Corteza Admin Manual

This documentation is tailored for system administrators responsible for the configuration and administration of the Corteza instance. The documentation goes well into details regarding the systems configuration, available tools and security concerns while omitting low-level technical details.

For information regarding low-level technical details, please refer to the [maint-index].

Corteza Permission System

One of the main focuses when working with any kind of data in the enterprise environment is the data integrity and security, especially when working with sensitive information. Corteza takes this seriously and defines a powerful permission system that allows you to control access to any resource, being an application or a single module field.

Corteza is based on users and user roles, where a single user can be a member of multiple roles, where each role defines its own set of access control.

Resource level permissions are described in detail in the following sections. This section merely outlines the system.

Each permission can be in one of the following states:

Inherit

To use the value that was defined under the "Everyone" virtual role,

Allow

To allow the role to perform the operation over a specified resource,

Deny

To deny the role to perform the operation over a specified resource.

It’s good practice to limit system users a much as possible to avoid potential security breaches.

Corteza Admin Panel

Basics

To access Corteza Admin Panel, click on a new tab and select it from the list of available applications.

You must have Administrator rights to access and edit this part of Corteza system.

Dashboard

In the dashboard section you can overview some basic statistics of the usage of the Corteza system:

  • Number of total active, suspended and deleted users

  • Number of total active, archived and deleted roles

  • Number of total active and deleted applications

Users

Overview

A user is someone who can log in to the Corteza system.

Each user has Email, Full name and Nickname (handle). Additionally, each user has a username (=email) and password to enable them to log in to the system. In the list of users an admin can also see the timestamp when user was created and updated.

In the list of users an admin is allowed to:

  • Filter users by name or email using search input on the top

  • Filter deleted and suspended users

  • Edit existing users

  • Create new users

User Management

Create a new user

To create a new user click on "New" button on top right corner above the User list.

Fulfill the Basic information and hit submit. You can set a user a password to log in (but he’ll need to confirm his email after the first attempt to log in). Alternatively, a user can request a "Forgotten password" on login screen and set a password on his own.

Edit a user

To edit a user click on an "Edit" icon on the right side of the users list.

In this screen you can:

  • Change user’s basic information (email, full name, handle)

  • Delete or suspend a user

  • Set a user a new password

  • Add a user to a certain role

Roles

Overview

A role allow you to define groups of users with particular access rights. Role-Based Access Control (RBAC) is used for all applications across Corteza system.

The role is assigned to an individual user.

In the list of roles an admin is allowed to:

  • Filter roles by name using search input on the top

  • Filter deleted and suspended roles

  • Edit existing roles

  • Create new roles

Roles Management

Create a new role

To create a new role click on "New" button on top right corner above the Roles list.

Fulfill the Basic information and hit submit. Once a role is created, you can start assigning members to it.

Edit a role

To edit a role click on an "Edit" icon on the right side of the roles list.

In this screen you can:

  • Change role’s name and handle

  • Delete or archive a role

  • Add users to a selected role

Applications

Overview

You can create and manage applications inside Corteza One.

By default the following applications are included in the system:

  • Messaging

  • Low Code

  • CRM

  • Jitsi Video

  • Corteza Admin Area

  • Google Maps

In the list of applications an admin is allowed to:

  • Filter applications by name using search input on the top

  • Filter deleted applications

  • Edit existing applications

  • Create new applications

Applications Management

Create a new application

To create a new role click on "New" button on top right corner above the Applications list.

Set an application name and mark it as enabled so it becomes visible in the list of applications. In the next step you can add an URL to the favicon and logo and assign application URL.

You can add any Namespace as a separated application. Additionally, you can add as an application all external websites and web applications that don’t have iFrame access denied.

Edit an application

To edit an application click on an "Edit" icon on the right side of the applications list.

In this screen you can:

  • Change application’s name

  • Control application’s visibility in the list of applications

  • Delete an application

  • Update logo and favicon URLs

  • Change the application URL

System Settings

Internal Authentication

In this section you can control the following:

  • Internal authentication enabled

  • Password reset enabled (if unchecked, users won’t be able to reset their password)

  • Signup email confirmation required (if unchecked, users can log in to the system right after the registration, without confirming their email)

  • Signup enabled (if unchecked, admins will add users manually in the Admin panel and nobody will be able to register on their own)

Authentication Email Settings

In this section you can set:

  • Sender email address (i.e. info@company.org)

  • Sender name (i.e. Organization Ltd.)`

Email templates:

Email templates used for authentication purposes are the following:

Email confirmation HTML template
{{.EmailHeaderEn}}
  <h2 style="color: #1397CB;text-align: center;">Confirm your email address</h2>
  <p>Hello,</p>
  <p>Follow <a href="{{ .URL }}" style="color:#1397CB;">this link</a> to confirm your email address.</p>
  <p>You will be logged-in after successful confirmation.</p>
{{.EmailFooterEn}}
Password reset HTML template
{{.EmailHeaderEn}}
<h2 style="color: #1397CB;text-align: center;">Reset your password</h2>
<p>Hello,</p>
<p>Follow <a href="{{ .URL }}" style="color:#1397CB;">this link</a> and reset your password.</p>
<p>You will be logged-in after successful reset.</p>
{{.EmailFooterEn}}

We recommend using Codepen or similar browser-based tools to preview the layout of the template before changing the template.

