Blog
Uniface CE and EE licensing

Uniface CE and EE licensing 

The observant amongst us may have noticed that last week a new edition of the Uniface 10 Development Environment was released. This new edition is the Community Editiona free to use, non-commercial version of the Uniface 10 IDE for Windows 10 and SQLLiteit is available today from http://www.uniface.com. Although the deployment options are limited, the product is complete, and all features are available for use. 


Several product enhancements and features were needed to allow us to deliver this new Community Edition: 

  • An improved installer/patcher experience 
  • Updated branding (more to come) 
  • Replacement of our license manager (DLM) 

All of these enhancements will also be coming to the Enterprise Edition (EE) when it is appropriate to add them. We can update the branding in a patch, but the installer/patching updates require a full installa process not practical for most customers until 10.4. 

 

The most significant addition to the product is a new license management system which enables a Cloud-Leased Licenses model. With this new license model, customers will no longer need to harvest information from each platform (DLM info) but instead only enter an entitlement id during installation (like we do to activate Windows). The license manager will collect the fingerprint information, register the system, and download a valid license. For Uniface 10 CE, the entitlement allows Uniface to be installed on three separate PCs using the same key. Rehosting is also possible by returning a license on one system and claiming it again on another.  

 


As the term "Cloud-Leased" suggests, the downloaded license is leased and valid for a fixed period. During regular operation of an application, Uniface will periodically renew the license, extending the expiry date and applying any changes that have happened to the entitlement on the Cloud serverssuch as the addition of a connector. It will be possible to update a lease upon request and have the changes become active immediately. 

 

Cloud-Leased Licenses work uninterrupted when running offline for the period of the lease, with a default duration of 30 days from when the license was last renewed.  

 

For Enterprise Edition there will be extra options available 

We will supply a new local Rights Management System (RMS) serversimilar to DLM serverto allow concurrent usage and central hosting of licenses. The licenses installed on the RMS server will also be available as Cloud-Leased Licenses.  

 

For organizations where online access is not an option (i.e. due to legal or security restrictions), it will also be possible to run the cloud activation using a token exchange process via offline storage like a USB key. 

 

An exciting opportunity provided by the new licensing system is the possibility to license cloud environments more reliably especially Docker containers. 

 

We are working towards enabling all our existing license models in the new license manager. 

 

A portal will be made available, enabling customers to see the usage data for their entitlement. We also plan for this portal to allow ISV/VARs to see the usage of their end-users.  

 

It is our goal with this license system to dramatically simplify the effort required to install and maintain the licenses needed for your and your customer's applications.  

 

Blog by Barbara Douma and Jyoti Singh

Dynamic server pages (DSPs) provide the user interface for web applications. They enable users to view and modify data in a browser, and provide a lot of built-in functionality to ensure that data is formatted and displayed correctly, and to ensure that data entered by the user is correct before it is stored.

For example, a DSP automatically checks that a Numeric field does not contain alphabetic characters. This happens in the browser, in the client side of the DSP, even before the data is submitted to the backend server, where the data is validated again before being stored. Having the client side of the DSP handle formatting and syntax checking prevents unnecessary round trips to the server.

DSPs provide a lot of default data formatting out the box, to ensure that the data is correctly displayed. For example, a Numeric field with four decimals may be formatted to show only two decimals.

By default, for fields with an EditBox widget (or any widget mapped to and HTML input of type text):

  • Uniface non-String fields (Numeric,  Float, Date, Time, Datetime, Boolean) are formatted on the DSP client in the browser. The client applies supported display formats as defined by the field’s Field Layout property.
  • Uniface String fields are formatted in the server-side of the DSP by the Uniface Server. The server applies any display formats defined by the field’s Field Layout property before sending the formatted String to the browser.

(For more information on DSP widgets, see the widget reference documentation in the Uniface Library.)

In most cases, its is best to rely on default behavior for formatting non-String fields in DSPs. By sending unformatted data to the server, the original data remains available in the DSP client’s data layer, and the client has all the information it needs to format the data for display, but also to deformat it for transport back to server.

However, there can be circumstances when you want to use server-side formatting. For example:

  • You might want to specify a Uniface display format that is not supported by client-side formatting in DSPs, such as a minus sign for a negative number.
  • You might want to customize behaviour, such as implementing a custom date/datetime picker using JavaScript instead of relying on browser feature support.
  • The data is read-only and shouldn’t be formatted in the browser.

Client-Side Formatting

In client-side formatting, the Uniface Server sends the field’s value to the client as unformatted data, and expects to get unformatted data back.  

The DSP client formats the received data using its display format (Field Layout), and assigns the formatted values to the widget for display. If the value of a field is changed in the browser (either by the user editing the field or some code that assigns a new value), the DSP client:

  • Deformats the changed value using the display format definition (in the Field Layout property).
  • Validates the field syntax using the deformatted value (assuming the widget property Syntax Check on Browser is enabled).
  • If syntax validation fails, it displays or returns an error, and prevents the data from being submitted to the server until it is corrected.
  • If syntax validation succeeds, the new value is formatted again to get displayed, and the data can be submitted to the server.

Once the data is submitted, the data is validated on the Uniface Server, either through an explicit validate statement or when stored to the database.

Client-side formatting and deformatting allows the user to get immediate feedback on any changes—the DSP client updates the displayed value and reports errors. This prevents unnecessary round trips to the server to get the same feedback.

The disadvantage is that gives the developer less control.

Server-Side Formatting

In server-side formatting, the Uniface Server formats the data before sending it to the DSP client, and deformats the data when it is received from the client so that it can be stored

As mentioned before, String fields are always formatted on the server rather than the client, but it is now possible to do this for non-String fields too. The advantage is that it gives the developer more control over formatting, but it also means the developer is responsible ensuring that data is correctly deformatted and validated.

To do so, you can use the new widget property Data Formatting on Server (serverDataFormatting).

Note: This is the new name for a previously undocumented property: datatype=string. This property continues to work for compatibility purposes.

