In The Future We All Use Symfony2
Upcoming SlideShare
Loading in...5
×
 

In The Future We All Use Symfony2

on

  • 5,293 views

A not so brief overview of all the major Symfony2 components.

A not so brief overview of all the major Symfony2 components.

Some of the slides have been paraphrased from presentations by the venerated Fabien Potencier, Jonathan Wage, and Ryan Weaver.

Statistics

Views

Total Views
5,293
Views on SlideShare
5,279
Embed Views
14

Actions

Likes
9
Downloads
52
Comments
0

3 Embeds 14

http://www.sfexception.com 12
http://dev.symfony2developer.com 1
https://twitter.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

In The Future We All Use Symfony2 In The Future We All Use Symfony2 Presentation Transcript

  • IN THE FUTURE, WE ALL USE SYMFONY2 Brent Shaffer | Software Engineer© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 1
  • This Guy... Who is he? § Brent Shaffer § Too lazy to change the slide theme § OBU Software Engineer - Genesis Team § Symfony user for 3 years § Nashville Symfony UG § Author of ~20 Plugins § Contributed to Symfony2 Docs § Touched Fabien’s Hand @bschaffer @bshaffer© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 2
  • What is he doing up there? § Rah Symfony Rah! § Symfony Momentum § Symfony2 advantages § Symfony2 shortcomings § Can we use it? § Should we use it?© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 3
  • It’s time to play...© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 4
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 5
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 6
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 7
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 8
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 9
  • Definition Methodology The Kernel Security Interfaces Usage The Profiler Speed Containers Inheritance Twig Infrastructure Configuration Behaviors Killing the Magic PHP 5.3 Tom Selleck’s Mustache Forms Testing© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 10
  • Dependency Injection Container© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 11
  • Dependency Injection Container Dependency Injection Container When one object requires Service that facilitates this another object in order to process perform its function Passing the dependency to the object that requires it© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 12
  • Dependency Injection Container class User { What we are used to protected $storage; function __construct() { $this->storage = new SessionStorage(); } function setLanguage($language) { $this->storage->set(language, $language); } } // ...© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 13
  • Dependency Injection Container class User { What we want protected $storage; function __construct($storage) { $this->storage = $storage; } function setLanguage($language) { $this->storage->set(language, $language); } } // ...© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 14
  • Dependency Injection Container Instead of harcoding the Storage dependency inside the User class constructor Inject the Storage dependency in the User object© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 15
  • Dependency Injection Container $storage = new SessionStorage(SESSION_ID); $user = new User($storage); // use a different storage engine $storage = new MySQLSessionStorage(SESSION_ID); $user = new User($storage); ESS! SUCC Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 16
  • Dependency Injection Container - Interfaces Interfaces § Defines public methods of a class § Allow Plain Old PHP Objects as dependencies (POPO’s) § Enable use of third party classes through Adapters or Subclasses© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 17
  • Dependency Injection Container class User { protected $storage; function __construct(SessionStorageInterface $storage) { $this->storage = $storage; } } interface SessionStorageInterface SS! { function get($key); function set($key, $value); SUCCE } Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 18
  • Dependency Injection Container The Container § Describes objects and their dependencies § Instantiates and configures objects on- demand § A container SHOULD be able to manage ANY PHP object (POPO) § The objects MUST not know that they are© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 19
  • Dependency Injection Container § Parameters § The SessionStorageInterface implementation we want to use (the class name) § The session name § Objects § SessionStorage § User § Dependencies § User depends on a SessionStorageInterface implementation© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 20
  • Dependency Injection Container class Container { protected $parameters = array(); public function setParameter($key, $value) { $this->parameters[$key] = $value; } public function getParameter($key) { return $this->parameters[$key]; } }© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 21
  • Dependency Injection Container $container = new Container(); $container->setParameter(session_name, SESSION_ID); $container->setParameter(storage_class, SessionStorage); // decoupled! $class = $container->getParameter(storage_class); $sessionStorage = new $class($container->getParameter(session_name)); $user = new User($sessionStorage); ESS! SUCC© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 22