  • {{.EmailHeaderEn}} has to be at the beginning of each template

  • {{.EmailFooterEn}} has to be at the end of each template

  • {{ .URL }} is used as a href parameter for the confirmation link.

Email Settings

In this section you can control the header and the footer template which are wrapped around all emails sent from the system.

Email Header HTML Template
<div style="width:100%;min-height:100%;margin:0;padding:0;color:#3a393c;font-size:12px;line-height:18px;font-family:Verdana,Arial,sans-serif">
  <table width="100%" align="center" style="width:100%;height:100%;border-collapse:collapse;border:0;padding:60px" border="0" cellspacing="0" cellpadding="0" summary="">
    <tbody>
      <tr>
        <td valign="top" align="center" style="padding: 20px 0;">
          <table width="800" cellspacing="0" cellpadding="0" border="0">
            <tbody>
              <tr>
                <td width="800" bgcolor="#ffffff" style="color:#3a393c;font-size:14px;line-height:20px;font-family:Helvetica Neue,Helvetica,Arial,sans-serif;text-align:left">
                  <table width="800" cellspacing="0" cellpadding="0" border="0">
                    <tbody>
                      <tr style="background-color:#ffffff;height:50px;">
                        <td style="border-bottom:2px solid #1397CB;">
                          <a href="{{ .BaseURL }}" style="text-decoration:none" target="_blank">
                            <img src="{{ .Logo }}" style="display: block;margin: 0 auto;padding: 10px;">
                          </a>
                        </td>
                      </tr>
                      <tr>
                        <td width="800" style="padding:40px 30px">
Email Footer HTML Template
</td>
                      </tr>
                      <tr>
                        <td style="padding:30px;border-top: 1px solid #F3F3F5">
                          <p>If you have any questions, please contact <a href="mailto:{{ .SignatureEmail }}" style="color:#1397CB;">{{ .SignatureEmail }}</a>.</p>
                          <p>We hope you enjoy using Corteza!</p>
                          <p>Best regards, <br>
                          {{ .SignatureName }}</p>
                        </td>
                      </tr>
                    </tbody>
                  </table>
                </td>
              </tr>
            </tbody>
          </table>
        </td>
      </tr>
    </tbody>
  </table>
</div>

We recommend using Codepen or similar browser-based tools to preview the layout of the template before changing the template. Pay attention to variables used in the default template(i.e. {{.BaseURL}}, {{.SignatureEmail}}, …​)

External Authentication

Check the "Enable external authentication" box if you wish to allow your users to register and log in using external providers. Currently, we support Google, Facebook, Github and LinkedIn authentication.

Google

To enable Google authentication you need to create a client ID:

  1. Go to Google Sign-in Guide and click on "Configure a project" button

  2. Select and existing project or create a new one

  3. Set a product name (i.e. Corteza)

  4. https://)

  5. Copy and paste both Client ID and Client Secret fields to Corteza Admin panel and hit submit

Facebook

To enable Facebook authentication you need to create Facebook app to receive Client key and Secret:

  1. Go to Facebook for developers website, click on "Add a new app" and choose a name of the app (i.e. Corteza) or select and existing app

  2. In the list of available products search for "Facebook Login" and click on "Set Up" button

  3. Select "Web" platform and paste the URL where your Corteza system is running

  4. Go to "Settings" and then "Basic" in the left sidebar

  5. Copy and paste "App ID" to "Client key" inside Corteza Admin panel

  6. Copy and paste "App Secret" to "Secret" inside Corteza Admin panel and hit Submit

Github

To enable Github authentication you need to register Github application to get unique Client ID and Client Secret:

  1. Go to this link and create a new OAuth application

  2. Copy and paste both Client ID and Client Secret fields to Corteza Admin panel and hit submit.

LinkedIn

To enable LinkedIn authentication you need crete a LinkedIn application:

  1. Go to this form, fill out the form and click on "Create app"

  2. Go to Auth section and copy and paste both Client ID and Client Secret fields to Corteza Admin panel and hit submit.

Other Settings

Low Code Settings

User Interface

In this section you can select:

  • To show a list of all available namespaces in alphabetical order in the left sidebar of the Low Code

  • If you wish the left sidebar to be open by default or minimized

File Upload

In this section you can set a maximum file upload size (default is 10 MB) and file type whitelist for Low Code pages and records.

Messaging Settings

User Interface

In this section you can select:

  • To allow users to use emoji

  • To enable Messaging notifications

  • If notifications are enabled you can set a template for notification header (default ${user} in ${channel}) and what is the maximum number of characters visible in the notification (default is 200)

Attachments

In this section you can select:

  • If you allow users to upload attachments

  • If users can upload images from gallery or from camera

  • What is a maximum file upload size (default is 10 MB)

  • Which file types are whitelisted

Permissions

Overview

Corteza uses Role-based access control (RBAC) as a method of restricting access based on the roles of individual users within the system. RBAC lets users have access rights only to the parts of the system/application they need and prevents them from accessing information that doesn’t pertain to them.

Permissions setting is fine-grained, meaning the system administrator can control permissions on several layers, for example:

  • which role can access applications

  • which role can read the data

  • which role can edit the data

  • which role can access admin area, etc.

By default, a user is assigned to "Everyone" role which is very limited due to security (in case someone uninvited registers to your system, they won’t see any data, Messaging channels, list of applications, etc.). The first registered user is granted admin rights by default.

