.  This post is the first of many on Maestro for D8, which will give an overview of the module and provide a starting point for those regardless of previous Maestro experience

Categories: Blogs

Drupal Modules: The One Percent: Drupal Modules: The One Percent — Entityqueue (video tutorial)

July 31, 2017 - 9:38am
Drupal Modules: The One Percent — Entityqueue (video tutorial) NonProfit Mon, 07/31/2017 - 07:38 Episode 29

Here is where we bring awareness to Drupal modules running on less than 1% of reporting sites. Today we'll investigate Entityqueue, a rewrite of Nodequeue which has been enhanced to allow creation of queues of any entity type.

Categories: Blogs

Anubavam Blog: Head start the process to Drupal Maintenance

July 31, 2017 - 9:24am
Head start the process to Drupal Maintenance

Drupal is a comprehensive content management framework which offers a number of modules to extend its functionalities with day-to-day updates. If you want to know about ‘Drupal Maintenance’, then you need to know the following things: 

Security updates

  • Upgrade from Drupal 6 to Drupal 7 or Drupal 8
  • Migration from legacy system

Security updates

                   Updating refers to taking your site from one 'minor' version to another minor version. Lets consider an example if a site is in Drupal 7 version D7.1 and latest version is released as D7.2 or from Drupal 8 version D8.1.0 to D8.1.3 then its an update.

Version Upgrades

                 Upgrading refers to taking your site from one 'Major' version to another major version.Switching from Drupal 6 to Drupal 7, or from Drupal 6 to Drupal 8, or from Drupal 7 to Drupal 8 is an 'upgrade'.

Drupal Migration

               You may want to 'migrate' your site from running locally on your computer to an online webhost. Or you may want to 'migrate' your site from one webhost to another. If that is what you want, head to: Backing up and migrating a site.

Steps to Drupal 7 upgrade 

  • Log-in as an user with administrator privileges who can perform "Administer software updates".
  • Turn your site into maintenance mode. Ie. If we are updating a live/production site then go to Administration > Configuration > Development > Maintenance mode. Enable the "Put site into maintenance mode" checkbox and save the configuration.
  • Backup your files and database. Clear the performance cache and delete all the watchdog logs, if any, before taking the database backup.
  • Remove all old core files and directories, except for the 'sites' directory, the original install profile in the 'profiles' directory and any custom files (like htaccess, gitignore or other files) you added elsewhere.
  • To be more specific, in your Drupal root directory, delete all files and the following directories: includes, misc, modules, scripts, and themes. If you made a normal installation, then also delete the profiles folder, but if you used a custom profile, then in the profiles folder, delete the subfolders minimal, standard, and testing.
  • Modifications to the files like .htaccess or robots.txt, needs to be applied from your backup, after the new files are kept in place.
  • Read the release announcement carefully before proceeding the upgrade as the updates may also include changes in settings.php. If you have to use the new settings.php file, then replace the settings.php with the default.settings.php, and apply the site-specific entries like database name, user, and password from the backup file.
  • Any custom files and directories outside the sites directories has to be placed manually. However, it is recommended not to have any custom files or directories outside the sites directory.
  • Download the latest Drupal 7.x core release from http://drupal.org/project/drupal to a directory outside of your web root. Extract the archive and copy the files into your Drupal directory.
  • After copying the new core files, run update url by visiting http://YOURSITENAME/update.php. This will update the core database tables if any alteration to the database table structures is there.
  • In order to access the update.php file please login as administrator. Before you start doing the upgrade process, we have logged in as admin user, get access to the update.php file automatically. In case you had logged out or closed the browser by mistake, you can do the following to access the update.php file.

           Open settings.php with a text editor.
           Look for $update_free_access variable.
           $update_free_access = FALSE;
           Change the access to true:
           $update_free_access = TRUE;
           Now run update.php.

