Creating the first Super Admin account from CLI

We made a small but significant change in the Anahita installation workflow. We added a site:signup command to the CLI tool so you can create the first account from the command line. 

Signing up from the user interface signup form will set the user type to registered by default. 

We first implemented this feature for our upcoming 4.6.0 release in the nohtml branch, but we decided to give you this feature in the 4.5.2 release because it will make your life a bit easier.

#Anahita #Installation #Signup #SuperAdministrator #CLI

Rastin Mehr

Rastin Mehr

Preventing a php shell upload attack in your custom apps

A common form of attacks in applications that allow file upload is when you enable unrestricted file upload without checking the file type against a restricted list of mime-types in your back-end code. 

In the Anahita default installation, the only file uploads happen when a user uploads an avatar, cover image, or photo. In all cases, only certain mime types are allowed. If you are developing custom applications for Anahita that enable file uploads for videos, sound files, or documents, you MUST check the file type in your back-end code and allow only a specific list of mime-types. 

Otherwise, someone could try uploading a PHP shell file that exposes critical information about your server.

Another important tip is to use AWS S3 for storing your uploaded files. The storage is much cheaper, and the performance is much better, but a PHP shell file cannot execute in an AWS S3 bucket. Anahita, by default, stores the uploaded files in the assets directory in the root of Anahita. Use that o...

Do not use Anahita for spreading misinformation

Years ago, when I used to be in the Joomla team as a development group member, I came across a Joomla-powered website launched by the Iranian government to dox people who participated in the green movement protests against the theocratic regime. I remember how sick I felt in the stomach and how appalled I was. Here I was volunteering my programming skills and code for a good cause only to see some of the worst people in the world use our code for despicable purposes. That's when I learned a lesson about the dark side of open-source software; that everyone, even the bad guys, can download and use it.

After launching the Anahita project and community, I figured that it would only be a matter of time for the wrong people to start using our code. This week, I was saddened to find out that at least one Anahita installation out there has been spreading misinformation and conspiracy theories as a "Free Speech" platform. Fortunately, their site is currently down.

During the last year, many ma...

Rajkumar Mundel liked this
Anahita 4.5.0 Birth Release Is Out

Anahita 4.5.0 Birth Release is out

We tagged the 4.5.0 release yesterday. What's significant about this release is the improved JSON REST APIs for essential operations such as signup, authentication, password recovery, Actor profile settings, and Site Settings.

As you know, Anahita has been moving towards a Client-Server architecture. We are developing a client-side React application for Anahita. We are already using stable variations of this app in public and private platforms that we have implemented for our clients. We are also developing an open-source version of the Anahita React app for our community.

How to upgrade

If you are using the code in the master branch, do a git pull to obtain the latest code. If you are using a stable version of the Anahita, go straight to typing the following commands in the root of your Anahita installations: 

$ composer update

$ php anahita site:configuration

Then using vim or an editor of your choice, edit the configuration.php file in the www directory, and set:

var $client_domain = "...

Rastin Mehr

Rastin Mehr

Anahita 4.4.4 Birth Release is out

We have just tagged the 4.4.4 Birth release. This version comes with improved REST API for Site Settings and Actor Settings. We have also fixed several bugs.

We have been busy working on the Anahita React app and, through this process, improving the REST APIs in Anahita. 

How to upgrade

If your installation is from the master branch:

$ git pull

$ php anahita db:migrate:up

else, if your installation is from the latest stable release:

$ composer update

$ php anahita db:migrate:up

If you have any issues through the upgrade, please start a topic in the Tribe Support group so we can help you out: https://www.getanahita.com/groups/107732-tribe-support

#Anahita #BirthRelease 

Site settings JSON views

Until now, site configurations didn't have a JSON view for Browse and Read methods, and that made it impossible to manage site configurations from a client app. 

We added those JSON views in the site settings component, and the code is in the master branch. We are still refining the output as we are developing the UX and UI in the Anahita React app, so we appreciate your patience until we tag a new release. On the other hand, you can build site management workflows in your clientside apps for mobile, desktop, and web. 

#SiteSettings #SiteConfigurations #AnahitaReact #JSON #API #RestAPI

Setup Anahita-React and Anahita Backend as API on Digital Ocean

This article will help developer to setup Anahita ReactJS and Anahita as Backend service on Digital Ocean droplets.
Rastin Mehr liked this
Rastin Mehr

Rastin Mehr

Anahita 4.4.1 Birth Release is out

This update contains some critical security updates, so we advise you to update your Anahita installations. We have also improved the overall security of the Anahita domain entities. 