Working with permissions in Admin Panel

Each user can be a member of multiple roles. We suggest having "modular" approach, so creating multiple smaller roles (i.e. Messaging admin, CRM admin) and then stacking them to cover all the parts of the system where a user needs access.

Admin can create unlimited amount of roles. Permissions system in the Admin Panel is a playground, where you bring each role on the table, adjust the permissions and save it. More details in the following chapters.

  • Click on a permission/role cell set permission to "Allow"

  • Using ALT + click on permission/role cell set permission to "Deny"

Permissions check in the System

The overall flow of verifications if a role has access to perform an operation on a resource is the following:

  • Can this combination of roles perform an operation on this specific resource

  • Can this combination of roles perform an operation on any resource of the type (wildcard)

  • Can anyone/everyone perform an operation on this specific resource

  • Can anyone/everyone perform an operation on any resource of the type (wildcard)

Permissions in the Admin Panel are general and can be overridden per individual application/namespace/etc. For a better overview, we suggest you first set permissions on this level and then go lower on the hierarchy.

Inherit value

Inherit value always checks the setting in the layer above. For example: if an individual application has access permissions set to "Inherit", it will use the permission set for All applications (default: "Deny"). Explicit "Allow" or "Deny" always override the Inherit value.

In practice, that means that check verifies if any of given roles has permission to perform an operation over a resource

  • Will return Inherit when:

    • No roles are given

    • More than 1 role is given and one of the given roles is Everyone

  • Will return Deny when:

    • There is one rule with Deny value

  • Will return Allow when:

    • There is at least one rule with Allow value (and no Deny rules)

System Permissions

To access System Permissions, go to Admin Panel and click on "Permissions" in the "System" section.

System Service

In this section you control overall access settings and usage of Admin Panel.

You can set permissions to:

  • Create new role/user/application/automation scripts

  • Allow reminder assignment

Corteza Elements
  • Access/update/delete any application

    You can set rights to access any application to everyone and explicitly forbid it per few applications in the list of applications.

  • Access/update/delete any user

    If a user doesn’t have access to read any user, they’ll see their IDs instead of a name in surname (for example in Messaging application)

  • Suspend/un-suspend any user

  • Access/update/delete any role

  • Manage members for any role

  • Read/update/delete any automation script

  • Run any trigger on any automation script

Any access you grant in this section can be overridden per individual element.

Low Code Permissions

To access System Permissions, go to Admin Panel and click on "Permissions" in the "Low Code" section.

Low Code Service

In this section you can control who can access Low Code, who can manage settings and who can create namespaces.

Please note that permissions are fine-grained, meaning if you allow users to access namespaces, they still need explicit allowance to read pages, modules and fields.

Namespaces

In this section you can control which role can:

  • Have read access to any namespaces

  • Update/delete/manage any namespace

  • Create modules/charts/pages/automation scripts

Any access you grant in this section can be overridden per individual namespace.

Modules

In this section you define which roles can:

  • Read/update/delete modules

  • Create/read/update/delete records under any modules

  • Manage any automation trigger

Any access you grant in this section can be overridden per individual module.

Low Code Elements

Here you can control permissions for main Low Code elements:

  • Read/update/delete charts

  • Read/update/delete pages

  • Read/update/delete automation scripts

Any access you grant in this section can be overridden per individual element.

Messaging Permissions

To access System Permissions, go to Admin Panel and click on "Permissions" in the "Messaging" section.

Messaging Service

In this section, you can control who can access Messaging app, manage Messaging settings and who can create public/private/direct channels.

We recommend this permissions to be allowed to Administrators and Messaging Admins only.

Channels

In this section, you have full control over which role can to the following:

  • Update/View/Join/Leave any channel

  • Delete/un-delete/archive/un-archive any channel

  • Manage members and attachments of any channel

  • Send/Embed messages, Reply in threads

  • Send attachments to channels (if they’re enabled in the Messaging settings)

  • Update/delete own/all messages

If no explicit "Allow" or "Deny" rules are set, we use a set of business logic rules as well.
Example:

If a user doesn’t have explicit allowance to delete any channel, but they can create a public channel, they we’ll still be capable of deleting this channel as they’re the owner of it.

Corteza Low Code

Corteza Low Code is a low-code platform development platform. It’s flexible and secure system design, coupled with an intuitive graphic user interface provides an environment that enables quick development without any programming knowledge.

It is a web-based system created with modern technologies and built for records-based business applications. In fact, Corteza CRM is built with it.

Resource Permissions

All namespaces

In the main namespaces menu you can set the following permissions for all namespaces by clicking on the "lock" icon:

Read any namespace

Determines if the role is allowed to access any namespace,

Update any namespace

Determines if the role is allowed to update the parameters of any namespace,

Delete any namespace

Determines if the role is allowed to delete any namespace,

Manage any namespace

Determines if the role is allowed to access the administration section of any namespace,

Create modules under any namespace

Determines if the role is allowed to create modules under any namespace,

Create charts under any namespace

Determines if the role is allowed to create charts under any namespace,

Create pages under any namespace

Determines if the role is allowed to create pages under any namespace

When setting "Manage any namespace" to deny; "Create modules under any namespace", "Create charts under any namespace" and "Create pages under any namespace" are also denied.

Want to remove access to all namespaces except for the one? Set "Read any namespace" to "Deny" and set "Read namespace" for the desired namespace to "Allow".

Single namespace

When you enter the edit page of a namespace (via the namespaces menu), you can click on the "lock" icon to set the permissions of a single namespace. These settings overwrite the ones set in "All namespaces" and allow fine-grained control.

