Symfony2 Engineer Explains Dependency Injection

IN THE FUTURE, WE ALL USE SYMFONY2
Brent Shaffer | Software Engineer

© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Conﬁdential. 1

This Guy... Who is he?

§ Brent Shaffer
§ Too lazy to change the slide theme
§ OBU Software Engineer - Genesis Team
§ Symfony user for 3 years
§ Nashville Symfony UG
§ Author of ~20 Plugins
§ Contributed to Symfony2 Docs
§ Touched Fabien’s Hand

@bschaffer @bshaffer


What is he doing up there?

§ Rah Symfony Rah!
§ Symfony Momentum
§ Symfony2 advantages
§ Symfony2 shortcomings
§ Can we use it?
§ Should we use it?


It’s time to play...


© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Conﬁdential.
5

6

7

8

9

Definition Methodology The Kernel Security

Interfaces Usage The Profiler Speed

Containers Inheritance Twig Infrastructure

Configuration Behaviors Killing the Magic PHP 5.3

Tom Selleck’s Mustache Forms Testing

10

Dependency
Injection
Container


Dependency Injection Container


When one object requires Service that facilitates this
another object in order to process
perform its function Passing the
dependency to the
object that requires
it



class User
{
What we are used to
protected $storage;

function __construct()
{
$this->storage = new SessionStorage();
}

function setLanguage($language)
{
$this->storage->set('language', $language);
}
}
// ...


class User
{
What we want
protected $storage;

function __construct($storage)
{
$this->storage = $storage;
}

function setLanguage($language)
{
$this->storage->set('language', $language);
}
}
// ...


Instead of harcoding the Storage
dependency inside the User class
constructor
Inject the Storage dependency in the
User object



$storage = new SessionStorage('SESSION_ID');
$user = new User($storage);

// use a different storage engine
$storage = new MySQLSessionStorage('SESSION_ID');
$user = new User($storage);

ESS!
SUCC
Game Board


Dependency Injection Container - Interfaces

Interfaces
§ Deﬁnes public methods of a class
§ Allow Plain Old PHP Objects as
dependencies (POPO’s)
§ Enable use of third party classes
through Adapters or Subclasses



class User
{
protected $storage;
function __construct(SessionStorageInterface $storage)
{
$this->storage = $storage;
}
}

interface SessionStorageInterface

SS!
{
function get($key);
function set($key, $value); SUCCE
}
Game Board



The Container
§ Describes objects and their dependencies
§ Instantiates and conﬁgures objects on-
demand
§ A container SHOULD be able to manage
ANY PHP object (POPO)
§ The objects MUST not know that they are



§ Parameters
§ The SessionStorageInterface implementation we want to use (the class name)
§ The session name
§ Objects
§ SessionStorage
§ User
§ Dependencies
§ User depends on a SessionStorageInterface implementation



class Container
{
protected $parameters = array();

public function setParameter($key, $value)
{
$this->parameters[$key] = $value;
}

public function getParameter($key)
{
return $this->parameters[$key];
}
}


$container = new Container();
$container->setParameter('session_name', 'SESSION_ID');
$container->setParameter('storage_class', 'SessionStorage');

// decoupled!
$class = $container->getParameter('storage_class');
$sessionStorage = new $class($container->getParameter('session_name'));
$user = new User($sessionStorage);

ESS!
SUCC


Dependency Injection Container - Conﬁguration

What does this actually look like?
services: parameters:
storage: session_name: ‘SESSION_NAME’
class: %storage_class% storage_class: ‘SessionStorage’
arguments:
- %session_name%
user:
class: User
arguments:
- @storage



§ A DI Container does NOT manage ALL your objects
§ Good rule of thumb: It manages “Global” objects
§ Objects with only one instance (not the same as a singleton)
§ LIKE...
§ a User...
§ a Request...
§ a Logger...
§ a Database Connection...
§ UNLIKE
§ a Product...
§ a Blog Post...



