Escaping OOP boundaries

Slide 1

Slide 1 text

Escaping from OOP boundaries Alexander Lisachenko

Slide 2

Slide 2 text

About me: 2 lisachenko lisachenko

Slide 3

Slide 3 text

About me: ‣ Head of Web Development and Architecture at Alpari (RU) Forex Broker 2 lisachenko lisachenko

Slide 4

Slide 4 text

About me: ‣ Head of Web Development and Architecture at Alpari (RU) Forex Broker ‣ Have worked with computers since 7 years 2 lisachenko lisachenko

Slide 5

Slide 5 text

About me: ‣ Head of Web Development and Architecture at Alpari (RU) Forex Broker ‣ Have worked with computers since 7 years ‣ Clean code advocate, guru in the Enterprise Architecture 2 lisachenko lisachenko

Slide 6

Slide 6 text

Slide 7

Slide 7 text

3 Moscow PHP User Group

Slide 8

Slide 8 text

3 Moscow PHP User Group

Slide 9

Slide 9 text

Agenda: 4

Slide 10

Slide 10 text

Agenda: ‣ Object-Oriented Paradigm boundaries 4

Slide 11

Slide 11 text

Agenda: ‣ Object-Oriented Paradigm boundaries ‣ Escaping from PHP boundaries. 4

Slide 12

Slide 12 text

Agenda: ‣ Object-Oriented Paradigm boundaries ‣ Escaping from PHP boundaries. ‣ Stream wrapper and filters. 4

Slide 13

Slide 13 text

Agenda: ‣ Object-Oriented Paradigm boundaries ‣ Escaping from PHP boundaries. ‣ Stream wrapper and filters. ‣ Cross-Cutting concerns. 4

Slide 14

Slide 14 text

Agenda: ‣ Object-Oriented Paradigm boundaries ‣ Escaping from PHP boundaries. ‣ Stream wrapper and filters. ‣ Cross-Cutting concerns. ‣ Aspect-Oriented Programming with Go! AOP 4

Slide 15

Slide 15 text

Agenda: ‣ Object-Oriented Paradigm boundaries ‣ Escaping from PHP boundaries. ‣ Stream wrapper and filters. ‣ Cross-Cutting concerns. ‣ Aspect-Oriented Programming with Go! AOP ‣ Hacking the PHP. Native structures and opcodes. 4

