Using Kendo UI for JSP in a simple JSP file

In this post, I would like to introduce how to use Kendo UI for JSP in simple JSP page. In this example, I use NetBeans 8.1.

First, extract the Kendo UI for JSP zip file.
Launch NetBeans 8.1, select File - New Project, then select JavaWeb, click Next.
Give the project name as you wish, then click Next.
NetBeans will ask the Application Server we're gonna use, Java EE version, etc., we can leave these configurations as is, and click Finish.

Create a new folder named resources under Web Pages node, copy the javascript and css folders (from js and styles folder respectively of extracted Kendo UI for JSP zip file) to this new folder.

Add the JAR file (kendo-taglib-2015.3.1111.jar) from wrappers\jsp\kendo-taglib folder into libraries node.

Create a new JSP file, add JSTL configuration as shown below, then add references to Kendo UI javascript and css.

Run the application, you can see the Kendo UI widgets are displayed.

Prevent K2 SmartForms from automatic sign-in

If you build an application using K2 SmartForms and using its runtime URL to browse the application, by default K2 SmartForms will automatically log in using current Windows user credential.

Sometimes we want to prevent this default behavior occurs and users must enter their credential manually to log in to K2 SmartForms application. To do this, we have to alter K2 SmartForms configuration in IIS.

Open IIS in K2 SmartForms server, choose Runtime website, then select Authentication.

Click Forms Authenticaiton and click Edit.

a dialog window will be opened. Observe the Login URL field, change its content to ~/Login.aspx. By default the login URL field content is _trust/Login.aspx

Click OK to save configuration. Recycle the application pool that K2 SmartForms is using, then try to browse the runtime URL, a login page will be appeared.

You can log in using domain credential to log in to K2 SmartForms Runtime environment.

Menggunakan ADO.NET Parameter

Seringkali saya menjumpai developer menggunakan string concatenation seperti ini untuk melakukan query ke database.

conn.Open();

using(var cmd = conn.CreateCommand())

{

  cmd.CommandText = "select * from employee where kode='" + txtUserName.Text + "'";

  var reader = cmd.ExecuteReader();

  if(reader.Read()) 

  {

     //bla bla bla

  }

}

Code di atas (untuk kondisi tertentu) memang dapat dijalankan dengan baik, dan saya akui kadang sayapun melakukan hal tersebut (karena kepepet deadline).

Sebenarnya code di atas punya celah keamanan yang kurang baik, yaitu sangat rentan dengan serangan SQL Injection.  Selain itu code di atas tidak dapat menerima input pada txtUserName.Text yang mengandung single quote.

Saya tidak akan membahas lebih detail tentang SQL Injection di sini, melainkan saya mengajukan solusi untuk menghindari penggunaan string concatenation seperti contoh di atas, yaitu dengan menggunakan ADO.NET Parameter.

 

Keuntungan penggunaan ADO.NET Parameter ini adalah:

1. Code yang kita tulis terbebas dari celah keamanan SQL Injection

2. Input parameter dapat berupa teks yang mengandung single quote (‘) maupun double quote(“).

 

Cara penggunaan ADO.NET Parameter, adalah dengan menggunakan collection property Parameters dari object Command.

Berikut contoh di atas yang ditulis ulang dengan menggunakan ADO.NET Parameter:

 

conn.Open();

using(var cmd = conn.CreateCommand())

{

  cmd.CommandText = "select * from employee where kode=@kodeuser";

  cmd.Parameters.AddWithValue("@kodeuser", txtUserName.Text);

  var reader = cmd.ExecuteReader();

  if(reader.Read())

  {

    // bla bla bla

  }

}

Perhatikan penggunaan method AddWithValue pada contoh di atas:

1. Parameter pertama dari method tersebut adalah nama parameter yang digunakan di dalam query SQL, dan parameter kedua adalah value yang ingin diberikan ke dalam query.


2. Setiap parameter di dalam query menggunakan prefix @

Kita dapat memberikan lebih dari 1 parameter dalam sebuah query, asalkan semua nama parameter diawali dengan simbol @.

Customizing Pop Up menu in K2 Workspace

In an implementation of K2 solution, I used K2 Workspace to see user’s worklist. I cannot use Sharepoint worklist webpart since the client didn’t enable me to use Sharepoint, and we just implemented simple K2 SmartForms application.

The challenge was in pop up menu of K2 Workspace, I had to hide several options.

As you see above, I have to hide Data Fields option since we doesn’t want user to see Process Data Fields and they will not understand what it is.