For those of you who have custom Anahita apps on your system, you may need to update them. Here are the changes that you need to make:

What's new

We are now supporting Amazon S3 Regions. When you upgrade your installation, go to Settings Plugins Storage Amazon S3 and select the Region for your AWS S3 bucket.

We are also using 2 Google API keys for Geolocation and Google Maps APIs. That is because Anahita does geolocation on the server-side while the maps pass the key on the client-side. You can technically reuse the same key for both services, but you may want to use two different keys with different constraints. Go to Settings Apps Locations and update the keys. 

How to update

Go to the root of your Anahita installation and run the following commands:

$ composer upd...

2 people liked this
Rastin Mehr

Rastin Mehr

What are the changes in Anahita 4.4.1

Anahita 4.4.1 Birth release provides several security fixes and enhancement. For those of you who are developing custom apps for Anahita, you need to be aware of these changes. 

Signup endpoint has changed

The REST endpoint for signing up a new person is now a POST request to https://www.yourdomain.com/people/signup.json

String attribute validations

We have improved field validation in Anahita entities, and you can enforce minimum, and maximum length constrains to an entity attribute. To follow a convention, we are using the numbers: 3-30, 8-80, 10-100, 1,000, 5,000, and 40,000. Here is an example of how to use limit constrains in the Person entity: 

https://github.com/anahitasocial/anahita/blob/master/src/components/com_people/domains/entities/person.php#L55

Default selected Item in configurations forms

In the component or plugin configuration files, we used to use the term default for the selected item in a list. We are now using the term selected, which is more appropriate for lists....

Umesh liked this

It's time to update to OAuth 2 and support more services

Just a heads up that the LinkedIn OAuth is no longer working because we need to update it for OAuth 2. 

We also want to move away from the facebook clone type consumer social networks and customize Anahita for knowledge sharing and open science applications. Therefore, we want to add support for additional providers such as Google, GitHub, and GitLab. The development will take some time, but it will be perfect for Anahita. 

Ideally, we would want to have the Anahita Connect app to be both a consumer and provider of OAuth service. We can not only authenticate Anahita users against external services such as Google or Github but also turn Anahita itself into an OAuth provider. 

We may decide to remove support for Facebook for several reasons. For example, Facebook is very much a consumer service and not being used professionally in the science and education world. They also have a poor track record in terms of privacy and data collection. 

#AnahitaConnect #OAuth

Scaling Up Anahita

Scaling Up Anahita

People have asked us about how to scale up Anahita for hundreds of thousands or more users, also about a micro-services version of Anahita. No cloud application can by default scale up to a large number of users. Traditionally, Software-as-a-service or SAAS projects achieved this by throwing hardware and computing power at their production server. Today they use a dev-ops and release engineering infrastructure.  

Reimagining Anahita as a microservices architecture

Two common technologies that we can use today are Docker and Kubernetes. Docker allows us to run Anahita, MySql Database, and other parts of a setup in individual containers. A group of Docker containers that communicate with each other is a cluster of containers. At the moment, Anahita is a monolith application. We want to move towards a micro-services architecture. In this article, I want to outline the first few changes that could make this leap happen.

A Client-Server Architecture

Moving towards a client-services archite...

Rastin Mehr

Rastin Mehr

Anahita 4.4.0 Birth Release Is Now Available

Anahita 4.4.0 Birth release is now available

We just tagged this release on Github. It doesn't provide any new features, but some significant changes in the core framework has happened that are essential for those of you who are building custom applications for Anahita. 

How to upgrade

We have merged all the parts that we were using from the legacy Nooku and Koowa frameworks and removed most of the unused code. This has made the Anahita framework API consistent everywhere. So basically:

  1. All classes and objects prefixed with "K" or now prefixed with "An"
  2. All instances of "koowa" in the identifiers are now "anahita"
  3. All instances of "KOOWA" constants are now "ANAHITA"
  4. In the www/configuration.php file, "AnConfig" is now "AnSiteConfig". That's because once we merged the KConfig classes as AnConfig, it interfered with the AnConfig in the config file.     
IT IS IMPORTANT that you update any custom apps or templates in your existing Anahita installation to reflect those changes. There are no database schema changes in this release, s...
Unknown Person liked this
Rastin Mehr

Rastin Mehr

Welcome To All Consistent Anahita Framework

Welcome to all consistent Anahita framework

We just reached an important milestone for Anahita. All the Nooku Koowa code which was being used are merged with the Anahita framework and most of the unused code has been removed. 