Read namespace "(namespace name)"

Determines if the role is allowed to access the given namespace,

Update namespace "(namespace name)"

Determines if the role is allowed to update the parameters of the given namespace,

Delete namespace "(namespace name)"

Determines if the role is allowed to delete the given namespace,

Manage namespace "(namespace name)"

Determines if the role is allowed to access the administration section of the given namespace,

Create modules under namespace "(namespace name)"

Determines if the role is allowed to create modules under the given namespace,

Create charts under namespace "(namespace name)"

Determines if the role is allowed to create charts under the given namespace,

Create pages under namespace "(namespace name)"

Determines if the role is allowed to create pages under the given namespace

Permissions inside a namespace

After setting permission to an entire namespace, you can further define permissions inside a namespace for the following resources:

  • Modules,

  • Module fields,

  • Pages,

  • Chart.

This can be achieved by entering the adminstration area of the namespace.

Modules
All modules

On the "Modules" administration sub page, you can set permissions regarding any module in the given namespace. Click on the "lock" icon on the top right corner. You can set:

Read any module

Determines if the role is allowed to access any module,

Update any module

Determines if the role is allowed to update the properties of any module,

Delete any module

Determines if the role is allowed to delete any module,

Create record of any module

Determines if the role is allowed to create record entries for any module,

Read records of any module

Determines if the role is allowed to access the records of any module,

Update records of any module

Determines if the role is allowed to update the records of any module,

Delete records of any module

Determines if the role is allowed to delete the records of any module.

Single module

You can set permissions for a single module by clicking on the "lock" icon at the end of the module row. The same interface can also be accessed inside the module editor, when pressing the "edit" icon. The "lock" icon will be available on the top right corner. You can set:

Read module "(module name)"

Determines if the role is allowed to access the given module,

Update module "(module name)"

Determines if the role is allowed to update the properties of the given module,

Delete module "(module name)"

Determines if the role is allowed to delete the given module,

Create record of module "(module name)"

Determines if the role is allowed to create record entries for the given module,

Read records of module "(module name)"

Determines if the role is allowed to access the records of the given module,

Update records of module "(module name)"

Determines if the role is allowed to update the records of the given module,

Delete records of module "(module name)"

Determines if the role is allowed to delete the records of the given module.

Module fields

Inside the module editor, you can define permissions for each module field. You can set:

Read "(field name)" record fields

Determines if the role is allowed to access the given value inside the module. This will hide any data that might appear in the field,

Update "(field name)" record fields

Determines if the role is allowed to update the values in the given module field. This will prevent any data manipulation for the field.

You can implement read-only fields by setting their update permission to deny.

Pages
All pages

On the top you can click on the "lock" icon to set permissions for all pages. You can set the following permissions:

Read any page

Determines if the role is allowed to access any page of the given namespace,

Update any page

Determines if the role is allowed to update any page of the given namespace,

Delete any page

Determines if the role is allowed to delete any page of the given namespace.

Single page

You can set permissions for a single page by clicking on the "lock" icon at the end of the row. The same interface can also be accessed inside the page editor, when pressing the "edit" icon. The "lock" icon will be available on the top right corner. You can set:

Read any page

Determines if the role is allowed to access the page of the given namespace,

Update any page

Determines if the role is allowed to update the page of the given namespace,

Delete any page

Determines if the role is allowed to delete the page of the given namespace.

Charts
All charts

On the top you can click on the "lock" icon to set permissions for all charts. You can set the following permissions:

Read any chart

Determines if the role is allowed to access any chart of the given namespace,

Update any chart

Determines if the role is allowed to update any chart of the given namespace,

Delete any chart

Determines if the role is allowed to delete any chart of the given namespace.

Single chart

You can set permissions for a single chart by clicking on the "lock" icon at the end of the row. The same interface can also be accessed inside the chart editor, when pressing the "edit" icon. The "lock" icon will be available on the top right corner. You can set:

Read any chart "(chart name)"

Determines if the role is allowed to access the given chart,

Update any chart "(chart name)"

Determines if the role is allowed to update the given chart,

Delete any chart "(chart name)"

Determines if the role is allowed to delete the given chart.

Namespaces

A namespace is a records-based application.

Creating an application with Corteza Low Code takes only a handful of steps. First, you create modules with fields, followed by pages to visualize the modules. This creates the basic data model of your application, after which you can add charts, automation and workflow rules, and role-based permissions.

To enter Corteza Low Code, first, you need to enter Corteza. Once you’re inside Corteza, you have several options for opening Corteza Low Code:

  • Open it in a new tab by clicking on the + button close to the top of the page, which opens the application menu;

  • open it in a new panel by selecting the grid icon on the top right (the icon with four squares);

  • open it in a new window by selecting open in a new window when hovering over the Low Code icon in the application menu; or

  • open it in a new browser tab, by navigation to the appropriate web address.

The first thing you see is the Corteza Low Code Namespaces menu. This shows all the applications you have installed (if any) and an option to create new applications.

If you cannot see Corteza Low Code, your existing applications, or the Create a new namespace button, you might not have the permissions you need. In this case, contact the administrator of your Corteza platform.

What can you build?