§ Check out the Pimple project for more information
§ http://pimple-project.org/

Game Board


Doctrine 2


Doctrine2 - Methodology

Paradigm Shift
§ A model is not a table
§ Objects are best when modeled after their real-world prototypes
§ Active Record pattern vs. Data Mapper pattern
§ Active Record: An object that wraps a row in a database table or view, encapsulates the database access, and
adds domain logic on that data.
§ Data Mapper: A layer that moves data between objects and a database while keeping them independent of each
other and the mapper itself.
§ We retain control of our domain
§ Persistence is separate from the object itself



Entities
§ Lightweight persistent domain objects
§ Regular PHP Classes
§ Do not extend any base Doctrine class
§ Supports inheritance and abstract classes
§ Entities may extend non-entity classes and vice versa.



Entity Manager
§ Central access point to the ORM functionality provided by Doctrine2.
The API is used to manage the persistence of your objects and to
query for persistent objects
§ Employs transactional write behind strategy that delays the
execution of SQL statements in order to execute them in the most
efficient way
§ Executes at end of transaction so that all write locks are quickly
released
§ Uses the Unit Of Work pattern to keep track of objects

Game Board


Doctrine2 - Usage

What does this look like?
<?php
namespace Entities;

/** * @Entity @Table(name="users") */
class User
{
/** @Id @Column(type="integer") @GeneratedValue */
private $id;

/** @Column(length=50) */
private $name;

/** @OneToOne(targetEntity="Address") */
private $address;
}


Doctrine2 - Usage

How do we persist it?
// Database connection information
$connectionOptions = array(
'driver' => 'pdo_sqlite',
'path' => 'database.sqlite'
);

// Create EntityManager
$em = EntityManager::create($connectionOptions, $config);

$user = new User;
$user->setName('Brent Shaffer');
$em->persist($user);
Game Board
$em->flush();


Doctrine2 - Inheritance

Inheritance
§ Three Kinds
§ Mapped Superclass
§ Single Table Inheritance
§ Class Table Inheritance


Doctrine2 - Inheritance

Inheritance Game Board

§ Mapped Superclass
§ Mapping data is contained in the superclass, but no database table is mapped to the superclass
§ Single Table Inheritance
§ All entities share one table.
§ To distinguish which row represents which type in the hierarchy a discriminator column is
used
§ Different and shared columns are maintained through Doctrine
§ Class Table Inheritance
§ Each class in the hierarchy is mapped to several tables: it’s own table and the tables of all
parent classes
§ The table of a child class is linked to the table of a parent class through a foreign key
constraint
§ A discriminator column is used in the topmost table of the hierarchy

Doctrine2 - Behaviors

Behaviors
§ What was wrong
§ Behaviors mocked multiple inheritance, a construct not supported in PHP

§ A necessary evil due to the active record implementation

§ The New Way
§ Interfaces
§ Describe what the object needs
§ Events and Listeners
§ Tell the Entity Manager how to handle the object
§ Traits
§ PHP 5.4
§ Copy and Paste for PHP functions, Similar to Modules in ruby.


Doctrine2 - Behaviors

§ An Example
§ Timestampable
§ Conﬁgure properties of your model to listen for on create and on update events
§ Assign the TimestampableListener as an EventSubscriber
§ Doctrine manager handles the rest
§ Existing Behaviors
§ Tree
§ Translatable
§ Sluggable
§ Timestampable
§ Loggable

Game Board


The Kernel


The Kernel

The Internet is a series of tubes

the request
Client
/get-this Your App
(Browser)

<h1>You Got It!</h1>
the response
Your job is always to generate and return a response

The Kernel

§ The Basics
§ The HttpKernel class is the central class of Symfony2 and is responsible for handling
client requests. Its main goal is to "convert" a Request object to a Response object.
§ The handle() method takes a Request and always returns a Response.

§ The Controller
§ To convert a Request to a Response, the Kernel relies on a Controller. A Controller can
be any valid PHP callable.
§ The controller returns a Response Object

§ Events
§ Events are thrown for onCoreRequest, onCoreController, onCoreView, and
onCoreResponse, and onCoreException.


The Kernel

Drum Roll Please...
$kernel = new AppKernel('Brent Shaffer', false);
$kernel->handle(Request::createFromGlobals())->send();

Game Board


The Proﬁler


The Proﬁler

The Symfony2 profiler collects useful information about
each request made to your application and stores them for
later analysis.

You rarely have to deal with the profiler directly as
Symfony2 provides visualizer tools like the Web Debug
Toolbar and the Web Profiler.


