Blog posts of '2015' 'July'

nopCommerce ERP FSD WeService

General description

The Web service will be implemented by using Web API.

For safe operation with a web service an asymmetric encoding will be used. The NopCommerce plug-in and web service will have two pairs of public and private keys for encoding of outgoing and decoding of incoming requests.

For security reasons, the encrypted token will be sent as one of the parameters. The nopCommerce plugin or a web service will decrypt a token and compare it with a standard one and if they are the same, it will decrypt other parameters.

The user will be able to set up a public key 1, a private key 2, a token and a web service url for a plugin on a plugin configuration page in the admin area of NopCommerce.

Also a developer will be able to set up a private key 1, a public key 2 and a token for a web service in a web.config file.

All web service actions will take parameters in a json format from a Request.Content { byte[] Data, byte[] token }. The response will be sent in the same format.

Data will be represented by an object serialized in json and encrypted by the public key.

Token will be a string that has been encrypted by the public key.

Encryption / decryption will be performed using the RSACryptoServiceProvider.

To generate a key pair the developer can use

using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider()) 
{ 
publicKey = rsa.ToXmlString(false); 
privateKey = rsa.ToXmlString(true); 
} 

The developer can work with JSON using the JavaScriptSerializer

An algorithm of generating data to be send:

Create an object

public class MyClass 
{ 
public int ProductId; 
public int Quantity; 
} 
MyClass dataObj = new MyClass {ProductId = 10, Quantity = 100}; 

2) Serialize an object using the JavaScriptSerializer

var serializer = new JavaScriptSerializer(); 
string message = serializer.Serialize(dataObj); 

3) Encode a data and a token and create an object for sending

using (var rsa = new RSACryptoServiceProvider()) 
{ 
rsa.FromXmlString(publicKey); 
encryptedData = rsa.Encrypt(Encoding.UTF8.GetBytes(message), true); 
encryptedToken = rsa.Encrypt(Encoding.UTF8.GetBytes(token), true); 
} 
public class MyParam 
{ 
public byte[] Data; 
public byte[] Token; 
} 
MyParam param = new MyParam { Data = encryptedData, Token = encryptedToken}; 

4) Serialize the object using JavaScriptSerializer

string result = Serializer.Serialize(param); 

5) Send the result.

An algorithm for receiving data:

1) Get the data from the request content

string contentResult = string.Empty; 
Request.Content.ReadAsStringAsync().ContinueWith((task) => 
{ 
contentResult = task.Result; 
}); 

2) Deserialize a json string to object

var serializer = new JavaScriptSerializer(); 
MyParam encryptedData = serializer.Deserialize<MyParam>(contentResult); 

3) Decrypt the token

using (var rsa = new RSACryptoServiceProvider()) 
{ 
rsa.FromXmlString(privateKey); 
var token = Encoding.UTF8.GetString(rsa.Decrypt(encryptedData.Token, true)); 
} 

4) Compare the resulting token to the original. If they do not match, then send an error message. If they match, go further.

5) Decrypting data

string dataStr = string.Empty; 
using (var rsa = new RSACryptoServiceProvider()) 
{ 
rsa.FromXmlString(privateKey); 
dataStr = Encoding.UTF8.GetString(rsa.Decrypt(encryptedData.Data, true)); 
} 

6) Deserialize the final json to an object

MyClass dataObj = serializer.Deserialize<MyClass>(dataStr); 

Actions

Bellow you will find actions which the nopCommerce plugin will call. For convenience, the parameters are taken in an open format, but we must understand that it will be encrypted JSON.

When the user adds a product to a cart, the plugin sends a request to a web-service. For example, the plugin calls a remote method AddUpdateProductToCart.

AddUpdateProductToCart

Input parameters:

· Product ID – a NopCommerce product identifier.

· Quantity –product quantity.

Output parameters:

· Status – true, if necessary quantity of products is available, false – if not available.

· Product ID – null.

· Stock quantity – null.

If Status is equal to value false, then the following should be added to output parameters

o Product ID – a NopCommerce product identifier;

o Stock quantity – a product quantity which is available.