  • Dependency Injection Container - Configuration What does this actually look like? services: parameters: storage: session_name: ‘SESSION_NAME’ class: %storage_class% storage_class: ‘SessionStorage’ arguments: - %session_name% user: class: User arguments: - @storage© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 23
  • Dependency Injection Container § A DI Container does NOT manage ALL your objects § Good rule of thumb: It manages “Global” objects § Objects with only one instance (not the same as a singleton) § LIKE... § a User... § a Request... § a Logger... § a Database Connection... § UNLIKE § a Product... § a Blog Post...© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 24
  • Dependency Injection Container § Check out the Pimple project for more information § http://pimple-project.org/ Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 25
  • Doctrine 2© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 26
  • Doctrine2 - Methodology Paradigm Shift§ A model is not a table§ Objects are best when modeled after their real-world prototypes§ Active Record pattern vs. Data Mapper pattern § Active Record: An object that wraps a row in a database table or view, encapsulates the database access, and adds domain logic on that data. § Data Mapper: A layer that moves data between objects and a database while keeping them independent of each other and the mapper itself. § We retain control of our domain§ Persistence is separate from the object itself © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 27
  • Doctrine2 - Methodology Entities § Lightweight persistent domain objects § Regular PHP Classes § Do not extend any base Doctrine class § Supports inheritance and abstract classes § Entities may extend non-entity classes and vice versa.© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 28
  • Doctrine2 - Methodology Entity Manager § Central access point to the ORM functionality provided by Doctrine2. The API is used to manage the persistence of your objects and to query for persistent objects § Employs transactional write behind strategy that delays the execution of SQL statements in order to execute them in the most efficient way § Executes at end of transaction so that all write locks are quickly released § Uses the Unit Of Work pattern to keep track of objects Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 29
  • Doctrine2 - Usage What does this look like? <?php namespace Entities; /** * @Entity @Table(name="users") */ class User { /** @Id @Column(type="integer") @GeneratedValue */ private $id; /** @Column(length=50) */ private $name; /** @OneToOne(targetEntity="Address") */ private $address; }© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 30
  • Doctrine2 - Usage How do we persist it? // Database connection information $connectionOptions = array( driver => pdo_sqlite, path => database.sqlite ); // Create EntityManager $em = EntityManager::create($connectionOptions, $config); $user = new User; $user->setName(Brent Shaffer); $em->persist($user); Game Board $em->flush();© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 31
  • Doctrine2 - Inheritance Inheritance § Three Kinds § Mapped Superclass § Single Table Inheritance § Class Table Inheritance© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 32
  • Doctrine2 - Inheritance Inheritance Game Board § Mapped Superclass § Mapping data is contained in the superclass, but no database table is mapped to the superclass § Single Table Inheritance § All entities share one table. § To distinguish which row represents which type in the hierarchy a discriminator column is used § Different and shared columns are maintained through Doctrine § Class Table Inheritance § Each class in the hierarchy is mapped to several tables: it’s own table and the tables of all parent classes § The table of a child class is linked to the table of a parent class through a foreign key constraint § A discriminator column is used in the topmost table of the hierarchy© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 33
  • Doctrine2 - Behaviors Behaviors § What was wrong § Behaviors mocked multiple inheritance, a construct not supported in PHP § A necessary evil due to the active record implementation § The New Way § Interfaces § Describe what the object needs § Events and Listeners § Tell the Entity Manager how to handle the object § Traits § PHP 5.4 § Copy and Paste for PHP functions, Similar to Modules in ruby.© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 34
  • Doctrine2 - Behaviors § An Example § Timestampable § Configure properties of your model to listen for on create and on update events § Assign the TimestampableListener as an EventSubscriber § Doctrine manager handles the rest § Existing Behaviors § Tree § Translatable § Sluggable § Timestampable § Loggable Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 35
  • The Kernel© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 36
  • The Kernel The Internet is a series of tubes the request Client /get-this Your App (Browser) <h1>You Got It!</h1> the response Your job is always to generate and return a response© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 37
  • The Kernel § The Basics § The HttpKernel class is the central class of Symfony2 and is responsible for handling client requests. Its main goal is to "convert" a Request object to a Response object. § The handle() method takes a Request and always returns a Response. § The Controller § To convert a Request to a Response, the Kernel relies on a Controller. A Controller can be any valid PHP callable. § The controller returns a Response Object § Events § Events are thrown for onCoreRequest, onCoreController, onCoreView, and onCoreResponse, and onCoreException.© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 38