When a non-String field with Data Formatting on Server set to true, the Uniface Server:

  • Formats the field value using the display format (defined in Field Layout property).
  • Executes trigger formatToDisplay, if defined. This trigger enables the developer to complete customize the data formatting.
  • Sends the resulting formatted string to the DSP client

The DSP client assigns the formatted string to the widget for display. If the field value changes on the DSP client, the client does not deformat or validate the data (the widget property Syntax Check on Browser is ignored).  This is because the DSP client does not have the information needed for deformatting, such as the NLS locale and display formats used.

When the DSP client submits its data for which server-side formatting is enabled, it sends the field data to the Uniface Server as is. The Uniface Server then:

  • Deformats the field data using the Field Layout definition.
  • Executes trigger formatFromDisplay, if defined. This trigger enables the developer to control how the data is deformatted.
  • Validates the deformatted value, either in response to an explicit validate statement or when stored to the database.
  • Returns a response to the DSP client with the updated data or validation errors.

Server-side formatting enables the developer to have complete control over formatting and deformatting but it means that a full round-trip to the server is required before the display can be updated or errors reported. 

The following diagram shows the data formatting mechanisms in DSP:

 

Property: Data Formatting on Server (serverdataformatting)

Server-side formatting is made possible by the widget property Data Formatting on Server. This is the new name for a previously undocumented property: datatype=string. This property continues to work for compatibility purposes.

Other characteristics:

  • Default value: false (no server-side data formatting)
  • Not applicable to fields with Uniface data type String. String fields are always formatted/deformatted on the server
  • If set to true, the widget property Syntax Check on Browser is ignored

For more information about this property, see the Uniface documentation. 

Start Using the New Property

The configuration file for the new property will be delivered with the next Uniface release and not with a patch. So to have the new property displayed in the DSP Widget Properties dialog, you need to install the patch and then manually edit the file uproperties.ini:

  • Open the file uproperties.ini, located in UnifaceInstallDir\uniface\adm 
  • In the section [propertygroups], add the property serverdataformatting to grp:uniface_all .
  • Add the following property definition at the end of the file:


[serverdataformatting]
description=Data Formatting on Server
datatype=boolean
tooltip=Format the field data on the server in string type
category=Uniface 
TLS support for LDAP driver

TLS support for LDAP driver

Blog by Rasmus Stahl

With the Introduction of the LDAP U3.0 driver Uniface offers native connectivity to LDAP and Microsoft’s Active Directory using TLS connections.

LDAP is the latest delivery from an ongoing initiative to elevate all Uniface network traffic to use TLS, and will help protect applications from man in the middle attacks, as described in: https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows. LDAP over TLS has also been a popular request from customers.

To Use LDAP over TLS you will need to update the driver settings in your ASN file and setup correct server verification.

More detailed information is available in the Uniface documentation. See LDAP over TLS.

Reported issues search now available in an interactive form.

By Jan Cees Boogaard


As a result of our efforts to make relevant information about Uniface as easily accessible as possible, the known issues can now be queried in an interactive form. The new form shows more details about the issues and it allows for extensive filtering.

On the main page, you will find a list of issues that were reported in the current version of Uniface and a list with information from our archives. For help with the use of the form, there is a quick users guide at the top of the page.

The new feature can be found in the menu under Support/Reported Issues (new) or by directly going here. The old list is still available under Maintenance/Known Issues (old), but will be phased out in the future.

This new feature on uniface.info is a first step towards sharing full information about Uniface maintenance. More features will be added in the near future. As we are looking to expand and improve, we are keen on your feedback. Please leave your comments in the known-Issues-information topic in the Community/Questions section.

Pathscrambler Security Enhancements

Blog by Andy Holzman

“From simple encoding to strong encryption, read on to learn about the latest security our third iteration of the path scrambler brings”

With this blog we announce a change to the Pathscrambler encryption of the Uniface assignment files that will become available in one of the upcoming patches.

We have enhanced the security provided by the Pathscrambler, the Uniface utility used to encrypt sensitive information and values in assignment files and login strings. The Pathscrambler will now append a digest to any assignment file line or string in which it has encrypted some text. This ensures that the encrypted line cannot be tampered with in any way.

The difference in behavior is significant enough that we can speak of an old and a new Pathscrambler, although there are no changes in the way the Pathscrambler is used to encrypt files and strings.

The previous Pathscrambler functionality is still supported, so older assignment files will continue to work as they did before. However, it is no longer possible to regenerate those encrypted assignment files or strings using the new Pathscrambler. It will always generate new files and strings with the enhanced security.

There are some consequences to this extra security:

  • Any assignment file line or string with a digest cannot be altered in any way.

For example, previously any text not encrypted could be changed. With the new Pathscrambler, not even a space can be changed, as this would invalidate the digest.

  • The encrypted line or string must be used in its entirety. A single line or string cannot contain a mixture of old and new encryption. This has an impact in the way that an encrypted string can be used in the open Proc statement and with the{{ /log}} command line qualifier.

For example, in the past, the string used in the open statement for a database path could be dynamically constructed in Proc, possibly using an encrypted password string that had been supplied by the Pathscrambler. This is no longer possible. The complete open string must be provided by the Pathscrambler, otherwise the digest validation will fail.

You can still dynamically construct an open string for a database path using the $password function, but no other parts of the string can be provided by the Pathscrambler. $user can be used as that does not encrypt the data.

  • All the lines in an assignment file must be of the same encryption. You cannot mix lines from an old assignment file and a new one.

It is possible to still include an old assignment file in a newly encoded one, using #FILE, but you cannot mix actual lines in the same assignment file. You cannot cut and paste some lines from an older assignment file into a new one. This means that it is no longer possible to start with a previously-encoded file that contains some of the older Pathscrambler's encoding, and then add new encoding to it. The result would be a mixture of encodings, which is not allowed.

  • The output from the Pathscrambler cannot be re-submitted to the Pathscrambler. If previously encrypted items are submitted to the Pathscrambler, the resulting strings will not be usable by Uniface. If changes are required, they must be done in the original un-encrypted file, and that file should be re-submitted to the Pathscrambler.

