GovCMS 8 contributed and custom modules

Content entry and management modules

These modules help authenticated users navigate easily around the administrative interface, and also enhance content editors’ experience. These include:

Admin Toolbar: A light module, which replaces the default administration menu that ships with Drupal core. It works on narrow screens (mobile/tablet) and improves the default menu by transforming it into a drop-down menu instead. This reduces the number of clicks and page loads required so users can reach the various administrative sections of the site much faster.

Adminimal - Responsive Administration Theme and Adminimal Admin Toolbar: This combination of a theme and a module alter the style of the Seven administrative theme that ships with Drupal core, and also the style of the Admin Toolbar module. They provide a modern, minimalistic design and many usability improvements. The result is making the site navigation and administration an easy and fun experience.

Chosen: Replaces all dropdown and multi-select elements in various administrative forms with the Chosen jQuery plugin. These elements become more user-friendly, and data entry becomes more intuitive. It removes the need to use a combination of clicks and keypresses to select from the various available options in multi-select elements. The user experience improvement is especially notable in touch-enabled devices, where a physical pointing device and keyboard is not present.

Crop and Focal Point: Drupal allows specifying image styles, so that an uploaded image can be used on the main content, while a smaller version of it may be used as a thumbnail in other sections of the site. These modules allow you to specify the portion of an image that is most important. This information can be used when the image is cropped, or cropped and scaled, so that you don't, for example, end up with an image that cuts off the subject's head.

Diff: Adds a tab in the content edit form, which allows content reviewers to compare the various revisions of content. It highlights added text with green, and changed/deleted words with red, so it is easier/faster to review changes.

DropzoneJS: Integrates the open-source DropzoneJS library with Drupal forms. It enhances the default file upload fields, to allow drag-n-drop bulk file uploads, as well as previews for uploaded image files.

Entity Embed: Allows any entity, such as a media asset, to be embedded within a text area using a rich text editor.

Linkit: provides an easy interface for internal and external linking within rich text editors, by using an autocomplete field. Linkit has, by default, support for content types, users, taxonomy terms, files, comments, as well as basic support for all types of entities that define a canonical link template.

Scheduled Transitions: Content editors may select a specific content revision, and configure it to be published at a specified date. Scheduled Transition differentiates from other scheduling solutions by providing a smooth user experience, and by not adding scheduling metadata as fields on the scheduled entity. The module works with any entity type compatible with content moderation (content items, custom blocks, etc.) without any custom integration work required. Transitions may be scheduled for individual translations of each entity.

Site building and administration modules

These modules make it easier to configure your site via the administrative interface. These include:

Custom Permissions: Drupal core modules, as well as the various contributed modules included in the GovCMS distribution, ship with a specific set of permissions. Additional permissions may be added by developers in-code, but this module allows site builders to achieve this through an administration form. These permissions then become available to be assigned to roles on the permissions page. The module uses the menu access system to allow or disallow access.

Contact Storage: Supplements the core Contact module, by providing storage for Contact messages. In combination with the core Contact module, this module aims to provide functionality equivalent to the base-features of the more complicated Webform and Entity Form modules.

Context: Allows managing contextual conditions and reactions for different portions of your site. You can think of each context as representing a "section" of your site. For each context, you can choose the conditions that trigger this context to be active, and choose different aspects of Drupal that should react to this active context. Think of conditions as a set of rules that are checked during page load, to see what context is active. Any reactions that are associated with active contexts are then fired. An example of a condition could be when viewing a certain content type, and then blocks should be placed as a reaction when viewing a page of this content type.

Display Suite: Allows taking full control over how the site content is displayed, using a drag and drop interface. You can arrange your content, views, comments, user data etc., the way you want without having to work in-code, through dozens of template files. A predefined list of layouts is available for even more drag and drop fun! By defining custom view modes, you can specify how one piece of content should be displayed in different places, such as teaser lists, search results, the individual content item, or listings of multiple content items, etc.

Dynamic Entity Reference: Provides a field type, widget, and formatter combination, that allows an entity-reference field to reference more than one entity type. You can, for instance, create a single field to hold references to:

• users and content types

• taxonomy terms and content types

• all three.

