You are reading the documentation for an outdated Corteza release. 2022.9 is the latest stable Corteza release.

Corteza Admin Manual

This documentation is tailored for system administrators responsible for the configuration and administration of the Corteza instance. The documentation goes well into details regarding the systems configuration, available tools and security concerns while omitting low-level technical details.

For information regarding low-level technical details, please refer to the [maint-index].

Corteza Permission System

One of the main focuses when working with any kind of data in the enterprise environment is the data integrity and security, especially when working with sensitive information. Corteza takes this seriously and defines a powerful permission system that allows you to control access to any resource, being an application or a single module field.

Resource level permissions are described in detail in the following sections. This section merely outlines the system.

Corteza uses Role-based access control (RBAC) as a method of restricting access based on the roles of individual users within the system. RBAC lets users have access rights only to the parts of the system/application they need and prevents them from accessing information that doesn’t pertain to them. By default, a user is assigned to "Everyone" role which is very limited due to security (in case someone uninvited registers to your system, they won’t see any data, Messaging channels, list of applications, etc.).

The first registered user is granted admin rights by default.

Each permission can be in one of the following states:

Inherit

To check the setting in the layer above. For example: if an individual application has access permissions set to "Inherit", it will use the permission set for All applications (default: "Deny"). Explicit "Allow" or "Deny" always override the Inherit value,

Allow

To allow the role to perform the operation over a specified resource,

Deny

To deny the role to perform the operation over a specified resource.

It’s good practice to limit system users a much as possible to avoid potential security breaches.

Permissions setting is fine-grained, meaning the system administrator can control permissions on several layers, for example:

  • which role can access applications

  • which role can read the data

  • which role can edit the data

  • which role can access admin area, etc.

Access control check flow

The overall flow of verifications if a role has access to perform an operation on a resource is the following:

  • Can this combination of roles perform an operation on this specific resource

  • Can this combination of roles perform an operation on any resource of the type (wildcard)

  • Can anyone/everyone perform an operation on this specific resource

  • Can anyone/everyone perform an operation on any resource of the type (wildcard)

The check will return:

  • Inherit when:

    • No roles are given

    • More than 1 role is given and one of the given roles is Everyone

  • Deny when:

    • There is one rule with Deny value

  • Allow when:

    • There is at least one rule with Allow value (and no Deny rules)

Permissions in the Admin Panel are general and can be overwritten.

Tips and tricks

Modular approach

We suggest a modular role design, where we define multiple roles with a smaller set of permissions. For example:

  • CRM admin: only provides administration privileges for the CRM,

  • Messaging admin: only provides administration privileges for the messaging,

  • System admin: only provides administration privileges for the system.

Then we can easily "stick" these roles together when creating users.

There is no limit to the number of available roles or to the amount of members a role can have.

Corteza Admin Panel

Corteza Admin Panel is a platform designed for system resource management such as users, roles permissions and application.

Basics

To access Corteza Admin Panel, click on a new tab and select it from the list of available applications. Alternatively you can navigate to the appropriate URL.

You must have Administrator rights to access and edit this part of Corteza system.

If you do not have permissions to access the admin panel, contact your system administrator.

The Corteza Admin Panel provides the following sections:

Dashboard

The dashboard section provides a quick overview of the entire system. Read more in Dashboard,

System

The system section provides the interface to manage system level resources, such as users and roles. Read more in [admin-adminpanel-system],

Compose

The compose section provides the interface to manage {Corteza} {Low Code} level resources, such as access control. Read more in [admin-adminpanel-compose],

Messaging

The messaging section provides the interface to manage {Corteza} {Messaging} level resources, such as access control. Read more in [admin-adminpanel-messaging],

One

The one section provides the interface to manage {Corteza} {One} level resources, such as access control. Read more in [admin-adminpanel-shell].

Dashboard

The dashboard section can be accessed by clicking on the "Dashboard" navigation item on the left navigation drawer. The interface provides an overview of some basic statistics regarding your system, such as the number of users, the number of active roles and so on.

System

The system section provides the interface to manage system level resources, such as users and roles.

Users

The users interface can be accessed by clicking on the "Users" navigation item on the left navigation drawer under the system item group.

A user is someone who can log in to the Corteza system.

Each user has Email, Full name and Nickname (handle). Additionally, each user has a username (=email) and password to enable them to log in to the system (referred as credentials).

The interface allows you to:

Managing permissions

To manage permissions related to the user resource, click on the "Permissions" button on the top right corner of the page. You can define:

Read any user

Determines if the given role is allowed to access information of any user,

Update any user

Determines if the given role is allowed to update the information of any user,

Delete any user

Determines if the given role is allowed to delete any user,

Suspend any user

Determines if the given role is allowed to suspend any user,

Unsuspend any user

Determines if the given role is allowed to unsuspend any user,

Show email details for any user

Determines if the given role is allowed to see the email corresponding to any user,

Show name details for any user

Determines if the given role is allowed to see the name corresponding to any user,

The ability to manage the visibility of emails and names was introduced with the user masking privacy feature. It allows a specific role to know about other users but they can’t necessarily know of their private information.

Adding users

To add a new user, click on the "New" button on the top right corner of the page.

This opens a new interface where you can insert the basic information regarding the user.

  • Email address,

  • full name,

  • handle (sort of like a nickname).

After saving the user, a new interface is provided where you can edit the newly created user.

The user edit interface provides the following sections:

Basic information

This section allows you to edit basic information regarding the user, such as their email and username, It also provides the options of deleting the user or temporary suspending the user.

Password

This section allows you to define a new password for the user,

Role membership

This section allows you to manage the roles of the given user.

Every user is a member of the dynamic role "Everyone".

The user edit interface also allows you to define permissions specific to the given user. It can be accessed by clicking on the "Permissions" link in the top right corner. You can define:

Read "(user name)"

Determines if the given role is allowed to access information of the given user,

Update "(user name)"

Determines if the given role is allowed to update the information of the given user,

Delete "(user name)"

Determines if the given role is allowed to delete the given user,

Suspend "(user name)"

Determines if the given role is allowed to suspend the given user,

Unsuspend "(user name)"

Determines if the given role is allowed to unsuspend the given user,

Show email details for "(user name)"

Determines if the given role is allowed to see the email corresponding to the given user,

Show name details for "(user name)"

Determines if the given role is allowed to see the name corresponding to the given user,

Listing users

Users can be viewed on the table in the middle of the interface. The system supports a powerful search engine, from partial searching, finding only non-suspended users and so on. It also supports pagination and sorting.

Editing users

Users can be edited by pressing on the edit icon next to each row in the user list, that opens up a new interface.

The user edit interface provides the following sections:

Basic information

This section allows you to edit basic information regarding the user, such as their email and username, It also provides the options of deleting the user or temporary suspending the user.

Password

This section allows you to define a new password for the user,

Role membership

This section allows you to manage the roles of the given user.

Every user is a member of the dynamic role "Everyone".