  • Once the update is completed, check for errors if any. $update_free_access must be changed back to FALSE for security reasons.
  • Clear the sites performance cache after the upgrade. You can do it by navigating to Configuration => Development => Performance and "Clear all Cache".
  • Check for the status report and report log to verify that everything is working as expected.
  • Once you are error free, make the site online to change the "Put site into maintenance mode" checkbox and save the configuration.

Tips for Drupal site maintenance

  • Keep the Drupal core up-to-date
  • Keep the contributed Drupal modules up-to-date. 
  • Check for the security updates. Install update manager to know the latest available and recommended releases for Drupal core and its contributed modules
  • Configure cron scheduler so that periodic site maintenance will take care of regular checkup and updates
  • Keep the admin user password secure
  • Ensure using check_plain method while assigning or computing values from form post fields to avoid cross-site scripting
  • Write protect the setting.php file.
Anonymous (not verified) Mon, 07/31/2017 - 08:24 Drupal Development Drupal Consulting
Categories: Blogs

Mediacurrent: Contenta Angular: The Best of Drupal and Angular

July 31, 2017 - 9:21am

Decoupled Drupal is no longer a new idea. We are past the hype stage. Numerous large projects have been built following this architectural pattern over the past years, Dries has blogged about it several times, and Drupal 8’s ongoing API-first initiative has helped facilitate and improve the approach.

Categories: Blogs

Annertech: We did it again! 5 Annertech sessions accepted for DrupalCon Vienna

July 31, 2017 - 7:00am
We did it again! 5 Annertech sessions accepted for DrupalCon Vienna

On Friday, all the accepted sessions for DrupalCon Vienna were announced, and we are delighted to report that, once again, 5 of our 8 session proposals were accepted! With Acquia and Pantheon being the only companies receiving more acceptances, we are extremely proud of our achievement. It also means that given our size, Annertech has more speakers, per staff member, than any other agency in the world.

Categories: Blogs

Vardot: 10 SEO Modules that Every Drupal Website Must Have

July 31, 2017 - 5:55am
10 SEO Modules that Every Drupal Website Must Have Dmitrii Susloparov Mon, 07/31/2017 - 11:55

You’ve built a brilliant website, you’ve employed a top notch designer and you’re offering well priced, high demand services. Yet for some reason you aren’t getting good traffic to your site. Before diving into an intensive content review and firing your designer, consider that you may have made a great website for people, but you haven’t caught the attention of search engines.

What is Search Engine Optimisation?

Search engine optimisation (SEO) is a term commonly thrown around in online marketing, but few people explain what it actually means. Briefly speaking, SEO is a focus on improving your website and the content for machine consumption. By integrating keywords, friendly URLs, metatags and deep links search engines with rate your website higher. However overdoing it will lead to search engines penalising your site with a lower your rating – you can’t simply dump a handful of keywords and expect good results, you need strong content as well.


Best Drupal SEO Modules to Optimize Your Site 

There are many ways you can improve your search engine rating, from metatags to site theming. But one of the first steps you should do is integrating into your site a collection of Drupal SEO modules that can help with a higher ranking. In many cases you won’t even have to touch the customer facing part of your website. With a few tweaks and back end administration you can optimise your search engine results, boost the traffic to your website and massively increase your conversion. We recently published an article with must have security modules, and in this one we list the best ten SEO modules that every Drupal website must include - have a look!

XML sitemap

Usage: Currently installed on 286,000 sites, downloaded 1.72 million times

The XML Sitemap module automatically deploys a sitemap that meets industry standards and makes your site easier for search engines to crawl and categorise. Typically search engines will crawl and index your site based on external and internal links. XML Sitemap provides a single point of information for search engine bots to refer to and gain a strong understanding of your site.

XML site map will include metatags about your page (if you’ve installed the metatag module listed below, these will be higher quality tags) as well as further metadata such as relative links, the pages last updated time and date, and how often the content is updated.


Usage: Currently installed on 703,000 sites, downloaded 4.45 million times

Pathauto is a great SEO module because it takes a boring, laborious manual task and automates it for you, from start to finish. All you need to do is set up some rulesets and away you go.