The second problem is, I have to hide Actions option since we doesn’t want enable user to make action using the pop up menu. User must open the worklist item in the approval form, not from this pop up menu.

I had searched in K2 Underground and in K2 Help portal about how to customize pop up menu, but I didn’t find any answer. So, we have to use “hacking” way, here is how:

While opening K2 Workspace, if we open IE Developer tool, we would see that K2 Workspace referenced core.js javascript file:

The core.js is located at c:\Program Files(x86)\K2 Blackpearl\WorkSpace\Site\TaskListControl\Script

First thing first, make sure you have copied the original file to somewhere as a backup before making modification.

Here is what we have to modify:

At line 8870, in function CreateMenuOption, after open bracket of function, add this line:

if (oNode.innerHTML == "Data Fields") return; 

Then, at line 9085, change this line:

if (FIsIType(oNode, "submenu"))

to this line:

if (FIsIType(oNode, "submenu") && oNode.innerHTML.indexOf("Action(s)") 

== 0 )

Then, on K2 Workspace press F5 several times to ensure the new edited javascript file is loaded, and you will see the “Data Fields” and “Actions” option is gone:

Conditional Validation in K2 SmartForm

I have to admit that currently K2 SmartForm is lack of built-in validation functionality, you can only specify which fields are required to be specified before the form is submitted.

In this post, I will show you a trick how to create a custom validation based on a condition.

Our form (or view) is very simple:

It contains:

• 2 Text boxes which have names: Amount Text Box and Comment Text Area
• 2 Labels for field header (I ignore the control’s names).

It is a petty cash request form. User can request for specified amount of money and specify notes if needed. Here is the condition:

• If Request amount >= 1000000 (above or equal to 1 million), user must specify notes.
• If Request amount < 1000000 (below 1 million), the notes field is optional to be specified.

If we use common validation condition in SmartForm, we can only specify whether field Notes is required or not, we cannot validate Notes based on certain condition.

Here is my trick;

1. Add a text box to Form or View, give it name: Notes. Clear Visible check box in its property. This new text box will act as fake “Notes” text box:

 

2. Create some expressions, click the Notes text box (the invisible textbox), select Expressions in property window, click Add to add new expression, give it name Comment is Blank:

Create a new expression again and give it name Request Above 1M:

Create again a new expression and give it name Notes Validation:

Value 9 is random value, you can use any value other than 9.

Make sure the last expression is selected before closing Expression window:

 

3. Create rule for click event of Submit button, add validation to the rule:

 

4. Specify validation configuration:

See validation configuration window above: mark Amount Text Box and Notes (text box) as required. Note that Comment Text Area does not need to be required and do not activate “Do not validate hidden…” option, and activate “Show validation message…”.

Then add Show a Message action if validation passes:

Click OK and then click Finish to close message configuration window and Rules Wizard Configuration window.

Click Finish to save the Form / View.

Let’s try to run the Form / View:

If I specify 500000 in Request Amount text box and I do not specify any comments, my request can be submitted:

However, if I specify 5000000 in Request Amount text box, the validation will occur:

I have to specify something in Notes field (it is Comment Text Area) :

You can make the Notes text box becomes visible to see how this trick happens and yes, building forms using K2 SmartForm is very tricky

Creating Running Number in K2 SmartForm

This post will show you how to generate running number using K2 SmartForm. Running Number is a common feature in transaction forms, such as Invoice Number, Purchase Order Number, Quotation Number, etc. It is always incremented by 1 for each saved entry.

In this post, I will show you an example how to generate request number for Room Booking Request. Room Booking Request can be used for requesting a room for a purpose such as meeting, interviewing, and so on.

Let’s create our Room Booking Request SmartObject, give it name as Booking:

Request Number will contain running number which we’ll develop later in this post.

Let’s create Auto Number SmartObject:

Current Number will contain a number which is always increment by 1 for each new booking request.

Then, using SmartObject tester, insert a default row to Auto Number SmartObject:

Give the value 1 to Current Number and RO for Request Type, then click Execute to create a new row.

Now, we will generate a view for booking request data entry, right click on Booking SmartObject, then click Generate Views, click Item and give it name as Booking Item:

Click OK to generate the view.

Make a view layout to be neat looking as follow:

Delete Create, Delete, Load buttons as we don’t need them, change Save button text to Save as Draft. Then add two text boxes to the view, give them name Current Number Text Box and Increment Number Text Box, we can place them anywhere since we will make them as invisible to users. In my example below, the two new text boxes is placed next to Save as Draft button.

Switch to Rules tab and inspect when Save Button is clicked rule, K2 Designer has created a default behavior for Save:

Add a new action Execute SmartObject method before Execute the Save method.

In the newly added action: select Auto Number SmartObject, and select Load method.

Click configure option of the newly added action:

In Request Type input mapping type RO:

Click Next, then map Current Number property to Current Number Text Box:

Add a new action again of Execute SmartObject method after Execute the Save method, select Auto Number Smart Object and Save method:

Click configure option:

Map Increment Text Box to Current Number and type RO in Request Type:

Click Finish to close configuration window.

Add a new action again of Close browser window:

Click Finish to close Rules Wizard Configuration window.

Switch back to Layout tab, then select Increment Text Box, select Expression property, click Add to create a new expression. Drag Current Number Text Box to expression details area , drag Plus operator from Operators tab – Operators node, and type 1 after Plus operator. Click Validate to verify the expression.

If the expression validation passes, click Finish twice to return to view layout.

Select Request Number Text Box, then select Expression property, click Add to create a new expression. Give it name Running Number Format as expression name. Drag Concatenate function from Operators tab – Text node, and drag Pad Left function as follow:

Click Finish twice to return to view layout. Make the Current Number Text Box and Increment Number Text Box invisible by unchecking Visible check box property.

Click Finish again to save the view.

Now we can try to run the view. Click on Booking Item view at the tree node, you will see Runtime URL at right panel, click the Runtime URL, the browser will create a new window/tab:

Click Save as Draft to save entry and the view will be closed after saving.

To view the request data, switch to SmartObject Tester, select Booking SmartObject, right click and select Execute SmartObject, change Method to Execute to GetList and click Execute button:

Why my request number starts from 7 ? Because I had tried to create data before I wrote this blog post  and I deleted them all. But if you follow steps in this article, your request number must be started from 1 (RO001).

Extract PDF file from K2 PDF SmartObject

In K2 workflow, we can create PDF file using PDF SmartObject, located in System node:

PDF Converter is a built-in SmartObject in K2 to create PDF and save it in PDF File SmartOject. The PDF is saved as BLOB. Actually it is a column contains XML and in the XML contains PDF as binary content.

The problem is, I have to extract the PDF and copy it to the file server using Windows File Sharing. K2 does not have built-in feature to extract PDF to physical file, thus I have to create it.

The following code utilizes SmartObject Client API to communicate with PDF File SmartObject in K2 Blackpearl server.

   1:  public void ExtractPDFWithSmartObject(int snapshotID, string fileName)

   2:  {

   3:      var smartObjServer = new SmartObjectClientServer();

   4:   

   5:      using (var connection = smartObjServer.CreateConnection())

   6:      {

   7:          connection.Open(k2WorkflowServer);

   8:          //smartObjServer.Connection.Open();

   9:   

  10:          var pdfSmartObj = smartObjServer.GetSmartObject("PDFFile");

  11:          pdfSmartObj.MethodToExecute = "Load";

  12:          pdfSmartObj.Properties["ID"].Value = snapshotID.ToString();

  13:   

  14:          var result = smartObjServer.ExecuteScalar(pdfSmartObj);

  15:          var file = (SmartFileProperty)pdfSmartObj.Properties["PDF"];

  16:          byte[] data = Convert.FromBase64String(file.Content);

  17:          File.WriteAllBytes(fileName, data);

  18:      }

  19:  }

Add reference to SourceCode.HostClientAPI.dll and SourceCode.SmartObjects.Client.dll

Parameter snapshotID is an ID created by Create* method of PDF Converter and parameter fileName is a physical file name to be created in file system.

In line 7, we have to create string variable named k2WorkflowServer, this variable will be populated as connection string to K2 Blackpearl server.

The complete code can be downloaded from here, it is a .NET DLL file and can be referenced from K2 workflow.

 

Call this DLL from K2 Workflow

To use this DLL (PDFHelper.dll), open your K2 workflow (.kprx) using K2 Designer for Visual Studio, add Code Reference Event and add reference to PDFHelper.dll

In Code Reference Event, add call constructor and pass the K2 Connection String as parameter.

then call instance method ExtractPDFWithSmartObject and pass snapshot ID and filename as parameters:

Do I have to use Visual Studio to use this DLL in my K2 workflow?

If I use K2 Studio to add reference to this workflow, strangely I cannot call constructor and call instance method, it seems K2 Studio cannot load PDFHelper.dll. But if I use Visual Studio, I can add reference, call constructor, and call instance method smoothly.