The user edit interface also allows you to define permissions specific to the given user. It can be accessed by clicking on the "Permissions" link in the top right corner. You can define:

Read "(user name)"

Determines if the given role is allowed to access information of the given user,

Update "(user name)"

Determines if the given role is allowed to update the information of the given user,

Delete "(user name)"

Determines if the given role is allowed to delete the given user,

Suspend "(user name)"

Determines if the given role is allowed to suspend the given user,

Unsuspend "(user name)"

Determines if the given role is allowed to unsuspend the given user,

Show email details for "(user name)"

Determines if the given role is allowed to see the email corresponding to the given user,

Show name details for "(user name)"

Determines if the given role is allowed to see the name corresponding to the given user,

Roles

The roles interface can be accessed by clicking on the "Roles" navigation item on the left navigation drawer under the system item group.

A role defines a user group with a specific set of permissions on the resources. A role is a key part of Corteza Role-Based Access Control (RBAC).

Each role has a name, a system handle and a set of permissions on resources.

The interface allows you to:

Managing permissions

To manage permissions related to the role resource, click on the "Permissions" button on the top right corner of the page. You can define:

Read any role

Determines if the given role is allowed to access information of any role,

Update any role

Determines if the given role is allowed to update the information of any role,

Delete any role

Determines if the given role is allowed to delete any role,

Manage members for any role

Determines if the given role is allowed to add or remove members to any role.

Adding roles

To add a new role, click on the "New" button on the top right corner of the page.

This opens a new interface where you can insert the basic information regarding the role.

  • Name,

  • handle.

After saving the role, a new interface is provided where you can edit the newly created role.

The role edit interface provides the following sections:

Basic information

This section allows you to edit basic information regarding the role, such as the name and it’s handle,

Role members

This section allows you to view, add or remove the users associated with the role.

The role edit interface also allows you to define permissions specific to the given role. It can be accessed by clicking on the "Permissions" link in the top right corner. You can define:

Read "(role name)"

Determines if the given role is allowed to access information of the given role,

Update "(role name)"

Determines if the given role is allowed to update the information of the given role,

Delete "(role name)"

Determines if the given role is allowed to delete the given role,

Manage members for "(role name)"

Determines if the given role is allowed to add or remove members to the given role.

Listing roles

Roles can be viewed on the table in the middle of the interface. The system supports a powerful search engine, from partial searching, finding only active roles and so on. It also supports pagination and sorting.

Editing roles

Roles can be edited by pressing on the edit icon next to each row in the role list, that opens up a new interface,

The role edit interface provides the following sections:

Basic information

This section allows you to edit basic information regarding the role, such as the name and it’s handle,

Role members

This section allows you to view, add or remove the users associated with the role.

The role edit interface also allows you to define permissions specific to the given role. It can be accessed by clicking on the "Permissions" link in the top right corner. You can define:

Read "(role name)"

Determines if the given role is allowed to access information of the given role,

Update "(role name)"

Determines if the given role is allowed to update the information of the given role,

Delete "(role name)"

Determines if the given role is allowed to delete the given role,

Manage members for "(role name)"

Determines if the given role is allowed to add or remove members to the given role.

Roles

The applications interface can be accessed by clicking on the "Applications" navigation item on the left navigation drawer under the system item group.

The interface allows you to:

Managing permissions

To manage permissions related to the application resource, click on the "Permissions" button on the top right corner of the page. You can define:

Read any application

Determines if the given role is allowed to access any application,

Update any application

Determines if the given role is allowed to update any application,

Delete any application

Determines if the given role is allowed to delete any application,

Adding applications

To add a new application, click on the "New" button on the top right corner of the page.

This opens a new interface where you can insert the basic information regarding the application.

  • Name,

  • if active.

After saving the application, a new interface is provided where you can edit the newly created application.

The application edit interface provides the following sections:

Basic information

This section allows you to edit basic information regarding the role, such as the name and it’s handle,

Role members

This section allows you to view, add or remove the users associated with the role.

The role edit interface also allows you to define permissions specific to the given role. It can be accessed by clicking on the "Permissions" link in the top right corner. You can define:

Read "(role name)"

Determines if the given role is allowed to access information of the given role,

Update "(role name)"

Determines if the given role is allowed to update the information of the given role,

Delete "(role name)"

Determines if the given role is allowed to delete the given role,

Manage members for "(role name)"

Determines if the given role is allowed to add or remove members to the given role.

Listing applications

Applications can be viewed on the table in the middle of the interface. The system supports a powerful search engine, from partial searching, finding only active applications and so on. It also supports pagination and sorting. Out of the box, these applications are already configured:

  • Messaging,

  • Low Code,

  • CRM,

  • Jitsi Video,

  • Corteza Admin Area,

  • Google Maps.

Editing applications

Applications can be edited by pressing on the edit icon next to each row in the role list, that opens up a new interface,

The application edit interface provides the following sections:

Basic information

This section allows you to edit basic information regarding the role, such as the name and it’s handle,

Role members

This section allows you to view, add or remove the users associated with the role.

The role edit interface also allows you to define permissions specific to the given role. It can be accessed by clicking on the "Permissions" link in the top right corner. You can define:

Read "(role name)"

Determines if the given role is allowed to access information of the given role,

Update "(role name)"

Determines if the given role is allowed to update the information of the given role,

Delete "(role name)"

Determines if the given role is allowed to delete the given role,

Manage members for "(role name)"

Determines if the given role is allowed to add or remove members to the given role.

Settings

The settings interface can be accessed by clicking on the "Settings" navigation item on the left navigation drawer under the system item group.

The interface allows you to configure some system related options. It defines:

Authentication

This section allows you to customize authentication related settings such configuring email, requiring email confirmation or disabling internal authentication all together,

Email

This section allows you to customize the email template that will be used when sending emails from the internal system (password reset, registration confirmation, …​),

External authentication

This section allows you to configure external authentication providers, such as Google and Facebook. See Configuring external providers for configuration details.

The ability to disable internal login can be useful when wanting to force the users to either use external authentication providers or using a different system for their authentication.

Configuring external providers
Google

To enable Google authentication you need to create a client ID:

  1. Go to Google Sign-in Guide and click on "Configure a project" button

  2. Select and existing project or create a new one

  3. Set a product name (i.e. Corteza)

  4. On "Configure your OAuth client" screen select "Web browser" and paste the URL where your Corteza system is running (inlcuding https://)

  5. Copy and paste both Client ID and Client Secret fields to Corteza Admin panel and hit submit

Facebook

To enable Facebook authentication you need to create Facebook app to receive Client key and Secret:

  1. Go to Facebook for developers website, click on "Add a new app" and choose a name of the app (i.e. Corteza) or select and existing app

  2. In the list of available products search for "Facebook Login" and click on "Set Up" button

  3. Select "Web" platform and paste the URL where your Corteza system is running

  4. Go to "Settings" and then "Basic" in the left sidebar

  5. Copy and paste "App ID" to "Client key" inside Corteza Admin panel

  6. Copy and paste "App Secret" to "Secret" inside Corteza Admin panel and hit Submit

Github

To enable Github authentication you need to register Github application to get unique Client ID and Client Secret:

  1. Go to this link and create a new OAuth application

  2. Copy and paste both Client ID and Client Secret fields to Corteza Admin panel and hit submit.

LinkedIn

To enable LinkedIn authentication you need crete a LinkedIn application:

  1. Go to this form, fill out the form and click on "Create app"

  2. Go to Auth section and copy and paste both Client ID and Client Secret fields to Corteza Admin panel and hit submit.

Permissions

The permissions interface can be accessed by clicking on the "Permissions" navigation item on the left navigation drawer under the system item group.