  • The Kernel Drum Roll Please... $kernel = new AppKernel(Brent Shaffer, false); $kernel->handle(Request::createFromGlobals())->send(); Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 39
  • The Profiler© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 40
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 41
  • The Profiler The Symfony2 profiler collects useful information about each request made to your application and stores them for later analysis. You rarely have to deal with the profiler directly as Symfony2 provides visualizer tools like the Web Debug Toolbar and the Web Profiler.© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 42
  • The Profiler § The profiler collects information for all requests (simple requests, redirects, exceptions, Ajax requests, ESI requests; and for all HTTP methods and all formats). § A single URL can result in several associated profiling data (one per external request/ response pair). § The profiler stores data to allow for access anytime // on the production machine $profiler = $container->get(profiler)->getFromResponse($response); $data = $profiler->export(); Text // on the development machine $profiler->import($data);§ Profilers can be configured differently per IP, URL, or a custom matcher service framework: profiler: matcher: { ip: 192.168.0.0/24, path: "^/admin/", service: custom_matcher }© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 43
  • Twig© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 44
  • Twig “You do know PHP is the best templating language, right?” - Andi Gutmans© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 45
  • Twig What is a templating engine? § A template engine allows you to render a presentation (HTML, XML, etc) via a template in a controlled environment § It should allow special functionality that makes creating templates easier (helpers, template inheritance, etc) § SMARTY is a templating engine § HAML is a templating engine § PHP is a templating engine© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 46
  • Twig Why is PHP a crappy templating engine? inheritance rendering template files is a hack: an include statement with output-buffering control § no or faked template § § no isolation: PHP templates make available any global variables or functions § no template-friendly syntax© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 47
  • Twig What makes Twig better? {{ var.method }} {% for user in users %} § Template-oriented syntax * {{ user.name }} {% else %} § Twig takes back the dot accessor No user has been found. {% endfor %} § for else loop § Filters § Multiple inheritance {{ var | uppercase }} § Dynamic template extension {% extends "layout.html" %} § Horizontal reuse {% block content %} § Extensible Content of the page... {% endblock %} § Twig “Core” is nothing more than a set of default extensions § Even Twig syntax is mutable {% use div_layout.html.twig %}© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 48
  • Twig Twig in Action warning. plagiarized content ahead© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 49
  • Twig Extending // add a custom function $twig->addFunction(customfunc, new Twig_Function_Method($this, twigCustomFunc)); public function twigCustomFunc(Twig_Environment $env, $var) { {{ customfunc(var)}} // do something awesome } // add a custom filter $twig->addFilter(customfilt, new Twig_Filter_Function($this, doCustomFilt)); public function twigCustomFilt(Twig_Environment $env, $var, $num) { {{ var | customfilt(2) }} // do something awesome }© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 50
  • Twig Sandboxing // specify trusted code $tags = array(if); $filters = array(upper); $methods = array( Article => array(getTitle, getBody), ); $properties = array( Article => array(title, body), ); $functions = array(range); $policy = new Twig_Sandbox_SecurityPolicy($tags, $filters, $methods, $properties, $functions); // Add your extension to twig $sandbox = new Twig_Extension_Sandbox($policy); $twig->addExtension($sandbox); Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 51
  • Did Symfony2 Kill the Magic?© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 52
  • Did Symfony2 Kill The Magic?© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 53
  • Did Symfony2 Kill The Magic? § What is Magic? § The framework takes on new responsibility, and does so in a way we don’t understand § We describe something as “killing the magic” when that responsibility is returned to the developer § Why do some consider magic bad? § The Great Jon Wage: § “Magic is great when it works, but the magic you love is also the cause of much of your pain” § “Magic makes it harder to understand what is happening” § “Edgecases, Edgecases, Edgecases!” § “Magic is slow”© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 54
  • Did Symfony2 Kill The Magic?§ Is Magic Bad? § Magic is bad when it is a hack § Doctrine1 Behaviors § Magic is bad when it is not well written § Symfony admin generator § Magic is bad when it disregards best practices § Doctrine1 Active Record § Magic is bad when it sacrifices control § sfInstaPrestoRestApiPluginnator© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 55