Description:

The method verifies the value Stock quantity for the specified product ID and compares this value to the quantity parameter.

If the quantity in Stock is less than the user wants to add to his cart, then the operation is canceled and the user is shown an error message indicating the maximum amount of products that can be added. If the answer is yes, then the item is added to the basket.

When the user changes the quantity of the products in the basket, the plugin sends a request to the web service, causing AddUpdateProductToCart.

If the quantity in Stock is bigger than the user wants to add to his cart, then the product quantity in the basket will be changed. If the Status is false, then the product quantity in the basket will remain the same, with indication of the maximum amount that can be added.

When a user makes a purchase and clicks Checkout, the plugin sends a request to a web service to the remote method CheckoutCart.

ChecoutCart

Input parameters:

· List<Product ID, Quantity> - a list of NopCommerce product identifiers and quantities.

Output parameters:

· Status – false, if the request can't be satisfied (at least one of the product has lower amount of quantity in stock), true – if all products are available.

· List<Product ID, Stock quantity> - null.

If Status has a value false, then the following should be added to output parameters

o List<Product ID, Stock quantity> - a list of products and quantities that are available.

Description:

Checks values ​​Stock quantity for each product from the list and compares them with the values ​​of quantity.

When a user submits a request and clicks Confirm, the plugin sends a request to a web server to the remote method ConfirmOrder.

BeforeConfirmOrder

Input parameters:

· List<Product ID, Quantity> - a list of products identifiers and their quantities.

Output parameters:

· Status – false, if the request can't be satisfied at least on one point, true – if all products are available.

· List<Product ID, Stock quantity> - null.

· ERP Order ID – a ERP order identifier.

If Status has a value false, then the following should be added to output parameters

o List<Product ID, Stock quantity> - a list of products and their quantities that are available.

Description:

Checks values Stock quantity for each product from the list and compares them with the values of quantity. If all of the products are available, the service fills an order for a specified list of products and it reserves products.

AfterConfirmOrder

Input parameters:

· ERP Order ID - a ERP order identifier.

· NC Order ID – a NopCommerce order identifier.

· NC Order status – a NopCommerce order status (Pending, Processing, Complete, Cancelled)

Output parameters:

· Status – true, if a data is successfully received.

Description:

It adds a NopCommerce order identifier and status to a ERP order.

ChangeOrderStatus

Input parameters:

· NC Order ID – a NopCommerce order identifier.

· NC Order Status – a NopCommerce order status (Pending, Processing, Complete, Cancelled)

Output parameters:

· Status – true, if the order is sent to a customer.

Description:

It changes the order status.

To periodically synchronize the items in the plugin the Scheluled Task will work. This task will call a remote method SyncProducts.

SyncProducts

Input parameters:

· List<Product ID> - a list of products identifiers.

Output parameters:

· List<Product ID, Stock quantity> - a list of products and their quantities that are available.

Description:

Receives a value Stock quantity for each NopCommerce Product ID from ERP, generates a list of products and their quantities and sends back.

Sitecore for marketing specialist

It is extremely difficult to overestimate a website and a corporate site as an important marketing tool. We find information on the web, we are engaged in a dialogue, and maintain communication with colleagues and close ones; and, the main thing, we also make choice on the network. Feedback, promotional materials, advertising campaigns, information on the website — all that leads the customer to informed choice of a product or a service, and marketing is assigned with the task to competently analyze and manage all types of online communications with the customer.

At the dawn of the Internet, the first content management systems proposed purely editor’s role to marketing specialists. Wrote a text, and then published. Today, a similar approach to work with the corporate site does not add value at best and, at worst, makes a lot of harm. Namely, the unique trade offer of Sitecore has been built on such understanding.

It is the adequacy to up-to-date challenges and vision of strategic task solutions for marketing that Sitecore is chosen by market leaders. The developers of this platform are focused on presentation of a wide range of possibilities, tools, and methods in the simplest possible manner.

Sitecore combines the classical system for content management (the same “wrote – published”), as well as an expanded analytical tool kit and a set for marketing automation. All that is rather easy to use, a marketing specialist being the high-priory target audience for Sitecore.