Slide 16

Slide 16 text

5 OOP Boundaries

Slide 17

Slide 17 text

6 Boundary 1: Open - Closed Principle

Slide 18

Slide 18 text

6 Boundary 1: Open - Closed Principle

Slide 19

Slide 19 text

Class is Open for extension, but Closed for modiﬁcation 7

Slide 20

Slide 20 text

8 Final class prevents inheritance

Slide 21

Slide 21 text

8 Final class prevents inheritance

Slide 22

Slide 22 text

9 Final class prevents inheritance

Slide 23

Slide 23 text

9 Final class prevents inheritance

Slide 24

Slide 24 text

9 Final class prevents inheritance Fatal error: Class Child may not inherit from ﬁnal class (Secret)

Slide 25

Slide 25 text

10 Final method prevents overriding

Slide 26

Slide 26 text

10 Final method prevents overriding

Slide 27

Slide 27 text

11 Final method prevents overriding

Slide 28

Slide 28 text

11 Final method prevents overriding

Slide 29

Slide 29 text

11 Final method prevents overriding Fatal error: Cannot override ﬁnal method Secret::test()

Slide 30

Slide 30 text

11 Final method prevents overriding Fatal error: Cannot override ﬁnal method Secret::test()

Slide 31

Slide 31 text

12 Private modiﬁer restricts access

Slide 32

Slide 32 text

12 Private modiﬁer restricts access

Slide 33

Slide 33 text

13 Private modiﬁer restricts access

Slide 34

Slide 34 text

13 Private modiﬁer restricts access

Slide 35

Slide 35 text

14 Private modiﬁer restricts access Uncaught Error: Call to private method Secret::test()

Slide 36

Slide 36 text

15 Boundary 2: Immutable PHP structures

Slide 37

Slide 37 text

15 Boundary 2: Immutable PHP structures

Slide 38

Slide 38 text

16 PHP

Slide 39

Slide 39 text

16 PHP Interpreter?

Slide 40

Slide 40 text

16 PHP Interpreter? Compiler?

Slide 41

Slide 41 text

16 PHP Interpreter? Compiler? BOTH!

Slide 42

Slide 42 text

17 PHP Script

Slide 43

Slide 43 text

17 PHP Script Execute

Slide 44

Slide 44 text

17 PHP Script Parse Execute

Slide 45

Slide 45 text

17 PHP Script Parse Execute Compile to OpCodes

Slide 46

Slide 46 text

17 PHP Script Parse Execute Compile to OpCodes Execute(ZendEngine)

Slide 47

Slide 47 text

17 PHP Script Parse Execute Compile to OpCodes Execute(ZendEngine) Output

Slide 48

Slide 48 text

17 PHP Script Execute Execute(ZendEngine) Output Load OpCache <- Opcodes

Slide 49

Slide 49 text

Once compiled into Opcodes, code can not be changed in runtime 18

Slide 50

Slide 50 text

19 OpCache:

Slide 51

Slide 51 text

19 OpCache: +Fixed-size shared memory-block

Slide 52

Slide 52 text

19 OpCache: +Fixed-size shared memory-block +Contains PHP binary structures

Slide 53

Slide 53 text

19 OpCache: +Fixed-size shared memory-block +Contains PHP binary structures +Structures are immutable

Slide 54

Slide 54 text

19 OpCache: +Fixed-size shared memory-block +Contains PHP binary structures +Structures are immutable +Append-only

Slide 55

Slide 55 text

20 OpCache shared immutable data:

Slide 56

Slide 56 text

20 OpCache shared immutable data: +File functions (HashTable)

Slide 57

Slide 57 text

20 OpCache shared immutable data: +File functions (HashTable) +File classes (HashTable)

Slide 58

Slide 58 text

20 OpCache shared immutable data: +File functions (HashTable) +File classes (HashTable) +File main OpArray

Slide 59

Slide 59 text

20 OpCache shared immutable data: +File functions (HashTable) +File classes (HashTable) +File main OpArray +Interned strings and immutable arrays

Slide 60

Slide 60 text

20 OpCache shared immutable data: +File functions (HashTable) +File classes (HashTable) +File main OpArray +Interned strings and immutable arrays +Meta-information (system_id, etc)

Slide 61

Slide 61 text

Shared immutable OpCache improves PHP performance a lot 21

Slide 62

Slide 62 text

22 OpCache OOP restrictions:

Slide 63

Slide 63 text

22 OpCache OOP restrictions: - Method could not be added/deleted or changed in runtime

Slide 64

Slide 64 text

22 OpCache OOP restrictions: - Method could not be added/deleted or changed in runtime - Class, its parent, implemented interfaces and used traits are declared in compile-time, runtime API is not available

Slide 65

Slide 65 text

Slide 66

Slide 66 text

22 PS. Possible only with extensions like runkit, uopz, etc OpCache OOP restrictions: - Method could not be added/deleted or changed in runtime - Class, its parent, implemented interfaces and used traits are declared in compile-time, runtime API is not available - Low-level access to the memory is restricted to prevents errors and memory leaks

Slide 67

Slide 67 text

23 Escaping from OOP Boundaries

Slide 68

Slide 68 text

Сan we mock/extend a ﬁnal class or override a ﬁnal method? 24

Slide 69

Slide 69 text

Сan we mock/extend a ﬁnal class or override a ﬁnal method? 24 Yes?

Slide 70

Slide 70 text

Сan we mock/extend a ﬁnal class or override a ﬁnal method? 24 Yes? No?

Slide 71

Slide 71 text

The simplest solution is to not mark classes or methods as ﬁnal! 25

Slide 72

Slide 72 text

26 Escape: uopz extension

Slide 73

Slide 73 text

«uopz is a black magic extension of the runkit-and-scary-stuff genre, intended to help with QA infrastructure. 27 Joe Watkins

Slide 74

Slide 74 text

28 Mocking a ﬁnal class - uopz extension

Slide 75

Slide 75 text

28 Mocking a ﬁnal class - uopz extension

Slide 76

Slide 76 text

28 Mocking a ﬁnal class - uopz extension

Slide 77

Slide 77 text

29 Escape: Replace the «ﬁle» stream wrapper

Slide 78

Slide 78 text

30 Idea:

Slide 79

Slide 79 text

30 Idea: ‣ PHP uses internal «file» wrapper for includes

Slide 80

Slide 80 text

30 Idea: ‣ PHP uses internal «file» wrapper for includes ‣ We can unregister the «file» handler via stream_wrapper_unregister(‘file’)

Slide 81

Slide 81 text

Slide 82

Slide 82 text

Slide 83

Slide 83 text

30 Idea: ‣ PHP uses internal «file» wrapper for includes ‣ We can unregister the «file» handler via stream_wrapper_unregister(‘file’) ‣ Register our own file handler via stream_wrapper_register(‘file’, self::class) ‣ Can hook into the PHP source file now! ‣ Tokenise code with token_get_all($source)

Slide 84

Slide 84 text

Slide 85

Slide 85 text

Slide 86

Slide 86 text

31 dg/bypass-ﬁnals library composer show dg/bypass-finals name : dg/bypass-finals descrip. : Removes final keyword from source code on-the- fly and allows mocking of final methods and classes keywords : testing, phpunit, unit, mocking, finals versions : dev-master, v1.1.2, v1.1.1, v1.1.0, v1.0.1, v1.0 type : library

Slide 87

Slide 87 text

32 Usage:

Slide 88

Slide 88 text

32 Usage: You need to enable it before the classes you want to remove the final are loaded. So call it as soon as possible!