The interface allows you to define permissions for core system resources, such as accessing the the administration panel, creating users and so on.

To define fine grained access control for specific resources, such as modules and pages, see …​

The interface is devised to the following sections:

System service

The section allows you to control overall access and usage of admin panel (see System service permissions),

Organisations

The section allows you to control organization related access (see Organizations),

Applications

The section allows you to control application related access (see Applications),

Users

The section allows you to control user related access (see Users),

Roles

The section allows you to control role related access (see Roles).

System service permissions
Allow access to administration

Determines if the role is allowed to access the administration panel (the web application being defined here),

Grant permission on system service

Determines if the role is allowed to grant permissions on system service,

Access all settings

Determines if the role is allowed to access any setting defined under the system,

Manage all settings

Determines if the role is allowed to manage and edit any setting defined under the system,

Create new organization

Determines if the role is allowed to create a new organization,

Create new role

Determines if the role is allowed to create a new role,

Create new user

Determines if the role is allowed to create a new user,

Create new application

Determines if the role is allowed to create a new application,

Allow reminder assignment

Determines if the role is allowed to assign reminders to other users.

When denying access to system settings, this also prevents their usage from inside automation scripts or any other operation that might read these settings.

Organizations
Access to all organizations

Determines if the role is allowed to access any organization.

Applications
Access any application

Determines if the role is allowed to access any application,

Update any application

Determines if the role is allowed to update any application,

Delete any application

Determines if the role is allowed to delete any application.

Users
Read any user

Determines if the role is allowed to access any user,

Update any user

Determines if the role is allowed to update any user,

Delete any user

Determines if the role is allowed to delete any user,

Suspend any user

Determines if the role is allowed to suspend any user,

Unsuspend any user

Determines if the role is allowed to unsuspend any user,

Show email details

Determines if the role is allowed to see the email address of any user,

Show name details

Determines if the role is allowed to see the name of any user.

The ability to show/hide email address/name can be useful when defining a community instance and we wish to keep some privacy.

Roles
Read any role

Determines if the role is allowed to see any role,

Update any role

Determines if the role is allowed to update any role,

Delete any role

Determines if the role is allowed to delete any role,

Manage members for any role

Determines if the role is allowed to add/remove members from any role.

Automation

The automation interface can be accessed by clicking on the "Automation" navigation item on the left navigation drawer under the system item group.

The interface provides an overview of registered extensions and their automation scripts defined for a system resource. The list provides the automation scripts name and a user-friendly label.

Use this interface to validate, that the extension was correctly registered.

Action Log

The action log interface can be accessed by clicking on the "Action log" navigation item on the left navigation drawer under the system item group.

The interface provides an insight into the actions registered by a system, such as accessing users, fetching records, creating modules and much more.

The action log comes in handy when debugging the system as it provides a rich insight into the system without the need of low-level system understanding.

The interface allows you to:

Listing actions

Registered actions are displayed in a table in the middle of the interface. The table provides a brief overview of the action:

  • The timestamp of when the action was registered,

  • the user that caused the action to be registered,

  • what part of the exposed system caused the action to be registered (eg. api/rest),

  • what resource was involved when registering the action,

  • what action was being performed,

  • some additional description to help understand the action,

  • the status of the action:

    • info: an informative log that something happened successfully,

    • warning: a warning that something did not go as expected but was not fatal, such as an invalid login attempt,

    • error: there was an error either in the internal system or in one of the extensions.

Inspecting actions

To inspect an action, click on the action (table row). This expands the row and provides more insight into the action.

Corteza Low Code

The Low Code section provides the interface to manage resources related to Corteza Low Code.

Settings

The settings interface can be accessed by clicking on the "Settings" navigation item on the left navigation drawer under the compose item group.

The interface allows you to configure some Corteza Low Code related options. It defines:

Basic

This section allows you to define some basic user interface and system options, such as attachment limitations and some minor user interface tweaks.

Permissions

The permissions interface can be accessed by clicking on the "Permissions" navigation item on the left navigation drawer under the compose item group.

The interface allows you to define permissions for core compose resources, such as access to compose, creating namespaces, editing modules and so on.

To define fine grained access control for specific resources, such as modules and pages, see …​

The interface is devised to the following sections:

Compose service

The section allows you to control overall access and usage of compose (see Compose service permissions),

Namespaces

The section allows you to control namespace related access (see Namespaces permissions),

Modules

The section allows you to control module related access (see Modules permissions),

Module fields

The section allows you to control module field related access (see Module fields permissions),

Charts

The section allows you to control chart related access (see Charts permissions),

Pages

The section allows you to control page related access (see Pages permissions),

Compose service permissions
Access to compose

Determines if the role is allowed to access Corteza Low Code,

Grant permissions on compose service

Determines if the role is allowed to manage permissions for Corteza Low Code,

Create namespaces

Determines if the role is allowed to create namespaces for Corteza Low Code,

Access all settings

Determines if the role is allowed to read any setting for Corteza Low Code,

Manage all settings

Determines if the role is allowed to manage any setting for Corteza Low Code.

If a role doesn’t have access to the Corteza Low Code, they will also not be able to access any application defined as a Corteza Low Code namespace.

Namespaces permissions
Access any namespace

Determines if the role is allowed to access any Corteza Low Code namespace,

Update any namespace

Determines if the role is allowed to update any Corteza Low Code namespace,

Delete any namespace

Determines if the role is allowed to delete any Corteza Low Code namespace,

Manage any namespace

Determines if the role is allowed to manage any Corteza Low Code namespace,

Create modules under any namespace

Determines if the role is allowed to create modules for any Corteza Low Code namespace,

Create charts under any namespace

Determines if the role is allowed to create charts for any Corteza Low Code namespace,

Create pages under any namespace

Determines if the role is allowed to create pages for any Corteza Low Code namespace.

Modules permissions
Read any module

Determines if the role is allowed to access any Corteza Low Code module,

Update any module

Determines if the role is allowed to update any Corteza Low Code module,

Delete any module

Determines if the role is allowed to delete any Corteza Low Code module,

Create record under any module

Determines if the role is allowed to create records for any Corteza Low Code module,

Read records under any module

Determines if the role is allowed to access records for any Corteza Low Code module,

Update records under any module

Determines if the role is allowed to update records for any Corteza Low Code module,

Delete records under any module

Determines if the role is allowed to delete records for any Corteza Low Code module.

Module fields permissions
Read any module field

Determines if the role is allowed to see any Corteza Low Code module field,

Update any module field

Determines if the role is allowed to update any Corteza Low Code module field.

Charts permissions
Read any chart

Determines if the role is allowed to see any Corteza Low Code chart,

Update any chart

Determines if the role is allowed to update any Corteza Low Code chart,

Delete any chart

Determines if the role is allowed to delete any Corteza Low Code chart.

Pages permissions
Read any page

Determines if the role is allowed to see any Corteza Low Code page,

Update any page

Determines if the role is allowed to update any Corteza Low Code page,

Delete any page

Determines if the role is allowed to delete any Corteza Low Code page.

