Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Getting Into FLOW3 (TYPO312CA)


Published on

FLOW3 is a web application platform which uses Domain-Driven Design as its major underlying concept. This approach makes FLOW3 easy to learn and at the same time clean and flexible for complex projects. It features namespaces, has an emphasis on clean, object-oriented code and provides a seemless Doctrine 2 integration.

FLOW3 incorporates Dependency Injection in a way which lets you truly enjoy creating a stable and easy-to-test application architecture (no configuration necessary). Being the only Aspect-Oriented Programming capable PHP framework, FLOW3 allows you to cleanly separate cross-cutting concerns like security from your main application logic.

This tutorial takes you through an imaginary project from scratch. During the journey we’ll visit all important areas of the framework.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Getting Into FLOW3 (TYPO312CA)

  1. 1. T3CON12Québec City, Canada Robert Lemke Getting into FLOW3
  2. 2. T3CON12Québec City, CanadaRobert Lemkeproject founder of FLOW3 and TYPO3 “Phoenix”co-founder of the TYPO3 Associationcoach, coder, consultant36 years oldlives in Lübeck, Germany1 wife, 2 daughters, 1 espresso machinelikes drumming
  3. 3. StartersInstallationKickstart & Hello World!Controller, Actions, Arguments & HTTPDomain-Driven DesignDoctrineForms, Validation
  4. 4. Main DishesResources, Image UploadSession HandlingUser, Account, AuthenticationAuthorization
  5. 5. Deserts Caching Testing Logging Deployment Signal-Slot I18n Routing Espresso
  6. 6. ?
  7. 7. T3CON12Québec City, CanadaAt a GlanceFLOW3 is a web application platform • holistic concept for your apps • modular, extensible, package based • pedantically clean with focus on quality • puts a smile on developer’s faces • free & Open Source (LGPL v3) • backed by one of the largest Open Source projects
  8. 8. T3CON12 Québec City, Canada Foundation for the Next Generation CMSTYPO3 “Phoenix” is the all-newEnterprise CMS • content repository, workspaces, versions, i18n, modular UI ... • powered by FLOW3 • compatible code base • use TYPO3 features in FLOW3 standalone apps as you like
  9. 9. T3CON12Québec City, CanadaFLOW3 Website and Download#
  10. 10. T3CON12Québec City, CanadaGit Clone $ git clone --recursive git:// . Cloning into .... remote: Counting objects: 3837, done. remote: Compressing objects: 100% (2023/2023), done. remote: Total 3837 (delta 2007), reused 2721 (delta 1465) Receiving objects: 100% (3837/3837), 3.49 MiB | 28 KiB/s, done. Resolving deltas: 100% (2007/2007), done.
  11. 11. T3CON12 Québec City, Canada Set File Permissions $ sudo ./flow3 core:setfilepermissions robert _www _www FLOW3 File Permission Script Checking permissions from here upwards. Making sure Data and Web/_Resources exist. Setting file permissions, trying to set ACLs via chmod ... Done.Linux: $ sudo usermod -a -G www-data robertMac OS X: $ sudo dscl . -append /Groups/_www GroupMembership robert
  12. 12. T3CON12Québec City, CanadaSet Up Database ConnectionConfiguration/Settings.yaml # # # Global Settings # # # TYPO3: FLOW3: persistence: backendOptions: dbname: demo user: demo password: password host: # only on Windows: core: phpBinaryPathAndFilename: C:/path/to/php.exe
  13. 13. T3CON12Québec City, CanadaSet Up Virtual HostApache Virtual Host <VirtualHost *:80> DocumentRoot /opt/local/apache2/htdocs/Talks/FLOW3/Web/ ServerName dev.flow3.rob SetEnv FLOW3_CONTEXT Development </VirtualHost> <VirtualHost *:80> DocumentRoot /opt/local/apache2/htdocs/Talks/FLOW3/Web/ ServerName flow3.rob SetEnv FLOW3_CONTEXT Production </VirtualHost>
  14. 14. T3CON12Québec City, CanadaFinal Check