Entity Browser: A tool that allows creating entity browsers and pickers/selectors. It can be used in any place in the user interface where you need to select one or more entities from a list, and do something with them. For example, you can use it to allow selecting media assets from a list, and then embedding the respective media entities into the rich text editor.

Entity Reference Display: Defines a simple field type for display mode selection for entity reference fields. This allows an editor to select how they would like the references to be displayed.

Entity Reference Revisions: Adds an Entity Reference field type with revision support. It's based on the core Entity Reference module, but allows you to reference a specific entity revision. This is useful for modules like Paragraphs and Inline Entity Form. A common use case is where an entity is actually part of a parent entity (with an embedded entity form). When the parent entity is updated, the referenced entity is also updated, thus the previous revision of the parent entity should still be pointing to the previous version of the entity to fully support revision diff and rollback.

Features: Provides a user interface and API for taking different site building components from modules with exportables, and bundling them together in a single feature module. A feature module is like any other Drupal module, except that it contains additional information in its info file, so that configuration can be checked, updated, or reverted programmatically.

Field Group: As the name implies, this module groups fields together. All fieldable entities will have the possibility to add groups to wrap their fields together. Field Group comes with default HTML wrappers like vertical tabs, horizontal tabs, accordions, fieldsets or div wrappers.

Inline Entity Form: Provides a widget for inline management (creation, modification, removal) of referenced entities. The primary use case is the parent → children one (product display → products, order → line items, etc.), where the child entities are never managed outside the parent form. Existing entities can also be referenced.

Linked Field: Allows you to link fields in the field formatter settings. E.g. you have a content type teaser with an image and a link field, and you want to link the image to the entered link. You can either select a field to be used for destination, or simply enter a token you need ( Token support) and HTML attributes for the generated link as well.

Menu Block: Provides configurable blocks of menu links with advanced features not available in Drupal 8 core. Drupal 8 core allows you to display blocks of menu links starting with any desired level of a menu and limited to any desired depth. The Menu Block module provides additional configuration, so you can choose to expand all menu links with children, or to root the menu tree to a specific menu item.

Menu Trail by Path: Sets the active-trail on menu items according to the current URL. For example if you are at yoursite.com/blog/category1/article1, menu items with these paths will get the active-trail class on them and expand accordingly:

• blog

• blog/category1

• blog/category1/article1

This is particularly useful if you want a lot of content items to appear as children of certain “parent“ content items, taxonomy term, views, referenced content, etc., but do not want to add them all to the menu (e.g. hundreds of blog articles).

Modifiers: Defines a system for defining how modifications can be consistently applied to elements on a page. Modifiers work by leveraging the power of the Drupal theming system, and abstracting it to a Modifier interface, which provides for the application of modifications on elements defined by a selector. The power of Modifiers comes from being applicable to elements as defined by a selector. This means they can be applied to entities (nodes, blocks, paragraphs, users, etc.), theme regions (header, footer, etc.), view modes (full, teaser, etc.), classes in the WYSIWYG, and anything you can think of and define. Modifiers are developed by architects and programmers and used by site builders and editors. They are designed to make site building easy and pleasurable... and fast.

Module Filter: The modules list page can become quite big when dealing with a fairly large site, or even just a dev site meant for testing new and various modules being considered. What this module aims to accomplish is the ability to quickly find the module you are looking for, without having to rely on the browsers search feature, which more times than not shows you the module name in the 'Required by' or 'Depends on' sections of the various modules or even some other location on the page (a menu item for example).

Page Manager: Supports the creation of new pages, and allows placing blocks within that page. It provides a concept of "page variants", each with their own selection conditions. Additionally, it can be used to take over an existing page, like overriding /node/% to change what is displayed when viewing a node. It uses the core Conditions, Context, and Blocks APIs to accomplish this.

Panels: Allows creating customised layouts for multiple uses. At its core it is a drag and drop content manager, that lets you visually design a layout, and place content within that layout. Integration with other systems allows you to create content items that use this, landing pages that use this, and even override system pages, such as taxonomy and the content page, so that you can customise the layout of your site, with very fine-grained permissions.