  • Did Symfony2 Kill The Magic? Answer the Question Already! § Symfony2 did not kill the magic § Annotations alleviate verbosity of configuration § Propel2 will implement Doctrine2 in ActiveRecord form § Convention over Configuration often does the work for you § That bit about poorly written code? Symfony2 doesn’t have that problem. § The first step is to write a solid platform § The bells and whistles come next Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 56
  • Speed© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 57
  • Speed “Fast as Hell” - Fabien© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 58
  • Speed § Symfony2 Framework § 3 times faster than Symfony 1.4 § 3 times faster than Zend Framework § Takes up 2 times less memory § Doctrine2 § 4 times faster than Doctrine 1 (according to arbitrary benchmark) § Use of Transactions makes all batch operations significantly faster § Caching § Twig, Dependency Injection Container, Routes, are all as fast as they can possibly be § compiled down to plain PHP code § Everything is converted to plain calls© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 59
  • Speed HTTP Caching § Symfony2‘s “Killer Feature” § We use the HTTP 1.1 Caching Specification § pre-invented wheels § Comes with a built in Gateway Cache (aka Reverse Proxy) § A shared cache on the server side // web/app.php $kernel = new AppCache(new AppKernel(prod, false)); $kernel->handle(Request::createFromGlobals())->send(); § Make websites more scalable, reliable and performing better § Examples: Varnish, Squid, Akimai© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 60
  • Speed HTTP Caching § Information is sent with headers § Cache-Control / Expires / Last-Modified / ETag § the switch from one proxy server to another is easy and transparent as no code modification is needed! § Return “304 Not Modified” to save on bandwidth/cpu § Wait, you mean we have to understand HTTP 1.1 Specifications? § Yes. § And Http 1.1 Caching Headers? § That’s right § Well this party really died § It’s ok! Learning is fun. § You’ll probably get paid more someday § Ladies* love it. * no ladies love this© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 61
  • Speed Show me the money! // setting HTTP Cache headers for expiration public function indexAction() { $response = $this->renderView(MyBundle:Main:index.html.twig); $response->setMaxAge(600); $response->setSharedMaxAge(600); return $response; // setting HTTP Cache headers for validation } public function indexAction() { $response = $this->renderView(MyBundle:Main:index.html.twig); $response->setETag(md5($response->getContent())); $response->isNotModified($this->get(request)); return $response; }© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 62
  • It’s too simple. I’ll never be able to cache my app..© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 63
  • Speed Don’t Cry! Use E-S-I! Edge Side Includes § Akamai Specification § allow HTTP cache to be used to cache page fragments (even nested fragments) independently. § Cache an entire page for 60 minutes, but an embedded sidebar for only 5 minutes. § Leave fragments uncached! § Each ESI tag has a fully-qualified URL. An ESI tag represents a page fragment that can be fetched via the given URL.© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 64
  • Speed Show me some mo’ money! <html> <body> Some content <!-- Embed the content of another page here --> <esi:include src="http://..." /> More content </body> </html> Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 65
  • Infrastructure© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 66
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 67
  • Infrastructure Front Controllers § One file to rule them all § The Entry Point of your application § Useful when combining platforms § To the code machine!!!© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 68
  • Infrastructure Symfony2 Core § The core consists of three things § components § bundles § bridges© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 69
  • Infrastructure - Symfony2 Core Components § Orthogonal code, separately maintained § Examples § Yaml § Event Dispatcher § Routing § Security© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 70
  • Infrastructure - Symfony2 Core Bundles § Bring libraries into the symfony ecosystem § Examples § FrameworkBundle § DoctrineBundle § TwigBundle § SecurityBundle© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 71
  • Infrastructure - Symfony2 Core Bridges § Ties between components independent of the framework § Ensures components and bundles really are standalone § Examples § DoctrineBridge § MonologBridge § TwigBridge© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 72
  • Infrastructure Symfony2 Framework § The framework consists of three main things § Vendors § Your Source § The Application© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 73
  • Infrastructure - Symfony2 Core Vendors § Third party code. Can be libraries or bundles § Examples § Libraries: doctrine-mongodb § Bundles: DoctrineMongoDbBundle© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 74
  • Infrastructure - Symfony2 Core Source § Your code! Anything application-specific § Probably bundles § libraries inside bundles© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 75