Pathauto Tips and Hints

Pathauto gives you a simple way to define URLs that are both user friendly, and lead to stronger search engine optimisation. Drupal will normally give your web pages a url like “yoursite.com/node/12345”. This type of URL means nothing to a user, and even less to a search engine. With Pathauto your can build URLs based on the category and page title. As such you can have URLs like “yoursite/search-engine-optimisation/top-ten-drupal-modules-for-easy-SEO”. This sort of URL is easy for your site visitors to understand, and gives you bonus points with search engines.

The module has been updated for Drupal 8 (with some valuable learning resources) with a new version released late April 2017.


Usage: Currently installed on 196,000 sites, downloaded 1.28 million times

Among the best Drupal SEO modules you also may want to cosider Redirect. It is an important module for preventing ‘dead links’ inside your website, and for creating short links in advertising materials. Redirect allows you to set rules such as sending users who visit ‘yoursite.com/promo1’ to ‘yoursite.com/seo-course/learn-seo-with-us’.

While this is great for marketing, it’s also great for keeping a high rating with search engines. Having multiple ‘bouncing’ redirects won’t help you, but having dead-links to your site will count against you. If you remove a page from your site, or simply rename it, you can use a redirect to ensure that you don’t lose the traffic that was trying to find the old page.

Redirects is more than just a net for catching missed opportunities. It also tracks how often people are hitting those redirects. This can help you track how popular a promotional link is, or how many people are trying to access a page you have moved or renamed.

Redirect has been updated for Drupal 8, with the latest release coming out in May 2017.

Global Redirect


Usage: Currently installed on 188,000 sites, downloaded 922,000 times


Duplicate content on a web site can negatively impact your ranking with search engines. This becomes a problem with modules like Page Title (see below) that give your pages a friendly alias. Unfortunately your page retains its original unfriendly title, as well as the friendly new one - which looks like duplicate content to a search engine.


Global Redirect is one of the Drupal SEO modules that solves this problem, as well as capturing a variety of broken link scenarios and returning the user to your homepage - thus improving the user experience and giving you a cleaner record with search engine rankings.


Global Redirect is available for Drupal 7, however if you’re using a Drupal 8 site then it has been bundled up with the similar ‘Redirect’ module.


Usage: Currently installed on 353,000 sites, downloaded 2.49 million times

The Metatag module allows you to provide extra metadata to your website, generally in the meta description tag, and the meta keywords tag. Both of these are crawled by search engines and you can optimise your results by including words and phrases that people may use to search your site, but don’t explicitly appear in your content. For example, if you have a website about chicken farming, your keywords could include ‘hen’ ‘rooster’ ‘eggs’ even if those words don’t appear on the page.This will give you more chance to match with what a user is typing into their search engine.

Metatag is available for Drupal 7 and 8, with the last version being released in June 2017.

Google Analytics

Usage: Currently installed on 380,000 sites, downloaded 4.72 million times

Adding the Google Analytics module won’t automatically improve your SEO, but it will arm you with all the knowledge you need to see where your site is succeeding, and where it could do with a little more polish.

The Google Analytics can not be called one of the classical SEO modules, but it will give you the ability to track and exclude users and roles within your site (so you aren’t erroneously tracking your own clicks), track link clicks, downloads, and ‘mailto’ clicks. The module also supports AdSense, as well as a host of other items.


With Google Analytics you will be able to see where your traffic is coming from, how long users stay on your pages, and what catches their attention while they are there. With this information you can tweak your content strategy to appeal to your audience, driving more traffic to your site and increasing conversions.

Google News sitemap


Usage: Currently installed on 3,000 sites, downloaded 32,000 times.


The Google News sitemap module creates a similar but separate sitemap to the XML sitemap in the module above. This one is specifically tailored for Google News and allows you to set caching times, the types of content to include, how recent news should be and to customise tags and keywords.


The last updated for Google News sitemap was released in June 2013, however there are considerations to integrate it with the XML sitemap module, giving you two great functionalities in a single module.