The Profiler

§ The profiler collects information for all requests (simple requests, redirects, exceptions,
Ajax requests, ESI requests; and for all HTTP methods and all formats).
§ A single URL can result in several associated profiling data (one per external request/
response pair).
§ The profiler stores data to allow for access anytime
// on the production machine
$profiler = $container->get('profiler')->getFromResponse($response);
$data = $profiler->export();
Text
// on the development machine
$profiler->import($data);

§ Profilers can be configured differently per IP, URL, or a custom matcher
service
framework:
profiler:
matcher: { ip: 192.168.0.0/24, path: "^/admin/", service: custom_matcher }


Twig


Twig

“You do know PHP is the best templating language, right?”
- Andi Gutmans


Twig

What is a templating engine?
§ A template engine allows you to render a presentation (HTML, XML, etc) via a
template in a controlled environment
§ It should allow special functionality that makes creating templates easier (helpers,
template inheritance, etc)
§ SMARTY is a templating engine
§ HAML is a templating engine
§ PHP is a templating engine


Twig

Why is PHP a crappy templating
engine? inheritance
rendering template ﬁles is a hack: an include statement with output-buffering control
§

no or faked template
§

§ no isolation: PHP templates make available any global variables or functions
§ no template-friendly syntax


Twig

What makes Twig better?
{{ var.method }}

{% for user in users %}
§ Template-oriented syntax * {{ user.name }}
{% else %}
§ Twig takes back the dot accessor No user has been found.
{% endfor %}
§ for else loop

§ Filters

§ Multiple inheritance {{ var |
uppercase }}
§ Dynamic template extension
{% extends "layout.html" %}
§ Horizontal reuse
{% block content %}
§ Extensible Content of the page...
{% endblock %}
§ Twig “Core” is nothing more than a set of default
extensions
§ Even Twig syntax is mutable {% use 'div_layout.html.twig' %}


Twig

Twig in Action
warning. plagiarized content ahead


Twig

Extending
// add a custom function
$twig->addFunction('customfunc', new Twig_Function_Method($this, 'twigCustomFunc'));

public function twigCustomFunc(Twig_Environment $env, $var)
{
{{ customfunc(var)}} // do something awesome
}

// add a custom filter
$twig->addFilter('customfilt', new Twig_Filter_Function($this, 'doCustomFilt'));

public function twigCustomFilt(Twig_Environment $env, $var, $num)
{
{{ var | customﬁlt(2) }} // do something awesome
}


Twig

Sandboxing
// specify trusted code
$tags = array('if');
$filters = array('upper');
$methods = array(
'Article' => array('getTitle', 'getBody'),
);
$properties = array(
'Article' => array('title', 'body'),
);
$functions = array('range');
$policy = new Twig_Sandbox_SecurityPolicy($tags, $filters, $methods, $properties, $functions);

// Add your extension to twig
$sandbox = new Twig_Extension_Sandbox($policy);
$twig->addExtension($sandbox);

Game Board


Did Symfony2
Kill the
Magic?

Did Symfony2 Kill The Magic?



§ What is Magic?
§ The framework takes on new responsibility, and does so in
a way we don’t understand
§ We describe something as “killing the magic” when that
responsibility is returned to the developer
§ Why do some consider magic bad?
§ The Great Jon Wage:

§ “Magic is great when it works, but the magic you love is
also the cause of much of your pain”
§ “Magic makes it harder to understand what is
happening”
§ “Edgecases, Edgecases, Edgecases!”

§ “Magic is slow”



§ Is Magic Bad?
§ Magic is bad when it is a hack

§ Doctrine1 Behaviors

§ Magic is bad when it is not well written
§ Symfony admin generator

§ Magic is bad when it disregards best practices
§ Doctrine1 Active Record

§ Magic is bad when it sacriﬁces control
§ sfInstaPrestoRestApiPluginnator



Answer the Question Already!
§ Symfony2 did not kill the magic
§ Annotations alleviate verbosity of configuration

§ Propel2 will implement Doctrine2 in ActiveRecord form

§ Convention over Configuration often does the work for you

§ That bit about poorly written code? Symfony2 doesn’t have that problem.

