mashery / wordpress-plugin Goto Github PK

The Mashery plugin seems to be injecting its Settings link into every plugin row in the plugins page.

A developer should be able to register through the Wordpress site.

Wordpress includes a solid search feature that covers content and other data managed through wordpress. We are choosing to use shortcodes for most of our content injection which means content would be loaded into the front-end from our api dynamically. We haven't considered caching the content on wordpress but we would likely have to if we want to integrate with their search. Not the only option.

We need to discuss this further and define requirements (if any).

If a user is not authenticated and should not be shown a particular page or block of content, we need to display an error message. Authentication is yet to be defined but the short codes (and potentially post types) should be able to handle this from the start.

Is it possible to inject IODocs into any page in a wordpress site?

Is it possible to serve the WP admin section as a subdirectory of the Control Center? Furthermore, can we serve it under the same realm so user is not prompted to authenticate twice?

To run a live demo of the plugin we need to set up wordpress on the server and clone this repo into the appropriate installation directory.

When submitting the new key details from wherever the short code [mashery:new_key] is, we need the key to be created through the mashery api and either direct the user to the new key's details page or the key list page.

• Short code: [mashery:new_key]
• Template: https://github.com/mashery/wordpress-plugin/blob/master/Mashery/templates/keys/form.php
• API Call: not added yet - feel free to add to API.php

As with the demo server, we need to set up the development server with wordpress and a clone of this repo.

As per conversations with engineering, neither oauth2 nor openid have been implemented in the API. Therefore the only way to facilitate auth from an external portal implementation is through SAML.

Furthermore, SAML auth is not turned on out-of-the-box and has to be enabled "manually". Quote:

Eng: https://mashery.jira.com/wiki/display/engineering/Single+Sign+On+(SSO)+at+Mashery
Eng: https://mashery.jira.com/wiki/display/engineering/Client+SAML+Authentication+Integration
Eng: Look at "Mashery as the Identity Provider". You have to modify this file: Integration_Saml_EndpointFactory_HardcodedSp for it to work. Adding your SP information as defined in "SP Properties". You will only be able to connect to an environment with a modified version of that file. For example, you cannot connect to production until changes to that file are pushed to prod.

We should have a conversation around this. Apparently it's a seldom used feature in our current implementation and some of us feel it should be deprecated.

In a WP implementation, customers could add this through a plugin so I feel more comfortable deprecating the functionality from our default portal.

Is there a way to inject auto-generated api documentation into wordpress?

Example: https://developers.digitalocean.com/documentation/v2/

Here we are referring to documentation that comes from api, endpoint, method documentation from api configuration data. We don't really have this data now but, could we inject it if we did?

Being implemented through a shortcode so the profile and form can be injected into any page.

This has been requested through: https://mashery.jira.com/browse/OPS-5837

Covered by Wordpress natively much better than anything we could implement in-house.

Again, something available through plugins. We would not implement this in-house.

If any of you go through the tickets or even the code, you'll notice we are using shortcodes for much of our integration. The primary reason being that shortcodes allow content editors to decide where exactly to inject the content. This gives them the freedom to decide on their site structure, to move content around and even surround injected content with their own content.

One drawback may be (and I'm not certain it is yet) searchability, indexability and other SEO-related issues. I doubt it.

There are other ways to inject content into wordpress (custom templates, post types, etc) but shortcodes seem to offer the most flexibility for the cases being considered so far.

@jpollock can you take notes if you get to try this this week? I'd like to make sure anyone can run it for later on when we start socializing it. If we do. Feel free to make notes here directly. Thanks!

Make sure the README is enough for any newcomer to get up and running.

I'd suggest we elevate the Mashery Plugin settings from a sub-section of the Settings area to it's own dedicated navigation element in the left-hand nav using the add_menu_page() API (docs). This would give it more visibility and make it easier to find.

We can even create a custom Mashery icon to be displayed with it.

Thoughts?

I already had node installed, so I tried a different installation process with more of a GUI driven mode.

1. Download and install node from https://nodejs.org/
2. Download and install Vagrant from https://www.vagrantup.com/
3. Download and install Boot2Docker from http://boot2docker.io/
   VirtualBox was not required as a separate install, as it is installed with Boot2Docker

Then the installation steps I tried.

1. Run Boot2Docker
2. Set the variables from the Boot2Docker process...

To connect the Docker client to the Docker daemon, please set:
    export DOCKER_HOST=tcp://192.168.59.103:2376`
    export DOCKER_CERT_PATH=/Users/ehkim/.boot2docker/certs/boot2docker-vm
    export DOCKER_TLS_VERIFY=1

1. Clone using HTTPS
   git clone https://github.com/lgomez/mashery-developer-portal
2. Go to the directory
   cd mashery-developer-portal
3. Try npm run build