With the help of Corteza Low Code, you can build applications, such as:

  • Customer Relationship Management,

  • Enterprise Resource Planning,

  • Case management,

  • Expense management,

  • Event management,

  • Support desk,

  • Knowledge base,

  • Logistics management,

  • Employee onboarding,

  • Leave tracker,

  • Volunteer portal,

  • Donor management,

  • Franchise management,

  • Hotel management,

  • Construction management,

  • Restaurant management,

  • Travel management,

  • Fleet hub,

  • Inventory management,

  • And a lot more

Create an application

Each Low Code application lives in its own unique namespace. This feature allows you to have an unlimited number of Corteza Low Code applications.

To create a new application, click on the "Crate namespace" button on the bottom of the page. You will be presented the following fields:

  • Full namespace name (mandatory): The name of your application, which will be shown in the Low Code Namespaces menu. This name does not have to be unique, but it’s best practice to give each application a unique, short and descriptive name; for example: Donations.

  • short name (mandatory): A shortened variant of the namespace name used by the system for easier and faster referencing; for example: donation-management. One of the places is inside the URL when entering the namespace. The provided value must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Subtitle (optional): The subtitle is shown below the name of the application in the Low Code Namespaces menu. For example: Donor Management for the Development Department.

  • Namespace description (optional): A longer description that appears when hovering over the namespace in the Low Code Namespaces menu. For example: In this Donations application, our organization tracks contributors and contributions.

  • Enable namespace (optional): The namespace is shown in the Namespace menu regardless of the value, but you will not be able to enter the namespace unless the checkbox is checked.

Try it out by following these steps to create an example namespace to manage donations.

  • First, click on the Create namespace button.

  • For the donation application, fill in the following data:

    • Full namespace name: Donations,

    • short name: donation-management,

    • Subtitle: Donor Management for the Development Department,

    • Namespace description: In this Donations application, our organization tracks contributors and contributions,

    • Enable namespace: checked,

  • Hit Save and close. You’ve created an application in Corteza!

Permissions can only be defined for existing namespaces. To define permissions, you must firstly create the namespace and then follow the guide described in Modify an application.

For techy people, this is the regular expression used to validate the short name - ^[A-Za-z][0-9A-Za-z_\-.]*[A-Za-z0-9]$

Modify an application

To edit the properties of a namespace, firstly hover over the namespace you wish to edit. An edit icon will appear in the top right corner of the namespace item. Click the icon to edit the namespace.

You will be presented the following fields:

When editing a namespace, same rules apply as with Create an application. The only difference is the permission configuration, presented at the bottom of the section.

  • Full namespace name (mandatory): The name of your application, which will be shown in the Low Code Namespaces menu. This name does not have to be unique, but it’s best practice to give each application a unique, short and descriptive name; for example: Donations.

  • short name (mandatory): A shortened variant of the namespace name used by the system for easier and faster referencing; for example: donation-management. One of the places is inside the URL when entering the namespace. The provided value must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Subtitle (optional): The subtitle is shown below the name of the application in the Low Code Namespaces menu. For example: Donor Management for the Development Department.

  • Namespace description (optional): A longer description that appears when hovering over the namespace in the Low Code Namespaces menu. For example: In this Donations application, our organization tracks contributors and contributions.

  • Enable namespace (optional): The namespace is shown in the Namespace menu regardless of the value, but you will not be able to enter the namespace unless the checkbox is checked.

Modules

Modules provide a way of storing data inside your namespace. All the data is local to the namespace and is not accessible from other namespaces. Without modules, your namespace has no memory nor anything to work with, so defining them is the next step when creating a new app. A simple namespace typically only contains a few modules, however their number and their complexity is not limited. Corteza CRM, for example, has over 35 modules with hundreds of fields.

For a better understanding we provide a corelation with database terminology, though no database knowledge is required to use this feature. * A module can be thought of as a table, as it provides some metadata, a set of attributes and a place to store related data, * a module field can be thought of as an attribute, as it provides a way of defining the shape of the data, * a record can be thought of as an entity, as it provides the actual data for the module.

Corteza Low Code supports fields with multiple value entries for the same record (see Editing module fields), so you might not need pivot tables.

Guidelines

For a consistent experience across different namespaces and Corteza instances, we define a few general guidelines regarding module definitions:

Module name

The module name should be in PascalCase with spaces allowed, it should be short and descriptive, with no special characters except for : (colon), - (dash), _ (underscore), / (forward slash) and \ (backwards slash). For example: Quote Line,

Module handle

The module handle should be in snake_case, it should be short and descriptive, with no special characters. If provided, it must:

  1. start with a character,

  2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

  3. end with a character or a number.

Create a new module

To create a new module firstly navigate to the administration panel and click on "Modules" in the navigation. This will open up an interface that provides a list of existing modules and a way to define new modules, by either:

Importing modules

At the moment, the import modules function is unable to preserve references, so these will have to be assured manually.

This feature allows you to import one or multiple modules from a given .yaml file. This file can be defined either manually or exported from a different namespace.

To import a file:
  1. Press the "Browse" button next to the "Import module(s)" section,

  2. press the "Import" button that appears after the file is successfully added,

  3. select the modules you wish to import and press the "Import" button on the bottom right corner of the modal window.

Manually creating a module

This feature allows you to quickly create a new module by hand, without the need of any data exports.

To create a module:
  1. Specify a name for the module in the "Module name" field, under the "Create a new module" section,

  2. press the "Create" button. This opens the module editor view.

Module fields

Guidelines

For a consistent experience across different namespaces and Corteza instances, we define a few general guidelines regarding module field definitions:

Field name

The module field title should be in snake_case, it should be short and descriptive, with no special characters. Name must:

  1. start with a character,

  2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

  3. end with a character or a number.