Automation

The automation interface can be accessed by clicking on the "Automation" navigation item on the left navigation drawer under the compose item group.

The interface provides an overview of registered extensions and their automation scripts defined for a compose resource. The list provides the automation scripts name and a user-friendly label.

Use this interface to validate, that the extension was correctly registered.

Corteza Messaging

The Messaging section provides the interface to manage resources related to Corteza Messaging.

Settings

The settings interface can be accessed by clicking on the "Settings" navigation item on the left navigation drawer under the messaging item group.

The interface allows you to configure some Corteza Messaging related options. It defines:

Basic

This section allows you to define some basic user interface and system options, such as attachment limitations and some minor user interface tweaks.

Permissions

The permissions interface can be accessed by clicking on the "Permissions" navigation item on the left navigation drawer under the messaging item group.

The interface allows you to define permissions for core messaging resources, such as access to Corteza Messaging, creating public channels, joining channels and so on.

To define fine grained access control for specific resources, such as modules and pages, see …​

The interface is devised to the following sections:

Messaging service

The section allows you to control overall access and usage of Corteza Messaging (see Messaging service permissions),

Channels

The section allows you to control Corteza Messaging channel related access (see Channels permissions),

Messaging service permissions
Access to messaging

Determines if the role is allowed to access Corteza Messaging,

Grant permissions on messaging service

Determines if the role is allowed to grant permissions on Corteza Messaging,

Access all settings

Determines if the role is allowed to access any Corteza Messaging setting,

Manage all settings

Determines if the role is allowed to manage any Corteza Messaging setting,

Create public channels

Determines if the role is allowed to create public Corteza Messaging channels,

Create private channels

Determines if the role is allowed to create private Corteza Messaging channels,

Create direct messages and group channels

Determines if the role is allowed to create direct Corteza Messaging channels to a specific user or a set of,

Channels permissions
Update any channel

Determines if the role is allowed to update any Corteza Messaging channel,

View any channel

Determines if the role is allowed to access any Corteza Messaging channel,

Join any channel

Determines if the role is allowed to join any Corteza Messaging channel,

Leave any channel

Determines if the role is allowed to leave any Corteza Messaging channel,

Delete any channel

Determines if the role is allowed to delete any Corteza Messaging channel,

Undelete any channel

Determines if the role is allowed to undelete (restore) any Corteza Messaging channel,

Archive any channel

Determines if the role is allowed to archive any Corteza Messaging channel,

Unarchive any channel

Determines if the role is allowed to unarchive any Corteza Messaging channel,

Manage members on any channel

Determines if the role is allowed to add or remove any Corteza Messaging channel members,

Manage attachments on any channel

Determines if the role is allowed to manage attachments of any Corteza Messaging channel,

Message sending on any channel

Determines if the role is allowed to send massages to any Corteza Messaging channel,

Reply to messages on any channel

Determines if the role is allowed to reply (create threads) to any Corteza Messaging channel message,

Embedding in messages on any channel

Determines if the role is allowed to embed external resources to any Corteza Messaging channel message,

File attaching on any channel

Determines if the role is allowed to upload files (attachments) to any Corteza Messaging channel,

Update own messages on any channel

Determines if the role is allowed to update own messages of any Corteza Messaging channel,

Update any message on any channel

Determines if the role is allowed to update any message or any Corteza Messaging channel,

Delete own messages on any channel

Determines if the role is allowed to delete own messages of any Corteza Messaging channel,

Delete any message on any channel

Determines if the role is allowed to delete any message of any Corteza Messaging channel,

React on messages on any channel

Determines if the role is allowed to add reactions to any message of any Corteza Messaging channel,

Corteza One

The One section provides the interface to manage resources related to Corteza One.

Settings

The settings interface can be accessed by clicking on the "Settings" navigation item on the left navigation drawer under the Corteza one item group.

The interface allows you to configure some Corteza One related options. It defines:

Logo

This section allows you to customize the interface by interpolating your own logo instead of our own,

Panels

This section allows you to configure the default layout, such as open panels and the open tabs.

Corteza Low Code

Corteza Low Code is a low-code platform development platform. It’s flexible and secure system design, coupled with an intuitive graphic user interface provides an environment that enables quick development without any programming knowledge.

It is a web-based system created with modern technologies and built for records-based business applications. In fact, Corteza CRM is built with it.

Resource Permissions

All namespaces

In the main namespaces menu you can set the following permissions for all namespaces by clicking on the "lock" icon:

Read any namespace

Determines if the role is allowed to access any namespace,

Update any namespace

Determines if the role is allowed to update the parameters of any namespace,

Delete any namespace

Determines if the role is allowed to delete any namespace,

Manage any namespace

Determines if the role is allowed to access the administration section of any namespace,

Create modules under any namespace

Determines if the role is allowed to create modules under any namespace,

Create charts under any namespace

Determines if the role is allowed to create charts under any namespace,

Create pages under any namespace

Determines if the role is allowed to create pages under any namespace

When setting "Manage any namespace" to deny; "Create modules under any namespace", "Create charts under any namespace" and "Create pages under any namespace" are also denied.

Want to remove access to all namespaces except for the one? Set "Read any namespace" to "Deny" and set "Read namespace" for the desired namespace to "Allow".

Single namespace

When you enter the edit page of a namespace (via the namespaces menu), you can click on the "lock" icon to set the permissions of a single namespace. These settings overwrite the ones set in "All namespaces" and allow fine-grained control.

Read namespace "(namespace name)"

Determines if the role is allowed to access the given namespace,

Update namespace "(namespace name)"

Determines if the role is allowed to update the parameters of the given namespace,

Delete namespace "(namespace name)"

Determines if the role is allowed to delete the given namespace,

Manage namespace "(namespace name)"

Determines if the role is allowed to access the administration section of the given namespace,

Create modules under namespace "(namespace name)"

Determines if the role is allowed to create modules under the given namespace,

Create charts under namespace "(namespace name)"

Determines if the role is allowed to create charts under the given namespace,

Create pages under namespace "(namespace name)"

Determines if the role is allowed to create pages under the given namespace

Permissions inside a namespace

After setting permission to an entire namespace, you can further define permissions inside a namespace for the following resources:

  • Modules,

  • Module fields,

  • Pages,

  • Chart.

This can be achieved by entering the adminstration area of the namespace.

Modules
All modules

On the "Modules" administration sub page, you can set permissions regarding any module in the given namespace. Click on the "lock" icon on the top right corner. You can set:

Read any module

Determines if the role is allowed to access any module,

Update any module

Determines if the role is allowed to update the properties of any module,

Delete any module

Determines if the role is allowed to delete any module,

Create record of any module

Determines if the role is allowed to create record entries for any module,

Read records of any module

Determines if the role is allowed to access the records of any module,

Update records of any module

Determines if the role is allowed to update the records of any module,

Delete records of any module

Determines if the role is allowed to delete the records of any module.