We strongly recommend that anyone that has security concerns about the contents of their assignment files, should use the new Pathscrambler to encrypt their assignment files.

Client-side triggers for server-side validation errors

Blog by Barbara Douma

Dynamic server pages already support client-side field syntax checks, which prevent incorrect data from being submitted to the server.  Uniface provides a default mechanism for reporting and displaying syntax errors in the browser, and web triggers for customizing the error reporting and display.

However, field syntax checks are just a subset of the data constraints that Uniface validates when it is instructed to reconnect, store, or validate data. Other declarative constraints as well as procedural constraints are validated on the server and, until now, there was no customized way of reporting such errors in the browser.

With Uniface 10.3.02.019, Uniface introduces support for server-side validation error reporting for fields.

  • Default formatting and error reporting for fields that are in error and visible in the browser. This is the same mechanism available for client-side syntax errors: the -ufld-highlight-error- style and uflderror bound error element.
  • New showError and clearError web triggers, which enable you to customize error display and reporting. These triggers are defined on fields in the component structure and they are executed in the data layer of the client. This means they can be executed for fields in error, even if the field is not in the layout, is in a hidden view, or is no longer available in the browser.
  • Enhancements to the Uniface JavaScript API to make the error information accessible to JavaScript in these triggers. The new FieldErrorContext object holds information about the field that is or was in error, and provides the methods getField(), getError(), and getBoundElement(), so that you can access the field, report the error, and update DOM elements. It is the JavaScript this element in the showError and clearError

When you define a showError trigger, you need to define a corresponding clearError trigger. For example:

webtrigger showError
  javascript
    // this returns the FieldErrorContext object for the error 
    // get the field that is in error 
    var errorField = this.getField();

    // if the field is present in the data structure ... 
    if (errorField) {
      // style the error and add the error message as a tooltip
      errorField.setProperty("style:color", "red");
      errorField.setProperty("html:title", this.getError().message);
    }
   
    // Return false to suppress Uniface's default error reporting
    return false;
  endjavascript
end

webtrigger clearError
  javascript
    // this returns the FieldErrorContext object for the error 
    // get the field that was in error 
    var errorField = this.getField();

    // if the field is present in the data structure...
    if (errorField) {
      // clear the properties that were set in showError
      
      errorField.clearProperty("style:color");
      errorField.clearProperty("html:title");
    }
  endjavascript
end


To see this code in action, you can download a new sample from Uniface Samples. In addition to this code, which uses Field.setProperty(), the sample demonstrates the default error display, the use of   this.getBoundElement()to navigate and style other elements in the DOM, and the use of an error count and error list to display multiple errors.

For more information, consult the documentation:

Blog by Peter Lammersma

For today’s businesses, they say, data is more important than ever. I don’t agree with the ‘today’ part: data always has been businesses’ most important asset, and always will be. There is a difference between now and back then, though. The IT landscape is now extremely dynamic and reliant on innovative IT. Dependence on technology leads to enormous growth of data and, at the same time, of the number of attacks on the data.

Can a potential risk be turned into a business opportunity? During our second workshop / ‘pizza session’ of 2019 we answered that question. Before I explain how, we need to look at the cause of the growth of security problems. Although we all think security problems will never happen to us, investments in security were never higher than they are today.  Return on security investment is one of the key figures that management uses to steer the business.

Client/Server

We feel safe with ‘good old’ client/server, with all the visible security measures: it’s like having a barrier to the carpark, a security guard near the entrance and a kind but resolute receptionist. Contracts and non-disclosure agreements must be signed, and sometimes employees must have a certificate of conduct. Before one can even start working with the application, passwords on computers and networks are mandatory. And, on top of all these safeguards, you and I have created the best authorization and authentication algorithms in the world!

Within this ‘fortress’, it feels as if the data is safe inside the organization walls. But it is not, despite all the visible and invisible security. According to ‘IBM 2016 Cyber Security Intelligence Index’ more than 60% (!) of all attacks on data have an internal cause. These are people you trusted! Did they break through all the security precautions? Are they spies? Criminals? The reality is less exciting, but just as frustrating. In most cases, the problem is just that the innocent users of the application opened an attachment that they should not have opened.

All the effort in securing the building, the network infrastructure, the workstation, the database, and the application has lost its value because of one detail: the connection to the data(base). Once you know how to get to the data, there’s not much that can stop you. Compare it with a defensive wall that loses its value with every hole. The connection from the client to the database looks like a tunnel. A long tunnel, perhaps, but at the end you see the data as shining gold.

It doesn’t matter what technology is being used on the client. Every technology has its ‘holes’. Criminals are not interested in any of the secure parts, but in that one single thing that is not: SQL injections, readable connection strings in assignment files, data source names from your ODBC or SQLNet. Allowing direct access to the data is a risk. Somewhere in the application, a connection string to the database must be available. As soon as this connection string can be found on the computer, all other security has lost its value.

Even the size of the application is irrelevant. Let’s assume you have a web application with hundreds of DSPs. From a user’s perspective there is no direct connection to the database. But what if this application also has one or two forms for maintaining a table? Then this can be the rabbit hole leading to your data. As we learned in the pizza session, prevention is better than cure, so let’s see what can be done to plug this rabbit hole.

Multi-layer versus multi-tier

It’s not client/server, per se, that causes the problems. It’s the way it is used. Traditionally, client/server is two-tier: the client for presentation and the server to store the data. But an application is more than just presentation and data. The real value is in the business rules and the business logic. By the way, those are not the same! I have seen a lot of applications that claim to be multi-tier (multi > 2 😊), but they are multi-tier in name only. They are really only multi-layer.

So what’s the difference between multi-layer and multi-tier?” Multilayer is separation in the application’s logic. Services for reading data, services for business rules, reports, forms, etc., are layers. Using multiple layers in the application structure is a very good habit, but it does not do anything for security.

Multi-tier, on the other hand, is a technical separation. It allows the application to run its processes on several machines: the presentation layer on the client, the business logic on an application server, and the business rules on the database server.