Field title

The module field title doesn’t define any strict restriction, as it is shown to the user. The only requirement is that it should be as short as possible (maximum length of 64 characters).

Type

When defining a field, a correct type should be used; for example "Email" when storing emails, "Number" when storing numbers, and so on.

Adding module fields

To add a new module field, click on the "Add new field" button. This will insert a new empty module field to the bottom of the list.

Deleting module fields

To remove a module field, click on the trash can icon on the right side of the module field row. If the field already exists in the given module, the interface will prompt you to confirm the decision.

Editing module fields

Each module consists of a set of fields that define the shape of the stored data along with the type of data.

At the moment, module fields where the module already contains any records limits the module field editing capability.

Each field defines the following properties:

  • Name: This defines the internal naming convention and it must be specified and unique. This is not shown to the end user. It must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Title: This is a "human-friendly" representation of the field and is shown to the end-user when they view/edit the field. The title field doesn’t define strict restrictions, but is limited to the maximum of 64 characters,

  • Type: This defines what type of information this field represents. As is, the field defaults to the basic configuration for each specific field type. This can be edited by clicking on the wrench icon to the right of the dropdown.

  • Multi value: This checkbox allows us to store multiple entries of the same field for the given record.

  • Required: This makes the field mandatory for the end user when creating or editing a record.

  • Private: This allows you to mark data that is sensitive, such as name, email, or telephone number, so your namespace is compliant with privacy regulations such as the GDPR.

Field types

For a more structured system, we provide the following set of field types for you to chose from. By pressing on the wrench icon, you are able to provide additional configuration for the module field.

  • Checkbox (Y/N): This field shows a checkbox to the end user when editing a record. When you click on the wrench icon, you can select what checked and unchecked represent. For example: Yes/No, Active/Inactive, etc.

  • Date and time: Date time input field. You can configure:

    • Date only to omit the time part and only use the date,

    • Time only to omit the date part and only use the time,

    • Past values only to only allow past values,

    • Future value only to only allow future values,

    • Output relative value to show the value relative to now,

    • Custom output format to allow custom output date format.

  • Email: Email input field. Automatically performs email validation and creates a clickable link when viewing the value (can be disabled). This field auto-validates whether the input is an email and turns it into a clickable email link in record-viewing mode. You can configure:

    • Don’t turn email into a link to keep the email as plain text

  • Select / dropdown: Dropdown value select input. Forces the users to use one of the specified values. You can configure:

    • Options to add as many select options as you wish. You must provide both the value (left input) and the label (right input). Value represents the data storage, and label represents the display,

    • Multiple value input type to determine how multiple values are selected.

  • Number: Number value input. Automatically performs number validation and allows only numbers to be inserted. You can configure:

    • Prefix to specify the number’s prefix, such as $,

    • suffix to specify the number’s suffix, such as USD/h,

    • precision to specify the precision the number is stored with,

    • format to specify the numbers display format.

  • Record: Provides a way of cross-linking different records to define a complex structure. It renders a searchable select field. You can configure:

    • Module to specify what module this field will be linked to,

    • record label field to specify what field should be used when showing the linked record,

    • query fields on search to specify the fields that should be included in the search,

    • prefilter records to specify the pre-filtering.

  • String: Provides a text input field. You can configure:

    • Multi line to specify that the value can span over multiple lines,

    • use rich text editor to use the rich text editor instead of the simple plain text editor.

  • URL: Provides an URL input field. Automatically performs URL validation and creates a clickable link when viewing the value (can be configured). You can configure:

    • Trim # from the URL to specify that the hash should be ignored,

    • Trim ? from the URL to specify that the query should be ignored,

    • Only allow SSL (HTTPS) URLs to specify that only secure URL’s can be provided,

    • Don’t turn URL into a link to keep the URL as a plain text value.

  • User: Provides a searchable dropdown select. This field references all users in Corteza. You can configure:

    • Preset with current user to default to the user that created/updated the record,

    • Multiple value input type to determine how multiple values are selected.

  • File upload: This creates a File Upload input. You can configure:

    • Veiw mode to specify how the files are presented when viewing the value.

See Moment.js format for available date time formatting.

See Numeral.js format for available number formatting.

Pages

Corteza Low Code provide a graphic user interface to access the data contained within the given namespace. Each page consists of a series of page blocks that allow you to construct pages of arbitrary complexity while assuring each page is responsive and mobile friendly.

There are two types of pages:

Pages are available under the "Pages" sub administration page. Pages are represented in a tree view, that allows you to change their order and even their nesting. This allows unlimited flexibility when defining your namespace.

Record pages

A record page is designed to show information regarding a specific record, such as it’s field values and other related records. In order for a module to be accessible to the user, it must have an associated record page.

You can define a record page for the given module by pressing the "Page builder" button next to the module you wish to use. This will open up a new editor. Please refer to [admin-compose-pages-build] for details on the page building process.

List pages

List pages are not related to any specific record; rather, they are designed to show multiple record lists, charts, notes, calendars and so on and so forth. With list pages we can create a home page, a dashboard, a list of contacts, etc.

To create a List page, you need to go to the "Pages" administrative page and enter a title in the Create a new page box at the top. When you submit this form, it opens the Edit page form, which allows you to add a page description (for internal use; the end user will not see it), and you can set the page to "Visible" so it can be accessed.