Single module

You can set permissions for a single module by clicking on the "lock" icon at the end of the module row. The same interface can also be accessed inside the module editor, when pressing the "edit" icon. The "lock" icon will be available on the top right corner. You can set:

Read module "(module name)"

Determines if the role is allowed to access the given module,

Update module "(module name)"

Determines if the role is allowed to update the properties of the given module,

Delete module "(module name)"

Determines if the role is allowed to delete the given module,

Create record of module "(module name)"

Determines if the role is allowed to create record entries for the given module,

Read records of module "(module name)"

Determines if the role is allowed to access the records of the given module,

Update records of module "(module name)"

Determines if the role is allowed to update the records of the given module,

Delete records of module "(module name)"

Determines if the role is allowed to delete the records of the given module.

Module fields

Inside the module editor, you can define permissions for each module field. You can set:

Read "(field name)" record fields

Determines if the role is allowed to access the given value inside the module. This will hide any data that might appear in the field,

Update "(field name)" record fields

Determines if the role is allowed to update the values in the given module field. This will prevent any data manipulation for the field.

You can implement read-only fields by setting their update permission to deny.

Pages
All pages

On the top you can click on the "lock" icon to set permissions for all pages. You can set the following permissions:

Read any page

Determines if the role is allowed to access any page of the given namespace,

Update any page

Determines if the role is allowed to update any page of the given namespace,

Delete any page

Determines if the role is allowed to delete any page of the given namespace.

Single page

You can set permissions for a single page by clicking on the "lock" icon at the end of the row. The same interface can also be accessed inside the page editor, when pressing the "edit" icon. The "lock" icon will be available on the top right corner. You can set:

Read any page

Determines if the role is allowed to access the page of the given namespace,

Update any page

Determines if the role is allowed to update the page of the given namespace,

Delete any page

Determines if the role is allowed to delete the page of the given namespace.

Charts
All charts

On the top you can click on the "lock" icon to set permissions for all charts. You can set the following permissions:

Read any chart

Determines if the role is allowed to access any chart of the given namespace,

Update any chart

Determines if the role is allowed to update any chart of the given namespace,

Delete any chart

Determines if the role is allowed to delete any chart of the given namespace.

Single chart

You can set permissions for a single chart by clicking on the "lock" icon at the end of the row. The same interface can also be accessed inside the chart editor, when pressing the "edit" icon. The "lock" icon will be available on the top right corner. You can set:

Read any chart "(chart name)"

Determines if the role is allowed to access the given chart,

Update any chart "(chart name)"

Determines if the role is allowed to update the given chart,

Delete any chart "(chart name)"

Determines if the role is allowed to delete the given chart.

Namespaces

A namespace is a records-based application.

Creating an application with Corteza Low Code takes only a handful of steps. First, you create modules with fields, followed by pages to visualize the modules. This creates the basic data model of your application, after which you can add charts, automation and workflow rules, and role-based permissions.

To enter Corteza Low Code, first, you need to enter Corteza. Once you’re inside Corteza, you have several options for opening Corteza Low Code:

  • Open it in a new tab by clicking on the + button close to the top of the page, which opens the application menu;

  • open it in a new panel by selecting the grid icon on the top right (the icon with four squares);

  • open it in a new window by selecting open in a new window when hovering over the Low Code icon in the application menu; or

  • open it in a new browser tab, by navigation to the appropriate web address.

The first thing you see is the Corteza Low Code Namespaces menu. This shows all the applications you have installed (if any) and an option to create new applications.

If you cannot see Corteza Low Code, your existing applications, or the Create a new namespace button, you might not have the permissions you need. In this case, contact the administrator of your Corteza platform.

What can you build?

With the help of Corteza Low Code, you can build applications, such as:

  • Customer Relationship Management,

  • Enterprise Resource Planning,

  • Case management,

  • Expense management,

  • Event management,

  • Support desk,

  • Knowledge base,

  • Logistics management,

  • Employee onboarding,

  • Leave tracker,

  • Volunteer portal,

  • Donor management,

  • Franchise management,

  • Hotel management,

  • Construction management,

  • Restaurant management,

  • Travel management,

  • Fleet hub,

  • Inventory management,

  • And a lot more

Create an application

Each Low Code application lives in its own unique namespace. This feature allows you to have an unlimited number of Corteza Low Code applications.

To create a new application, click on the "Crate namespace" button on the bottom of the page. You will be presented the following fields:

  • Full namespace name (mandatory): The name of your application, which will be shown in the Low Code Namespaces menu. This name does not have to be unique, but it’s best practice to give each application a unique, short and descriptive name; for example: Donations.

  • short name (mandatory): A shortened variant of the namespace name used by the system for easier and faster referencing; for example: donation-management. One of the places is inside the URL when entering the namespace. The provided value must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Subtitle (optional): The subtitle is shown below the name of the application in the Low Code Namespaces menu. For example: Donor Management for the Development Department.

  • Namespace description (optional): A longer description that appears when hovering over the namespace in the Low Code Namespaces menu. For example: In this Donations application, our organization tracks contributors and contributions.

  • Enable namespace (optional): The namespace is shown in the Namespace menu regardless of the value, but you will not be able to enter the namespace unless the checkbox is checked.

Try it out by following these steps to create an example namespace to manage donations.

  • First, click on the Create namespace button.

  • For the donation application, fill in the following data:

    • Full namespace name: Donations,

    • short name: donation-management,

    • Subtitle: Donor Management for the Development Department,

    • Namespace description: In this Donations application, our organization tracks contributors and contributions,

    • Enable namespace: checked,

  • Hit Save and close. You’ve created an application in Corteza!

Permissions can only be defined for existing namespaces. To define permissions, you must firstly create the namespace and then follow the guide described in Modify an application.

For techy people, this is the regular expression used to validate the short name - ^[A-Za-z][0-9A-Za-z_\-.]*[A-Za-z0-9]$

Modify an application

To edit the properties of a namespace, firstly hover over the namespace you wish to edit. An edit icon will appear in the top right corner of the namespace item. Click the icon to edit the namespace.

You will be presented the following fields:

When editing a namespace, same rules apply as with Create an application. The only difference is the permission configuration, presented at the bottom of the section.

  • Full namespace name (mandatory): The name of your application, which will be shown in the Low Code Namespaces menu. This name does not have to be unique, but it’s best practice to give each application a unique, short and descriptive name; for example: Donations.

  • short name (mandatory): A shortened variant of the namespace name used by the system for easier and faster referencing; for example: donation-management. One of the places is inside the URL when entering the namespace. The provided value must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Subtitle (optional): The subtitle is shown below the name of the application in the Low Code Namespaces menu. For example: Donor Management for the Development Department.

  • Namespace description (optional): A longer description that appears when hovering over the namespace in the Low Code Namespaces menu. For example: In this Donations application, our organization tracks contributors and contributions.

  • Enable namespace (optional): The namespace is shown in the Namespace menu regardless of the value, but you will not be able to enter the namespace unless the checkbox is checked.

Modules

Modules provide a way of storing data inside your namespace. All the data is local to the namespace and is not accessible from other namespaces. Without modules, your namespace has no memory nor anything to work with, so defining them is the next step when creating a new app. A simple namespace typically only contains a few modules, however their number and their complexity is not limited. Corteza CRM, for example, has over 35 modules with hundreds of fields.

For a better understanding we provide a corelation with database terminology, though no database knowledge is required to use this feature. * A module can be thought of as a table, as it provides some metadata, a set of attributes and a place to store related data, * a module field can be thought of as an attribute, as it provides a way of defining the shape of the data, * a record can be thought of as an entity, as it provides the actual data for the module.