§ The first step is to write a solid platform

§ The bells and whistles come next

Game Board


Speed


Speed

“Fast as Hell”
- Fabien


Speed

§ Symfony2 Framework
§ 3 times faster than Symfony 1.4

§ 3 times faster than Zend Framework

§ Takes up 2 times less memory

§ Doctrine2
§ 4 times faster than Doctrine 1 (according to arbitrary benchmark)
§ Use of Transactions makes all batch operations signiﬁcantly faster
§ Caching
§ Twig, Dependency Injection Container, Routes, are all as fast as they can possibly be
§ compiled down to plain PHP code
§ Everything is converted to plain calls


Speed

HTTP Caching
§ Symfony2‘s “Killer Feature”
§ We use the HTTP 1.1 Caching Speciﬁcation
§ pre-invented wheels

§ Comes with a built in Gateway Cache (aka Reverse Proxy)
§ A shared cache on the server side
// web/app.php

$kernel = new AppCache(new AppKernel('prod', false));
$kernel->handle(Request::createFromGlobals())->send();

§ Make websites more scalable, reliable and performing better
§ Examples: Varnish, Squid, Akimai


Speed

HTTP Caching
§ Information is sent with headers
§ Cache-Control / Expires / Last-Modified / ETag
§ the switch from one proxy server to another is easy and transparent as no code modification
is needed!
§ Return “304 Not Modified” to save on bandwidth/cpu
§ Wait, you mean we have to understand HTTP 1.1 Specifications?
§ Yes.
§ And Http 1.1 Caching Headers?
§ That’s right
§ Well this party really died
§ It’s ok! Learning is fun.
§ You’ll probably get paid more someday
§ Ladies* love it. * no ladies love this

Speed

Show me the money!
// setting HTTP Cache headers for expiration
public function indexAction()
{
$response = $this->renderView('MyBundle:Main:index.html.twig');
$response->setMaxAge(600);
$response->setSharedMaxAge(600);

return $response; // setting HTTP Cache headers for validation
} public function indexAction()
{
$response = $this->renderView('MyBundle:Main:index.html.twig');
$response->setETag(md5($response->getContent()));
$response->isNotModified($this->get('request'));

return $response;
}


It’s too simple.
I’ll never be able to cache my
app..


Speed

Don’t Cry! Use E-S-I!
Edge Side Includes
§ Akamai Speciﬁcation
§ allow HTTP cache to be used to cache page fragments (even nested fragments)
independently.
§ Cache an entire page for 60 minutes, but an embedded sidebar for only 5 minutes.
§ Leave fragments uncached!
§ Each ESI tag has a fully-qualiﬁed URL. An ESI tag represents a page fragment that can be
fetched via the given URL.


Speed

Show me some mo’
money!
<html>
<body>
Some content


<esi:include src="http://..." />

More content
</body>
</html>

Game Board

Infrastructure


Infrastructure

Front Controllers
§ One ﬁle to rule them all
§ The Entry Point of your application
§ Useful when combining platforms
§ To the code machine!!!


Infrastructure

Symfony2 Core
§ The core consists of three things
§ components

§ bundles

§ bridges


Infrastructure - Symfony2 Core

Components
§ Orthogonal code, separately maintained
§ Examples
§ Yaml

§ Event Dispatcher

§ Routing

§ Security



Bundles
§ Bring libraries into the symfony
ecosystem
§ Examples
§ FrameworkBundle

§ DoctrineBundle

§ TwigBundle

§ SecurityBundle



Bridges
§ Ties between components independent of the
framework
§ Ensures components and bundles really are
standalone
§ Examples
§ DoctrineBridge

§ MonologBridge

§ TwigBridge


Infrastructure

Symfony2 Framework
§ The framework consists of three main things
§ Vendors

§ Your Source

§ The Application



Vendors
§ Third party code. Can be libraries or bundles
§ Examples
§ Libraries: doctrine-mongodb

§ Bundles: DoctrineMongoDbBundle



Source
§ Your code! Anything application-speciﬁc
§ Probably bundles
§ libraries inside bundles


Infrastructure - Symfony2 Framework

The Application
§ The overmind
§ Ties it all together
§ conﬁguration

§ routing

§ autoloading

§ stuff like that


Infrastructure

Bundles?
§ Cutesy French Word
§ Like everything else, they come in threes
§ Core Bundles

§ Vendor Bundles

§ Source Bundles

§ Everything is a bundle. Even you.
§ Ok I lied, not everything. But most things.


