In The Future We All Use Symfony2

© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.

IN THE FUTURE, WE ALL USE SYMFONY2Brent Shaffer | Software Engineer

1

© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.

This Guy... Who is he?

2

§ Brent Shaffer§ Too lazy to change the slide theme§ OBU Software Engineer - Genesis Team§ Symfony user for 3 years§ Nashville Symfony UG§ Author of ~20 Plugins§ Contributed to Symfony2 Docs§ Touched Fabien’s Hand

@bshaffer@bschaffer


What is he doing up there?

3

§ Rah Symfony Rah!§ Symfony Momentum§ Symfony2 advantages§ Symfony2 shortcomings§ Can we use it?§ Should we use it?


It’s time to play...

4

© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.5






Definition

Interfaces

Containers

Configuration

Methodology

Usage

Behaviors

Inheritance

The Kernel

The Profiler

Twig

Killing the Magic

Security

Speed

Infrastructure

PHP 5.3

TestingFormsTom Selleck’s Mustache

© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 11

Dependency Injection Container



12

Dependency Injection ContainerDependency Injection ContainerDependency Injection Container

When one object requires another object in order to perform its function


Passing the dependency to the object that requires

it


Service that facilitates this process



13

class User { protected $storage; function __construct() { $this->storage = new SessionStorage(); }

function setLanguage($language) { $this->storage->set('language', $language); }} // ...

What we are used to



14

class User { protected $storage; function __construct($storage) { $this->storage = $storage; }

function setLanguage($language) { $this->storage->set('language', $language); }} // ...

What we want



15

Instead of harcoding the Storage dependency inside the User class constructorInject the Storage dependency in the User object



16

$storage = new SessionStorage('SESSION_ID'); $user = new User($storage);

SUCCESS!

// use a different storage engine$storage = new MySQLSessionStorage('SESSION_ID'); $user = new User($storage);

Game Board


Dependency Injection Container - Interfaces

17

Interfaces§ Defines public methods of a class§ Allow Plain Old PHP Objects as dependencies (POPO’s)

§ Enable use of third party classes through Adapters or Subclasses



18

class User { protected $storage; function __construct(SessionStorageInterface $storage) { $this->storage = $storage; }}

interface SessionStorageInterface { function get($key); function set($key, $value);}

SUCCESS!Game Board



19

The Container§ Describes objects and their dependencies§ Instantiates and configures objects on-

demand§ A container SHOULD be able to manage

ANY PHP object (POPO)§ The objects MUST not know that they are



§ Parameters§ The SessionStorageInterface implementation we want to use (the class name)§ The session name

§ Objects§ SessionStorage§ User

§ Dependencies§ User depends on a SessionStorageInterface implementation

20



21

class Container { protected $parameters = array();

public function setParameter($key, $value) { $this->parameters[$key] = $value; }

public function getParameter($key) { return $this->parameters[$key]; }}



22

$container = new Container(); $container->setParameter('session_name', 'SESSION_ID'); $container->setParameter('storage_class', 'SessionStorage');

// decoupled!$class = $container->getParameter('storage_class'); $sessionStorage = new $class($container->getParameter('session_name')); $user = new User($sessionStorage);

SUCCESS!


Dependency Injection Container - Configuration

23

What does this actually look like?services: storage: class: %storage_class%

arguments: - %session_name% user: class: User arguments: - @storage

parameters: session_name: ‘SESSION_NAME’ storage_class: ‘SessionStorage’



§ A DI Container does NOT manage ALL your objects§ Good rule of thumb: It manages “Global” objects

§ Objects with only one instance (not the same as a singleton)§ LIKE...

§ a User...§ a Request...§ a Logger...§ a Database Connection...

§ UNLIKE§ a Product...§ a Blog Post...

24



§ Check out the Pimple project for more information§ http://pimple-project.org/

25

Game Board

http://pimple-project.org/

http://pimple-project.org/


Doctrine 2


Doctrine2 - Methodology

§ A model is not a table§ Objects are best when modeled after their real-world prototypes§ Active Record pattern vs. Data Mapper pattern

§ Active Record: An object that wraps a row in a database table or view, encapsulates the database access, and adds domain logic on that data.