  • Infrastructure - Symfony2 Framework The Application § The overmind § Ties it all together § configuration § routing § autoloading § stuff like that© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 76
  • Infrastructure Bundles? § Cutesy French Word § Like everything else, they come in threes § Core Bundles § Vendor Bundles § Source Bundles § Everything is a bundle. Even you. § Ok I lied, not everything. But most things.© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 77
  • Infrastructure - Bundles Bundles contain... § Routing § Controllers § Views § Doctrine Objects § Libraries § Assets § Just About Everything© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 78
  • Infrastructure - Bundles Organization++ § Namespaced § Flexible Structure § I have a dream! That one day! All products shall live side-by-side in one src directory! Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 79
  • Security© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 80
  • Security § Authentication and Authorization § Authentication - identify the user § Use built in authentication methods § Login forms, HTTP Authentication, X.509 Certificates § Stateless § Write custom authentication § Ex: Lock down a URL pattern to Twitter users only § Authorization - do they have access? § User Roles § Firewalls § Activated based on a URL regex match § Sends authentication back to the user© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 81
  • Security § User Providers § Users can come from anywhere § database table § web service § in memory § Use Multiple user providers in a single application § Custom User Providers § UserInterface / UserProviderInterface § Encoding § Configured per user provider § Also customizable (PasswordEncoderInterface)© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 82
  • SecurityA Practical Example # app/config/config.yml security: firewalls: secured_area: Authentication pattern: ^/ anonymous: ~ http_basic: realm: "Secured Demo Area" Authorization access_control: - { path: ^/admin, roles: ROLE_ADMIN } providers: in_memory: User Providers users: brent: { password: brentpass, roles: ROLE_USER } admin: { password: kitten, roles: ROLE_ADMIN } encoders: Password Encoding SymfonyComponentSecurityCoreUserUser: plaintext© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 83
  • Security Extending the Security Component § You can get a good look at a T-Bone if you stick your head up a... no wait, it’s your bull. § WSSE (because we all hate SOAP) § Four Classes § WsseListener § WsseProvider § WsseToken § WsseFactory # app/config/config.yml security: § not as easy as advertised firewalls: § But... my_service: pattern: ^/api/.* wsse: true© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 84
  • Security Allows for the extending of Services § When secure methods of a service class are called, unauthenticated users are prompted with a login. class NewsletterManager § That’s neat. { protected $securityContext; § Wait... WHAT?? public function __construct(SecurityContextInterface $securityContext) { Awesome $this->securityContext = $securityContext; } Rad public function sendNewsletter() { Groovy if (false == $this->securityContext->isGranted(NEWSLETTER_ADMIN)) { throw new AccessDeniedException(); } //-- } }© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 85
  • Security In Conclusion § Symfony2 uses the well-proven security model of authentication and authorization. § The security component is very robust, and made to handle enterprise-level authentication needs § The container makes it possible to extend security even further § Custom authentication methods § Custom user providers § Custom authorization § Custom encoding http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 86
  • PHP 5.3© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 87
  • PHP 5.3 § Why is everyone so scared? § PHP 5.2 came out in 2006 § PHP 5.3 has been out for two years § Who uses it? § Doctrine2, MongoODM, Symfony2, Zend Framework2, Assetic, Behat, Monolog... more to come § What do we get? § Namespaces § Autoloading, Avoid Collisions, Organization § Closures and Lamdas, y’all! § Late Static Binding § SPL Enhancements, new functions § OpenSSL, Mysql, and DateTime functions, native array functions, parse_ini_string(), str_getcsv(), etc. § Chaining Exceptions Game Board § exciting news for huge nerds© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 88
  • Testing© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 89
  • Testing PHPUnit Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 90
  • Forms© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 91
  • Testing [Slides to make you sound like you understand forms here] Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 92
  • Your Mother Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 93
  • Tom Selleck’s Mustache Game Board© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 94
  • Standard White Background Bullet Slide© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 95
  • Standard White Background Bullet Slide© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 96
  • Standard White Background Bullet Slide© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 97
  • Standard White Background Bullet Slide Questions? § http://brentertainment.com § http://github.com/bshaffer § @bshaffer© 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. 98
  • © 2011 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.