Quantcast
Channel: XAF Team Blog
Viewing all articles
Browse latest Browse all 148

XAF v24.1 — June 2024 Roadmap (Cross-Platform .NET App UI & Web API Service)

$
0
0

The following list outlines features/capabilities we expect ship for XAF’s Cross-Platform .NET App UI and the DevExpress .NET App Security & Web API Service (expected release date: June 2024). We will outline plans for our second major release of this year (expected release date: Dec 2024) in July.

Before I detail our roadmap, please take a moment to review XAF's What's New v23.2 and please submit feedback using the related survey. What's New and roadmap survey feedback gives you the opportunity to communicate your needs/concerns and allows us to make more informed development decisions.  As always, thanks to everyone who has already submitted feedback/suggestions.

The information contained within this blog post details our current/projected development plans. Please note that this information is being shared for INFORMATIONAL PURPOSES ONLY and does not represent a binding commitment on the part of Developer Express Inc. This blog post and the features/products listed within it are subject to change. You should not rely or use this information to help make a purchase decision about Developer Express Inc products.

ASP.NET Core Blazor UI

We expect to release the following XAF Blazor UI features/capabilities in our v24.1 release cycle (June 2024):

Accessibility Enhancements and Keyboard Support

Currently, XAF (UI for ASP.NET Core Blazor, WinForms, and ASP.NET WebForms) ships with partial accessibility support mirroring those found in corresponding DevExpress UI controls across respective UI platforms:

XAF Blazor also ships with its own set of UI components/elements that do not support accessibility and have limited keyboard support. XAF Blazor developers must manually customize built-in HTML markup via the ComponentModel.SetAttribute() method (for property editors and action containers) to add required ARIA attributes.

We expect to introduce accessibility-related enhancements for unsupported XAF Blazor components throughout 2024. More information on accessibility will be forthcoming as we get closer to our mid-year release.

Tabbed MDI Support

Tabbed MDI is a multiple document interface (MDI) UI metaphor found in many modern applications (including your favorite Web browser or Microsoft Outlook Web). It is a robust interface that maximizes document screen real estate, especially when working with multiple documents, email messages, etc.

Tabbed MDI is enabled in XAF WinForms apps by default, and XAF Blazor will provide a similar user experience in v24.1 (hopefully with an EAP in v23.2).

Add New Fields into the Customization Form of the Grid and Layout Controls at Runtime

XAF WinForms apps include an Object Model dialog. With it, end-users can tick or untick data model fields (including sub-fields and collections), which are not yet displayed in the grid or layout control (as part of the Column Chooser or Customization Form).

Much like Microsoft Office apps, this capability allows users to fully customize list and detail forms (based on the structure of a data model). Again, this is helpful when developers need to address changes to business requirements without redeployment.

XAF Blazor will provide a similar experience for both ListView and DetailView in v24.1 (hopefully with an EAP in v23.2).

Notifications Module

XAF Blazor v24.1 will support our Notifications Module. The module allows you to display reminders for scheduler appointments or any custom objects (such as tasks). The detail form for a scheduler appointment/event will also allow you to configure reminders like those available in Microsoft Outlook. With the help of the Notifications Module, your app can display a popup window before appointment/event start times.

NOTE: our Notifications module does not have to be bound to the Scheduler module: it can display notifications that originate from anywhere. In the latter instance, your goal as a developer is to provide the notifications service with notification items and the service will process them as required. 

Scheduler Module - Shared/Multiple Resources

If the underlying Blazor scheduler component (DxScheduler) supports multiple resources for a scheduler appointment/event in v24.1, XAF Blazor Scheduler module will allow you to use shared resources as well. Currently, only a single resource is allowed in DxScheduler, and XAF displays a validation error message when you attempt to link multiple resources to an appointment.

Batch / Cell Edit in Grid List Editor

The underlying Blazor Grid component (DxGrid) used by XAF Blazor now includes batch and cell edit support (Online Demo). At present, XAF Blazor developers must manually enable this option (learn more). Batch Edit support will officially ship in XAF Blazor v24.1 via a single option (InlineEditMode = Batch) much like its XAF WebForms counterpart.

Best Fit in Grid List Editor

As you probably know, the underlying Blazor Grid used by XAF Blazor can automatically adjust column width to fit actual cell content (using the AutoFitColumnWidths method). We have not enabled this behavior in XAF Blazor by default, because of conflicting interests of various user groups:

  • Some of XAF Blazor users wanted to have a Best Fit item in the context menu to apply Best Fit.
  • Others did not like this behavior and wanted to specify column width in percentages (%) instead of pixels using the Model Editor.
  • And a handful of our customers wanted to specify minimal default column width (120px or so) and did not want to deal with column width whatsoever, preferring to optionally resize columns at runtime, when necessary.