Corteza Low Code supports fields with multiple value entries for the same record (see Editing module fields), so you might not need pivot tables.

Guidelines

For a consistent experience across different namespaces and Corteza instances, we define a few general guidelines regarding module definitions:

Module name

The module name should be in PascalCase with spaces allowed, it should be short and descriptive, with no special characters except for : (colon), - (dash), _ (underscore), / (forward slash) and \ (backwards slash). For example: Quote Line,

Module handle

The module handle should be in snake_case, it should be short and descriptive, with no special characters. If provided, it must:

  1. start with a character,

  2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

  3. end with a character or a number.

Create a new module

To create a new module firstly navigate to the administration panel and click on "Modules" in the navigation. This will open up an interface that provides a list of existing modules and a way to define new modules, by either:

Importing modules

At the moment, the import modules function is unable to preserve references, so these will have to be assured manually.

This feature allows you to import one or multiple modules from a given .yaml file. This file can be defined either manually or exported from a different namespace.

To import a file:
  1. Press the "Browse" button next to the "Import module(s)" section,

  2. press the "Import" button that appears after the file is successfully added,

  3. select the modules you wish to import and press the "Import" button on the bottom right corner of the modal window.

Manually creating a module

This feature allows you to quickly create a new module by hand, without the need of any data exports.

To create a module:
  1. Specify a name for the module in the "Module name" field, under the "Create a new module" section,

  2. press the "Create" button. This opens the module editor view.

Module fields

Guidelines

For a consistent experience across different namespaces and Corteza instances, we define a few general guidelines regarding module field definitions:

Field name

The module field title should be in snake_case, it should be short and descriptive, with no special characters. Name must:

  1. start with a character,

  2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

  3. end with a character or a number.

Field title

The module field title doesn’t define any strict restriction, as it is shown to the user. The only requirement is that it should be as short as possible (maximum length of 64 characters).

Type

When defining a field, a correct type should be used; for example "Email" when storing emails, "Number" when storing numbers, and so on.

Adding module fields

To add a new module field, click on the "Add new field" button. This will insert a new empty module field to the bottom of the list.

Deleting module fields

To remove a module field, click on the trash can icon on the right side of the module field row. If the field already exists in the given module, the interface will prompt you to confirm the decision.

Editing module fields

Each module consists of a set of fields that define the shape of the stored data along with the type of data.

At the moment, module fields where the module already contains any records limits the module field editing capability.

Each field defines the following properties:

  • Name: This defines the internal naming convention and it must be specified and unique. This is not shown to the end user. It must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Title: This is a "human-friendly" representation of the field and is shown to the end-user when they view/edit the field. The title field doesn’t define strict restrictions, but is limited to the maximum of 64 characters,

  • Type: This defines what type of information this field represents. As is, the field defaults to the basic configuration for each specific field type. This can be edited by clicking on the wrench icon to the right of the dropdown.

  • Multi value: This checkbox allows us to store multiple entries of the same field for the given record.

  • Required: This makes the field mandatory for the end user when creating or editing a record.

  • Private: This allows you to mark data that is sensitive, such as name, email, or telephone number, so your namespace is compliant with privacy regulations such as the GDPR.

Field types

For a more structured system, we provide the following set of field types for you to chose from. By pressing on the wrench icon, you are able to provide additional configuration for the module field.

  • Checkbox (Y/N): This field shows a checkbox to the end user when editing a record. When you click on the wrench icon, you can select what checked and unchecked represent. For example: Yes/No, Active/Inactive, etc.

  • Date and time: Date time input field. You can configure:

    • Date only to omit the time part and only use the date,

    • Time only to omit the date part and only use the time,

    • Past values only to only allow past values,

    • Future value only to only allow future values,

    • Output relative value to show the value relative to now,

    • Custom output format to allow custom output date format.

  • Email: Email input field. Automatically performs email validation and creates a clickable link when viewing the value (can be disabled). This field auto-validates whether the input is an email and turns it into a clickable email link in record-viewing mode. You can configure:

    • Don’t turn email into a link to keep the email as plain text

  • Select / dropdown: Dropdown value select input. Forces the users to use one of the specified values. You can configure:

    • Options to add as many select options as you wish. You must provide both the value (left input) and the label (right input). Value represents the data storage, and label represents the display,

    • Multiple value input type to determine how multiple values are selected.

  • Number: Number value input. Automatically performs number validation and allows only numbers to be inserted. You can configure:

    • Prefix to specify the number’s prefix, such as $,

    • suffix to specify the number’s suffix, such as USD/h,

    • precision to specify the precision the number is stored with,

    • format to specify the numbers display format.

  • Record: Provides a way of cross-linking different records to define a complex structure. It renders a searchable select field. You can configure:

    • Module to specify what module this field will be linked to,

    • record label field to specify what field should be used when showing the linked record,

    • query fields on search to specify the fields that should be included in the search,

    • prefilter records to specify the pre-filtering.

  • String: Provides a text input field. You can configure:

    • Multi line to specify that the value can span over multiple lines,

    • use rich text editor to use the rich text editor instead of the simple plain text editor.

  • URL: Provides an URL input field. Automatically performs URL validation and creates a clickable link when viewing the value (can be configured). You can configure:

    • Trim # from the URL to specify that the hash should be ignored,

    • Trim ? from the URL to specify that the query should be ignored,

    • Only allow SSL (HTTPS) URLs to specify that only secure URL’s can be provided,

    • Don’t turn URL into a link to keep the URL as a plain text value.

  • User: Provides a searchable dropdown select. This field references all users in Corteza. You can configure:

    • Preset with current user to default to the user that created/updated the record,

    • Multiple value input type to determine how multiple values are selected.

  • File upload: This creates a File Upload input. You can configure:

    • Veiw mode to specify how the files are presented when viewing the value.

See Moment.js format for available date time formatting.

See Numeral.js format for available number formatting.

Pages

Corteza Low Code provide a graphic user interface to access the data contained within the given namespace. Each page consists of a series of page blocks that allow you to construct pages of arbitrary complexity while assuring each page is responsive and mobile friendly.

There are two types of pages:

Pages are available under the "Pages" sub administration page. Pages are represented in a tree view, that allows you to change their order and even their nesting. This allows unlimited flexibility when defining your namespace.

Record pages

A record page is designed to show information regarding a specific record, such as it’s field values and other related records. In order for a module to be accessible to the user, it must have an associated record page.

You can define a record page for the given module by pressing the "Page builder" button next to the module you wish to use. This will open up a new editor. Please refer to [admin-compose-pages-build] for details on the page building process.

List pages

List pages are not related to any specific record; rather, they are designed to show multiple record lists, charts, notes, calendars and so on and so forth. With list pages we can create a home page, a dashboard, a list of contacts, etc.

To create a List page, you need to go to the "Pages" administrative page and enter a title in the Create a new page box at the top. When you submit this form, it opens the Edit page form, which allows you to add a page description (for internal use; the end user will not see it), and you can set the page to "Visible" so it can be accessed.

The actual page editor can be accessed via the "Page builder" button either on the page editor or on the page tree view.

Page builder

Page’s content is defined as a grid consisting spanning over 12 columns. The content is defined by a series of page blocks that helps maintain responsive and mobile-friendly pages.