Slide 89

Slide 89 text

32 Usage: You need to enable it before the classes you want to remove the final are loaded. So call it as soon as possible! PS. For additional details about PhpUnit integration, please read: https://www.tomasvotruba.cz/blog/2019/03/28/how-to-mock-final-classes-in-phpunit/

Slide 90

Slide 90 text

33 antecedent/patchwork library composer show antecedent/patchwork name : antecedent/patchwork descrip. : Method redefinition (monkey-patching) functionality for PHP. keywords : aop, testing, aspect, runkit, redefinition, monkeypatching, interception versions : dev-master, 2.1.11, 2.1.10… type : library

Slide 91

Slide 91 text

Write tests for your PHP code, not code for the tests. 34

Slide 92

Slide 92 text

35 Escape: Use PHP stream ﬁlters with includes

Slide 93

Slide 93 text

36 Simple test ﬁle:

Slide 94

Slide 94 text

36 Simple test ﬁle:

Slide 95

Slide 95 text

37 Let’s craft our special include:

Slide 96

Slide 96 text

37 Let’s craft our special include:

Slide 97

Slide 97 text

38 It is become upper-cased:

Slide 98

Slide 98 text

38 It is become upper-cased:

Slide 99

Slide 99 text

Idea: we can register our own stream ﬁlter via stream_ﬁlter_register() to process a source code. 39

Slide 100

Slide 100 text

Cross-cutting concerns

Slide 101

Slide 101 text

Cross-cutting concerns Data layer Service layer Controller layer

Slide 102

Slide 102 text

Cross-cutting concerns Data layer Service layer Controller layer Authorization Logging Caching Transaction Control

Slide 103

Slide 103 text

Cross-cutting concerns are aspects of a program that affect other domains. 41

Slide 104

Slide 104 text

Why? 42

Slide 105

Slide 105 text

Limitation of object-oriented representation of real life. 43

Slide 106

Slide 106 text

Joe Armstrong “…You wanted a banana but what you got was a gorilla holding the banana and the entire jungle” 44

Slide 107

Slide 107 text

Joe Armstrong “…You wanted a banana but what you got was a gorilla holding the banana and the entire jungle” 44

Slide 108

Slide 108 text

Example: 45

Slide 109

Slide 109 text

Example: 45 Implement an audit system that checks an access rights for each public method in all classes in our system and then logs this information into the security journal.

Slide 110

Slide 110 text

Example: 46

Slide 111

Slide 111 text

Example: 46

Slide 112

Slide 112 text

Authorization: 47

Slide 113

Slide 113 text

Authorization: 47

Slide 114

Slide 114 text

Logging and audit: 48

Slide 115

Slide 115 text

Logging and audit: 48

Slide 116

Slide 116 text

Error handling 49

Slide 117

Slide 117 text

Error handling 49

Slide 118

Slide 118 text

Code tangling 50

Slide 119

Slide 119 text

Code tangling 50

Slide 120

Slide 120 text

Code tangling 50

Slide 121

Slide 121 text

Code scattering (duplication) 51

Slide 122

Slide 122 text

Code scattering (duplication) 51

Slide 123

Slide 123 text

Code scattering (duplication) 51

Slide 124

Slide 124 text

Cross-cutting concerns 52

Slide 125

Slide 125 text

53 Cross-cutting concerns

Slide 126

Slide 126 text

Aspect-Oriented Paradigm

Slide 127

Slide 127 text

Idea of AOP: extract cross-cutting concerns from general classes into the separate entities called aspects. 55

Slide 128

Slide 128 text

Authorization concern: 56

Slide 129

Slide 129 text

Authorization concern: 56

Slide 130

Slide 130 text

Authorization aspect: 57

Slide 131

Slide 131 text

Authorization aspect: 57

Slide 132

Slide 132 text

Authorization aspect: 57 Advice - event handler

Slide 133

Slide 133 text

Authorization aspect: 57 Pointcut - describes list of interesting events Advice - event handler

Slide 134

Slide 134 text

Authorization aspect: 57 Pointcut - describes list of interesting events Advice - event handler Joinpoint - defines an event object

