Recently, a colleague came to me about disabling and removing comments in the Store of a WSO2 API Manager deployment. This is of course possible. By this I mean without really messing with the source code of the product itself. In this blog, I will show you where the comments are stored and how you can disable the features for social interaction in the WSO2 API Manager.
This blog will not describe in detail all the steps with regards to downloading, unzipping and installing the API Manager or switching to MariaDB as the database of choice. All these steps can be found described in a general sense on liked Yenlo blogs.
Switching to MySQL
In order to make it easy to see the database and tables, I am going to take an OOTB API Manager but will migrate the environment to MySQL. To do this, we need to change the default H2 file-based database for a MySQL or MariaDB database.
We do not have to do this for all of the databases used by the system, we can actually just select database that we would like to exchange, in this case the databases the API Management database (WSO2AM_DB) that we are going to exchange an H2 database. In order to do this, we need to create a simple database and then use the scripts to create one of the tables inside the database.
In MySQL / MariaDB we type:
create database apimandb; use apimandb; source [APIM-HOME]/dbscripts/mysql.sql; show tables;
The [APIM-HOME] is the fully qualified path of the API Manager.
The only thing we need to do then is to change the configuration in the master datasources file ( [APIM-HOME]/repository/conf/datasources/master-datasources.xml
) in order to point to the newly created database on MariaDB rather than the embedded H2 database in the system itself. Username and password need to be changed to your setup.
<datasource>
<name>WSO2AM_DB</name>
<description>The datasource used for API Manager database</description>
<jndiConfig>
<name>jdbc/WSO2AM_DB</name>
</jndiConfig>
<definition type="RDBMS">
<configuration> <url>jdbc:mysql://localhost:3306/apimandb</url>
<username>root</username>
<password>root</password>
<defaultAutoCommit>true</defaultAutoCommit>
<driverClassName>com.mysql.jdbc.Driver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1</validationQuery>
<validationInterval>30000</validationInterval>
</configuration>
</definition>
</datasource>
The texts above show the steps of creating the database, running the SQL scripts for the API Manager database and of course making changes to the master data sources to make a connection to the database. Do not forget to add the mysql*.jar file to the /repository/components/lib directory.
Make sure that you do this before you start the product in order to circumvent any issues regarding already installed API since we are replacing the database with an empty one.
We will start the system as usual. So, use wso2server.sh or wso2server.bat (if you’re running on Windows) and let the product start up normally, like we do so often.
TID: [-1234] [] [2019-05-06 22:02:42,984] INFO
{org.wso2.carbon.ui.internal.CarbonUIServiceComponent} - Mgt Console URL :
https://192.168.2.59:9443/carbon/
{org.wso2.carbon.ui.internal.CarbonUIServiceComponent}
TID: [-1234] [] [2019-05-06 22:02:42,985] INFO
{org.wso2.carbon.ui.internal.CarbonUIServiceComponent} - API Store Default Context :
https://192.168.2.59:9443/store
{org.wso2.carbon.ui.internal.CarbonUIServiceComponent}
TID: [-1234] [] [2019-05-06 22:02:42,986] INFO
{org.wso2.carbon.ui.internal.CarbonUIServiceComponent} - API Publisher Default Context :
https://192.168.2.59:9443/publisher
{org.wso2.carbon.ui.internal.CarbonUIServiceComponent}
You see the management console URL as well as the URLs for the publisher and the store.
In order to make an API available, we will use the standard API that can be deployed as a sample so we don’t need to configure anything ourselves, we can just basically deploy the standard API that comes with the product, in order to make life easier and this blog a little bit shorter.
How do we do that?
Well, just start the publisher and get rid of the tutorial. If the overlay is still visible that will be a cross in the top righthand corner, clock that and then you will see no ‘APIs created yet‘ and you have the choice to deploy the sample API.
If you do that, then you’re actually able to see the API deployed and installed. Let’s go to the Store and actually add some comments with regards to the API. In the store, we can actually see that we have the possibility to create new messages and comments, as well as all kinds of rankings. We need to log in to see the capability to rank and add comments / topics.
Let’s add something to the APIs so that there will actually be a comment stored in the database and we can take a look inside the databases. I’m very pro-DBeaver which is a SQL client that is easy to use and will work with a multitude of database management systems supporting H2 but also of course MySQL MS SQL Postgres, Derby and all of the other ones that were in common use. It is open source so you can use it without ever incurring any costs and is actually based on well-known products to which is Eclipse the IDE environment for the WSO2 Enterprise Integrator and WSO2 API Manager as well.
One of the best things of the DBeaver is that is easy to use and it will also show you the tables and the relationship between the tables and as you can see from the screenshots.
There is a direct link between the API database or action API table and the common stable where there is a link on the API ID.