Infrastructure - Bundles

Bundles contain...
§ Routing
§ Controllers
§ Views
§ Doctrine Objects
§ Libraries
§ Assets
§ Just About Everything


Infrastructure - Bundles

Organization++
§ Namespaced
§ Flexible Structure
§ I have a dream! That one day! All
products shall live side-by-side in one src
directory!

Game Board


Security


Security

§ Authentication and Authorization
§ Authentication - identify the user
§ Use built in authentication methods
§ Login forms, HTTP Authentication, X.509 Certiﬁcates
§ Stateless
§ Write custom authentication
§ Ex: Lock down a URL pattern to Twitter users only
§ Authorization - do they have access?
§ User Roles
§ Firewalls
§ Activated based on a URL regex match
§ Sends authentication back to the user


Security

§ User Providers
§ Users can come from anywhere

§ database table

§ web service

§ in memory

§ Use Multiple user providers in a single application

§ Custom User Providers
§ UserInterface / UserProviderInterface
§ Encoding
§ Conﬁgured per user provider
§ Also customizable (PasswordEncoderInterface)


Security

A Practical Example
# app/config/config.yml
security:
firewalls:
secured_area: Authentication
pattern: ^/
anonymous: ~
http_basic:
realm: "Secured Demo Area"
Authorization
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }

providers:
in_memory: User Providers
users:
brent: { password: brentpass, roles: 'ROLE_USER' }
admin: { password: kitten, roles: 'ROLE_ADMIN' }

encoders: Password Encoding
SymfonyComponentSecurityCoreUserUser: plaintext


Security

Extending the Security Component
§ You can get a good look at a T-Bone if you stick your head up a... no wait, it’s
your bull.
§ WSSE (because we all hate SOAP)
§ Four Classes
§ WsseListener
§ WsseProvider
§ WsseToken
§ WsseFactory # app/config/config.yml
security:
§ not as easy as advertised firewalls:
§ But... my_service:
pattern: ^/api/.*
wsse: true


Security

Allows for the extending of Services
§ When secure methods of a service class are called, unauthenticated users are prompted
with a login.
class NewsletterManager
§ That’s neat. {
protected $securityContext;
§ Wait... WHAT??
public function __construct(SecurityContextInterface $securityContext)
{
Awesome $this->securityContext = $securityContext;
}

Rad public function sendNewsletter()
{
Groovy if (false == $this->securityContext->isGranted('NEWSLETTER_ADMIN')) {
throw new AccessDeniedException();
}
//--
}
}


Security

In Conclusion
§ Symfony2 uses the well-proven security model of authentication and authorization.
§ The security component is very robust, and made to handle enterprise-level
authentication needs
§ The container makes it possible to extend security even further
§ Custom authentication methods
§ Custom user providers
§ Custom authorization
§ Custom encoding

http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html Game Board


PHP 5.3


PHP 5.3

§ Why is everyone so scared?
§ PHP 5.2 came out in 2006
§ PHP 5.3 has been out for two years
§ Who uses it?
§ Doctrine2, MongoODM, Symfony2, Zend Framework2, Assetic, Behat, Monolog... more to
come
§ What do we get?
§ Namespaces
§ Autoloading, Avoid Collisions, Organization
§ Closures and Lamdas, y’all!
§ Late Static Binding
§ SPL Enhancements, new functions
§ OpenSSL, Mysql, and DateTime functions, native array functions, parse_ini_string(), str_getcsv(), etc.
§ Chaining Exceptions
Game Board
§ exciting news for huge nerds


Testing


Testing

PHPUnit

Game Board


Forms


Testing

[Slides to make you sound
like you understand forms here]

Game Board


Your Mother

Game Board


Tom Selleck’s Mustache

Game Board


Standard White Background Bullet Slide



Questions?

§ http://brentertainment.com
§ http://github.com/bshaffer
§ @bshaffer


Symfony2 Engineer Explains Dependency Injection

Recommandé

Recommandé

Contenu connexe

Similaire à Symfony2 Engineer Explains Dependency Injection

Similaire à Symfony2 Engineer Explains Dependency Injection (20)

Plus de Brent Shaffer

Plus de Brent Shaffer (9)

Dernier

Dernier (20)

Symfony2 Engineer Explains Dependency Injection