Site verification

Usage: Currently installed on 57,000 sites, downloaded 397,000 times

For your site to rank well in search engine results it is important that your site is verified. There are many spam sites on the internet that are set up for a short period of time for nefarious reasons. By having your site properly verified you avoid seeming like one of these sites, even when you are just starting out.


The Site verification module assists with this process by allowing you to upload a verification file, and then managing the authentication process for you. There is a development Drupal 8 version of this module available, or a fully tested Drupal 7 version.

Page Title

Usage: Currently installed on 92,000 sites, downloaded 648,000 times

Having good page titles is essential to search engine optimisation, and in 2006 a module was released with a laser focus on good page titles.

The Page Title module does more than just put a nice heading on the page. Page title hooks into the metatags to ensure that your title is replicated throughout the code in all the essential spaces. These are picked up by search engine bots that are checking your site, and give you extra ticks in the SEO checklist (see the next module). You can tell if you have it set up properly by looking at the top of your web browser, for example the Page Title Module on Drupal.org clearly shows you what page you’re on, and the website name.

While this might seem like a small change, visitors to your site will feel much more confident in the professionalism, and search engines will bump you up in the rankings.

If you are still running Drupal 7 you will need this module, but if you’ve upgraded to Drupal 8 just download the metatag module mentioned above as these two modules have been merged together.

SEO Checklist


Usage: Currently installed on 30,000 sites, downloaded 313,000 times


Finally, SEO checklist is another one of those modules that won’t improve your sites SEO, but will equip your with the skills and knowledge to make changes to your site. The SEO Checklist does nothing to your site, except for give you a simple report of what needs to be done, and allows you to check off each task as you work through it. This is a must have for anyone managing more than one site, or if you have multiple people managing the one site.


The SEO checklist is updated regularly to keep up with industry standards and the latest techniques. It has a fully supported version for Drupal 7 and Drupal 8.


Drupal is an amazing CMS for search engine optimization, and using the right SEO modules will set you up for success. By preventing duplicate content, filling your content with strong metatags and keywords, using human friendly URLs and having a clean site map your site will rise rapidly through search engine rankings.

At Vardot we pride ourselves on educating our customers, developing brilliant websites and giving back to the Drupal community. By building SEO-friendly websites we aim to satisfy our clients and their customers. Hopefully this article will set you on the right path to a high quality website, but if you need more, check out our article on Optimizing Your Site For Search Engines or get in touch with us.

Categories: Blogs

heykarthikwithu: Drupal 8 – If not Features, What??? Configuration Management..!

July 31, 2017 - 12:07am
Drupal 8 – If not Features, What??? Configuration Management..!

With Some Best Practices with Drupal 8's Configuration Management will help you to achieve packaging reusable functionality.

heykarthikwithu Monday, 31 July 2017 - 08:37:46 - IST, Asia/Kolkata
Categories: Blogs

Tim Millwood: Validating Drupal 8 Config

July 30, 2017 - 4:10pm
Validating Drupal 8 Config

Did you know Drupal 8 has a new system to manage config? sure, everyone does by now.
But, did you know you can validate the import of config? Maybe not, that's a bit more of a hidden gem.

If you're writing a module that uses config entities or config for settings, you might want to make sure that the config is valid when imported. This came up recently in the core Content Moderation module. We wanted to make sure that when config for Workflows are imported they don't end up removing moderation states which are in use by other entities. For this we added an event subscriber, ConfigImportSubscriber, which is now part of Drupal 8.4.x.

To add one of these to your modules first you will need to add a service to your modules services.yml file:

class: Drupal\content_moderation\EventSubscriber\ConfigImportSubscriber
arguments: ['@config.manager', '@entity_type.manager']
- { name: event_subscriber }

Here you will see, for content moderation, we have the service name, the class, a couple of arguments, and it's tagged as an event subscriber.