If you want to improve current 'status quo' behavior in v24.1, we kindly ask you to voice your opinion in the comments for this Support Center ticket, and describe your expectations for each use-case scenario (both design-time and runtime ListView configuration). Feel free to share screenshots and specific/actionable information. Please avoid posting "+1" or generic information, because it will not help us develop consensus or create the best possible solution to fully address the needs of the majority position.

Simplified Creation of Custom Blazor Property and List Editors

Currently, XAF Blazor developers must create intermediate Component Adapter, Renderer and other boilerplate classes. In v24.1, we want to reduce boilerplate code for many popular scenarios, and make it possible to create custom Property Editors much like XAF WinForms. Our newest Outlook Inspired Demo app contains many custom Property and List Editors, and it will be a good source of UX validation/comparison between v23.2 and v24.1 - please stay tuned.

Migration to the Native Blazor Report Viewer

In v24.1, XAF's Blazor Reporting Module will migrate from a JavaScript-based Report Viewer (DxDocumentViewer) to the native Report Viewer for Blazor Server apps (DxReportViewer). We are kind of fixing a technical debt here, because the native report viewer was introduced in 2021, and has a number of benefits for XAF Blazor developers:

  • Support of Size Modes and all Blazor themes 
  • Easier customization without JS using pure C#
  • Improved performance: Native implementation reduces load time and increases page navigation speed when compared to JavaScript wrapper based reporting tools.

Cross-Platform Enhancements

Before I move onto cross-platform enhancements, a quick reminder…XAF is fully extendable framework/constructor. You can incorporate Blazor and DevExtreme UI components, and by extension, customize XAF’s default UI today: More customization tips | Blazor UI (FAQ).

Entity Framework Core 8

EF Core 8 support will officially ship in v24.1 for XAF and associated Backend Web API Service. EF Core 8 is the latest version of Entity Framework.

While EF Core 8 offers numerous advantages over its predecessor (performance and customization included), it also introduced a series of breaking changes that we will need to address. To solicit feedback before official release in 4 months, we intentionally added preview (CTP) support of EF Core 8 in v23.2.4+

For more information about recent EF Core updates, refer to the following Microsoft document: What's New in EF Core 8 | EF Core 8 Breaking Changes | Performance Benchmarks for EF Core 8 vs XPO ORM.

Support of New .NET DateOnly and TimeOnly Types for EF Core 8 and Blazor/WinForms UI

As you probably read in the EF Core 8 breaking changes above, SQL Server date and time now scaffold to .NET DateOnly and TimeOnly. XAF Blazor and WinForms apps for .NET 6+ will update associated Date and Time Property Editors to support the new .NET types accordingly. The underlying Blazor and WinForms grid components will support operations with DateOnly/TimeOnly (sorting, grouping, filtering, etc.) - as will Criteria Language, Server Mode, and other underlying data access components for EF Core.

Cascade Deletion for Aggregated One-to-Many Collections in EF Core

With v24.1, XAF's Solution Wizard will include `modelBuilder.SetOneToManyAssociationDeleteBehavior(DeleteBehavior.SetNull, DeleteBehavior.Cascade);` in the OnModelCreating method of EF Core-based apps. This code will configure DeleteBehavior.SetNull for non-aggregated One-to-Many associations and DeleteBehavior.Cascade for aggregated One-to-Many associations respectively. Previously, XAF's Aggregated attribute was not considered by EF Core as it was for XPO ORM (and there might be exceptions in certain ListView scenarios).

Command Line Interface (CLI) Solution Wizard Templates 

XAF v24.1 will allow you to use the .NET command line interface (CLI) or the `dotnet` tool to quickly create XAF Blazor and WinForms apps from the console (without using XAF's Solution Wizard). This will be similar to the DevExpress Reports implementation: Use .NET CLI Templates.

This capability will be valuable for XAF developers using Microsoft Visual Studio Code (VS Code) or JetBrains Rider in both Windows and non-Windows development environments (like Linux or MacOS). Previously, these users had to first create XAF projects in Visual Studio for Windows using the Solution Wizard.

Since you will be able to create and modify DevExpress Reports in VS Code on macOS and Linux, the only missing puzzle for non-Windows XAF development is a convenient way to modify the Application Model. While the Model Editor is available only in Visual Studio for Windows, plenty of code-based options exist and are actively used by some XAF developers. Notwithstanding the visual capabilities of the Model Editor, XAF Blazor UI also includes great runtime customization capabilities much like in XAF WinForms. These capabilities address many popular Application Model customization scenarios. For more information, refer to the following post: XAF (Blazor UI) 2023 Highlights — 5 Unique Web Features Designed to Rival Windows Desktop Solutions

Automatic Code Error Diagnostics

We expect to add 5-10 new automatic Code Diagnostics. We hope this will save you time in Visual Studio or validate build quality using internal CI/CD workflows. If you have not yet enabled these pre-built code & project error diagnostics, we strongly recommend that you do so for your .NET 6+ projects.