  15. 15. C lo ne t h e Be a s t 5 1 1 1 Ro bert Lem ke D.P. F l u x t r time ();
  16. 16. T3CON12Québec City, CanadaBiggest Book Store: Amazon
  17. 17. T3CON12Québec City, CanadaBiggest River: Amazon River © Google
  18. 18. T3CON12Québec City, CanadaSmallest River: Roe River © Google
  19. 19. T3CON12Québec City, CanadaSmallest River: Roe River © Google
  20. 20. T3CON12Québec City, CanadaSmallest River: Roe River © Google
  21. 21. T3CON12Québec City, CanadaSmallest River: Roe River
  22. 22. Smallest Book Store: Roe Books
  23. 23. Sketchy Model
  24. 24. Jus t C o de a Sh o p 5 2 1 1 Ro bert Lem ke D.P. F l u x t r time ();
  25. 25. T3CON12Québec City, CanadaTackling the Heart of Software Development /**Domain-Driven Design * A Book * * @FLOW3Scope(“protot ype”) * @FLOW3EntityA methodology which ... */ class Book { • results in rich domain models /** * @var string */ • provides a common language protected $title; across the project team /** * @var string */ • simplify the design of complex protected $isbn; applications /** * @var string */ protected $description ;FLOW3 is the first PHP framework /**tailored to Domain-Driven Design * @var integer */ protected $price;
  26. 26. T3CON12Québec City, CanadaDomain-Driven DesignDomain activity or business of the userDomain-Driven Design is about • focussing on the domain and domain logic • accurately mapping the concepts to software • forming a ubiquitous language among the project members
  27. 27. T3CON12Québec City, CanadaDomain-Driven DesignUbiquitous Language • important prerequisite for successful collaboration • use the same words for • discussion • modeling • development • documentation
  28. 28. T3CON12Québec City, CanadaDomain-Driven DesignBuilding Blocks • Entity: An object that is not defined by its attributes, but rather by a thread of continuity and its identity. • Value Object: An object that contains attributes but has no conceptual identity. They should be treated as immutable. • Aggregate: A collection of objects that are bound together by a root entity, otherwise known as an aggregate root. The aggregate root guarantees the consistency of changes being made within the aggregate by forbidding external objects from holding references to its members.
  29. 29. T3CON12Québec City, CanadaDomain-Driven DesignBuilding Blocks • Service: When an operation does not conceptually belong to any object. Following the natural contours of the problem, you can implement these operations in services. • Repository: methods for retrieving domain objects should delegate to a specialized Repository object such that alternative storage implementations may be easily interchanged.
  30. 30. T3CON12Québec City, CanadaDomain-Driven Design
  31. 31. T3CON12Québec City, CanadaObject ManagementFLOW3s take on Dependency Injection • one of the first PHP implementations (started in 2006, improved ever since) • object management for the whole lifecycle of all objects • no unnecessary configuration if information can be gatered automatically (autowiring) • intuitive use and no bad magical surprises • fast! (like hardcoded or faster)
  32. 32. T3CON12Québec City, CanadaConstructor Injectionnamespace AcmeDemoController;use TYPO3FLOW3MvcControllerActionController;use AcmeDemoServiceGreeterService;class DemoController extends ActionController { /** * @var AcmeDemoServiceGreeterService */ protected $greeterService; /** * @param AcmeDemoServiceGreeterService */ public function __construct(GreeterService $greeterService) { $this->greeterService = $greeterService; } /** * @param string $name */ public function helloAction($name) { return $this->greeterService->greet($name); }}