The fun part is that Uniface allows us to move layers into tiers – without changing our coding! At least, you can if you’ve used the layers consistently. In the pizza session we worked on this concept.

Moving data access to a server

The starting point of the pizza session was a typical client/server application: all the processing on the client and all the data on a server. Take a look at Figure 1: you’ll see a Uniface application on the client with two form components and one service. Reading and writing is done in the components.

In the worst case, the assignment file has one of the following path settings:

·       $DATA_DBMS_MQL = MQL:server:database|username|password

·       $DATA_DBMS_TLS = TLS:server+port|username|password|database

·       $DATA_DBMS_MSS = MSS:DataSource:database|username|password

·       $DATA_DBMS_ORA = ORA:t:host:database|username|password

You might have secured everything, but the connection string to the data is readable in the assignment file. This means your data is as open as it can be! The technology that is used to connect to the data is not relevant, nor is the security of the connection, application or network.

A setup like this is only fine for development purposes – with fake data.

In my Uniface career I have seen hundreds of applications, and a lot of them had the database details in assignment files on the client, even in production environments. Having the connection string data in a readable format in the assignment file makes it pretty obvious. Using the Uniface PathScrambler makes the connection strings unreadable. That feels a bit safer. But remember that somewhere in the process, the connection string must be unscrambled. That information is stored in memory and so it can be found with the right tools.

It’s a good habit to use a service for reading and writing to the database. In the pizza session, we changed the application in Figure 1 to something like Figure 2.

The normal behavior of the Uniface read process is, as we all know, activating the retrieve trigger. Uniface then invokes the read trigger to read and fetch the data from the database. To change this so a service can be used to read the data, an operation on a service must be called. On the form for the entity, the ‘Data access’ property is set to ‘non-database’.

Advice: create subtypes for all modeled entities. Have one subtype that allows database access and another subtype that is non-database. The first can be used on a service that does the reading and writing. The other can be used on the client to display the data.

At this point, two things are achieved:

1.       The application uses a service to read and write. Officially, the application has a Service Oriented Architecture.

2.       The application is multi-layer.

So, we’ve scored points! However, from a security perspective nothing has changed. As shown in Figure 2, there is still a direct connection from the client to the database.

But now take a look at Figure 3. The only thing that’s changed is the execution of the service. For a Uniface developer, this is just a small step:

1.       In the assignment file on the client:

a.       All connections to the database can and must be removed;

b.       Replace them with a path to the server:

$TCP_EXEC = TCP:servername+port|username|password|pizza_2_exec

c.       Add:

[SERVICES_EXEC]
* = $TCP_EXEC:*

2.       Install URouter on the server. In the URouter’s assignment file:

pizza_2_exec = userver -asn=pizza.asn -dir=path -adm=path

3.       In the assignment file (in this example pizza.asn), add the connection string to the data.

Now, when the service is activated from the form, the processing is executed on the server – without any modification to the application! Suddenly the application is multi-tier.

Why is this more secure? From now on, when someone tries to look into the metaphorical tunnel between client and server, there is no shining gold data but just a Uniface UServer-process. There is no direct access to the database. It is impossible to send SQL requests to the database on the server, because there is no direct access to the database.

From here on, it is up to developers like you and me. The only way to access the data on the server is by requesting data or submitting a change to a Uniface service. With our development skills, we can secure this data: it’s just a matter of authentication and authorization.

But there is more!

In the workshop/'pizza session',  we played with the configuration. The data is safely hidden behind a service. The only possible way to read the data is by calling the service from the Uniface form components. But what if you want to be able to read the data with other tools?

It’s highly advisable to implement all your business rules in services and execute these on a server. So, now you have your data and the business rules on the server. Let’s suppose that, although you’re happy with your Uniface desktop application, you also want to be able to make the data available to an external system, or you want your data to be part of a mobile solution.

As soon as you have your most valuable assets (business rules and data) executing on the server, you can access them with any technology you want. Look at Figure 4. By adding a webservice to the configuration, all of a sudden, the Uniface service can be used by and/or in any other technology!

Conclusion

In just a few steps, a potential risk can be turned into a huge business opportunity.

When you started reading this article, your data felt secured but in reality it wasn’t. With a few changes in the Uniface configuration your data is very secured. And, at the same time, you created a new business perspective because the data can be made available to third parties in a way that you can control.

To summarize, the steps are:

  1. Stop reading and writing in the presentation layer
  2. Implement services that do all the reading and writing
  3. Move the execution of these services to the server
  4. Add webservice functionality to the services

If you want advice about the level of security of you application or need any help with the configuration of your deployment environment, you can always contact me. In the next Blog/pizza sessions, we will take a closer look at the fourth step and beyond. Trust me, with Uniface you can do anything.

 

Utilities for Uniface 10

Utilities for Uniface 10

Modern application development environments need to allow close integration of customer or community tools and utilities, to further enhance developer productivity. The IDE, delivered with Uniface 10, enables closely integrated extension through user defined worksheets and menu options.  

Many of you know that the Uniface Support team often creates utilities to automate or simplify some our day to day activities. With the new user defined integration, we have an ideal way of making these available to the community so have collected a number of these utilities, mainly enhanced versions of components found in the Uniface 9 IDF, together and packaged them up for anyone to use.

 What is included in this toolkit?

  • Create Referential Integrity
  • XSLT Workbench
  • Global Search
  • Cross Reference
  • Copy user data from entity editor

 

Create Referential Integrity

Generate SQL scripts for maintaining referential integrity within the database

 


XSLT Workbench

The XSLT Workbench is a tool for creating and testing XSLT stylesheets.


Global (Proc) Search

You can use the Global Proc Search dialog to search for commands, expressions, and operands in all Proc. It now also features a button that allows to directly open from the search result the related Code Editor.


 

Cross Reference Viewer

With the Cross Reference Viewer you can generate reports from the data of the cross-reference table. It now also allows you to directly open the related Code Editor from the cross-reference search results.


Additions menu

The different utilities can easily be accessed from the Main Menu ( ≡ ) of the IDE.