I get the following error

0 info it worked if it ends with ok
1 verbose cli [ 'node', '/usr/local/bin/npm', 'run', 'build' ]
2 info using [email protected]
3 info using [email protected]
4 verbose run-script [ 'prebuild', 'build', 'postbuild' ]
5 info prebuild [email protected]
6 info build [email protected]
7 verbose unsafe-perm in lifecycle true
8 info [email protected] Failed to exec build script
9 verbose stack Error: [email protected] build: `docker build --rm -t mashery/developer-portal github.com/jbfink/docker-wordpress`
9 verbose stack Exit status 1
9 verbose stack     at EventEmitter.<anonymous> (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:213:16)
9 verbose stack     at EventEmitter.emit (events.js:110:17)
9 verbose stack     at ChildProcess.<anonymous> (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:14:12)
9 verbose stack     at ChildProcess.emit (events.js:110:17)
9 verbose stack     at maybeClose (child_process.js:1008:16)
9 verbose stack     at Process.ChildProcess._handle.onexit (child_process.js:1080:5)
10 verbose pkgid [email protected]
11 verbose cwd /Users/ehkim/Documents/Mashery/_Temp/_DevPortalTest/mashery-developer-portal
12 error Darwin 14.1.0
13 error argv "node" "/usr/local/bin/npm" "run" "build"
14 error node v0.12.0
15 error npm  v2.5.1
16 error code ELIFECYCLE
17 error [email protected] build: `docker build --rm -t mashery/developer-portal github.com/jbfink/docker-wordpress`
17 error Exit status 1
18 error Failed at the [email protected] build script 'docker build --rm -t mashery/developer-portal github.com/jbfink/docker-wordpress'.
18 error This is most likely a problem with the developer-portal package,
18 error not with npm itself.
18 error Tell the author that this fails on your system:
18 error     docker build --rm -t mashery/developer-portal github.com/jbfink/docker-wordpress
18 error You can get their info via:
18 error     npm owner ls developer-portal
18 error There is likely additional logging output above.
19 verbose exit [ 1, true ]

This has been requested through: https://mashery.jira.com/browse/OPS-5837

Is being implemented through a shortcode so the list of keys can be injected into any page.

When no keys exist, it makes no sense to show the table headers.

We're gonna need this to be able to show the user a list of APIs so they can generate a new key for an API. I will add the templates to a branch and create the PR so we can collaborate. @RogWilco I'll assign to you so you can take over this when you get a chance.

When clicking "delete" on a key in the key list page, we need to delete and reload the page after the javascript confirmation.

• Template: https://github.com/mashery/wordpress-plugin/blob/master/Mashery/templates/keys/form.php
• API Call: https://github.com/mashery/wordpress-plugin/blob/master/Mashery/API.php#L138-L144 (note: that code is not working - mostly just a stub).
• Javascript: https://github.com/mashery/wordpress-plugin/blob/master/assets/js/frontend.js#L4-L9

Support for his is required for any portal implementation. It is already available in wordpress through plugins. We can investigate and select one to be included in the default portal deployment or leave it up to customers to pick the plugin they prefer.

@cferdinandi mentioned JetPack as a possible solution.

As per our discussion, we would like to add a macro-like feature to let customers automatically generate a number of "recommended" pages easily. The pages will include:

• Register
• My Profile
• My Keys
• My Applications
• Etc...

Research existing Docker containers or images that already run a recent version of Wordpress and adopt that image. If possible, avoid having to modify that image.

Remove all traces of Wordpress branding and bring the admin theme as close as possible to Control Center's theme. Not in structure but in colors and anything reasonable.

Regardless of input, data is being saved as 0.

For the plugin to be able to access the customer's data through the platform api, we need to provide a way for customers to insert an access key. We'll use the admin screen for this and the key should be saved in the WP db.

A developer should be able to manage their keys including creating new keys, editing existing keys and deleting keys.

Being implemented through a shortcode so the list of applications can be injected into any page.

This is achieved by adding a textarea in the settings field where users can write their markup, and providing placeholders that get replaced with key pieces of content when the shortcode renders. Examples:

{{username}}
%field.username%

If custom markup is included, you do a find/replace for the placeholders. Otherwise, you render the default markup. You can see this in action in another plugin I manage: WordPress for Web Apps

When submitting the account details from wherever the short code [mashery:account] is, we need those to be saved.

• Short code: [mashery:account]
• Template: https://github.com/mashery/wordpress-plugin/blob/master/Mashery/templates/account.php
• API Call: https://github.com/mashery/wordpress-plugin/blob/master/Mashery/API.php#L54-L59

I originally intended to work on a default Mashery Developer Portal theme and include it in this proof of concept. I've decided not to cover that here because there are plenty of very high-quality themes out there available for under $100. Many of those are already mobile-compatible and much better looking than anything I feel comfortable tackling within a reasonable amount of time.

It is my recommendation that we extend RFPs to a few good Wordpress theme designers and delegate this work. Specially considering we don't have in-house UI designers.

A developer should be able to manage their applications. This includes creating, editing and deleting applications.

I have no idea if this is used by our customers or not but it's another piece of functionality likely to be available through plugins. If not a simple plugin using the WP db I suspect there are plugins for Zendesk or similar services out there that we could use.

If someone can take some time to look at this, please do and follow up here.

npm should be enough to build and automate most, if not all, of this project. The initial setup should cover enough to run a few commands and get up and running.