Panelizer: Allows you to attach Panels to any node in the system. It is similar to the panels_node module that ships with Panels, which provides a single node type that is a panel. Panelizer, however, allows this to work for many entity types. It works by using the Page Manager template, to take over the page rendering of the node. Note: with the Layout Builder system committed, much of Panelizer's functionality is now available out-of-the-box in Drupal core. Therefore, Panelizer 5.x is solely a migration path to the core Layout Builder.

Paragraphs: Paragraphs is the new way of content creation! It allows site builders to make things cleaner, so that you can give more power to your content editors. Instead of putting all their content in one WYSIWYG body field, including images and videos, content editors can now choose on-the-fly between pre-defined Paragraph Types, independent from one another. Paragraph Types can be anything you want; from a simple text block or image, to a complex and configurable slideshow.

Pathauto: Automatically generates URL/path aliases for various kinds of content (content items, taxonomy terms, users), without requiring the content editor to manually specify the path alias. This allows you to have URL aliases like /category/my-node-title instead of /node/123. The aliases are based on a "pattern" system that uses tokens the site administrator can configure.

Redirect: Provides the ability to create manual redirects, and to maintain a canonical URL for all content, redirecting all other requests to that path.

Token: Tokens are specially formatted chunks of text that serve as placeholders for a dynamically generated value (the user name of the person that you need to send an email to for example). This module provides additional tokens not supported by core (most notably fields), as well as a user interface for browsing tokens.

Webform: Allows creating forms and surveys that you can allow visitors of your site to fill in. After a submission, customisable emails can be sent to administrators and/or the form submitters. Results can be exported into Excel, or other spreadsheet applications. Webform also provides some basic statistical review, and has an extensive API for expanding its features.

Multimedia and media asset management modules

These modules enhance the already greatly improved media handling capabilities of Drupal 8 core:

Media Entity File Replace: Allows content editors to easily replace the source files associated with file-based media types (like "Document"). The replacement file overwrites the existing file, keeping the same filename and path, which is usually what content editors want to do when performing a file replacement.

Video Embed Field: Creates a simple field type that allows you to embed videos from YouTube and Vimeo and show their thumbnail previews, simply by entering the video's URL.

Search-related modules

Facets: Allows site builders to easily create and manage faceted search interfaces. Facets augment traditional search techniques with a navigation system that allows narrowing down search results by applying multiple filters.

Search API: Provides a framework for easily creating searches on any entity known to Drupal, using any kind of search engine. For site administrators, it is a great alternative to other search solutions, since it already incorporates facetting support, and the ability to use the Views module for displaying search results, filters, etc. Also, with the Apache Solr integration, a high-performance search engine is available for this module. Developers will be impressed by the flexibility and numerous ways of extension the module provides.

Search API Solr: This module provides an Apache Solr backend for the Search API module. It provides great performance, is suitable even for use on large commercial websites, and supports facets and multi-index searches. Multilingual content is handled correctly by design.

Search API attachments: An add-on to the Search API, which allows the indexing and searching of attachments.

Developer and configuration management modules

These modules provide tools that allow developers more flexibility, and to get things done faster. These include:

Components: Registers folders of components defined by your theme or module as Twig namespaces. This allows you to specify a different directory for your component library's Twig files, and allows you to register a unique Twig namespace for those files.

Config Split: By default, the Drupal configuration management works by importing and exporting the whole set of the site configuration. This module allows you to define subsets of configuration that will get exported into separate directories when exporting, and get merged together when importing. These subsets can then be used in different environments (for example local vs. staging vs. production).

Config Filter: Modules such as Config Split want to modify the configuration when it is synchronised between the database and the exported yaml files. This module provides the API to do so, without influencing the operation of the site.

Config Ignore: This module allows for ignoring specific configuration settings. For instance, it can be used to prevent overriding settings specific to your local dev environment, when importing configuration from your production environment.

Configuration Update Manager: Supplements the core Configuration Manager module, by providing a report that allows you to see the differences between the configuration items provided by the current versions of your installed modules, themes, and install profile, and the configuration on your site. The report is available from the administration user interface (UI), or via Drush commands. If you run the report from the administration UI, you can also import new configuration provided by updates, delete unwanted configuration items, and revert your site configuration to the provided values, on a case-by-case basis.

Consumers: Used by other modules to provide functionality for decoupled scenarios. It allows for variations based on the consumer making the request. All these options are gathered under a common umbrella, so other projects can make use of them.

