On this blog, we've frequently talked about one of Drupal's biggest strengths being its dedicated community of developers spread around the world. These developers are constantly making updates to modules and managing the security of the open-source software so that Drupal-site owners don't have to worry about the safety and functionality of their website.
But what does that process actually look like? Allow me to give you a behind-the-scenes look.
A Drupal module was created years ago to take content submitted via Drupal's webform module and feed it directly into Salesforce using the software's application programming interface (API). One of our clients recently forwarded me a notice from Salesforce that the company's API was going to be changing.
Now before I go far, allow me to provide some basic background information.
First off, Salesforce is a customer relationship management (CRM) platform that allows businesses to track and store users' interactions with their brand. As the Salesforce website explains:
"More than 150,000 companies are blazing trails to success with the world's #1 CRM platform. Treat all your customers like they're your only customer with Salesforce CRM. Understand their needs, solve their problems, and identify opportunities to help by managing their information and interactions with your company on a single platform that's always accessible from anywhere."
Clearly, Salesforce can be a crucial component of any organization's digital strategy. So, if Salesforce isn't working, that's a problem.
An API, meanwhile, is what allows a website to communicate with an external application. With this particular client, they were using the Salesforce API to funnel all leads from forms submitted on their Drupal website into their Salesforce CRM. The API is what makes that funneling possible.
Changing an API is a common practice for all types of businesses, either because they find security issues with the existing API or they simply found a way to make it better.
I followed up on the client's note and checked the Salesforce Web-to-Lead Webform Data Integration module to see if there were any existing patches, which, just as it sounds, would cover up the change to the API. Every module has a log of what's happening to it - including when problems develop - and a simple search can tell you whether the problem you're facing has already been reported or fixed.
In this instance, there were no patches present, so I decided to take the project on.
The first step for me was to visit the Salesforce software website and confirm that this change was actually taking place. Once confirmed, I was able to go into the module's code and make the required adjustments and create a patch for the module.
This is why open source software is so great. If Drupal wasn't open source, this process simply would not be possible.
Now, you may be wondering what's preventing someone from doing what I did and instead of fixing the problem, inserting something malicious into the code. Again, this is why Drupal's community is such a differentiator. As I mentioned in this post about Drupal security, the developers within this community serve as gatekeepers who protect the integrity of the software.
There essentially is a system of checks and balances among Drupal developers. The patch I created, for example, was reviewed by another developer to confirm it was done directly. What's great about Drupal is the community is so large and so strong that there is always someone on the case. In this instance, it just happened to be me!