We will now browse the comments data table inside the beaver can actually see the values that we typed it as far as the comments go. So, we have a situation where we have the possibility to create comments use social media elements of the product etc.
This is of course out-of-the-box technology and it will allow us to manage development community that is the intended audience for APIs. But there might be situations where you just want to disable this.
In this case, what we’re going to do this we are actually going to delete the comments. I haven’t found any tools to do that so we will typically just do a manual delete from the database itself. This can be either can be done with sql or we can actually do it using the management interface of the beaver.
Disabling social elements
Let’s say we don’t want people to be able to add comments or use the social media features that are typical of the API manager. What you need to do is making some changes to the configuration files and most notably the API management.XML (api-management.xml) file that is in the repository/conf/ directory of the API manager.
This API manager file is one of the most used files in the whole configuration because it actually determines the configuration set up for the major components of the API manager: store, publisher, gateway, traffic manager and key manager.
Search for APIStore and then we find three configurations that are enabled on the change. The change that we’re going to do is basically setting all of the three parameters to false thereby not allowing people to use that functionality. Note that the text below is abridged!
<APIStore>
<CompareCaseInsensitively>true</CompareCaseInsensitively>
<DisplayURL>false</DisplayURL>
<URL>https://localhost:${mgt.transport.https.port}/store</URL>
<!-- Server URL of the API Store. -->
<ServerURL>https://localhost:${mgt.transport.https.port}${carbon.context}services/</ServerURL>
<!-- Admin username for API Store. -->
<Username>${admin.username}</Username>
<!-- Admin password for API Store. -->
<Password>${admin.password}</Password>
...
<!-- This parameter specifies whether to display multiple versions of same
<!-- This parameter specifies whether to display the comment editing facility or not.
Default is "true". If user wants to disable, he must set this param as "false" -->
<DisplayComments>false</DisplayComments>
<!-- This parameter specifies whether to display the ratings or not.
Default is "true". If user wants to disable, he must set this param as "false" -->
<DisplayRatings>false</DisplayRatings>
<!--set isStoreForumEnabled to false for disable forum in store-->
<isStoreForumEnabled>false</isStoreForumEnabled>
...
</APIStore>
We need to start the WSO2 API manager again because these configuration files are only read on load. As you can see now, you no longer have to access the forum because it is actually missing from the management UI.
But we also want to delete all of the other social media elements and links in the store itself. Unfortunately, we do not have the possibility to do that with a configuration parameter but need to change the jaggery template.
Changing Jaggery
The file is a file that is in the directory structure for the APIs in order to delete elements of the jaggery configuration. In the latter case, you do not need to restart the API manager because jaggery is actually executed, not loaded. So, in this case we can make changes to the jaggery application and changes will be instantly visible on the Store. We will change the jaggery app, rather than opting for a subtheme in which you only define the changes. If you are interested in that, let me know in the comments and I will write a blog about it!
The file is at [APIM-HOME]/repository/deployment/server/jaggeryapps/store/site/themes/wso2/templates/api/overview/template.jag.
Remove the pieces like:
<div id="share_div_social" class="share_dives">
<!-- Facebook -->
<a class="social_links" id="facebook" href="#" target="_blank" title="facebook"><img src="<%=jagg.getAbsoluteUrl(jagg.getThemeFile("images/facebook.png"))%>" alt="Facebook" /></a>
<!-- Twitter -->
<a class="social_links" id="twitter" href="#" target="_blank" title="twitter"><img src="<%=jagg.getAbsoluteUrl(jagg.getThemeFile("images/twitter.png"))%>" alt="Twitter" /></a>
<!-- Google+ -->
<a class="social_links" id="googleplus" href="#" target="_blank" title="googleplus"><img src="<%=jagg.getAbsoluteUrl(jagg.getThemeFile("images/google.png"))%>" alt="Google" /></a>
<!-- Digg -->
<a class="social_links" id="digg" href="#" target="_blank" title="digg"><img src="<%=jagg.getAbsoluteUrl(jagg.getThemeFile("images/diggit.png"))%>" alt="Digg" /></a>
<div class="clearfix">
</div>
So, you can see now from this final screenshot now have an API manager that does not have the capability of social media commenting forum and etc. but also doesn’t show you the embedded betting links, etc., etc., and the comments if there were any in the store.
Conclusion
It is possible to change the forum and social media settings of the WSO2 API manager if necessary. But I want to emphasize that if you want a thriving developer community that uses your APIs, it’s precisely those elements of social media as well as a forum that makes your APIs great or that can make your APIs better APIs. This is because you can connect them to your developers who use your APIs and you can ask them what they want in terms of functionality. But it is possible to disable that for whatever reason.
Click here to read more API blogs. Please leave a comment below if you have any questions.