Page blocks can be added using the "Add block" button on the bottom toolbar. This opens a modal window where you can select the page block type you wish to use (refer to Page blocks for details on page blocks).

Once added, they can be arranged, resized and moved with an intuitive drag and drop style interface. Blocks can be edited by clicking on the edit icon or deleted by pressing the trash can icon on the bottom left corner of the page block.

Once finished, press the "Save" or the "Save and close" button on the bottom right of the toolbar. To revert the changes, press the "Back (without saving changes) button".

Page blocks

Content

A content page block is designed to present some static content to the user, such as important announcements, help text, etc.

The content is defined by using the rich-text editor, powered by TipTap.

Metric

A metric page block is quite similar to chart page blocks in the sense, that they present a metric based on the namespaces data. The difference is that a metric page block displays the defined metric in plain text, as a number with some additional formatting options. This can be used to show information, such as the number of new opportunities, total number of leads this month, etc.

Definition

A metric page block consists of a set of metrics. Each metric defines:

Label

A user friendly name that identifies what the metric shows,

Dimension Module

The module that will be used as a data source,

Dimension Filter

Any additional filtering that should be performed on the output value,

Metric Field

What field should be used when calculating the final value, such as the number of records, the cost associated with the record, …​

Metric Aggregation operation

Determines how the data should be aggregated into a single value. The available options are:

  • Count: the number of matched records,

  • sum: the value sum from the specified metric field,

  • max: the maximum value from the specified metric field,

  • min: the minimum value from the specified metric field,

  • avg: the average value from the specified metric field.

Metric Transform value

Additional operations to perform over the computed value, such as rounding, calculating percentages, etc. See below Examples for examples,

Metric Number format

Determines the formatting to be used when displaying the final result. See Numeral.js format for available number formatting,

Metric Prefix

Determines the prefix to be used when displaying the final result,

Metric Suffix

Determines the suffix to be used when displaying the final result,

Style Text color

Determines the color of the final result,

Style Background color

Determines the background color of the final result,

Style Font size

Determines the font size of the final result. Value is specified in pixels.

Examples
Divide result by 1000 to show cost in thousands

v / 1000

Round result to remove decimal places

Math.round(v)

Round result to remove decimal places (round up)

Math.ceil(v)

Round result to remove decimal places (round down)

Math.floor(v)

Round result to two decimal places

Math.round(v * 100) / 100

The used interface uses standard JavaScript syntax, so any operation achievable in standard JavaScript is also achievable here.

Rounding can already be achieved by using value format.

Chart

Chart page block is designed to display any chart defined under the "Charts" administration page.

Useful when defining dashboards

Social media feed

A social media feed is designed to show content from any supported social network. This allows you to show a live social media feed of your clients from the comfort of your CRM.

When using social media feed page blocks in a record page, a source can be defined as a module field. This allows to show different feeds based on the viewed record.

Currently only Twitter feeds are supported.

Record

Record page blocks are designed to allow access to the data inside each record, for either viewing or editing.

When defining a record page block, you select a set of fields that will be present in the given page block. This allows you to customize the layout as much as you wish. Group contact related information in one block, subscription related information in another block, and so on.

When selecting fields, you can rearrange these with an intuitive drag and drop interface.

Make sure that all required fields are accessible via the record page. Otherwise the records will fail to save, since the value will be missing.

This page block type is only available for record pages.

Record list

Record list page blocks are designed to show the data from a specific module — it’s records. These blocks also provide a way of accessing record pages.

Another important feature is, that record lists support client-side automation scripts. This feature can be accessed in the "Automation" tab of the page block editor.

These automation scripts will be visible in the header of the page block, when any rows are selected.

Definition
Module

The module that will be used as a data source,

Hide add record button

Hides the "Add" button, hence disabling the ability to add new records,

Prefilter records

Enables us to apply additional filtering. Filters define a standard SQL syntax and also support dynamic value interpolation. Refer to Examples for examples,

Hide search box

Disables the search box,

Presort records

Enables us to apply additional sorting to the resulted records. Sorting defines a standard SQL syntax. Refer to Examples for examples,

Hide paging

Hides the record list paging section,

Allow records export

Enables the record export feature,

Enable record selection

Enables record selection by providing a selection checkbox next to each row,

Hide record reminder button

Hides the set reminder button,

Hide clone record button

Hides the clone record button,

Hide edit record button

Hides the edit record button,

Hide view record button

Hides the view record button.

When searching over the records in the record list, the system only uses the fields that are shown to the user.

Examples

Record list prefiltering supports value interpolation that is relative to the viewed content, such as a record. Available variables:

  • record: current record (when available),

  • recordID: current record’s recordID (when available),

  • ownerID: current record’s owner (when available),

  • userID: current user’s userID.

Show only records created this year

YEAR(created_at) = YEAR(),

Show only records linked to the viewed record

related_contact = ${recordID},

Show only active contacts

is_active = '1',

Show lost opportunities

status = 'closed/lost',

Sort by latest

created_at DESC

Sort by latest and opportunity stage

created_at DESC, stage DESC

Automation

An automation page block is designed to define an interface to the explicit automation scripts.

The payload provided to the automation script differs from where the automation page block is placed. For example, if it’s placed in a record page, then that record is included in the payload.

When selecting what automation the page block should show, you are able to specify a custom label and style.

Automation script not showing? Make sure that:

  • It compiled with no errors,

  • you refreshed your page after it was included,

  • the trigger defined a .uiProp('app', 'compose') constraint.

You can also use server side automation scripts, as long as they define an explicit automation trigger; for example:

triggers ({ on }) {
  return on('manual')
    .for('compose:record')
    .where('module', 'Lead')
    .where('namespace', 'crm')
    .uiProp('app', 'compose')
},
Calendar

Calendar page block is designed to display a calendar along with a set of associated events.

The calendar supports a configurable set of views. These include:

  • Month view

  • week view

  • day view

  • agenda view

An event source is defined as a module, where a record defines the date and time and the title of the event.

Calendar event sources also enable prefiltering, but it is important to notice, that they do not support value interpolation.

Prefilters

A prefilter is an SQL like string that allows you to filter the resources on the database level before the results are provided.

With prefiltering you are able to determine a more specific set of records that will be shown in the record list, define what records should be included in a chart, and much more.

Prefilters usually support value interpolation, which allows them to be more flexible when working with different resources. For example, you can show only records related to a specific record, show only records owned by the current user. Value interpolation can be invoked by using the JavaScript’s standard template string syntax (${…​}). For example related_contact=${recordID}.

Some resources may not support value interpolation when working with prefilters and will be disclosed in the documentation.

Available interpolation values differ between resources and will be mentioned in the documentation.

When defining prefilters on boolean (check box) fields, keep in mind that the positive value is represented as '1' and negative value is represented as '' or is not defined IS NULL.

For example, when showing inactive contacts, you would write (is_active='' OR is_active IS NULL).

This will be improved upon in later releases.

File

A file page block is quite similar to the content page block in a way that is designed to display some content. The only difference is, that it is designed to display a set of files instead of a text content.

This can be useful to handle files that are relevant to all resources in the system, such as a ToS, schedule, etc.