One of the platform parts, web analytics, helps understand who visits the corporate site and what their aims are. Beside the standard functionality, like geography of the site visitors, it is possible to learn what visitors have been looking for, the results they have achieved, and the content, appearing to be the most useful. All that is undoubtedly important for understanding conversion processes and, with the help of reporting systems, assists in getting the comprehensive view of the current situation, as well as in reacting to it immediately.

For Sitecore, it is important not only to analyze users but personalize content in compliance with the user profile. Sitecore reveals compliance with the profile assigned and shows only personalized content. Example: by previous actions, the digital marketing system will determine whether you a man or a woman, and will offer only men’s or women’s products in the campaigns’ part of the page.

Detailed user profiles with personalization of the content will lead to increase in conversion and resource loyalty — the site satisfies all requirements and speaks one language with them.

When marketing is assigned with the task to generate demand and increase the number of visitors, various advertising campaigns can be used. Undoubtedly, it is important to track the analysis and efficiency of such campaigns, in order to adjust targets and save the budget. Sitecore enables to learn the actual ROI for such campaigns. The marketing toolkit helps obtain target indicators and fix conversion up to the level of individual sessions. Online campaigns, context advertising systems, media advertising on partner’s sites — individual sessions are linked together through global cookies so that marketing could get a comprehensive view of each user profile, history of their visits, and preferences.

Besides, one of Sitecore components enables to hold multi-variant and A/B-testing of different parts of the page that will allow marketing make informed choice in favour of the successful solution and accept the best possible variant.

Nestle, Siemens, Toshiba, Mazda, and many other leading international companies have made the same informed choice in favour of Sitecore. Like any other complicated technological product, Sitecore requires expertise and attention to details at the stage of development, migration, and integration. The high level of IT Partner team proved by practice allows utilizing Sitecore functionality with maximum efficiency. And this, in its turn, helps the company marketing broaden its capabilities and gives undisputable competitive advantage in gaining customers.

Sitecore for IT Director

At the present stage of development, IT department faces the task of providing the company with necessary IT services. One of the marketing needs – the efficient corporate resource - requires development and on-going support by efforts of IT specialists. In fact, it is one more additional IT service that also needs to be managed and maintained. Sitecore understands it and offers the most weighted and balanced solution to IT directors for organization of the corporate resource or a group of the company websites.

Security

Sitecore utilizes the security model of .net-applications and includes tools for user authentication and authorization, as well as tools for handling authenticated users within the application. One of the key guarantees for providing security is Microsoft technology stack, the Sitecore platform being based on. Windows Server tools allow for creating the maximum secure environment for the corporate resource hosting. For Microsoft, such issues are of high priority: vulnerabilities being remedied and problems fixed in a timely manner. Products are provided with high-quality technical support and continuous updates.

Besides, own tools have been implemented in Sitecore to restrict access for different user categories to work with the platform. The administrator has always the possibility to create necessary user roles and assign specific permits for work with the platform.

Scalability

Sitecore architecture allows adding power and fault-tolerance with minimal financial costs and time. From the very start, Sitecore has been developed with regard to needs of large companies and, today, it is capable of servicing thousands of simultaneous user requests. The platform provides cluster support for high load resources and a convenient management console for a large number of separate websites. All that allows the company, without serious investments into the structure, grow and expand its presence on the Internet. Besides, Sitecore supports Amazon EC2 and Windows Azure cloud platforms.

Integration and development

An important Sitecore advantage will become integration with the current infrastructure of IT services that have already been deployed in the company. So, the modular Sitecore architecture will enable to integrate the content with Sharepoint Server, and open API-interface of methods and classes - to implement any necessary interaction within the company processes without any extra efforts. The Sitecore Data Providers subsystem implements connection to database, Web service or external system, and will allow working with content, as if it were the internal documents of Sitecore.

.NET-developers will appreciate the initial support of Visual Studio with Intellisense. Sitecore discloses the entire event model and enables to adjust request processing, using the capabilities of open pipeline architecture. The support of the newest .net-functions and strict separation of content from representation will become an additional means for increase in the developer's labour productivity.