§ Data Mapper: A layer that moves data between objects and a database while keeping them independent of each other and the mapper itself.§ We retain control of our domain

§ Persistence is separate from the object itself

27

Paradigm Shift


Entities§ Lightweight persistent domain objects§ Regular PHP Classes§ Do not extend any base Doctrine class§ Supports inheritance and abstract classes§ Entities may extend non-entity classes and vice versa.



Entity Manager§ Central access point to the ORM functionality provided by Doctrine2.

The API is used to manage the persistence of your objects and to query for persistent objects

§ Employs transactional write behind strategy that delays the execution of SQL statements in order to execute them in the most efficient way

§ Executes at end of transaction so that all write locks are quickly released

§ Uses the Unit Of Work pattern to keep track of objects


Game Board


Doctrine2 - Usage

30

What does this look like?<?phpnamespace Entities;

/** * @Entity @Table(name="users") */class User {

/** @Id @Column(type="integer") @GeneratedValue */private $id;

/** @Column(length=50) */private $name;

/** @OneToOne(targetEntity="Address") */private $address;

}


How do we persist it?// Database connection information$connectionOptions = array(

'driver' => 'pdo_sqlite','path' => 'database.sqlite'

);

// Create EntityManager$em = EntityManager::create($connectionOptions, $config);

$user = new User; $user->setName('Brent Shaffer'); $em->persist($user); $em->flush();

Doctrine2 - Usage

Game Board


§ Three Kinds§ Mapped Superclass§ Single Table Inheritance§ Class Table Inheritance

32

Doctrine2 - Inheritance

Inheritance


Doctrine2 - Inheritance

Game BoardInheritance§ Mapped Superclass

§ Mapping data is contained in the superclass, but no database table is mapped to the superclass§ Single Table Inheritance

§ All entities share one table. § To distinguish which row represents which type in the hierarchy a discriminator column is

used§ Different and shared columns are maintained through Doctrine

§ Class Table Inheritance§ Each class in the hierarchy is mapped to several tables: it’s own table and the tables of all

parent classes§ The table of a child class is linked to the table of a parent class through a foreign key

constraint§ A discriminator column is used in the topmost table of the hierarchy


§ What was wrong§ Behaviors mocked multiple inheritance, a construct not supported in PHP§ A necessary evil due to the active record implementation

§ The New Way§ Interfaces

§ Describe what the object needs§ Events and Listeners

§ Tell the Entity Manager how to handle the object§ Traits

§ PHP 5.4§ Copy and Paste for PHP functions, Similar to Modules in ruby.

34

Doctrine2 - Behaviors

Behaviors


§ An Example§ Timestampable

§ Configure properties of your model to listen for on create and on update events§ Assign the TimestampableListener as an EventSubscriber § Doctrine manager handles the rest

§ Existing Behaviors§ Tree§ Translatable§ Sluggable§ Timestampable§ Loggable

35

Doctrine2 - Behaviors

Game Board


The Kernel


The Kernel

37

the request/get-this

<h1>You Got It!</h1>the response

Client(Browser)

Your App

Your job is always to generate and return a response

The Internet is a series of tubes


The Kernel

§ The Basics§ The HttpKernel class is the central class of Symfony2 and is responsible for handling

client requests. Its main goal is to "convert" a Request object to a Response object.§ The handle() method takes a Request and always returns a Response.

§ The Controller§ To convert a Request to a Response, the Kernel relies on a Controller. A Controller can

be any valid PHP callable.§ The controller returns a Response Object

§ Events§ Events are thrown for onCoreRequest, onCoreController, onCoreView, and

onCoreResponse, and onCoreException.

38


Drum Roll Please...

The Kernel

$kernel = new AppKernel('Brent Shaffer', false); $kernel->handle(Request::createFromGlobals())->send();

Game Board


The Profiler



The Profiler

42

The Symfony2 profiler collects useful information about each request made to your application and stores them for later analysis.

You rarely have to deal with the profiler directly as Symfony2 provides visualizer tools like the Web Debug Toolbar and the Web Profiler.


