oddEVEN
We provide marketing technology, front end and software development consulting to bring your digital marketing and ecommerce projects to the next level.
Field Whitelisting
An Approach to Prevent Field Creep
Markus Klimmasch
Template - Ideal
Realistic
The Issue
Features add Fields
- New features add new fields
- New fields are visible to everybody by default
- Most fields are irrelevant to most content authors
- Authors are more likely to use the Experience Editor
- Developers cannot add arbitrary fields
Hiding Fields
- Deny the field read access right on the field
- Normally serialized --> hence during development
- UAT will likely succeed if fields have not been hidden
- Unnecessary fields keep piling up
Field Creep
The Solution
Whitelist FIelds instead of Blacklisting them
- Deny field read access for all fields
- Grant field read access on the fields that your content authors really need
- ???
- Profit
That's it!
Well... not really
- Grant field read rights for the fields you want your authors to see
- Assign the new role to the authors that should have limited access
- Authors without these roles still see all fields
The result
What we achieve
- Content authors only see relevant fields
- New fields only appear if access is explicitly granted
- No change for legacy roles
- Experience Editor is still working
- UAT will fail if access rights are not assigned
- Developers can add arbitrary fields
Demo Time
Drawbacks & Issues
There are a few
- Inheritance is not very intuitive
- Expect issues in advanced parts of Sitecore
- There is other stuff that might not work
THANK YOU!
Markus Klimmasch
Redefining Software Development
Link
-
Presentation
https://oddeven.slides.com/oddeven/field-whitelisting -
Blog Post
https://oddeven.ch/blog/field-whitelisting-an-approach-to-prevent-field-creep/
Field Whitelisting
By oddEVEN
Field Whitelisting
An Approach to Prevent Field Creep