You will then need to add you subscriber class within your module add the namespace added in services.yml.


namespace Drupal\content_moderation\EventSubscriber;

use Drupal\Core\Config\ConfigImporterEvent;
use Drupal\Core\Config\ConfigImportValidateEventSubscriberBase;

* Check moderation states are not being used before updating workflow config.
class ConfigImportSubscriber extends ConfigImportValidateEventSubscriberBase {

* {@inheritdoc}
public function onConfigImporterValidate(ConfigImporterEvent $event) {
if ($this->isWorkflowInUse($event) {
$event->getConfigImporter()->logError($this->t('The workflow @workflow_label is being used, and cannot be deleted.', ['@workflow_label' => $workflow->label()]));


Here, with a lot of the logic removed for simplicity, we're extending ConfigImportValidateEventSubscriberBase, which is the base class for all validation of config at import. Then we override the onConfigImporterValidate() method, which passes in the $event object. From that object we need to determine if the config is valid or not, then log an error if not.

This can also be tested in a kernel test:
$this->config('workflows.workflow.editorial')->get(); will get us the existing config for the editorial workflow entity.
\Drupal::service('config.storage.sync')->write('workflows.workflow.editorial', $config_data); will allow us to update that config.
$this->configImporter()->reset()->import(); will then run an import, imported the updated config. This will need to be wrapped in a try/catch because a failing import will throw an exception. In the catch part of the statement we can pass or fail the test depending on the intended result.

For more information take a look at the full event subscriber: http://cgit.drupalcode.org/drupal/tree/core/modules/content_moderation/…
Also the full test: http://cgit.drupalcode.org/drupal/tree/core/modules/content_moderation/…

timmillwood Sun, 30/07/2017 - 20:10 Tags drupal drupal 8 drupal-planet Add new comment
Categories: Blogs

Tim Millwood: Funding DrupalCon speakers

July 30, 2017 - 3:43pm
Funding DrupalCon speakers

As someone who has been using Drupal for over 9 years, attended 8 DrupalCons, spoken at 4 for of them, been on the DrupalCon track team twice, and was co-lead for DrupalCon London I've feel I know Drupal events pretty well.

This year for DrupalCon Vienna things have changed a little. Firstly back in February a few program changes were announced. These included things such as summits, training, sprints, and t-shirts. Some of these are now back on the agenda due to community efforts, but why stop there with community efforts.

This year I was part of the PHP track team with Campbell Vertesi, Michael Cullum, we wanted to try and get an awesome line up, with some top name speakers. As Drupal has started embracing aspects of PHPunit, Doctrine, composer, guzzle etc it'd be great to have people involved with those projects speak at DrupalCon. However the issue is funding! They're not going to get a great deal out of DrupalCon, so won't fund themselves. Their employers have no reason to send them, so they won't fund it. DrupalCon doesn't pay speakers, so that's not an option. So, Campbell had a great idea of crowdfunding. We asked two speakers, Sebastian Bergmann (of PHPunit fame) and Michelle Sanver (of PHPWomen fame). They submitted multiple sessions each, which were equally ranked and chosen along with other sessions. Now comes the time to get their funding.

On GoFundMe there is now a fund running to "help bring (more) PHP to DrupalCon", at the time of writing it's close to 2/3rds of the goal.

This is a very controversial topic, and with the other changes brought in at DrupalCon Vienna has sparked a lot of discussion. After laying off many members of staff over the last few years, and DrupalCon Europe never to make a profit things are tough. Although this sort of experiment is good to see, it's good to see people talking about it, and it's good to see people getting behind it.


See you in Vienna!

timmillwood Sun, 30/07/2017 - 19:43 Tags drupal DrupalCon drupal-planet Add new comment
Categories: Blogs

DrupalEasy: Becoming a First-Rate Web Developer; Heart in the Game, Eye on the Prize

July 30, 2017 - 10:21am

We've had more than 100 students complete our 12-week Drupal Career long-form training since 2011, working with individuals, teams, young and old, men and women, all with different backgrounds, abilities, motivations and aspirations. We've seen talents explode, helped keep people engaged and even watched interest fizzle. About the only constant is that everyone in every class wants to or needs to learn Drupal, whether they have decided on their own, or need to build their Drupal talent as part of a developer team.

