The state of Symfony2 - SymfonyDay 2010
11 likes1,940 views
The document provides an overview of the Symfony2 framework from its creator Fabien Potencier. It discusses several key aspects in 3 or less sentences: - Symfony2 is not yet ready for production but is estimated to reach stable status in March 2011. Some developers are already using pre-release versions. - The translation component allows translating text and handling pluralization. Template engines like Twig can be used to integrate translations into views. - Forms can be customized by overriding rendering blocks for different field types in custom templates applied to individual forms or globally. - Security features like authentication, authorization, and protecting against attacks are integrated. Users can be loaded from different
![{1} One apple|[0,Inf] {{ count }} apples](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-21-320.jpg)
![{0} No apples|
{1} One apple|
]1,Inf] {{ count }} apples](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-23-320.jpg)
![[-Inf,0[ WTF?!|
{0} No apples|
{1} One apple|
[2,19] Some apples|
[20,Inf] Many apples](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-24-320.jpg)
![<?php echo $view['translator']
->trans('Symfony2 is great!') ?>
vs
{% trans "Symfony2 is great!" %}](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-33-320.jpg)
![<?php echo $view['translator']
->trans('Symfony2 is {{ what }}!',
array('{{ what }}' => 'great'), 'app') ?>
vs
{% trans from app %}
Symfony2 is {{ what }}!
{% endtrans %}](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-34-320.jpg)
![<?php echo $view['translator']
->transChoice(
'No apples|One apple|{{ count }} apples',
1,
array('{{ count }}' => 1), 'app') ?>
vs
{% transchoice 1 from app %}
No apples|One apple|{{ count }} apples
{% endtranschoice %}](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-35-320.jpg)
![<?php echo $view['translator']
->transChoice(
'No apples|One apple|{{ count }} apples',
1,
array('{{ count }}' => 1), 'app') ?>](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-36-320.jpg)
![<?php echo $view['translator']
->transChoice(
'No apples|One apple|{{ count }} apples',
1,
array('{{ count }}' => 1), 'app') ?>](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-37-320.jpg)
![<?php echo $view['translator']
->transChoice(
'No apples|One apple|{{ count }} apples',
1,
array('{{ count }}' => 1), 'app') ?>](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-38-320.jpg)
![<?php echo $view['session']->getFlash('notice') ?>
vs
{% flash "notice" %}](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-40-320.jpg)
![<?php $view['slots']->start('title') ?>
Post: <?php echo $post->getTitle() ?>
<?php $view['slots']->stop() ?>
vs
{% block title %}
Post: {{ post.title }}
{% endblock title %}](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-41-320.jpg)
![{% block input_field %}
{% tag "input" with attributes %}
{% endblock input_field %}
{% block textarea_field %}
{% contenttag "textarea" with attributes %}{{ field.displayedData }}{% endcontenttag %}
{% endblock textarea_field %}
{% block choice_field %}
{% if field.options.expanded %}
{% for child in field %}{{ child|render_widget }}{% endfor %}
{% else %}
{% contenttag "select" with attributes %}{{ field|render_choices }}{% endcontenttag %}
{% endif %}
{% endblock choice_field %}
{% block toggle_field %}
{% display input_field %}
{% if field.options.label %}{% contenttag "label" with ['for': field.id] %}{% trans field.options.label %}{% endcontenttag %}{% endif %}
{% endblock toggle_field %}
{% block date_time_field %}
{{ field.date|render_widget }}{{ field.time|render_widget }}
{% endblock date_time_field %}
{% block date_field %}
{% if field.field %}
{% display input_field %}
{% else %}
{{ field.pattern|replace(['{{ year }}': field.year|render_widget, '{{ month }}': field.month|render_widget, '{{ day }}': field.day|
render_widget,]) }}
{% endif %}
{% endblock date_field %}
{% block time_field %}
{% if field.isfield %}
{% display input_field %}
{% else %}
{{ field.hour|render_widget }}:{{ field.minute|render_widget }}
{% if field.options.with_seconds %}:{{ field.second|render_widget }}{% endif %}
{% endif %}
{% endblock time_field %}
{% block money_field %}