  33. 33. T3CON12Québec City, CanadaSetter Injectionnamespace AcmeDemoController;use TYPO3FLOW3MVCControllerActionController;use AcmeDemoServiceGreeterService;class DemoController extends ActionController { /** * @var AcmeDemoServiceGreeterService */ protected $greeterService; /** * @param AcmeDemoServiceGreeterService */ public function injectGreeterService(GreeterService $greeterService) { $this->greeterService = $greeterService; } /** * @param string $name */ public function helloAction($name) { return $this->greeterService->greet($name); }}
  34. 34. T3CON12Québec City, CanadaProperty Injectionnamespace TYPO3DemoController;use TYPO3FLOW3Annotations as FLOW3;use TYPO3FLOW3MVCControllerActionController;use AcmeDemoServiceGreeterService;class DemoController extends ActionController { /** * @var TYPO3DemoServiceGreeterService * @FLOW3Inject */ protected $greeterService; /** * @param string $name */ public function helloAction($name) { return $this->greeterService->greet($name); }}
  35. 35. T3CON12Québec City, CanadaObjects.yaml TYPO3FLOW3SecurityCryptographyRsaWalletServiceInterface: className: TYPO3FLOW3SecurityCryptographyRsaWalletServicePhp scope: singleton properties: keystoreCache: object: factoryObjectName: TYPO3FLOW3CacheCacheManager factoryMethodName: getCache arguments: 1: value: FLOW3_Security_Cryptography_RSAWallet
  36. 36. T3CON12Québec City, CanadaObject Management class Customer { /** * @FLOW3Inject * @var AcmeCustomerNumberGenerator */ protected $customerNumberGenerator; ... } $customer = new Customer(); $customer->getCustomerNumber();
  37. 37. T3CON12Québec City, CanadaObject Management <?php declare(ENCODING = u tf-8); namespace TYPO3Conf erenceDomainModel use TYPO3FLOW3Anno Conference; tations as FLOW3;FLOW3 creates proxy classes /** * Autogenerated Prox y Classfor realizing DI and AOP magic * @FLOW3Scope(“prot otype”) * @FLOW3Entity */ • new operator is supported class Paper extends TYPO3FLOW3Persist Paper_Original implem ents TYPO3FLOW3Obj ect enceAspectPersiste nceMagicInterface { /** • proxy classes are created * @var string on the fly * @ORMId * @ORMColumn(length ="40") * introduced by TYPO 3FLOW3Persistence */ AspectPersistenceMa • in production context all protected $FLOW3_Per sistence_Identifier = NULL; code is static private $FLOW3_AOP_P roxy_targetMethodsAn dGroupedAdvices = ar ra private $FLOW3_AOP_P roxy_groupedAdviceCh ains = array(); private $FLOW3_AOP_P roxy_methodIsInAdvic eMode = array(); /** * Autogenerated Prox y Method */ public function __co nstruct()
  38. 38. T3CON12 Québec City, Canada Basic Object Persistence // Create a new customer and persist it: $customer = new Customer("Robert"); $this->customerRepository->add($customer); // Find an existing customer: $otherCustomer = $this->customerRepository->findByFirstName("Karsten"); // and delete it: $this->customerRepository->remove($otherCustomer);
  39. 39. T3CON12 Québec City, Canada Validation and Doctrine Annotationsnamespace TYPO3BlogDomainModel;/** * A Blog object * * @Entity */class Blog { /** * @var string * @validate Text, StringLength(minimum = 1, maximum = 80) * @Column(length="80") */ protected $title; /** * @var DoctrineCommonCollectionsCollection<TYPO3BlogDomainModelPost> * @OneToMany(mappedBy="blog") * @OrderBy({"date" = "DESC"}) */ protected $posts; ...}
  40. 40. T3CON12Québec City, CanadaPersistence-related Annotations @Entity Declares a class as "entity" @Column Controls the database column related to the class property. Very useful for longer text content (type="text" !) @ManyToOne Defines relations to other entities. Unlike with @OneToMany vanilla Doctrine targetEntity does not have to be @ManyToMany given but will be reused from the @var @OneToOne annotation. cascade can be used to cascade operation to related objects.