The Profiler

§ The profiler collects information for all requests (simple requests, redirects, exceptions, Ajax requests, ESI requests; and for all HTTP methods and all formats). § A single URL can result in several associated profiling data (one per external request/

response pair).§ The profiler stores data to allow for access anytime

43

// on the production machine$profiler = $container->get('profiler')->getFromResponse($response);$data = $profiler->export();

// on the development machine$profiler->import($data);

framework: profiler: matcher: { ip: 192.168.0.0/24, path: "^/admin/", service: custom_matcher }

Text

§ Profilers can be configured differently per IP, URL, or a custom matcher service


Twig


Twig

45

“You do know PHP is the best templating language, right?”- Andi Gutmans


Twig

§ A template engine allows you to render a presentation (HTML, XML, etc) via a template in a controlled environment

§ It should allow special functionality that makes creating templates easier (helpers, template inheritance, etc)

§ SMARTY is a templating engine§ HAML is a templating engine§ PHP is a templating engine

46

What is a templating engine?


Twig

§ rendering template files is a hack: an include statement with output-buffering control§ no or faked template inheritance§ no isolation: PHP templates make available any global variables or functions§ no template-friendly syntax

47

Why is PHP a crappy templating engine?


Twig

§ Template-oriented syntax§ Twig takes back the dot accessor § for else loop§ Filters § Multiple inheritance§ Dynamic template extension§ Horizontal reuse

§ Extensible§ Twig “Core” is nothing more than a set of default

extensions§ Even Twig syntax is mutable

48

{{ var.method }}

{% for user in users %} * {{ user.name }}{% else %} No user has been found.{% endfor %}

{{ var | uppercase }}

{% extends "layout.html" %}

{% block content %} Content of the page...{% endblock %}

{% use 'div_layout.html.twig' %}

What makes Twig better?


Twig

49

Twig in Actionwarning. plagiarized content ahead


Twig

50

// add a custom function$twig->addFunction('customfunc', new Twig_Function_Method($this, 'twigCustomFunc'));

Extending

{{ customfunc(var)}}

// add a custom filter$twig->addFilter('customfilt', new Twig_Filter_Function($this, 'doCustomFilt'));

{{ var | customfilt(2) }}

public function twigCustomFunc(Twig_Environment $env, $var){ // do something awesome}

public function twigCustomFilt(Twig_Environment $env, $var, $num){ // do something awesome}


Twig

51

// specify trusted code$tags = array('if');$filters = array('upper');$methods = array( 'Article' => array('getTitle', 'getBody'),);$properties = array( 'Article' => array('title', 'body'),);$functions = array('range');$policy = new Twig_Sandbox_SecurityPolicy($tags, $filters, $methods, $properties, $functions);

// Add your extension to twig$sandbox = new Twig_Extension_Sandbox($policy);$twig->addExtension($sandbox);

Sandboxing

Game Board


Did Symfony2Kill the Magic?


Did Symfony2 Kill The Magic?

53



54

§ What is Magic?§ The framework takes on new responsibility, and does so in

a way we don’t understand§ We describe something as “killing the magic” when that

responsibility is returned to the developer§ Why do some consider magic bad?

§ The Great Jon Wage:§ “Magic is great when it works, but the magic you love is

also the cause of much of your pain”§ “Magic makes it harder to understand what is

happening”§ “Edgecases, Edgecases, Edgecases!”§ “Magic is slow”



55

§ Is Magic Bad?§ Magic is bad when it is a hack

§ Doctrine1 Behaviors

§ Magic is bad when it is not well written§ Symfony admin generator

§ Magic is bad when it disregards best practices§ Doctrine1 Active Record

§ Magic is bad when it sacrifices control§ sfInstaPrestoRestApiPluginnator



56

§ Symfony2 did not kill the magic§ Annotations alleviate verbosity of configuration§ Propel2 will implement Doctrine2 in ActiveRecord form§ Convention over Configuration often does the work for you§ That bit about poorly written code? Symfony2 doesn’t have that problem.

§ The first step is to write a solid platform§ The bells and whistles come next

Answer the Question Already!

