Save 37% off PRO during our Black Friday Sale! »

Architecture of a web project on Symfony

C2418225fe4b6c272d7459992e902042?s=47 Maksym Moskvychev
March 19, 2015
36

Architecture of a web project on Symfony

C2418225fe4b6c272d7459992e902042?s=128

Maksym Moskvychev

March 19, 2015
Tweet

Transcript

  1. Architecture of a web project on Symfony Maksym Moskvychev

  2. Page with a Form in Symfony

  3. Validation rules Application design for a page with a form

    Form Entity Template Symfony 2 Core Controller Request Response Form instance Doctrine If Form is valid It contains Entity Controller asks to save Entity Session Set success message Is Form Valid ? HTTP Request HTTP Response
  4. Application design for a page with a form Controller action

    is responsible for 3 types of requests: 1. Form is rendered first time 2. Handle success form submission 3. There was error in form validation. Render a form with errors. Get form instance Handle Request by the form Render a template Check if Form is Valid Save entity to DB. Add success message to session. Add error message to session. Form is submitted 1 3 2 + + Redirect to some page
  5. Page with a form and custom logic Registration service Authentication

    Service For example, this is a registration form. After user is registered we have to send him welcome email, then notify moderator to check this user, and authenticate. User Mailer Service send welcome email authenticate Doctrine persist in database
  6. Page with a form and custom logic Registration service If

    you have any custom logic – keep it all in a service classes. Get form instance Handle Request by the form Render a template Check if Form is Valid Add error message to session. Form is submitted 1 3 2 + + Redirect to some page
  7. Unit testing of the Service class All relations are replaced

    by mocks Tested class is the only one real class in the test. Only it can be created via new Unit test Registration service Authentication Service User Mailer Service send welcome email authenticate Doctrine persist in database The test itself checks that when user is registered – all needed services will be called.
  8. Page with a List in Symfony

  9. Application design for a page with a list Template Symfony

    2 Core Controller Request Response Doctrine Controller fetch entity repository HTTP Request HTTP Response Entity repository ->findBy() data
  10. Introduction of service layer Template Symfony 2 Core Controller Request

    Response Doctrine Fetch entity repository HTTP Request HTTP Response Entity repository ->findBy() data Service class getListData data
  11. Advantages of service layer on a page with a list

     Less logic and dependencies in controller.  Ability to re-use data for the list in another place.  Ability to cover fetching logic by Unit test.
  12. Build-in abilities of entity repositories findBy( array $criteria, array $orderBy

    = null, $limit = null, $offset = null )
  13. When you need a custom SQL query 1. Create method

    in entity repository 2. Define your logic in object-oriented way
  14. Functional tests in Symfony

  15. Tips about Functional tests • Functional tests make requests to

    controllers, and check response. • Functional tests are good in checking that all components are integrated in a right way. • Amount of tests should by under control.
  16. Functional and Unit tests Run Functional tests Clear database Create

    database schema Run fixtures Run migrations Run test Run test Run Unit tests Run next test Run next test
  17. How to set up environment for Functional tests Option 1.

    Bootstrap file. Option 2. setUp method.
  18. Bundles in Symfony

  19. Bundle structure Controllers Templates Services Entities Entity Repositories Pictures JavaScript

    CSS Listeners Presentation layer Service layer Database layer Unit tests Functional tests
  20. Use one App Bundle

  21. Example of multiple bundle architecture All custom bundles Bundles in

    Vendors Symfony Framework Bundle Symfony Components Doctrine Twig Core Bundle Site A Bundle Site B Bundle Incorrect case Core Bundle Site A Bundle Site B Bundle
  22. Multilingual support in Symfony

  23. Purpose of multilingual support Translation of user interface Translation of

    content Switching between locales  Static text on pages  Form fields  Menus  Messages to user Localized versions of content from DB  How to determine User locale?  Switching between locales Even if your site is only in English now, you should take care of its multilingual abilities. Nobody knows what will be with the project in 5 years. But if the project is success, it will go to another countries.
  24.  Use keys instead of strings everywhere  Define real

    text for each key in translation file. Translation of user interface
  25. Validation rules Form Entity Template Symfony 2 Core Controller Request

    Response Form instance Doctrine If Form is valid It contains Entity Controller asks to save Entity Translation files Session Set success message Is Form Valid ? HTTP Request HTTP Response Translation of user interface
  26. Translation of content Custom DB structure. Doctrine ODM

  27. Web application security and Symfony

  28. Symfony resolves some vulnerabilities Cross Site Scripting SQL Injection Cross

    Site Request Forgery Information Disclosure Authorization policy
  29. Policy: save as it is, escape on output

  30. SQL Injection Policy: pass to database raw data, bind variables

    to query.
  31. Cross Site Request Forgery Policy: all not-safe requests should be

    protected by CSRF token
  32. Information Disclosure & Authorization policy Policy: white-list access to resources

    Security component in Symfony allows to configure: • Firewalls to set up Authentication policy. • User providers to get list of users for Authentication. • Access rules to match a resource and a role. • Role hierarchy to define dependencies between roles. • Encoders to define algorithm to encode passwords.
  33. Q & A