If the file should differ based on the record, you have to define a module File field. File page blocks are unable to display content relative to the context.

Record organizer

A record organize page block is a record list like, light weight container to display modules record with an intuitive drag-and-drop interface for reordering.

Furthermore, a set of these page blocks can be used to define a kan-ban like interface that allows you to move records between different statuses.

Record organizer page block also supports prefiltering with value interpolation

Prefilters

A prefilter is an SQL like string that allows you to filter the resources on the database level before the results are provided.

With prefiltering you are able to determine a more specific set of records that will be shown in the record list, define what records should be included in a chart, and much more.

Prefilters usually support value interpolation, which allows them to be more flexible when working with different resources. For example, you can show only records related to a specific record, show only records owned by the current user. Value interpolation can be invoked by using the JavaScript’s standard template string syntax (${…​}). For example related_contact=${recordID}.

Some resources may not support value interpolation when working with prefilters and will be disclosed in the documentation.

Available interpolation values differ between resources and will be mentioned in the documentation.

When defining prefilters on boolean (check box) fields, keep in mind that the positive value is represented as '1' and negative value is represented as '' or is not defined IS NULL.

For example, when showing inactive contacts, you would write (is_active='' OR is_active IS NULL).

This will be improved upon in later releases.

IFrame

An iframe page block is designed to embed some website or a webpage inside the namespace. This can be useful when wanting to embed an external system not natively supported inside the namespace.

Our system is no exception to IFrame embedding limitations and it is up to you to assure quality experience.

Charts

Charts provide a way of visualizing your data that allows you to define beautiful reports and dashboards.

Corteza Low Code implements a powerful chart building system, that allows you to build charts of arbitrary complexity.

Corteza Low Code supports:

  • Bar charts,

  • pie charts,

  • doughnut charts,

  • pie charts,

  • line charts,

  • funnel charts,

  • gauge charts

Create a new chart

To create a new chart, navigate to the "Charts" administration sub page. Enter a chart name and press on the "Add chart", which asks you to select the chart category.

Once selected, you are presented with the following:

  • Name: The module name should in PascalCase with spaces allowed, it should be short and descriptive, with no special characters except for : (colon), - (dash), _ (underscore), / (forward slash) and \ (backwards slash). For example: Quote Line,

  • Handle: The module handle should be in snake_case, it should be short and descriptive, with no special characters. If provided, it must:

    1. start with a character,

    2. contain only characters, numbers, _ (underscore), - (dash) or . (dot),

    3. end with a character or a number.

  • Color theme: One of the predefined color themes that should be used inside the chart,

  • Module: What module provides the data for the chart,

  • Filter: How the data should be prefiltered before a response is generated. The interface already provides a set of predefined filters for quicker setup.

  • Y-axis: Allows you to customize the y-axis to best fit your data representation,

  • Dimensions: Define the dimension (the x-axis) of the chart. Dimensions can be defined on simple or structured fields.

  • Dimension function: Defines how the data is aggregated before the response is generated,

  • Metrics: Metric define numerical values that will be displayed in the chart. Metrics only support Number type fields and a special "count", that provides the number of records.

  • Metric post processing: A post processing function allows you to take the result of a given metric and perform some additional operations, such as rounding the value, aggregating the values, etc.

  • Metric output: Defines how the values are represented, such as a pie, set of bars or a line.

Extensions

One of the main features of the Corteza Low Code is it’s customizability and flexibility with our extensions system. Extensions allow you to define business logic of arbitrary complexity, using a standard interface and a well defined API interface.

Please refer to the [extdev-index] section for details on te development process.

Corteza Messaging

Corteza Messaging is a modern, private, secure messaging system which integrates seamlessly with Corteza One, Corteza CRM and Corteza Low Code. Its design is inspired by Slack, a popular cloud service.

Channels

A channel contains a set of users and their messages, usually tied to a specific topic, such as project management or sales.

Corteza Messaging defines three channel types:

  • Public channels,

  • private channels,

  • direct channels,

Public channels

These channels are visible to all Corteza Messaging users with correct access rights. Since they are public they shouldn’t contain any sensitive information that could be abused if leaked,

Creating public channels

To create a public channel, click on the "+" icon to the right of the "Public channels" in the navigation side panel. This opens a new interface where you can define:

  • Name: specifies the channel name, such as Sales or Directors,

  • topic: specifies the channel topic to give some more insight into what the conversation is about,

  • privacy: specifies if the channel is private or not,

  • featuring: when a channel is featured, any user is automatically it’s member. This can be useful when making an introduction channel, such as a Welcome or General channel,

  • members: specifies the members that should be included immediately.

Public channel management

After a channel is created there are a lot of little things that can be performed. Open the channel by clicking on it, and hover over the three dots on the top right corner of the channel. The main two options are:

  • Member list: provides the current list of members in the given channel. It also provides an interface to add and remove additional members,

  • Edit channel: opens a channel editor interface. The interface allows you to edit:

    • Name: specifies the channel name, such as Sales or Directors,

    • topic: specifies the channel topic to give some more insight into what the conversation is about,

    • privacy: specifies if the channel is private or not,

    • featuring: when a channel is featured, any user is automatically it’s member. This can be useful when making an introduction channel, such as a Welcome or General channel,

    • members: specifies the channel members,

    • channel actions: allow you to archive or delete the channel.

Private channels

These channels are visible only to it’s members. Since they are private they could contain some sensitive information,

Creating private channels

To create a private channel, click on the "+" icon to the right of the "Private channels" in the navigation side panel. This opens a new interface where you can define:

  • Name: specifies the channel name, such as Sales or Directors,

  • topic: specifies the channel topic to give some more insight into what the conversation is about,

  • privacy: specifies if the channel is private or not,

  • featuring: when a channel is featured, any user is automatically it’s member. This can be useful when making an introduction channel, such as a Welcome or General channel,

  • members: specifies the members that should be included immediately.

Private channels can also be created from public channels, by changing the privacy option.

Private channel management

After a channel is created there are a lot of little things that can be performed. Open the channel by clicking on it, and hover over the three dots on the top right corner of the channel. The main two options are:

  • Member list: provides the current list of members in the given channel. It also provides an interface to add and remove additional members,

  • Edit channel: opens a channel editor interface. The interface allows you to edit:

    • Name: specifies the channel name, such as Sales or Directors,

    • topic: specifies the channel topic to give some more insight into what the conversation is about,

    • privacy: specifies if the channel is private or not,

    • featuring: when a channel is featured, any user is automatically it’s member. This can be useful when making an introduction channel, such as a Welcome or General channel,

    • members: specifies the channel members,

    • channel actions: allow you to archive or delete the channel.

Direct channels

These channels are similar to private channels, since they can not be accessed unless a member, but are designed for smaller number of people, such as a one on one conversations.

Creating direct channels

To create a direct channel, click on the "+" icon to the right of the "Direct channels" in the navigation side panel. This opens a new interface where you can define:

  • Featuring: when a channel is featured, any user is automatically it’s member. This can be useful when making an introduction channel, such as a Welcome or General channel,

  • members: specifies the direct channel members.

After a direct channel is created, you can not manage it’s users, so make sure that all users are included before creating it.

When you click on a mentioned user inside a message, it will automatically open a direct channel with that user.