Game Board


Speed


Speed

58

“Fast as Hell”- Fabien


Speed

59

§ Symfony2 Framework§ 3 times faster than Symfony 1.4§ 3 times faster than Zend Framework§ Takes up 2 times less memory

§ Doctrine2§ 4 times faster than Doctrine 1 (according to arbitrary benchmark)§ Use of Transactions makes all batch operations significantly faster

§ Caching§ Twig, Dependency Injection Container, Routes, are all as fast as they can possibly be

§ compiled down to plain PHP code§ Everything is converted to plain calls


Speed

60

§ Symfony2‘s “Killer Feature”§ We use the HTTP 1.1 Caching Specification

§ pre-invented wheels§ Comes with a built in Gateway Cache (aka Reverse Proxy)

§ A shared cache on the server side

HTTP Caching

// web/app.php

$kernel = new AppCache(new AppKernel('prod', false));$kernel->handle(Request::createFromGlobals())->send();

§ Make websites more scalable, reliable and performing better§ Examples: Varnish, Squid, Akimai


Speed

61

HTTP Caching§ Information is sent with headers

§ Cache-Control / Expires / Last-Modified / ETag

§ the switch from one proxy server to another is easy and transparent as no code modification is needed!

§ Return “304 Not Modified” to save on bandwidth/cpu§ Wait, you mean we have to understand HTTP 1.1 Specifications?

§ Yes.§ And Http 1.1 Caching Headers?

§ That’s right§ Well this party really died

§ It’s ok! Learning is fun.§ You’ll probably get paid more someday§ Ladies* love it. * no ladies love this


Speed

62

// setting HTTP Cache headers for expirationpublic function indexAction(){ $response = $this->renderView('MyBundle:Main:index.html.twig'); $response->setMaxAge(600); $response->setSharedMaxAge(600);

return $response;}

Show me the money!

// setting HTTP Cache headers for validationpublic function indexAction(){ $response = $this->renderView('MyBundle:Main:index.html.twig'); $response->setETag(md5($response->getContent())); $response->isNotModified($this->get('request'));

return $response;}


It’s too simple.I’ll never be able to cache my app..


Speed

64

§ Akamai Specification§ allow HTTP cache to be used to cache page fragments (even nested fragments)

independently. § Cache an entire page for 60 minutes, but an embedded sidebar for only 5 minutes.§ Leave fragments uncached!§ Each ESI tag has a fully-qualified URL. An ESI tag represents a page fragment that can be

fetched via the given URL.

Don’t Cry! Use E-S-I!Edge Side Includes


Speed

65

Show me some mo’ money!<html> <body> Some content

 <esi:include src="http://..." />

More content </body></html>

Game Board


Infrastructure



§ One file to rule them all§ The Entry Point of your application§ Useful when combining platforms§ To the code machine!!!

Infrastructure

Front Controllers


§ The core consists of three things§ components§ bundles§ bridges

Infrastructure

Symfony2 Core


Infrastructure - Symfony2 Core

70

§ Orthogonal code, separately maintained§ Examples

§ Yaml§ Event Dispatcher§ Routing§ Security

Components



71

§ Bring libraries into the symfony ecosystem

§ Examples§ FrameworkBundle§ DoctrineBundle§ TwigBundle§ SecurityBundle

Bundles



72

§ Ties between components independent of the framework

§ Ensures components and bundles really are standalone

§ Examples§ DoctrineBridge§ MonologBridge§ TwigBridge

Bridges


Infrastructure

73

§ The framework consists of three main things§ Vendors§ Your Source§ The Application

Symfony2 Framework



74

§ Third party code. Can be libraries or bundles§ Examples

§ Libraries: doctrine-mongodb§ Bundles: DoctrineMongoDbBundle

Vendors



75

§ Your code! Anything application-specific§ Probably bundles§ libraries inside bundles

Source


Infrastructure - Symfony2 Framework

76

§ The overmind§ Ties it all together

§ configuration§ routing§ autoloading§ stuff like that

The Application


Infrastructure

77

§ Cutesy French Word§ Like everything else, they come in threes

§ Core Bundles§ Vendor Bundles§ Source Bundles

§ Everything is a bundle. Even you.§ Ok I lied, not everything. But most things.