Our framework is now nice and consistent and no more confusions between "K" and "An" prefixes as well as "koowa" and "anahita" identifiers. Now all the class prefixes are "An" and wherever we had "koowa" it is "anahita". 

This release will be tagged version 4.4 because all your custom apps need to be updated to accommodate the recent changes. 

Our special thanks to the Nooku team for we couldn't have made it this far without their framework. 

Now while we're at it, could you please test installing from the master branch and let me know if everything is working properly? Thank you! 

#Anahita #Framework #nooku #koowa

Unknown Person liked this
Rastin Mehr

Rastin Mehr

Where Is Anahita Heading To? The Action Plan

Where is Anahita heading to? The Action Plan

I started an article reflecting on Anahita's history and goals. It was supposed to be just a paragraph, but it grew to become an independent blog post. Apparently, I like to ramble on when it gets to talking about Anahita. You can find the published article here:

TL;DR after building a learning management system for an old-school education company, I was inspired to build a more democratic and distributed online learning and knowledge sharing platform. I left my job, focused on my new company, grew a team, got down to coding. At the time we thought social networking was the solution to all humanity's ailments, but then alternative facts, click-bait content, and extremist ideas started spreading around on mega giant social media. After some reflection, we decided to focus on building tools for open science and data. Our goal is to make Anahita the lightest viable unit required to set up a knowledge sharing and collaboration platform. We want brutal minimali...

3 people liked this
Rastin Mehr

Rastin Mehr

Where Is Anahita Heading To?

Where is Anahita heading to?

It's been a while since I've written about the direction to which the Anahita project is heading towards. A lot of research and silent development has been happening during the last year with a focus on maintaining the existing codebase while planning the upcoming releases.

The idea of Anahita came to me over a decade ago when I was working as the lead architect of a software project to develop a Learning Management System for K12. The system we built closely resembled the traditional education model. After we launched and used the system for a while with a large number of schools in the US and Canada, I went through the survey results. The responses indicated that we've been enforcing an archaic education model via technologically challenged administrators and teachers to students who had the least power and most technical aptitude within that environment. During the same time, I was involved with an open source project called Joomla. Collaboration with other open source developers ...

Unknown Person liked this
Rastin Mehr

Rastin Mehr

Anahita 4.3.14 Birth Release is out

This is a maintenance release that fixes the issue with video player styling and comes with some refactored code as well. 

Change Log

  • fixed: plyr styling
  • changed: KException to AnException

to get the update run the following command in the root of your Anahita directory:

$ composer update

If you had any questions, please start a topic in the Tribe Support group: https://www.getanahita.com/groups/107732-tribe-support

#BirthRelease #MaintenanceRelease #Anahita #plyr 

Rastin Mehr

Rastin Mehr

Anahita 4.3.13 Birth Release is out

This is a maintenance release that addresses a number of issues in php 7.2.8 and MySql 5.7. You will also notice a slight speed boost and new video player in the posts. To update, simply run the following command in the root of your Anahita installation:

$ composer update

If you have experienced any issues, please start a topic in the Anahita Tribe Support group: https://www.getanahita.com/groups/107732-tribe-support

My special thanks to Nick Swinford @nicholasjohn16 for testing, reporting, and providing patches.

#Anahita #BirthRelease #php7 #mysql

Anahita 4.3.12 Birth Release Is Out

Anahita 4.3.12 Birth Release is out

This is a maintenance release with a number of fixes in RESTful APIs, OAuth for Twitter and facebook, and a number of improvements and cleanups in the core library. The only new features that we've added is in the Articles app. You can now upload a cover for a published article. You can see the change log for more details: 

https://github.com/anahitasocial/anahita/blob/master/CHANGELOG.md

How To Upgrade

IMPORTANT NOTE: make a backup of your database before upgrading so if things went wrong, you would be able to recover. 

Now run the following command in the root of your Anahita installation:

$ composer update

then run the database migration:

$ php anahita db:migrate:up

that should do it.  

If you are using the master branch, you need to pull the code and then run the database migration. 

Need Help?

Please post your questions in the Support Group and we'll be happy to help you: https://www.getanahita.com/groups/107732-tribe-support

Credits

Special thanks to @nicholasjohn16 @scott @robsaric ...
Using Articles For Blogging

Using Articles for blogging

We've decided to start using the articles in the Atrium group as our blog and retire our Worldpress blog.
4 people liked this

Happy GDPR day

Happy GDPR day! Here are some notes about how we treat your data.

Powered by Anahita