  41. 41. T3CON12Québec City, CanadaPersistence-related Annotations @var Defines the type of a property, collections can be typed using angle brackets: DoctrineCommonCollectionsCollection<TYPO3ConferenceDomainModelComment> @transient The property will be ignored, it will neither be persisted nor reconstituted @identity Marks the property as part of an objects identity
  42. 42. T3CON12 Québec City, Canada Custom Queries using the Query Object Model/** * A PostRepository */class PostRepository extends TYPO3FLOW3PersistenceRepository { /** * Finds posts by the specified tag and blog * * @param TYPO3BlogDomainModelTag $tag * @param TYPO3BlogDomainModelBlog $blog The blog the post must refer to * @return TYPO3FLOW3PersistenceQueryResultInterface The posts */ public function findByTagAndBlog(TYPO3BlogDomainModelTag $tag, TYPO3BlogDomainModelBlog $blog) { $query = $this->createQuery(); return $query->matching( $query->logicalAnd( $query->equals(blog, $blog), $query->contains(tags, $tag) ) ) ->setOrderings(array( date => TYPO3FLOW3PersistenceQueryInterface::ORDER_DESCENDING) ) ->execute(); }}
  43. 43. T3CON12Québec City, CanadaSchema ManagementRunning Migrations• needed after installation or upgrade: $ ./flow3 doctrine:migrate
  44. 44. T3CON12Québec City, CanadaSchema ManagementManual database updates• for simple situations this can be good enough: $ ./flow3 doctrine:create $ ./flow3 doctrine:update• useful when • you are just starting a project and have never released
  45. 45. T3CON12Québec City, CanadaSchema ManagementGenerating migrations $ ./flow3 doctrine:migrationgenerate Generated new migration class to "…/Version20110608074324.php" from schema differences. $• Generated migrations can contain errors and should be checked and adjusted as needed• Migrations need to be moved to their “owning” package manually
  46. 46. T3CON12Québec City, CanadaValidationValidation in FLOW3• you do not want to code checks into your controllers• FLOW3 separates validation from your controller’s concerns • no PHP code needed for validation • declared through annotations
  47. 47. T3CON12Québec City, CanadaValidationValidation Models• BaseProperties rules defining the minimum requirements on individual properties of a model• BaseModel rules or custom validators enforcing the minimum requirements on the combination of properties of a model• Supplemental rules defining additional requirements on a model for a specific situation (e.g. a certain action method)
  48. 48. T3CON12Québec City, CanadaValidationBase Properties• Validation rules defined directly at the properties /** * @var string * @validate StringLength(minimum = 10, maximum = 100) */ protected $title; /** * @var string * @validate StringLength(minimum = 1, maximum = 50) */ protected $author;
  49. 49. T3CON12Québec City, CanadaValidationValidators• validators provided by FLOW3 can be used through their short name • Count, Float, NotEmpty, RegularExpression, Uuid, DateTime, NumberRange, StringLength, Alphanumeric, Integer, Number, String, EmailAddress, Label, Raw, Text• custom validators need to implement the ValidatorInterface• use them by specifying the fully qualified class name /** * @var DambekalnsStuffDomainModelStuff * @validate DambekalnsStuffDomainValidatorStuffValidator */ protected $stuff;
  50. 50. T3CON12 Québec City, Canada Property Mapper $articleArray = array( headline => Hello World!, story => Just a demo ... ); $article = $mapper->convert($sourceArray, Acme.DemoDomainModelArticle);
  51. 51. T3CON12 Québec City, Canada Resource Management Image Upload Resources are handled like other properties in a form: <f:form method="blog" action="update" object="{blog}" name="blog"enctype="multipart/form-data"> <f:if condition="{blog.authorPicture}"> <img src="{f:uri.resource(resource: blog.authorPicture)}" /> </f:if> <label for="authorPicture">Author picture</label> <f:form.upload property="authorPicture" id="authorPicture" /> <f:form.submit value="Update"/> </f:form>