Bundles?


Infrastructure - Bundles

78

§ Routing§ Controllers§ Views§ Doctrine Objects§ Libraries§ Assets§ Just About Everything

Bundles contain...


Infrastructure - Bundles

79

Organization++§ Namespaced§ Flexible Structure§ I have a dream! That one day! All

products shall live side-by-side in one src directory!

Game Board


Security


Security

81

§ Authentication and Authorization§ Authentication - identify the user

§ Use built in authentication methods§ Login forms, HTTP Authentication, X.509 Certificates§ Stateless

§ Write custom authentication§ Ex: Lock down a URL pattern to Twitter users only

§ Authorization - do they have access?§ User Roles

§ Firewalls§ Activated based on a URL regex match§ Sends authentication back to the user


Security

82

§ User Providers§ Users can come from anywhere

§ database table§ web service§ in memory

§ Use Multiple user providers in a single application§ Custom User Providers

§ UserInterface / UserProviderInterface§ Encoding

§ Configured per user provider§ Also customizable (PasswordEncoderInterface)


Security

83

# app/config/config.ymlsecurity: firewalls: secured_area: pattern: ^/ anonymous: ~ http_basic: realm: "Secured Demo Area"

access_control: - { path: ^/admin, roles: ROLE_ADMIN }

providers: in_memory: users: brent: { password: brentpass, roles: 'ROLE_USER' } admin: { password: kitten, roles: 'ROLE_ADMIN' }

encoders: Symfony\Component\Security\Core\User\User: plaintext

Authentication

Authorization

User Providers

Password Encoding

A Practical Example


Security

84

# app/config/config.ymlsecurity: firewalls: my_service: pattern: ^/api/.* wsse: true

Extending the Security Component

§ You can get a good look at a T-Bone if you stick your head up a... no wait, it’s your bull.

§ WSSE (because we all hate SOAP)§ Four Classes

§ WsseListener

§ WsseProvider

§ WsseToken

§ WsseFactory

§ not as easy as advertised§ But...

§ When secure methods of a service class are called, unauthenticated users are prompted with a login.

§ That’s neat.§ Wait... WHAT??


Security

85

Allows for the extending of Services

class NewsletterManager{ protected $securityContext;

public function __construct(SecurityContextInterface $securityContext) { $this->securityContext = $securityContext; }

public function sendNewsletter() { if (false == $this->securityContext->isGranted('NEWSLETTER_ADMIN')) { throw new AccessDeniedException(); } //-- }}

Awesome

Rad

Groovy


Security

86

In Conclusion§ Symfony2 uses the well-proven security model of authentication and authorization. § The security component is very robust, and made to handle enterprise-level

authentication needs§ The container makes it possible to extend security even further

§ Custom authentication methods§ Custom user providers§ Custom authorization§ Custom encoding

Game Boardhttp://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html

http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html

http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html


PHP 5.3


PHP 5.3

§ Why is everyone so scared?§ PHP 5.2 came out in 2006§ PHP 5.3 has been out for two years

§ Who uses it?§ Doctrine2, MongoODM, Symfony2, Zend Framework2, Assetic, Behat, Monolog... more to

come§ What do we get?

§ Namespaces§ Autoloading, Avoid Collisions, Organization

§ Closures and Lamdas, y’all!§ Late Static Binding§ SPL Enhancements, new functions

§ OpenSSL, Mysql, and DateTime functions, native array functions, parse_ini_string(), str_getcsv(), etc.§ Chaining Exceptions

§ exciting news for huge nerds

88

Game Board


Testing


Testing

90

Game Board

PHPUnit


Forms


Testing

92

Game Board

[Slides to make you soundlike you understand forms here]


Your Mother

93

Game Board


Tom Selleck’s Mustache

94

Game Board


Standard White Background Bullet Slide

95



96



97



98

§ http://brentertainment.com§ http://github.com/bshaffer§ @bshaffer

Questions?

http://brentertainment.com

http://brentertainment.com

http://github.com/bshafs

http://github.com/bshafs

In The Future We All Use Symfony2

Technology