IT Partner

Our company has gold and silver Microsoft competencies in the number of key infrastructure technologies, including Server Platform, Data Platform, and Software Development. Considering experience in work with Sitecore, including in the large and sophisticated “Skolkovo” project, the status of the first official partner in Russia, and availability of certified developers, we are able to provide high-quality embedding of Sitecore platform, development and adding the necessary functionality, and the follow-up technical support.

My favorite Sitecore features

This article enlists some of my favorite peculiarities of Sitecore platform. It’s just the list of features I like in Sitecore. No assigned order or priorities here.

Asp.net

Sitecore is built over the platform of ASP.NET WebForms that allows using finished classes and controls. In the latest version, Sitecore has added support to dynamically developing ASP.NET MVC framework.

In fact, Sitecore can be described as ASP.NET extension that provides a number of additional functions:

  • 1. graphic interface;
  • 2. analytics;
  • 3. CMS capabilities (layout management, workflow, versioning, translation, publishing).

Expandability

Expandable architecture is one of the main things that distinguishes Sitecore among other CMS. In fact, CMS can satisfy any requirement of an organization. It’s important, as every customer can expand CMS, by adding functions they need. Expandable architecture is especially useful for performance of integration tasks with other systems; so, for example, integration modules for SharePoint, CRM, Word, Visual Studio etc. have been developed for Sitecore

Sitecore is built on the basis of pipeline architecture. Developers like such architecture: after getting acquainted once with pipeline architecture, you fail to understand how you could work without it earlier. It’s especially important when it is necessary to expand the functional capabilities of the enterprise-level system. It is also important that beside pipeline in Sitecore one can manage events, processes, and data providers. It is possible thanks to the fact that in Sitecore you can override any entity in web.config or in files included into web.config. So, it is possible to override the existing operations, develop own application (by using Sitecore user interfaces), add functions, data type or a new pipeline.

Presentation components

A decent engine has been implemented in Sitecore to manage layouts that separates content and presentation levels. All components of the presentation layer (xsl rendering, sublayouts(ascx), web controls, method rendering) comprise caching configurations that allows tuning the system and enhances its performance by way of installing caching checkboxes on frequently used components.

In Sitecore, developers are initially geared to designing finished components. The components themselves become easily adjusted. I would like to pay special attention to the possibility to write controls with the help of xslt. The possibility is trivial but implemented by far not in all CMS… Thanks to xslt, any person who knows Html can assemble a simple site based on Sitecore.

Analytics

This system module shifts the focus of development to analytics. The functions embedded initially in the system allow obtaining daily reports on achievement of marketing purposes, on whether both a new functionality and the system in general being in demand. Such functions enable to manage development and adjust marketing activities on instant-feedback basis. The possibility arises to automate works with the customers, display the content they are interested in based on actions performed by them in the system for the last year. It is possible to form the page content based on the customer geographical location or profile settings (sex, date of birth, etc.). Sitecore analytics is expandable in the same manner as Sitecore itself. For example, you can install charge-free heatmap module for analyzing usability of the site pages that allows display places on the page where a user clicks a mouse and where not. Moreover, it is possible to track actions either of all the users or of a defined group.

Modules

A great plus of Sitecore are modules written for this CMS (over 200) both by Sitecore itself and its partners. At that, about 90% of the modules are distributed charge-free and can serve an excellent base for development of own components. So, for example, if you wish to support several versions of the site language and, in so doing, you do not want to spend serious resources on a translator, then you can install Item Translator and with the help of Bing or Google provider make primary translation of your site in 1 click.

We would like to mention separately Web Forms For Marketing module that allows for creating a finished form within several minutes; meanwhile, customization options for such form are practically unlimited. In order to create forms, you don’t need any programming skills: it will be enough to set up necessary fields, select required validators, assign a topic, and post necessary actions to ‘send data to Sitecore’ button. In addition, a comprehensive list of possible actions has already been assigned in the module that can be used by selecting the required from the list. In this manner, one can save the results of the form filling to the database, send them by email, perform bulk mail-out to the subscribed users, send SMS or MMS, create an interest in CRM, calculate analytical indicators, and personalize the content to be displayed for the user. Also, it will be rather easy to add new actions or validators into the form.