The actual page editor can be accessed via the "Page builder" button either on the page editor or on the page tree view.

Page builder

Page’s content is defined as a grid consisting spanning over 12 columns. The content is defined by a series of page blocks that helps maintain responsive and mobile-friendly pages.

Page blocks can be added using the "Add block" button on the bottom toolbar. This opens a modal window where you can select the page block type you wish to use (refer to Page blocks for details on page blocks).

Once added, they can be arranged, resized and moved with an intuitive drag and drop style interface. Blocks can be edited by clicking on the edit icon or deleted by pressing the trash can icon on the bottom left corner of the page block.

Once finished, press the "Save" or the "Save and close" button on the bottom right of the toolbar. To revert the changes, press the "Back (without saving changes) button".

Page blocks

Content

A content page block is designed to present some static content to the user, such as important announcements, help text, etc.

The content is defined by using the rich-text editor, powered by TipTap.

Metric

A metric page block is quite similar to chart page blocks in the sense, that they present a metric based on the namespaces data. The difference is that a metric page block displays the defined metric in plain text, as a number with some additional formatting options. This can be used to show information, such as the number of new opportunities, total number of leads this month, etc.

Definition

A metric page block consists of a set of metrics. Each metric defines:

Label

A user friendly name that identifies what the metric shows,

Dimension Module

The module that will be used as a data source,

Dimension Filter

Any additional filtering that should be performed on the output value,

Metric Field

What field should be used when calculating the final value, such as the number of records, the cost associated with the record, …​

Metric Aggregation operation

Determines how the data should be aggregated into a single value. The available options are:

  • Count: the number of matched records,

  • sum: the value sum from the specified metric field,

  • max: the maximum value from the specified metric field,

  • min: the minimum value from the specified metric field,

  • avg: the average value from the specified metric field.

Metric Transform value

Additional operations to perform over the computed value, such as rounding, calculating percentages, etc. See below Examples for examples,

Metric Number format

Determines the formatting to be used when displaying the final result. See Numeral.js format for available number formatting,

Metric Prefix

Determines the prefix to be used when displaying the final result,

Metric Suffix

Determines the suffix to be used when displaying the final result,

Style Text color

Determines the color of the final result,

Style Background color

Determines the background color of the final result,

Style Font size

Determines the font size of the final result. Value is specified in pixels.

Examples
Divide result by 1000 to show cost in thousands

v / 1000

Round result to remove decimal places

Math.round(v)

Round result to remove decimal places (round up)

Math.ceil(v)

Round result to remove decimal places (round down)

Math.floor(v)

Round result to two decimal places

Math.round(v * 100) / 100

The used interface uses standard JavaScript syntax, so any operation achievable in standard JavaScript is also achievable here.

Rounding can already be achieved by using value format.

Chart

Chart page block is designed to display any chart defined under the "Charts" administration page.

Useful when defining dashboards

Social media feed

A social media feed is designed to show content from any supported social network. This allows you to show a live social media feed of your clients from the comfort of your CRM.

When using social media feed page blocks in a record page, a source can be defined as a module field. This allows to show different feeds based on the viewed record.

Currently only Twitter feeds are supported.

Record

Record page blocks are designed to allow access to the data inside each record, for either viewing or editing.

When defining a record page block, you select a set of fields that will be present in the given page block. This allows you to customize the layout as much as you wish. Group contact related information in one block, subscription related information in another block, and so on.

When selecting fields, you can rearrange these with an intuitive drag and drop interface.

Make sure that all required fields are accessible via the record page. Otherwise the records will fail to save, since the value will be missing.

This page block type is only available for record pages.

Record list

Record list page blocks are designed to show the data from a specific module — it’s records. These blocks also provide a way of accessing record pages.

Another important feature is, that record lists support client-side automation scripts. This feature can be accessed in the "Automation" tab of the page block editor.

These automation scripts will be visible in the header of the page block, when any rows are selected.

Definition
Module

The module that will be used as a data source,

Hide add record button

Hides the "Add" button, hence disabling the ability to add new records,

Prefilter records

Enables us to apply additional filtering. Filters define a standard SQL syntax and also support dynamic value interpolation. Refer to Examples for examples,

Hide search box

Disables the search box,

Presort records

Enables us to apply additional sorting to the resulted records. Sorting defines a standard SQL syntax. Refer to Examples for examples,

Hide paging

Hides the record list paging section,

Allow records export

Enables the record export feature,

Enable record selection

Enables record selection by providing a selection checkbox next to each row,

Hide record reminder button

Hides the set reminder button,

Hide clone record button

Hides the clone record button,

Hide edit record button

Hides the edit record button,

Hide view record button

Hides the view record button.

Examples

Record list prefiltering supports value interpolation that is relative to the viewed content, such as a record. Available variables:

  • record: current record (when available),

  • recordID: current record’s recordID (when available),

  • ownerID: current record’s owner (when available),

  • userID: current user’s userID.

Show only records created this year

YEAR(created_at) = YEAR(),

Show only records linked to the viewed record

related_contact = ${recordID},

Show only active contacts

is_active = '1',

Show lost opportunities

status = 'closed/lost',

Sort by latest

created_at DESC

Sort by latest and opportunity stage

created_at DESC, stage DESC

Automation

An automation page block is designed to define an interface to the explicit automation scripts.

The payload provided to the automation script differs from where the automation page block is placed. For example, if it’s placed in a record page, then that record is included in the payload.