Additional stuff

The Uniface 10.3 IDE Additions project also includes an extra menu item for the Entity Editor that allows you to directly export the user data of the entity. This can be seen as a partial replacement of the Convert Data utility of the version 9 IDF.


Work in Progress

We still plan to add more features to the Uniface 10.3 IDE Additions project - so this is very much “Work in Progress”.

And the good news is that we are not going to keep this stuff to ourselves. The Additions can be downloaded from here (Uniface utilities, addons and extras). And in order to get the utilities working you just need to include the additions.asn at the top of your (or the default) ide.asn.


ASN example
; your ide.asn
[RESOURCES]
.\uar\ADDITIONS.uar

; ...

[LOGICALS]
IDE_DEFINE_USERMENUS = ADDITIONS
; ...


We hope the Additions utilities are helpful,


Uniface Customer Support


Please note, that although the utilities are uploaded by the Uniface team, it is made available as-is and is not in any way part of the regular Uniface product. Therefore the rules and regulations for Uniface maintenance and support do not apply to the Additions utilities.

Blog by Peter Lammersma - 

Recently, a dozen Uniface developers gathered at Uniface headquarters in Amsterdam. Some of them had driven for several hours to be here on time.

What was so important about this meeting? The answer is that these developers represent several organizations with one thing in common: they all trust Uniface for their most vital and business-critical applications. Something else the organizations have in common is that they all want to migrate to Uniface 10. That’s why they sent their developers to learn more about it.

A few weeks earlier, most of these developers had participated in a webinar where I told them about the major changes and enhancements in the latest version of Uniface. So, they had heard and seen a lot about these changes already, but on that particular evening in April it was time for some hands-on experience. As a well-known Uniface expert and business partner, I had been asked to guide my fellow developers through this process, and we had decided that ‘pizza session’ was a good name for it (more about this choice below).

The name reminds me of some evenings in my past. Software, cold pizza, and warm cola; what more does a developer need?

The evening consisted of three parts, starting with an optional slot for configuration support. Beforehand, the participants had received instructions on how to install Uniface on their notebooks and create a development environment. If they had run into problems, they were invited to arrive early so we could help them with the configuration. As luck would have it, someone did show up during this pre-pizza config support part of the evening. No, he didn’t need help, though – he just had a three-hour drive and loved to be on time.

According to Mr. Maslow and his hierarchy of needs  the second part of the evening was the most important. It’s obvious that in 1943, when he published his theory, software as we know it had not yet been invented. Nevertheless, everybody enjoys pizzas. Thirty minutes later, a dozen pizzas had completely disappeared, leaving the same number of developers eager to start.

The third and final part of the evening was the hands-on bit. At the back of the classroom, Ton Blankers, Uniface account manager, and Gerton Leijdekker, software architect, were present to answer any questions I couldn’t handle. I kicked off with some theory – just enough for the participants to get started. For the next two hours, a classroom filled with software developers worked on a couple of assignments.

This pizza session was all about the changes to the Uniface 10 IDE. I can talk for hours about these, but as I was limited to a 30-minute timebox, I focused on the major changes – for instance:

-          The terminology. What is a Main Development Object?

-          … and how is it related to the editors in Uniface?

-          What is the difference between Templates, Objects and Models?

-          … and is this really different from what we are used to?

-          What is the Compiled Modules Inspector?

The assignments were about enhancing the IDE with your own utilities. In three exercises, the developers created User Defined Worksheets and User Defined Menus. They learned how to use the IDE in Uniface 10. But the assignments were also about the changes in the meta dictionary to gain full control over the IDE.


Was it a successful evening? Everybody was able to install and configure Uniface 10 (which takes no more than 5 minutes), the pizzas were great, and everyone finished the exercises. But most importantly, the developers discovered themselves why Uniface 10 is so much better than all previous versions. And now they believe it is time to migrate to version 10.

We at Uniface were more than satisfied with the outcome of the very first pizza session of 2019. The security guys were curious, though: what was everyone so happy about? Mission accomplished.

Why do we call it ‘pizza session’? Uniface is just like pizza. Everybody loves it. It’s convenient. And with the right basis (the bottom), everything is possible. Used as a plural, pizza sessions, it is a reusable concept. Yes, we want to organize these sessions a few times a year. There is so much more to discuss and learn about Uniface. The next pizza session is planned for June.

Blog by Barbara Douma

Since the introduction of Uniface 10.3, we have been rolling out a feature called smart suggestions, which adds search and filtering functionality on the basis of object name and description. This makes it easier and faster to find an object that you want to open, edit, or use in a given context. As you type a keyword or part of an object name, the Uniface IDE provides a list of suggestions for objects that match the provided string and are appropriate to the context.

Smart suggestions were originally introduced on the Main U-Bar in Uniface 10.3.01.012 (see the blog Smart Suggestions in the Main U-Bar of the IDE). Since then, we've added this feature to the Component Editor when editing name-based properties. You get smart suggestions when you:

·       Rename entities, fields, and labels in the Component Editor (10.3.02.001)

·       Define the Modeled Component and Bound To properties in a derived component (10.3.02.002).

Now our focus is on the Resource Browser, starting with the Component Editor. As of Uniface 10.3.02.008, the Uniface IDE provides suggestions in the Model tab, so that you can easily find the modeled entities and fields that you need to use. 

Resource Browser: Model Tab

The Model tab of the Resource Browser has been redesigned. It now includes a U-Bar that can be used to find and filter the modeled entities displayed in the tab. The list of entities includes subtype (specialization) entities. Icons indicate whether an entity is a normal modeled entity ()

or a subtype entity ( ).


To ensure fast performance, a maximum of 50 objects can be displayed. You can override this by clicking Show all, or configure to a different maximum using the  UBAR_RESULTS_MAXHITS logical. 

Suggestions for Modeled Entities and Fields

Instead of browsing through hundreds of entities, just start typing a string that occurs in the object name or description in the Model tab's U-Bar. As you type, the list is filtered to show only matching entities and sub-entities. 