Web API Service for XAF & Non-XAF UI Clients (Powered by EF Core & XPO ORM)

In v24.1, our Web API Service will support Multi-Tenancy for both EF Core and XPO ORM.

As you may already know, we officially released our Backend Web API Service in mid-2022 and have enhanced its capabilities and docs ever since. Our Web API Service has both FREE (basic CRUD) and paid features (such as reporting, audit trail, validation, file attachments, localization, etc). We also distribute many demo applications illustrating the use of free and paid APIs with .NET MAUIBlazor WebAssemblyJavaScript and even more (by paid features, I simply mean you must own a DevExpress Universal Subscription license).

To learn more about our Web API Service and determine whether it can be of value within your organization, please review the following blog post: Common Questions about the New DevExpress Web API Service (powered by Entity Framework and XPO ORM).

Security Enhancements

Single Sign-On (SSO) Support

Today, modern XAF Blazor and WinForms apps are integrated with many external systems within organizations. For instance, if an organization uses Microsoft 365, XAF apps are often available at https://myapps.microsoft.com/ among many other apps within this organization. Since XAF Blazor and WinForms .NET 6+ apps (both XPO and EF Core-based) support Microsoft Entra ID and other OAuth2 providers, organizations want/prefer XAF apps to share the same login details or authentication cookies with existing systems/services such as Microsoft Entra Single Sign-On (SSO). In v24.1, XAF apps will support SSO natively.

Said differently, organizations require the following: When a user is already authenticated within the organization (for instance, using Microsoft 365), XAF apps must seamlessly work with SSO. Currently, XAF developers have to implement custom solutions to modify XAF’s login form and authentication behavior to support SSO. Important SSO scenarios include, but are not limited to the following:

  1. If a user is NOT logged in within the organization, then XAF apps display a standard OAuth2/SSO provider logon form (just like Teams, Word or Outlook normally does for Microsoft 365). If a user was forced to sign out by administrators, then XAF apps should display the standard logon form as well.
  2. If a user is logged in within the organization (it can be another non-XAF app), then no XAF login form is displayed for the user and focus moves directly to the XAF app UI (by a link from an organization's `Apps dashboard` or via other methods). The logon procedure in an XAF app proceeds automatically behind the scenes (via API calls). XAF users should NOT be forced to explicitly press the “Login with Microsoft” in this instance, because SSO will "just work" as expected.
  3. If a user within the organization needs to undergo additional security checks after a user is already logged on (for instance, reconfirm MFA information via the phone after 30-60 days), then XAF apps must provide a clear and understandable standard OAuth2 provider UI and disallow any operations within XAF UI. For instance, Teams, Word or Outlook display modal dialogs to reconfirm your login details, before users can access and use these Microsoft 365 apps again.

Support of ASP.NET Core Identity and Other External Permission Providers and Storages

With v24.1, you can enable standard ASP.NET Core Identity framework capabilities in your XAF Blazor and WinForms apps powered by .NET 6+ and Entity Framework Core. This includes seamless integration of Microsoft.AspNetCore.Identity.EntityFrameworkCore and database-specific Identity packages like Microsoft.EntityFrameworkCore.SqlServer.

If you enable this opt-in feature in XAF’s Solution Wizard, your XAF project will generate `public class ApplicationUser : IdentityUser { /*...* /}` along with a preconfigured DbContext - both are integrated with XAF’s security system for authentication and authorization (role-based access control or RBAC). The link between XAF’s RBAC (type, record, and field-level permissions) is established through the generic IdentityRole and other EF Core data model classes, which are parts of the Identity data model. This Identity data model is mapped to the underlying databases with EF Core.