{% set widget %}{% display input_field %}{% endset %}{{ field.pattern|replace(['{{ widget }}': widget]) }}
{% endblock money_field %}
{% block percent_field %}
{% display input_field %} %
{% endblock percent_field %}](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-60-320.jpg)
![Symfony2 Core Your Code
$this['security.context']->getUser()](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-67-320.jpg)
![$this['security.context']->getUser()
Your POPO
Implements AccountInterface](https://image.slidesharecdn.com/symfony2-101009070646-phpapp02/85/The-state-of-Symfony2-SymfonyDay-2010-68-320.jpg)
The state of Symfony2 - SymfonyDay 2010
- 1. The State of Symfony2 Fabien Potencier
- 3. How many of you have already played with Symfony2? http://www.flickr.com/photos/bartworldv6/4206815555
- 4. Symfony2 is not ready for production http://www.flickr.com/photos/rknickme/2205111920
- 5. Current guestimate for stable release March 2011 http://www.flickr.com/photos/pictureperfectpose/76138988
- 6. Crazy people do use Symfony2 http://www.flickr.com/photos/funky64/4267353106/
- 10. Symfony2 Translation Component http://www.flickr.com/photos/migrainechick/3704150226
- 12. symfony vs Symfony2 http://www.flickr.com/photos/thebusybrain/2492945625
- 13. Messages Domains Locales http://www.flickr.com/photos/rinux/631345826
- 15. $t->trans('Hello {{ name }}!', array('{{ name }}' => 'Symfony2'))
- 16. $t->trans('Symfony2 is great!', array(), 'app')
- 17. Pluralization vs Choice http://www.flickr.com/photos/orinrobertjohn/114430223
- 19. One apple|{{ count }} apples
- 20. one: One apple|some: {{ count }} apples
- 21. {1} One apple|[0,Inf] {{ count }} apples
- 23. {0} No apples| {1} One apple| ]1,Inf] {{ count }} apples
- 24. [-Inf,0[ WTF?!| {0} No apples| {1} One apple| [2,19] Some apples| [20,Inf] Many apples
- 25. {0} No apples| One apple| {{ count }} apples
- 26. <app:translator fallback="en" /> fr_FR fr en
- 27. PHP vs Twig http://www.flickr.com/photos/danielmarenco/4775410299
- 28. « All templating engines are equal in the eyes of Symfony2 »
- 29. $this->render('BlogBundle:Post:index.php', array()); PHP renderer
- 30. $this->render('BlogBundle:Post:index.twig', array()); Twig renderer
- 31. $this->render('BlogBundle:Post:index.twig', array()); Template logical name
- 32. « Template engines are all equals, but some are more equals than others »
- 33. <?php echo $view['translator'] ->trans('Symfony2 is great!') ?> vs {% trans "Symfony2 is great!" %}
- 34. <?php echo $view['translator'] ->trans('Symfony2 is {{ what }}!', array('{{ what }}' => 'great'), 'app') ?> vs {% trans from app %} Symfony2 is {{ what }}! {% endtrans %}
- 35. <?php echo $view['translator'] ->transChoice( 'No apples|One apple|{{ count }} apples', 1, array('{{ count }}' => 1), 'app') ?> vs {% transchoice 1 from app %} No apples|One apple|{{ count }} apples {% endtranschoice %}
- 36. <?php echo $view['translator'] ->transChoice( 'No apples|One apple|{{ count }} apples', 1, array('{{ count }}' => 1), 'app') ?>
- 37. <?php echo $view['translator'] ->transChoice( 'No apples|One apple|{{ count }} apples', 1, array('{{ count }}' => 1), 'app') ?>
- 38. <?php echo $view['translator'] ->transChoice( 'No apples|One apple|{{ count }} apples', 1, array('{{ count }}' => 1), 'app') ?>
- 39. {% transchoice 1 from app %} No apples|One apple|{{ count }} apples {% endtranschoice %}
- 40. <?php echo $view['session']->getFlash('notice') ?> vs {% flash "notice" %}
- 41. <?php $view['slots']->start('title') ?> Post: <?php echo $post->getTitle() ?> <?php $view['slots']->stop() ?> vs {% block title %} Post: {{ post.title }} {% endblock title %}
- 42. Customizing Forms http://www.flickr.com/photos/blackbutterfly/2304084815
- 43. {{ form|render_enctype }} {{ form|render_errors }} {{ form|render_hidden }} {{ form.name|render_widget }} {{ form.name|render_label }} {{ form.name|render_errors }} {{ form.name|render_data }}
- 45. An InputField instance is rendered by an input_field template block
- 46. {% block input_field %} {% tag "input" with attributes %} {% endblock %} {% block textarea_field %} {% contenttag "textarea" with attributes %} {{ field.displayedData }} {% endcontenttag %} {% endblock %}
- 49. How can I customize the rendering of the widget?