When selecting what automation the page block should show, you are able to specify a custom label and style.

Automation script not showing? Make sure that:

  • It compiled with no errors,

  • you refreshed your page after it was included,

  • the trigger defined a .uiProp('app', 'compose') constraint.

You can also use server side automation scripts, as long as they define an explicit automation trigger; for example:

triggers ({ on }) {
  return on('manual')
    .for('compose:record')
    .where('module', 'Lead')
    .where('namespace', 'crm')
    .uiProp('app', 'compose')
},
Calendar

Calendar page block is designed to display a calendar along with a set of associated events.

The calendar supports a configurable set of views. These include:

  • Month view

  • week view

  • day view

  • agenda view

An event source is defined as a module, where a record defines the date and time and the title of the event.

Calendar event sources also enable prefiltering, but it is important to notice, that they do not support value interpolation.

Prefilters

A prefilter is an SQL like string that allows you to filter the resources on the database level before the results are provided.

With prefiltering you are able to determine a more specific set of records that will be shown in the record list, define what records should be included in a chart, and much more.

Prefilters usually support value interpolation, which allows them to be more flexible when working with different resources. For example, you can show only records related to a specific record, show only records owned by the current user. Value interpolation can be invoked by using the JavaScript’s standard template string syntax (${…​}). For example related_contact=${recordID}.

Some resources may not support value interpolation when working with prefilters and will be disclosed in the documentation.

Available interpolation values differ between resources and will be mentioned in the documentation.

When defining prefilters on boolean (check box) fields, keep in mind that the positive value is represented as '1' and negative value is represented as '' or is not defined IS NULL.

For example, when showing inactive contacts, you would write (is_active='' OR is_active IS NULL).

This will be improved upon in later releases.

File

A file page block is quite similar to the content page block in a way that is designed to display some content. The only difference is, that it is designed to display a set of files instead of a text content.

This can be useful to handle files that are relevant to all resources in the system, such as a ToS, schedule, etc.

If the file should differ based on the record, you have to define a module File field. File page blocks are unable to display content relative to the context.

Record organizer

A record organize page block is a record list like, light weight container to display modules record with an intuitive drag-and-drop interface for reordering.

Furthermore, a set of these page blocks can be used to define a kan-ban like interface that allows you to move records between different statuses.

Record organizer page block also supports prefiltering with value interpolation

Prefilters

A prefilter is an SQL like string that allows you to filter the resources on the database level before the results are provided.

With prefiltering you are able to determine a more specific set of records that will be shown in the record list, define what records should be included in a chart, and much more.

Prefilters usually support value interpolation, which allows them to be more flexible when working with different resources. For example, you can show only records related to a specific record, show only records owned by the current user. Value interpolation can be invoked by using the JavaScript’s standard template string syntax (${…​}). For example related_contact=${recordID}.

Some resources may not support value interpolation when working with prefilters and will be disclosed in the documentation.

Available interpolation values differ between resources and will be mentioned in the documentation.

When defining prefilters on boolean (check box) fields, keep in mind that the positive value is represented as '1' and negative value is represented as '' or is not defined IS NULL.

For example, when showing inactive contacts, you would write (is_active='' OR is_active IS NULL).

This will be improved upon in later releases.

IFrame

An iframe page block is designed to embed some website or a webpage inside the namespace. This can be useful when wanting to embed an external system not natively supported inside the namespace.

Our system is no exception to IFrame embedding limitations and it is up to you to assure quality experience.

Charts

Charts provide a way of visualizing your data that allows you to define beautiful reports and dashboards.

Corteza Low Code implements a powerful chart building system, that allows you to build charts of arbitrary complexity.

Corteza Low Code supports:

  • Bar charts,

  • pie charts,

  • doughnut charts,

  • pie charts,

  • line charts,

  • funnel charts,

  • gauge charts

Create a new chart

To create a new chart, navigate to the "Charts" administration sub page. Enter a chart name and press on the "Add chart", which asks you to select the chart category.

Once selected, you are presented with the following:

  • Name: The module name should in PascalCase with spaces allowed, it should be short and descriptive, with no special characters except for : (colon), - (dash), _ (underscore), / (forward slash) and \ (backwards slash). For example: Quote Line,

  • Handle: The module handle should be in snake_case, it should be short and descriptive, with no special characters. If provided, it must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Color theme: One of the predefined color themes that should be used inside the chart,

  • Module: What module provides the data for the chart,

  • Filter: How the data should be prefiltered before a response is generated. The interface already provides a set of predefined filters for quicker setup.

  • Y-axis: Allows you to customize the y-axis to best fit your data representation,

  • Dimensions: Define the dimension (the x-axis) of the chart. Dimensions can be defined on simple or structured fields.

  • Dimension function: Defines how the data is aggregated before the response is generated,

  • Metrics: Metric define numerical values that will be displayed in the chart. Metrics only support Number type fields and a special "count", that provides the number of records.

  • Metric post processing: A post processing function allows you to take the result of a given metric and perform some additional operations, such as rounding the value, aggregating the values, etc.

  • Metric output: Defines how the values are represented, such as a pie, set of bars or a line.

Extensions

One of the main features of the Corteza Low Code is it’s customizability and flexibility with our extensions system. Extensions allow you to define business logic of arbitrary complexity, using a standard interface and a well defined API interface.

Please refer to the [extdev-index] section for details on te development process.