I have done some changes in design mode on a CQ page.
I want to keep track if anyone else is changing the page in design mode.
Is there anyway to do so?
Certain actions in CQ will leave records in the audit log. Modifying a page is one such action, and changes made in design mode are recorded by modifying the corresponding design page under /etc/designs
To see who has been making changes to a design, just search for "/etc/designs" in the audit log(s) at <your-CQ-dir>/crx-quickstart/logs/audit.log
where you'll find lines like:
17.07.2013 22:24:12.722 [46] 5497760921600 admin#crx.default:/etc/designs/default/jcr:content (11143)
which show that the user admin (logged into the default CRX workspace) changed the design at that date and time.
Designs in CQ can apply to many different pages and the audit log doesn't record what page the user was on when the design was changed, so if that information is important to you you'll need to come up with a way to track that yourself.
For a little more information about auditing changes in CQ, see Adobe's documentation which also mentions that audit events are recorded under /var/audit, which you can explore with CRXDE Lite (though it's more convenient to search the log file).
Using basic WCM functionality
You could watch the last modified date for a design in CQ5 Tools part of WCM Site Admin
http://localhost:4502/miscadmin#/etc/designs
Extending your CQ application/installation
Alternatively, you would write an event listener that looked for changes for your design page and produced some kind of notification (e.g email).
Analysing the logs
If you have access to the cq request.log you can monitor POST requests to the path of your design. For example, you might see something like:
17/Jul/2013:10:22:00 +0100 [73] -> POST /etc/designs/mydesign/jcr:content/component HTTP/1.1
after making a design change.
Controlling access to design functionality
Finally, if you only want to control who can modify designs you can control this through a user/groups write permissions on /etc/designs. See "Removing the design icon from the sidekick in cq5".
Like mszu says the design may apply to many pages so when they change any page having that design in design mode then the design, not the page, will be updated.
Related
I need to modify a web application's interface based on user behavior. For example, new users will see the interface in a simplified way and expert users will see all the features of the application. How can I distinguish between the two types of users? The web application is built on Flask. How should I approach and is there any constructive tutorial that I can follow?
You could use Cookies/Local Storage to count and save how many times they have visited, or if they have visited before. This can be done through Flask, see here for how it's done: link.
Alternatively, give the user the option to toggle between the views, and use a cookie to save their option.
We building personalization feature and use AEM targeting engine to deliver personalization content. However, I see that in admin section of the AEM Segmentation, there is any attribute called "Impresssions" which I believe is stats on how many times the customized content was shown to user.
Assuming that, how does AEM get to know the statistics? Is it something AEM takes care of automatically or I have code or configure something explicit. The reason why I ask is, I see the snippet like below in kernal.js file.
if (window.CQ_trackTeasersStats && n.trackingURL) {
h(M, n.trackingURL)
}
I noticed that n.trackingURL is null in my case.
Any help shall be appreciated. And also should I looking for impression statistics in author env or publish env?
AEM Campaign use a OOTB or custom Impressions service to calculate the Impressions.
There are two option in AEM to calculate the impressions
Yes, This something AEM can take care automatically
for you but it will not give you a correct picture as every instance will be having a separate copy so you have to write some code to collect all values and push it back to all environment.
You also have an option of using your Adobe Sitecatalyst to
calculate an impression which gives you a more accurate count of
impressions. for this sitecatalyst expose their rest service so that
you can update the impressions on run time.
n.trackingURL is null because you have not configured the sitecatalyst account for this environment.
Read docs Or
Implementations instruction:
We are implementing SiteCatalyst on flat HTML files. There is a requirement where we need to show campaigns based on the data that we reported from Analytics. e.g. There is a form having multiple fields. If user have not filled the form/or filled the form, we will track this event and report it to omniture. Now if he presses back button without filling the form completely, we need to show him some campaign/offers. The same will happen when he presses the submit button only the campaign will be different this time. Can this be achieved ? Can we integrate sitecatalyst and campaigning ?
I know that the vice-versa is possible. We can track campaigns and report the campaign id's. But is there any way to display offers based on the analytics data. That too in real time.
Any help would be great !
Thanks in advance.
It sounds like what you are looking for is Adobe Target.
Adobe Target is a tool that allows you to do AB/MV testing, but also target visitors by set rules and criteria.
Very simple example:
"If user came from foo.com, show <h1>foo</h1>. If user came from bar.com, show <h1>bar</h1>"
There is a level of integration between Adobe Target and Adobe Analytics. However, it is not real-time for data that has already been collected.
For example, if you have logic that pops s.prop10 on page with "foo" then that can be integrated with Adobe Target and you can setup a rule that says something like "If s.prop10 is 'foo' then show '<h1>foo</h1>'".
But, it does not let you make a rule like "if prop10 was 'foo' for this visitor at any point in the time in the past, show '<h1>foo</h1>'". In other words, there is no real-time evaluation of data already collected on Adobe's servers.
