Skip to content
Pyxis CMS Docs

Content Management (Pages)

The Pages module is the primary container for site content. It is designed as a lightweight, secure, and flexible system, leveraging PostgreSQL’s advanced capabilities and a modern Headless routing approach.

Data Integrity & Security

Section titled “Data Integrity & Security”
  • UUID as Primary Key: Every page is identified by a UUID v4. This prevents “ID enumeration” attacks and hides the internal database structure from public URLs.
  • Automated Authorship: The system automatically assigns the authenticated administrator’s ID to the user_id column during record creation, ensuring data consistency without manual input.

Special Roles: The Homepage (Root)

Section titled “Special Roles: The Homepage (Root)”

In Pyxis CMS, the “Homepage” status is not hardcoded to a specific slug (like home). Instead, it is a role that can be assigned to any page in the system.

  • Mapping Mechanism: Connecting a page to the / address is managed via the Global Settings module.
  • Path Overriding: When a page is designated as the homepage, the API ignores its base slug and serves it at the domain root.
  • Structural Integrity: A Homepage cannot have a parent page (parent_id must be NULL), ensuring a clean and logical tree structure.

Technical Routing Implementation

Section titled “Technical Routing Implementation”

1. Hierarchical Routing & Recursion

Section titled “1. Hierarchical Routing & Recursion”

Pyxis CMS supports an unlimited nested tree structure for pages.

  • Slug Segmentation: The database stores only the individual segment (slug) for each page.
  • Dynamic URL Resolution: The full path (e.g., /company/about-us/team) is calculated recursively by the Eloquent model. The system “climbs” the parent tree until it reaches a root page.

2. Path Integrity Validation

Section titled “2. Path Integrity Validation”

To prevent duplicate content and routing bypasses, the API validates the full request path. If a user attempts to access a child page while omitting its parents in the URL, the system returns a 404 error. This ensures every piece of content has exactly one unique logical address.

3. Flexible Metadata (JSONB)

Section titled “3. Flexible Metadata (JSONB)”

The seo field uses the JSONB data type, allowing for flexible storage of Meta tags, Open Graph data, and indexing configurations without requiring database schema migrations when adding new SEO features.

Workflow & Access Control

Section titled “Workflow & Access Control”

The system separates the content preparation stage from the delivery method.

1. Publication Status (Workflow)

Section titled “1. Publication Status (Workflow)”
  • Draft: Content visible only within the administration panel.
  • Published: Content available to the API, provided the published_at timestamp has been reached.
  • Scheduling: Automatic publication of content in the future without manual intervention.

2. Visibility Layers

Section titled “2. Visibility Layers”
  • Public: Available globally to all users.
  • Private: Visible only to authenticated administrators (requires session/token authorization).
  • Password Protected: The API returns only page metadata, locking the content field until a valid password is provided.