- 51. {% block input_field %} <span class="input_field"> {% tag "input" with attributes %} </span> {% endblock %}
- 52. {% extends 'TwigBundle::widgets.twig' %} {% block input_field %} <span class="input_field"> {% parent %} </span> {% endblock %}
- 53. How can I customize the rendering of all input widgets for a given form?
- 54. {% form_theme form "BlogBundle::widgets.twig" %}
- 55. How can I customize the rendering of all input widgets for all forms?
- 56. <twig:config> <twig:form> <twig:resource> BlogBundle::widgets.twig </twig:resource> </twig:form> </twig:config>
- 57. Nice inheritance/fallback templating system
- 58. Same questions as before but now for several widgets
- 59. {% block input_field %} <span class="input_field"> {% parent %} </span> {% endblock %} {% block textarea_field %} <span class="textarea_field"> {% parent %} </span> {% endblock %} ...
- 60. {% block input_field %} {% tag "input" with attributes %} {% endblock input_field %} {% block textarea_field %} {% contenttag "textarea" with attributes %}{{ field.displayedData }}{% endcontenttag %} {% endblock textarea_field %} {% block choice_field %} {% if field.options.expanded %} {% for child in field %}{{ child|render_widget }}{% endfor %} {% else %} {% contenttag "select" with attributes %}{{ field|render_choices }}{% endcontenttag %} {% endif %} {% endblock choice_field %} {% block toggle_field %} {% display input_field %} {% if field.options.label %}{% contenttag "label" with ['for': field.id] %}{% trans field.options.label %}{% endcontenttag %}{% endif %} {% endblock toggle_field %} {% block date_time_field %} {{ field.date|render_widget }}{{ field.time|render_widget }} {% endblock date_time_field %} {% block date_field %} {% if field.field %} {% display input_field %} {% else %} {{ field.pattern|replace(['{{ year }}': field.year|render_widget, '{{ month }}': field.month|render_widget, '{{ day }}': field.day| render_widget,]) }} {% endif %} {% endblock date_field %} {% block time_field %} {% if field.isfield %} {% display input_field %} {% else %} {{ field.hour|render_widget }}:{{ field.minute|render_widget }} {% if field.options.with_seconds %}:{{ field.second|render_widget }}{% endif %} {% endif %} {% endblock time_field %} {% block money_field %} {% set widget %}{% display input_field %}{% endset %}{{ field.pattern|replace(['{{ widget }}': widget]) }} {% endblock money_field %} {% block percent_field %} {% display input_field %} % {% endblock percent_field %}
- 61. Symfony2 Security http://www.flickr.com/photos/powerbooktrance/466709245
- 62. XSS CSRF SQL Injection http://www.flickr.com/photos/mastrobiggo/2322337810
- 63. Authentication Authorization http://www.flickr.com/photos/stevendepolo
- 64. symfony Core sf*GuardPlugin Your Code $this->getUser()->getGuardUser()->getProfile()
- 65. OO Composition $this->getUser()->getGuardUser()->getProfile() sfBasicSecurityUser sfGuardUser Your object tied to the session tied to an ORM tied to an ORM comes from sf*GuardPlugin
- 66. What if I don’t want to use an ORM?
- 67. Symfony2 Core Your Code $this['security.context']->getUser()
- 68. $this['security.context']->getUser() Your POPO Implements AccountInterface
- 69. How does Symfony2 know about your Users?