But, if you were simply wanting to make rules based off the current visit, you can store information in cookies look at cookies to make rules in Adobe Target easy enough.
Also note that there are no built-in tools or hooks or methods etc.. for the actions you described. For example, there's no way to natively say in Adobe Target (or Adobe Analytics) "If a visitor clicks the back button or does this other action, track that". You need to write your own code to define those actions and trigger relevant tracking code at relevant times. Adobe Analytics (and other tracking tools) can help automate some basic stuff like simple link clicks or form field focusing - IOW direct 1:1 actions, but baking in complex actions like that is not feasible for a tracking tool, because every site and scenario is unique.
I guess the TL;DR here is that there is no magic wand for this sort of thing, not for Adobe or any other analytics/tracking tool; you're going to have to write your own code (be it server-side, client-side, or mix of both) to meet your business needs.
You can use Reporting API exposed by adobe sitecatalyst.
Through the Reporting API, you’re able to access the reports generated for your Form events. If you’re using SiteCatalyst 15, you’ll be able to generate reports based on segments also. Recently the Reporting API was updated and given the ability to perform multi-level breakdowns across reports. For more information on this method, go to the API documentation within the Adobe Developer Connection.
Sample Real time access API:
// Real-Time Report
// Note the inclusion of "source" equals "realtime"
// Make sure you configure Real-Time reports for the report suite
https://api.omniture.com/admin/1.4/rest/?method=Report.Run
{
"reportDescription": {
"source": "realtime",
"reportSuiteID": "rsid",
"metrics": [
{ "id": "revenue" }
]
}
}
I had an idea about website vulnerabilities, and I would like to know if it is possible. Also some suggestions on how to fix them.
If some part of my website writes data to the DOM and then calls the data back from it, would it be possible for someone to “hack” the server by editing the DOM in the browser?
For example, suppose I have some radio buttons. Each button has its own logic associated with it. If I remove one of the buttons, but fail to remove or comment out the logic, could someone go in and edit the DOM name of one of the buttons to the removed one, and upon submission have the server execute the logic associated with the removed radio button?
I understand how to fix that situation, by removing or commenting out the removed button’s logic, but I fear my site relies too heavily on such things that could be manipulated via the DOM. Hence, I’m wondering:
Is such a thing possible?
Is some complex validation method the only way to prevent “hacks” of this nature?
The answer to your question is yes. For example in many browsers you can open a javascript console and change not only the DOM but also the javascript on the site.
There is no guarantee that the code you write for a webpage will be run as you code it. Any user can change their copy. What they should not be able to do is change other people's copy. When they do this is called a cross site scripting (XSS) attack. (Typically done by adding script to a field which is saved in a database server and then served to another user.)
To protect your site you need to ensure that all web service calls are secure -- that is a user can't call them with malicious data and cause problems.
You also need to block against SQL injection attacks.
There is NO way to protect against a user changing the web page on their machine and having it do something you did not intend, so all validation needs to occur both in the browser and on the server.
As an example of how easy it is to change the local browser behavior, consider the browser extension. A browser extension is a pre-coded way to change the way web pages act locally.
(Think about ad-blockers as a specific example.)
We have some quite-specific requirements for our app that a CMS may help us with, and were hoping that someone may know of a CMS that matches these requirements (it's quite a laborous task to download each CMS and verify this manually).
We want a CMS to allow users to create and manage articles, but storing the articles in plain-text only. All of the CMSs that we have looked at so far are geared towards creating HTML pages. We want the CMS to manage workflow (approval process), and tracking of history.
The requirements for plain text only is that the intent is to allow business people to generate content which we are going to display in our Silverlight application - we don't want to go down the route of hosting and displaying arbitrary HTML in the app as we want the styling to be seamless with our app, amongst other reasons.
We would also want to allow the user to be able to link to media stored on the server, but not to external sites (i.e. HTML with no formatting, or some other way of specifying article links), and the third requirement is the ability to tag articles and search on articles.
Does anyone know of any non-HTML targetted CMS systems that may match these requirements?
I would expect several CMS systems to allow this, but eZ Publish stores content as plain XML. And you have a way of allowing certain tags if you wish; and explicitly prevent for example external links. You then have options for how to present that content according the templates you choose to use.
You also have control via a /layout/set/myLayout directive.
You could for example retrieve the content as a plain xml feed or a print layout or whatever custom format you choose at the time. With appropriate headers.
http://doc.ez.no/eZ-Publish/Technical-manual/3.10/Reference/Modules/layout/(language)/eng-GB
vs.
http://doc.ez.no/layout/set/print/eZ-Publish/Technical-manual/3.10/Reference/Modules/layout/(language)/eng-GB
You could define a layout such as /layout/set/xml/....
Workflow as in content approval processes, versioning, tagging and search are standard.
You can give Statamic a try.
http://statamic.com/
Not sure if you can disallow external links, though.