Chaos Tool Suite (ctools): Provides a set of APIs and tools to improve the developer experience.

Devel: A suite of modules containing helpful tools for module developers and themers. Examples of the features it provides:

• allows to pretty-print variables

• generates dummy content for the site, for testing purposes

• provides helper functions for Drupal developers and inquisitive admins.

Entity Class Formatter: A very simple module that formats values of various types of fields in such a way that a class or attribute is placed on the parent entity of that field. This allows the class/attribute to act as a modifier, which themers can take advantage of, to style each entity differently.

GovCMS8 UI and GovCMS8 Starter Theme: A starter theme for GovCMS 8 sites, using the components from the Australian Government Design System, formerly known as the gov.au UI-Kit.

GraphQL: Lets you craft and expose a GraphQL schema for Drupal 8. It is built around webonyx/graphql-php. As such, it supports the full official GraphQL specification with all its features. You can use this module as a foundation for building your own schema through custom code, or you can use and extend the generated schema using the plugin architecture and the provided plugin implementations form the sub-module. For ease of development, it includes the GraphiQL interface at /graphql/explorer.

REST UI: Provides a user interface for configuring the REST module included with Drupal 8 core, which exposes entities and other resources as RESTful web API.

Site performance and SEO modules

Memcache API and Integration: Provides integration between Drupal and Memcached.

Google Analytics: Integrates the Google Analytics web statistics tracking system with your GovCMS website, allowing you to track things like which links are being clicked, which pages are viewed the most, which files are being downloaded the most, etc.

Metatag: Allows you to automatically provide structured metadata (aka "meta tags"), about your website. Allows customising the meta description tag and the meta keywords tag, that may help improve the rankings and display of a site in search engine results. In addition, the module provides support for meta tags (Open Graph Protocol from Facebook, Twitter Cards from Twitter), that allow control of how content appears when shared on social networks.

RobotsTxt: generates a robots.txt file dynamically, and gives you the chance to edit it, on a per-site basis, from the administrative user interface.

Simple XML Sitemap: Every webpage needs an automatic XML sitemap generator for SEO reasons. Sitemaps generated by this module adhere to the new Google standard regarding multilingual content by creating hreflang sitemaps and image sitemaps — Googlebots will thank you later. In addition to the default hreflang sitemaps, the module's API allows creating and publishing of custom sitemaps with arbitrary content.

Security, access control, and privacy modules

Encrypt, Key, Two-factor Authentication (TFA), and Google Authenticator Login: These four modules are combined to provide a multi-factor authentication solution that increases the security of your site. Drupal by default allows authentication via a username and a password. The TFA module adds a second layer of protection, by requiring another step of authentication, via a check for a code sent to (or generated by) your mobile phone.

Events Log Track: Keeps logs of specific events that you'd like to review/audit. The events performed by the users (using the administrative forms) are saved, and can be viewed via a reports page. You may use this to track the time a specific piece of content was created/updated/deleted, as well as by which user.

GovCMS Dissemination Limiting Marker (DLM): Like paper-based information, all electronic-based information needs to be marked with an appropriate protective marking. This module adds the option to set a default email protective marking, such as [SEC=UNOFFICIAL], appended to the end of the subject line for all outgoing emails sent by your GovCMS site.

Honeypot: Can be used to deter spam bots from completing forms on your GovCMS site (read more about Honeypot). The methods used are effective against many spam bots, and are not as intrusive to real people as CAPTCHAs or other methods that punish the user.

reCAPTCHA: Uses the Google reCAPTCHA web service to improve the CAPTCHA system. It adds the popular “I’m not a robot” checkbox on the forms of your site, and can be configured to present a series of questions/puzzles, before allowing a form to be submitted. It’s tough on bots and easy on humans.

Login Security: Improves the security of your site. Can be configured to protect and restrict access by adding access control features to the login forms (default login form in /user and the login form block). Some of the available options include:

• Limit the number of invalid login attempts before blocking user accounts

• Deny access by IP address, temporarily or permanently

• Disable the login error messages, obfuscating the reason for the login failure (this could make it harder for an attacker to discover whether the account even exists).