  52. 52. T3CON12 Québec City, Canada Property Mapper Allow nested object structures For security reasons the creation of nested structure through the property mapper is disabled by default /** * @return void */ public function initializeUpdateAction() { $this->arguments[article]->getPropertyMappingConfiguration() ->allowCreationForSubProperty(picture); $this->arguments[article]->getPropertyMappingConfiguration() ->allowModificationForSubProperty(picture); }
  53. 53. T3CON12Québec City, CanadaFluidExample for assigning a string to a Fluid variable: // in the action controller: $this->view->assign(title, Welcome to Fluid); <!-- in the Fluid template: --> <head> <title>{title}</title> </head>
  54. 54. T3CON12Québec City, CanadaFluidVariables can also be objects: // in the action controller: $this->view->assign(conference, $conference); <!-- in the Fluid template: --> <div class="venue"> <p>Venue Street: {conference.venue.street}</p> </div>
  55. 55. T3CON12Québec City, CanadaFluidif-then-else: // in the action controller: $this->view->assign(post, $blogPost); <!-- in the Fluid template: --> <f:if condition="{post.comments}"> <f:then>There are some comments.</f:then> <f:else>There are no comments.</f:else> </f:if>
  56. 56. T3CON12Québec City, CanadaFluidfor-each: // in the action controller: $this->view->assign(ages, array("Karsten" => 34, "Robert" => 35)); <!-- in the Fluid template: --> <ul> <f:for each="{ages}" as="age" key="name"> <li>{name} is {age} year old.</li> </f:for> </ul>
  57. 57. T3CON12Québec City, CanadaFluidfor-each: // in the action controller: $this->view->assign(post, $blogPost); <!-- in the Fluid template: --> <f:if condition="{post.comments}"> <ul> <f:for each="{post.comments}" as="comment" > <li>{post.title}</li> </f:for> </ul> </f:if>
  58. 58. T3CON12Québec City, CanadaFluidView helpers – in this case the link.action view helper: <!-- in the Fluid template: --> {namespace f=TYPO3FluidViewHelpers} <f:link.action action="delete" arguments="{post: post, really: yes}"> Delete this post </f:link.action>
  59. 59. T3CON12Québec City, CanadaSecurity Policy
  60. 60. T3CON12Québec City, CanadaSecurityCross-Site Request Forgery • enables an attacker to execute privileged operations without being authenticated • the risk lies in using malicious links or forms while still being authenticated • imagine a link coming in through an URL shortener...
  61. 61. T3CON12Québec City, CanadaSecurityAvoiding Cross-Site Request Forgery • add a (truly!) random string token to each link or form • make sure this token is correct before executing anything • change the token as often as possible to make it impossible to send you a working malicious link while you’re logged in • in most cases, we can assume that it should be enough to generate one token when you log in – that’s the default
  62. 62. T3CON12Québec City, CanadaSecurityCSRF Protection in FLOW3 • you must not forget to add that token to any link • FLOW3 automatically adds the CSRF token to each • link you generate • each form you create with Fluid • and checks it for every call to a protected action • the protection can be disabled using @skipCsrfProtection on an action
  63. 63. T3CON12Québec City, CanadaRoadmap
  64. 64. T3CON12Québec City, CanadaConference Appgit://
  65. 65. T3CON12Québec City, CanadaBlog Appgit://
  66. 66. Rossmann• second biggest drug store in Germany• 5,13 billion € turnover• 31,000 employees
  67. 67. Customer Database• custom persistence with CouchDB• SOAP support• continuous delivery• cluster setup by networkteam, Kiel
  68. 68. Amadeus• world’s biggest e-ticket provider• 217 markets• 948 million billable transactions / year• 2,7 billion € revenue
  69. 69. Social Media Suite• central hub for social media activities for potentially thousands of travel agencies• advanced form engine• various detail improvements by AKOM360, Munich• uses an early version of TYPO3 Phoenix
  70. 70. “Our senior developers areextremely happy with FLOW3 –it is definitely the mostcapable PHP framework we Fabian Pfütze Project Leadhave come acrossso far.”
  71. 71. ?
  72. 72. T3CON12Québec City, CanadaThanks for having me!Slides: http://robertlemke.comTwitter: @robertlemkeFeedback: robert@typo3.orgFLOW3: