Fork me on GitHub
2sxc 9.33 for DNN 7 to 9
Website Builder, Content Manager, App-System: open-source and amazing
You are here: Home  >  Blog

New: Features Management in 2sxc 9.30

2sxc 9.30 introduces feature-management, which allows the host-user to specify what features are enabled. Here's what you want to know.

New Security Related Features are Off by Default

New features which have a security consequence - for example the new features around using the 2sxc form with anonymous users - are turned off by default. 

This is to be sure that you actively enable it and know that this feature is in use. 

Features are Managed under Manage-Apps

You can see what features are enabled in the manage-apps, so either in the rotating menu, or in the add-app bar:

feature-go-to

 

You can then see the enabled features - and they will look up the security of these features on our server, to tell you if something must be done:

features-manage

Understanding Features

Basically this system simply enables/disables features. When features have more settings, we'll add them, but at the current level it's just on-off. Here are some more things you should understand:

  1. A feature is identified by a GUID. Additional information like a nice-name are not available yet, but will soon be.
  2. Features can expire - this is great if you want to just test a feature, and want to make sure it won't be available after testing
  3. A UI relevant feature means that the JS-UI should know about it, so when the UI asks the server for activate features, this will be provided to the UI. This is to differentiate between features which the UI shouldn't know about, like for security reasons. For example, the UI should know if paste-image-from-clipboard is enabled. 
  4. A public feature is a feature which the UI should know about, even if low-privilege users are working with the dialogs. For example, public users shouldn't know about advanced security features like "permissions by user enabled"

Enabling Features

To enable such features, you will have to go to manage-features:

enable features

..and from there you'll see the features-enably section. Depending on your function in the community, you can enable:

  1. Advanced or security related features
  2. Beta features
  3. Features which are still in development or preview

Understanding Expiry

Each feature can be configured to expire. This allows you to test a feature or just to enable it for a few months - like in situations where you expect the feature to become unnecessary after a certain time. We really recommend that you do this on beta-features for security reasons. 

 

Optional Registration & Benefits

You don't have to register your installation (right now you can't actually do it yet), but in the near future this will provide you security benefits: 

  1. We will inform you, if such a feature has a known security issue
  2. If you're a beta-tester, you can enable beta-features
  3. If you've had us develop custom features for you, you can enable them here
  4. Other people won't be able to generate feature-configurations for your installation, as they will then need your login to do that

We know that registration may be something people don't like, but we regard it as the only way to provide top-notch security, and this we regard as being our topmost goal. 

Internals and More

If you want to learn more about how the features work internally, check out the documentation in the wiki. Remember that this is available in 2sxc 9.30 and later, which you can download from Github.

Love from Switzerland, 
Daniel

 


Daniel Mettler grew up in the jungles of Indonesia and is founder and CEO of 2sic internet solutions in Switzerland and Liechtenstein, an 20-head web specialist with over 800 DNN projects since 1999. He is also chief architect of 2sxc (see github), an open source module for creating attractive content and DNN Apps.

Read more posts by Daniel Mettler