In addition to the Identity model and database storage, XAF customers will experience the following benefits:

  • Automatically access all standard Identity features such as Single Sign On (SSO), endpoints to register new users (example), restore password, and other Microsoft implementations (or future .NET implementations). 
  • XAF-specific permissions are serialized as JSON, and are stored in IdentityRole-related tables. For advanced scenarios, XAF developers can implement a custom permission provider, for instance, to synchronize user permissions and roles with an external service instead of the Identity database (technically you need to pass JSON between your XAF app and external endpoints).
  • The amount of security configuration code in your XAF project will also be minimized: builder.Services.AddIdentityCore<ApplicationUser>() .AddEntityFrameworkStores<AppDbContext>() .AddApiEndpoints();
  • If you already have external projects, which used EF Core and Identity, then XAF’s integration will become much easier as well. It will be easier to add developers to an XAF-powered project as well, because EF Core and ASP.NET Core Identity frameworks are used by millions of .NET developers.
  • XAF will continue generating its standard logon and CRUD UI screens for Identity users and roles, and allow you to edit XAF’s permissions for these roles.
  • You can also refer to your ApplicationUser class in other data models (for instance, to implement the CreatedBy or ModifiedBy properties). Standard criteria functions such as CurrentUserId, IsUserInRole and others will function as well.
small

Middle Tier Security for WinForms Apps: Multi-Tenancy and OAuth2 Support 

In v24.1, XAF WinForms apps (.NET 6+) with Middle Tier Security will natively support OAuth2 providers and Multi-Tenancy

As we described in our Security Considerations document, Windows desktop apps can better meet enterprise security standards with our Middle Tier application server. With our solution, EF Core or XPO developers can retain their standard DbContext or Session and initiate remote connections to a data store from any .NET client (like XAF WinForms or non-XAF apps). This capability is critical within certain environments/business apps (those that cannot maintain direct database connections because of security considerations).

I want to stress an important point: Non-XAF EF Core or XPO developers can benefit from our Middle Tier application server and preserve DbContext or Session with their entity data model (learn more). This is especially critical for many desktop .NET developers (WinForms, WPF, WinUI, etc.), who are now required to meet higher security standards. In a nutshell, these developers need to either retrofit/modernize their "fat clients" for Windows (#1) or redo everything from scratch using modern Web technologies and Cloud services (#2). Our Middle Tier Security allows you to choose the "easier" and potentially more reliable route (#1), and to "replace" direct database connections with middleware. Review the following code snippet for more information in this regard:

var httpRemoteRepository = new HttpRemoteRepository(httpClient, typeof(EFCoreDbContext).FullName);
var optionsBuilder = new DbContextOptionsBuilder<EFCoreDbContext>();
optionsBuilder.UseMiddleTier(opt =>
    opt.UseRemoteRepository(httpRemoteRepository));
optionsBuilder.UseChangeTrackingProxies();
optionsBuilder.UseLazyLoadingProxies();
var dbContextOptions = optionsBuilder.Options;
var dbContext = new EFCoreDbContext(dbContextOptions);
var users = dbContext.Employees.ToList();

Middle Tier Security for WinForms Apps: Enhanced Performance and Usability

XAF WinForms with Middle Tier Security will execute much faster in v24.1 (we will share exact numbers close to the official release in June).

In addition, it will now be possible to call the new SetPropertyValueWithBypassSecurity method from within your BaseObject descendants to bypass security checks for certain protected properties in your internal application logic (custom base classes are also supported).

This capability is especially valuable to XAF developers when you wish to set service properties like CreatedBy, ModifiedBy, CreatedOn, UpdatedOn, etc. - our Audit Trail and Model Difference modules operate using a similar mechanism. The SetPropertyValueWithBypassSecurity method can freely set protected properties on behalf of a restricted/regular user in code much like an application administrator - without having to know admin credentials (like impersonation for service tasks).

public override void OnSaving() {
    if (ObjectSpace.IsNewObject(this)) {
        SetPropertyValueWithBypassSecurity(nameof(CreatedBy), GetCurrentUser());
    }
    else {
        SetPropertyValueWithBypassSecurity(nameof(UpdatedBy), GetCurrentUser());
        SetPropertyValueWithBypassSecurity(nameof(UpdatedOn), DateTime.Now);
    }
    if (!IsRunningOnMiddleTierServer()) {
        // ...
    }
}

As you probably know, this is a long-requested option for many XAFers - an option that prevented full migration from Integrated Mode to Middle Tier Security (because CreateNonsecuredObjectSpace and other workarounds were inconvenient). The SetPropertyValueWithBypassSecurity also includes certain limitations like calling this method is only supported from inside BaseObject.OnSaving (for the best security) or the bypassed property cannot update other protected properties internally. We are of the opinion that this new option will cover 80% of popular use-cases. Along with associated performance enhancements, this was the last step before we could enable Middle Tier Security in XAF WinForms apps in the Solution Wizard by default. Hopefully, XAF developers will find these new capabilities sufficient to switch to Middle Tier Security as well.

Your Feedback Matters

Thanks,
Dennis Garavsky
Principal Product Manager
dennis@devexpress.com


Viewing all articles
Browse latest Browse all 148

Trending Articles