Every so often, we run into a student who really brings to life our vision of what the course can help people accomplish; someone who does everything before, during and after that just exudes enthusiasm and commitment toward predictable success. Brian Coffelt (@briancoffelt), a student in the Spring 2015 Drupal Career Online session, and now Web Administrator and Developer for Duke Cancer Institute in Durham, NC, is one of those sensations.

Brian, after 15 years of serving as a public school health and physical education teacher, realized he was in a situation that fell short of providing him the professional fulfillment and the type of income potential he desired. "I wanted to challenge myself and better provide for my family," he recalls. "I learned of Drupal from my brother-in-law (Shaun Heath, an earlier DrupalEasy graduate) and began to research how powerful Drupal was. I also saw a great need for quality Drupal developers and a promising job market."

The Drupal job market was actually the key ingredient in the creation of DrupalEasy's long-form career technical education program, which was born as a solution for Florida's Space Coast when the end of the Shuttle program left about 7,000 people, including lots of IT-types, without jobs. The in-person course was a hit, and the positive outcomes led us to make things official, with a license through the Florida Department of Education, Commission for Independent Education, which we continually qualify for and renew annually. Since we moved the course live-online, we've been able to train up people in Drupal from all over the country.

Brian lived in Nashville at the time he started the program. He came to us with a not-so relevant degree in education, but made up for it with true desire, commitment and hard work. He dove straight into course curriculum as a star student from the first day. "His comprehension was very high, most likely because of his diligence and strong interest in the topics," says Mike Anello (@ultimike), who created and teaches the DCO. It also had a lot to do with his self-study before the class even started; delving into a roadmap of languages, frameworks, and workflows that Shaun provided and that he researched in preparation.

"During the training, I made it a point to watch all DCO webcasts before class to ensure that I retained the concepts. Mike also recommended additional courses and topics to look into which I took full advantage of," he explained. He also participated in every optional co-working lab during the course, and completed every assignment and project. Brian was very comfortable with his abilities, and once the course ended, skipped going for an internship and sent out applications and landed a full-time Drupal developer job almost immediately. Brian and his family later relocated from Tennessee to North Carolina for his current position, where he's found his niche in front-end development for Duke.

Even now, Brian is still eager to learn. "I try to attend the DrupalEasy office hours when it fits into my work schedule," he says. Mike holds Thursday office hours for all current and former students, to get information and help with issues, both from Mike and the others in the DrupalEasy learning community that's been formed. The learning community, especially former classmates are important to Brian as well. He keeps in touch with one fellow student several times a week, with whom he has also collaborated on Drupal projects and attend DrupalCamps together.

Brian maintains his status as a rising star in Drupal by seeking out professional development and Drupal learning as much as possible, attending local Drupal meetups as often as he can, participating in the Duke Drupal users group and going to camps and cons when he can. He also spends at least a couple of hours a week reading up on the newest trends in Drupal, although, he explains, "Fatherhood cuts into my reading time quite a bit."

According to Brian, "the best part of Drupal development is the satisfaction that comes with creating quality work. A close second would be the Drupal community." He set out with a goal for professional fulfillment and greater opportunities for his family. "My new Drupal career has allowed me to attend events throughout the country. The pay scale and benefits available to me now greatly outweigh those of a public school teacher. I also enjoy the ability to work remotely from home when needed. This flexibility is in stark contrast to my previous profession," he explains. Mission accomplished!

He also offers a bit of guidance for those looking to become Drupal developers. "My advice to someone learning Drupal is that you get what you put into it. If you sacrifice your time and energy, Drupal can be very rewarding. There's plenty of opportunities for those who are willing to work hard and push themselves." he explains. He continued, "I can't recommend DrupalEasy enough! It has opened so many doors for me and the instruction I received was second to none!"

The next session of Drupal Career Online starts in October. You can learn more about Drupal, Drupal Careers and our career training program at an upcoming Taste of Drupal free mini-webinar.

Categories: Blogs