- 71. namespace BundleAccountBundleModel; use SymfonyComponentSecurityUserAccountInterface; class User implements AccountInterface { // ... }
- 72. <provider> <class="AccountBundleModelUser" /> </provider>
- 73. namespace BundleAccountBundleEntity; use SymfonyComponentSecurityUserAccountInterface; /** * @Entity */ class User implements AccountInterface { // ... }
- 74. <provider> <entity class="AccountBundle:User" /> </provider>
- 75. namespace BundleAccountBundleEntityRepository; use DoctrineORMEntityRepository; use SymfonyComponentSecurityUserUserProviderInterface; class UserRepository extends EntityRepository implements UserProviderInterface { public function loadUserByUsername($username) { return $this->findOneBy(array('user' => $username)); } }
- 76. <provider> <entity class="AccountBundle:User" property="user" /> </provider>
- 77. What if I want to use the email for the username?
- 78. namespace BundleBlogBundleEntity; use SymfonyComponentSecurityUserAccountInterface; /** * @Entity */ class User implements AccountInterface { public function getUsername() { return $this->email; } // ... }
- 79. But, I just have one administrator or… How can I secure my personal website backend?
- 80. <provider> <user name="fabien" password="C00!" role="ROLE_ADMIN" /> </provider>
- 81. <provider> <password-encoder hash="sha1" /> <user name="fabien" password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33" role="ROLE_ADMIN" /> </provider>
- 82. namespace BundleBlogBundleEntity; use SymfonyComponentSecurityUserAccountInterface; /** * @Entity */ class User implements AccountInterface { public function getSalt() { return $this->id; } // ... }
- 83. Also useful for testing and prototyping
- 84. What if I want to use LDAP, in-memory, and a DB for my users?
- 85. <provider> <password-encoder hash="sha1" /> <user name="fabien" password="..." role="ROLE_ADMIN" /> </provider> <provider> <entity class="AccountBundle:User" property="user" /> </provider>
- 86. How is Security plugged in?
- 87. Request core.request getController() core.controller core.exception getArguments() core.view core.response Response
- 89. Request core.request core.security HttpKernelSecurityFirewall getController() core.controller getArguments() core.view core.response Response
- 90. Authentication http://www.flickr.com/photos/ul_marga/755378645
- 91. <firewall> <http-basic /> </firewall>
- 92. What if I want stateless authentication?
- 93. <firewall stateless="true"> <http-basic /> </firewall>
- 94. What if I want different authentication strategies in one app?
- 95. <firewall pattern="/api/.*" stateless="true"> <http-basic /> </firewall> <firewall pattern=".*" security="none" />
- 96. <firewall pattern="/api/.*" stateless="true"> <http-basic /> </firewall> <firewall pattern="/public/.*" security="none" /> <firewall> <form-login /> </firewall>
- 97. One Application per Symfony2 Project http://www.flickr.com/photos/cdell/548548453
- 98. What if I want to support different authentication strategies in one section of an app?
- 99. <firewall> <form-login /> <http-basic /> </firewall>
- 100. Using LDAP/certificate/OpenID authentication is really easy
- 101. Authorization http://www.flickr.com/photos/theodevil/4911737917
- 102. <access> <url path="/api/.*" role="ROLE_REMOTE" /> </access>
- 103. <access> <url role="ROLE_USER"> <attribute key="_controller" pattern=".*BlogBundle.*" /> </url> </access>
- 104. /article/:id <access> <url role="ROLE_ADMIN"> <attribute key="id" pattern="21" /> </url> </access> <access> <url path="/article/21" role="ROLE_ADMIN" /> </access>
- 105. <access> <url path="/admin/.*" ip="10.0.0.0/24" role="ROLE_ADMIN" /> </access>
- 106. <access> <url path="/api/.*" role="ROLE_REMOTE" /> <url path="/public/.*" role="IS_AUTHENTICATED_ANONYMOUSLY" /> <url role='ROLE_USER'> <attribute key="controller" pattern=".*BlogBundle.*" /> </url> </access>
- 107. … and much more
- 108. Implementation based on Spring Security
- 109. First proof-of-concept available next week
- 110. Symfony2: The Web Operating System? Kernel Events Proxy Firewall Bundles http://www.flickr.com/photos/declanjewell/2687934284
- 111. Questions?