As usual, suggestions are offered in the following order:

1.     Objects whose name starts with the entered text

2.     Objects whose name contains the entered text

3.     Objects whose description contains the entered text

You can scroll through the list of suggestions using the Up and Down arrow keys or the scroll bar. 

To insert an entity into the component structure, highlight the entity in the list, then drag and drop the entity into the component structure (or draw the entity frame for a form or report component.)  

To add the entity's fields to the component structure, you first need to select the entity—highlight the entity in the Model tab and press Enter, or double-click the item. This copies the entity URL to the U-Bar and, by default, displays the entity's fields. (Notice that the fld: code is appended to the URL.)

What if you selected an entity to display its fields before you inserted the entity? No worries. Just right-click on a a field and choose Parent Entity from the context menu.

 The parent entity is then displayed in the Model tab so you can highlight and insert it.

Suggestions for Parent or Subtype Entities

As you saw already, subtype entities are easy to recognize in the Model tab, but you can also find the parent or subtypes of a given entity.

For example, to get the supertype of a subtype entity, right-click the subtype in the Model tab, and choose Parent Entity

You can also use the context menu to show the subtypes of an entity. For example, the following suggestions are shown when you choose Subtype Entities  for the UTREE_PERSON.UTREE entity:

Notice that the ent: object code has been added to the entity URL.

If you now select one of the subtypes, the complete URL, including the supertype is copied to the U-Bar and its fields are displayed: 

Navigation Using the Object URL

If you want to return to the supertype object, you can click on the object's name and press Enter. In fact, each element of the URL is like a button that can be clicked to navigate up the object URL.

When you select an object name, a list of the subobject types is displayed. For entities, these are ent: for subtypes and fld: (the default) for fields.

We hope you will enjoy the Resource Browser improvements that we have introduced so far.

But it doesn't end there! As of Uniface 10.3.02.009, smart suggestions are provided in Model tab of the Entity Editor when you add modeled entities to a relationship, and in the Project Editor when you add create derived components from a modeled component. The principles and behavior are the same as in the Component Editor.


Blog by Jorge Nuñez-Orellana


Recently, we had the presentations of the first Creative Sprint and let me tell you it was a great success. I’ll start by taking you back in time while sharing what are the thoughts which drive this initiative.

The Uniface’s lab is still a startup, yes! A 35-year-old startup in that sense. As with all startups, we thrive through the innovation that comes from the brilliant minds that continue to form the Lab throughout these years.

When working on technology, one tends to adapt the new high-tech trends to produce business value. This is a creative quirk. This challenge rewards the individual with satisfaction and fulfillment. To maximize the benefit from such experience, one repeats the process with certain periodicity, making it part of the development process.

In general, Agile is associated with a creative/iterative development process, following that line of thought, it is common practice in technology minded organizations to include a moment to trigger the creative spirit and embed it on the execution cycle of the production of software. Additionally, that moment serves as a source of wisdom to individuals who use that time to attempt new ways, find new ideas, discover new possibilities.

At the Uniface Lab, we are no different. Already for a few years, we have been trying to stimulate this inspirational flare in between our regular sprint schedule. To spark imagination a bit more, we have adopted a Creative Sprint; a one-day sprint where the goal is to ignite curiosity, play with new ideas and have fun.

Our creative sprint is also a welcome break in our tight schedule. A break which is an investment too. A break as it allows us to step out of the production harness and an investment because it spawns our technological paraphernalia (ideas and tooling).


As competitive as we are, we want to deliver the outmost in one day, producing great value for our time. To illustrate that, I want to share some of the ideas from the creative sprint:




·       Apply cucumber and selenium to web testing

·       Investigate using JavaScript as the scripting language for Uniface’s ProcScript

·       Prototype a message/service bus

·       Use Node.js as a Web-server for a DSP application

·       Investigate enhancements to our threading model

·       Calling Uniface functions from Python

·       Prototype using regular expressions in ProcScript

·       Prototype porting sources to C++ 11 compatible

·       Entries for field, collection and/or occurrence entries as extensions of only component


The results were astonishing, a lot of enthusiasm and tons of valuable information which serves as food for thought. All in a very short span of time. Besides there is more to come as we get a chance to spend some time on innovation every two weeks. How great is that!

Widgets

Blog by Jyoti Singh


The purpose of this blog is to inform you about some changes in the way widgets are documented and described.


Widgets are the elements that enable the user to interact with a Uniface application. In Uniface, we recognize two types of widgets:

·       Physical widgets are the implementations that provide the functionality to the user. They vary depending on the underlying GUI technology.

·       Logical widgets are named configurations of the physical widgets. Developers can configure physical widgets to use specific properties/styles to create their own logical widgets.  Consequently, one physical widget can be referenced by multiple logical widgets. The available widget properties are dictated by the physical widget, and it is the physical widget that knows how to interpret properties. Logical widget definitions are defined in the [webwidgets] and [widgets] sections from the initialization file.


The logical widget definitions are available to the Development Environment (IDE), where they are shown in the Widget Type property for entities and fields, allowing developers to select one for use. By default, a Uniface installation provides a default set of logical widgets , but this set can be customized by the developer.

The logical widgets used in the application must also be made available at runtime via the [webwidgets] and [widgets] sections from the initialization file in the runtime environment. Forms, Reports, and Dynamic Server Pages (DSPs) use this mechanism.

With the introduction of the physical widget HTMLINPUT for DSPs, which can be used to specify very different input elements, the emphasis is moving more and more towards the capabilities of the physical widget rather than the logical widget.  To reflect this shift in emphasis, the widget documentation for Uniface 10 has been restructured. It now documents the functionality, triggers, and properties of physical widgets, and describes logical widgets in terms of their purpose, since the functionality and properties can be changed by the developer.


To illustrate with an example:

By default, physical widget HTMLINPUT is mapped to EDITBOX, but HTMLINPUT can also be customized to get a custom Input search field which can set or return the value of the placeholder attribute.

Ini file:

[webwidget]

Editbox = htmlinput(html:type=text;detail=dblclick)     

Searchbox = htmlinput(html:type=text;html:size=20;html:placeholder="Type to search")


Above two configurations of same physical widget would result into two logical widgets with different capabilities:

If you are interested to know more about the widgets in Uniface, please visit the online documentation https://u.uniface.info/docs/1000/uniface/componentConstruction/widgets.htm?Highlight=widget


We have a great functionality available that makes it possible for you to follow a particular question or topic by turning on the “Watch” feature. It’s an easy way to stay informed about any issue that interests you. You will be notified by email when answers and comments are added to the question.

To watch a question

  • Log in to https://www.uniface.info with your Uniface account details
  • From the menu at the top, choose COMMUNITY, then choose Questions from the drop-down menu
  • Choose the Question you're interested in to bring up its page
  • Choose Watch on the right hand side to start receiving notifications, as shown below

You can also Watch a whole topic – then you’ll be notified whenever a question is added.

To watch a topic

  • Log in to https://www.uniface.info with your Uniface account details
  • From the menu at the top, choose COMMUNITY, then choose Topics from the drop-down menu
  • Choose Watch under any topics you wish to be notified about

Should you wish to stop Watching any question or topic, go to your notification email and select one of the two questions given:

'Stop watching this question' or 'Unsubscribe from all notifications'

Follow using RSS

You can also follow new questions or particular topics using RSS. Watch out for the RSS link in the Questions list.


Blog by Peter Lammersma


What I like and expect in every well-designed system is predictability. Can I find what I am searching for in the expected location? In other words, is the interface intuitive and consistent?

That’s one of the best things about Uniface 10. Having worked with several earlier versions of Uniface, I can confidently say that this latest version’s user interface gives the developer unprecedented levels of consistency, predictability and effectiveness.

Overview of the Uniface 10 IDE

At a high level the IDE can be split into three main sections.

Figure 1 IDE main sections

As shown in Figure 1, these main sections are header, editors and message output. The last section, message output, contains the output of actions performed in the IDE. Pretty clear isn’t it? In this article I want to focus on the other two sections, because these are where the magic happens.

A Uniface developer works in the editors’ section. The IDE contains several editors. Let’s start by understanding these.

Main development objects and their editors

Uniface has introduced the term object in version 10. It’s a general term for the ‘things’ developers create and use, such as projects, components and fields. An object is a way for developers to communicate about their work without the need to bother with implementation details. In the article ‘About templates, models and objects’ I have described this concept in more detail.

Objects can be nested as children and parents. Some objects, such as fields, can only exist as children of other objects. Other objects, called main development objects, can exist without a parent and can have children of their own: examples include modeled entities, start-up shells, and projects

All main development objects have a dedicated editor in Uniface 10. When an object can only exist as a child of another object, that child must be maintained in an editor created for the parent.”. For instance, an entity painted on a component is the child of that component and must be maintained in the parent component’s editor.

It’s important to understand the difference between an entity created in the entity editor, which is called a modeled entity, and an entity that is painted on a component in the component editor, which is called a derived entity.

Uniface has a specific editor for every main development object. In the non-modal development environment, a developer can work on several objects in the same environment. Every open editor is identified by a tab.

Scope of your action

I started this article by talking about the predictability of the IDE. In the previous paragraphs I explained that Uniface has an editor for every main development object. The daily activities of the Uniface developer are actions such as creating new components, modifying properties of objects, writing script code, and compiling components. Some actions will be started from the IDE header, others in the editor section. To find the location of the action you want to do in the IDE, it’s good to consider the scope of your action.

  • Does it do something to exactly one opened object? It will be in the editor of that object.
  • Does your action involve more than one object, or is it not particularly related to an object in In short: The header contains global actions, while the editor contains actions relating to the content of the editor.



A few examples:


Compile all components in the repository. This is an action that is not bound to exactly one opened component. This compile action can be found on the main menu in the header.

Compiling a component. This is an action for an open object in the component editor, so it’s to be found somewhere in the editor. Of course, it is also possible to compile the same component from the compile option in the header. The result is the same.

Export all child objects from a project. The boundary of this action is the project’s content. Therefore, it is to be found in the project’s editor.




You can draw an imaginary line between the header and the editor section. Everything that relates to one particular object is somewhere below that line.

Worksheets

Let’s focus now on this editor section. "Although most editors have been rebuilt in Uniface 10, some of the less commonly used objects – for instance the maintenance of glyphs and keyboard translation tables – still use the U9 editors. As part of Uniface’s continuous delivery, these editors will be migrated to the new structure in the future. Every experienced Uniface developer will recognize the U9 versions immediately though.

The new editors are composed of one or more worksheets tailored to the object they serve. An entity editor consists of different worksheets from those in a component editor. The strength of these new editors is best demonstrated with the component editor. A form component is in other ways similar to a dynamic server page (DSP) – they are both components – but at the same time it is different. The form has a client-server interface, while the DSP has a HTML GUI that can contain JavaScript. Some worksheets are the same, and others differ.

Figure 2 The editor is a collection of worksheets

Every worksheet contains one or more tools. These tools depend on the editor and the worksheet. A typical worksheet composition has a resource browser on the left, the properties inspector on the right, and a large tool pane in the center. It’s in this tool pane the actual editing work is done. In this container the developer can, for instance, edit the script, define the key fields of an entity, or compose the structure of a service component. The general structure in the IDE is: editor à worksheet à tool.

Let’s take the editor shown in Figure 2 as an example. This is the modeled entity editor. The active worksheet is the Define Structure. This worksheet contains three tools. the left pane contains the ‘Resource Browser’, in the middle is the ‘Fields Composer’, and on the right is the ‘Properties Inspector.’

User-defined worksheet

Zooming in on the worksheet tabs, I want to show you something interesting.

Figure 3 The worksheet tabs: my worksheets next to the Uniface defaults

In Figure 3, the Uniface default worksheets are shown and next to them are my own worksheets. In another article on ‘Enhancing the provided toolset’, I described how these worksheets can be added to your preferred Uniface editor(s), to make your work as a Uniface developer even more efficient. The worksheets offer great flexibility and power. In your own worksheet(s), you are not bound to the tool panes Uniface is using, and your actions have unlimited scope. You, the developer, are completely free to add a worksheet that performs actions outside the open object, though it is advisable to take the context of the object into consideration.

Summary

The IDE of Uniface 10 has the predictability I expect because it is a consistent implementation of the Uniface development paradigm. Uniface 10 is built by developers, for developers. It makes sense – common sense.

I can talk and write about the IDE for hours, but the best advice I can give is: just use it. I am convinced that you will, just like I do.




Blog by Frank Doodeman

There’s a handy feature in the Quick Search dialog of the IDE’s Code Editors: you can use regular expressions in your Search term.

This blog gives a few simple but useful examples.

Where is my variable assigned a value?

Suppose you have a variable or field named SUM, and you quickly want to find the places where some value is assigned to it by means of an assignment statement. In a ProcScript assignment statement, the variable being assigned to is always at the beginning of the line, and it is followed by a single equal sign followed by whatever value is being assigned to it. Therefore, use this regular expression to find all assignment statements that address variable SUM:

^\s*sum\s*=

Let’s briefly go through the parts of this regular expression to see how it works:

  • It starts with a caret sign: ^. This matches the start of a line.
  • Then there’s \s*. The \s matches any blank character, such as space or tab, and the * specifies that it matches a sequence of zero or more of them.
  • This is followed by the literal text sum, which matches the string “sum”. By the way, sum matches without taking case into consideration – behavior controlled by the match case button, which is off by default.
  • Then there’s another \s*, matching a series of zero or more blank characters.
  • It ends with a literal =, which matches an equal sign.

Where is my variable used?

To find where your variable SUM is used, use this regular expression as your Search term:

\<sum\>

This specifies the literal text sum enclosed in \< and \> characters. The use of \< and \>, which match the start and end of a word respectively, ensures that the expression won’t find strings like SUMMARY, CHECKSUM or CONSUMPTION.

Remove trailing blanks from all lines

You can’t see trailing blanks, but they may still annoy you. With this simple regular expression, you can find them and replace them with nothing:

\s+$

The \s we saw earlier: it matches any blank character. The + that follows it makes it match one or more of them. The $ stands for the end of the line. Use this regular expression as the Search term in the Quick Search dialog and empty the Replace term field in that dialog (make sure you set the dialog to Replace mode by pressing CTRL+H, or by clicking the down-arrow symbol on the left). Click the All button and voilà: no more trailing blanks in any of your lines.

Consistent use of the Struct arrow operator

You may have a coding convention for Struct member references that specifies that you use the -> operator without surrounding blanks, like this: vStruct->mbr. But suppose you stumble upon a piece of code from a former colleague who liked to have space characters around the arrow operator, like this: vStruct -> mbr. You can easily correct that using the Quick Search dialog and regular expressions. Your Search term should specify that you want to find the arrow operator enclosed in blanks:

\s+->\s+

Then by simply using -> as your Replace term you can replace all these space-consuming arrow operators by compact ones.

Use the new style of string substitution

In the old days, ProcScript string substitution was done using expressions such as "%%FIELD.ENT%%%", where the initial two percent signs indicate the start of the string substitution and the trailing three percent signs indicate its end. In Uniface 10 (and in recent Uniface 9 versions) you can do this in a better way: "%%(FIELD.ENT)". The double percent sign indicates the start of the substitution; the expression inside the parentheses is expanded and used as the result of the substitution. Not only is this easier on the eye, but it is also more flexible, as you can specify any expression between those parentheses.

Of course, if you encounter pieces of code that use the old-style string substitutions, you will want to replace them with new-style ones. Regular expressions come to the rescue:

The Search term starts with the double percent sign that indicates the start of a string substitution. The [^%"]+ means a series of one or more characters that are not percent signs or double quote characters. This part of the Search term is inside parentheses, because that makes it possible to refer to it in the Replace term – or more accurately, refer to whatever it matches. The regular expression ends with the three percent signs that indicate the end of an old-style string substitution.

The Replace term also starts with a double percent sign, since that is also the start of a new-style string substitution. Next comes an opening parenthesis. In the context of a Replace term, this is a literal character; it has no special meaning. The \1 indicates whatever is matched by the part inside the parentheses in the Search term. Then the Replace term ends, with the literal closing parenthesis.

Now, a single click on the All button replaces all old-style string substitutions with new-style substitutions.

Use special comment markers

In some of our Uniface projects, we use a special comment style – a semicolon followed by a dash – to write comments in our ProcScript code. We do this to distinguish real comments from code that was temporarily commented out by using plain semicolons.

If you encounter a piece of code that you know has real comments, but the programmer did not use the above convention, you can use the Quick Search box and regular expressions to correct this. Specify this as a Search term, to find comments that are not special style:

^([^";]*);([^\-])

This regular expression consists of four parts:

  • A caret sign: ^. This matches the start of a line.
  • The first expression inside parentheses: ([^";]*). This matches any sequence of characters that are neither double quotes nor semicolons. It is enclosed in parentheses to make it possible to refer to it in the Replace term. The double quote is specified here because we don’t want to match lines that have semicolons inside hard-coded strings.
  • A plain semicolon character: ;. This indicates the start of a ProcScript comment.
  • The second expression inside parentheses: ([^\-]). This matches a single character that is not a dash. The dash needs to be escaped with a backslash character because, in a regular expression, a dash has special meaning if it is inside square brackets.

Then use this as the Replace term:

\1;-\2

This specifies the first matched subexpression – the part of the line that precedes the semicolon; then a semicolon with a dash – the comment indicator that we want to use; and finally, the second matched subexpression, which is the first character that followed the semicolon.

Alert readers might realize that there may be lines with old-style comment that are not caught by the regular expression mentioned here. Which ones? That is left as an exercise for you: please post your answers in the comments section.

References

The IDE Code Editors are based on the Scintilla text editor, and therefore use Scintilla’s specific regular expression capabilities (in posix mode). On some points, this might slightly deviate from the regular expression syntax that you are used to. For more information, visit https://www.scintilla.org/SciTERegEx.html