Password Policy: Provides a way to enforce restrictions on user passwords by defining password policies. This module is managed by the GovCMS Security Team for all SaaS customers, and is configured to enforce password policies that comply with IRAP. PaaS customers may disable this module, or customise it to suit their needs.

Permissions by Term: Extends the default Drupal functionality for restricting view and edit access to single content items via taxonomy terms. If you have installed the Permissions by Entity sub-module, any other content entity type, such as media entities, can be controlled in access restriction, too. Taxonomy term permissions can be coupled to specific user accounts and/or user roles. Taxonomy terms are part of the Drupal core functionality. Since Permissions by Term is using Node Access Records, every other core system will be restricted.

Real AES: Provides an encryption method plugin for the Encrypt module. This plugin offers AES encryption using CBC mode and HMAC authentication through the Defuse PHP-Encryption library.

Security Kit: Provides various security-hardening options, and mitigates the risks of exploitation of different web application vulnerabilities, such as cross-site Scripting, cross-site request forgery, clickjacking, etc. The module is managed by the GovCMS Security Team for all SaaS customers, but may be configured to suit specific needs (via a support ticket, and after a security assessment of the request).

Shield: Helps you protect your secondary environments (or the live site while it is under development) with a simple HTTP username/password authentication, which prevents access to the site and hides it from search engines.

Simple OAuth (OAuth2) & OpenID Connect: Simple OAuth is an implementation of the OAuth 2.0 Authorization Framework RFC. OpenID Connect allows clients of all types, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, allowing participants to use optional features such as encryption of identity data, discovery of OpenID Providers, and session management, when it makes sense for them.

Username Enumeration Prevention: aims to mitigate common ways of anonymous users identifying valid usernames on a GovCMS site, which can be used by malicious actors to identify valid usernames, and can then be used in other attacks, such as credential stuffing.

Miscellaneous and system modules

Environment Indicator: each GovCMS project is initially provisioned with a single “master” or “production” environment, which holds your live, public-facing site. In addition to that, several “secondary” environments may be created, to be used for content staging, feature testing etc. This module adds a coloured ribbon to the top of your site when you log in, and each environment gets a different colour. In addition to that, there is text displayed in that ribbon, to clearly indicate the type of the environment (Development, Staging, Production, etc.). This helps avoid making configuration or content changes to your live site by mistake, clearly marking each version of the site.

Update Notifications Disable: disables warnings about pending security updates from being displayed. Security updates are being centrally managed by the GovCMS Security Team for all SaaS sites hosted on the Platform, so there is no point in notifying content editors about them.

Mini site: allows to upload an archive with “minisite”(*) files, and serve it from a Drupal website, while maintaining the minisite's look and feel. The pages can be served from the location in the public or private files directory, or from an alias set on the parent entity (where the field is attached to).

^{* a minisite is a small website, with a narrow subject focus, also known as “microsite“ or “sitelet”.}

Swift Mailer: Extends the basic email sending functionality provided by Drupal, by delegating all email handling to the Swift Mailer library. This enables your site to take advantage of the many features the Swift Mailer library provides, such as:

• Sending emails directly through a SMTP server of your choice, a locally installed MTA agent such as sendmail

• Sending HTML (MIME) emails

• Adding file attachments to emails

• Adding inline images to emails

The module also lets you theme emails so that they reflect the general look and feel of your site, and at the same time appear correctly in various email clients. Images required by the theme can be attached to the email and displayed inline. The module is also capable of automatically creating a plain text version, based on the HTML version of an email.

Custom modules

The following custom modules are included in the GovCMS distribution:

GovCMS 8 Default Content: Provides example content and structure to build a sample out-of-the-box site, complete with a Styleguide and a 'kitchen sink' page.

GovCMS8 Foundations: Includes some additional helper modules:

• GovCMS8 Calendar Item: provides custom calendar item formatter and DS field for UI-Kit.

• GovCMS8 Layouts: provides layouts for the distribution

• GovCMS8 Modifiers: provides modifiers for the distribution

GovCMS Content Types: Provides default content types and related configuration.

GovCMS Media: Provides media management functionality.

GovCMS Search: Provides default search functions.

GovCMS Security Kit: Enhances the security of GovCMS websites.