Slide 135

Slide 135 text

58 Aspect VS Event Listener

Slide 136

Slide 136 text

58 Aspect VS Event Listener

Slide 137

Slide 137 text

58 Aspect VS Event Listener

Slide 138

Slide 138 text

58 Aspect VS Event Listener

Slide 139

Slide 139 text

59 Advice types

Slide 140

Slide 140 text

59 Advice types «Before» type

Slide 141

Slide 141 text

59 Advice types «Before» type «After» type

Slide 142

Slide 142 text

59 Advice types «Before» type «After» type «Around» type

Slide 143

Slide 143 text

With AOP we can subscribe to any method without changing original code. 60

Slide 144

Slide 144 text

61 goaop/framework composer show goaop/framework name : goaop/framework descrip. : Framework for aspect-oriented programming in PHP. keywords : php, aop, library, aspect versions : 3.0.x-dev, 2.3.2,… type : library https://github.com/goaop/framework

Slide 145

Slide 145 text

How it works? 62

Slide 146

Slide 146 text

How it works? 62

Slide 147

Slide 147 text

63 We use our trick with php://ﬁlter stream ﬁlter

Slide 148

Slide 148 text

64 The composer class loader is replaced with a weaving proxy

Slide 149

Slide 149 text

65 Lexical analysis and parsing of source code into the AST is performed (nikic/PHP-Parser)

Slide 150

Slide 150 text

66 Static reﬂection is created from the AST (goaop/parser-reﬂection)

Slide 151

Slide 151 text

66 Static reﬂection is created from the AST (goaop/parser-reﬂection)

Slide 152

Slide 152 text

66 Static reﬂection is created from the AST (goaop/parser-reﬂection)

Slide 153

Slide 153 text

66 Static reﬂection is created from the AST (goaop/parser-reﬂection)

Slide 154

Slide 154 text

67 The original class is renamed and replaced with a new class with additional behavior; stored in the cache

Slide 155

Slide 155 text

67 The original class is renamed and replaced with a new class with additional behavior; stored in the cache

Slide 156

Slide 156 text

67 The original class is renamed and replaced with a new class with additional behavior; stored in the cache Same class name!

Slide 157

Slide 157 text

67 The original class is renamed and replaced with a new class with additional behavior; stored in the cache Original class renamed Same class name!

Slide 158

Slide 158 text

67 The original class is renamed and replaced with a new class with additional behavior; stored in the cache Original class renamed Overridden method Same class name!

Slide 159

Slide 159 text

68 Deferred methods Runtime transformation of methods into deferred methods

Slide 160

Slide 160 text

68 Deferred methods Runtime transformation of methods into deferred methods

Slide 161

Slide 161 text

69 Example code

Slide 162

Slide 162 text

69 Example code Some long service call

Slide 163

Slide 163 text

69 Example code

Slide 164

Slide 164 text

70 Idea: prevent execution of methods wrapping them into promises and run after the fastcgi_ﬁnish_request.

Slide 165

Slide 165 text

71 Deﬁne an annotation-marker

Slide 166

Slide 166 text

72 Deﬁne an aspect

Slide 167

Slide 167 text

72 Deﬁne an aspect

Slide 168

Slide 168 text

72 Deﬁne an aspect All methods with «Async» annotation

Slide 169

Slide 169 text

72 Deﬁne an aspect Record each call with arguments

Slide 170

Slide 170 text

72 Deﬁne an aspect Prevent execution of original method

Slide 171

Slide 171 text

72 Deﬁne an aspect Return «our» value

Slide 172

Slide 172 text

73 Deﬁne an aspect

Slide 173

Slide 173 text

73 Deﬁne an aspect

Slide 174

Slide 174 text

73 Deﬁne an aspect

Slide 175

Slide 175 text

73 Deﬁne an aspect

Slide 176

Slide 176 text

73 Deﬁne an aspect Finish FASTCGI Request

Slide 177

Slide 177 text

73 Deﬁne an aspect Execute delayed methods

Slide 178

Slide 178 text

74 Declare method as deferred

Slide 179

Slide 179 text

74 Declare method as deferred

Slide 180

Slide 180 text

74 Declare method as deferred Now it will be deferred

Slide 181

Slide 181 text

Hacking the PHP engine

Slide 182

Slide 182 text

Hacking the PHP engine

Slide 183

Slide 183 text

No content

Slide 184

Slide 184 text

77 FFI - Foreign Function Interface

Slide 185

Slide 185 text

77 ‣ Available from PHP>=7.4 FFI - Foreign Function Interface

Slide 186

Slide 186 text

77 ‣ Available from PHP>=7.4 ‣ Allows calling C functions FFI - Foreign Function Interface

Slide 187

Slide 187 text

77 ‣ Available from PHP>=7.4 ‣ Allows calling C functions ‣ Allows using C data types from pure scripting language FFI - Foreign Function Interface

Slide 188

Slide 188 text

77 ‣ Available from PHP>=7.4 ‣ Allows calling C functions ‣ Allows using C data types from pure scripting language ‣ Opens a way to write PHP extensions and bindings to C libraries in pure PHP FFI - Foreign Function Interface

Slide 189

Slide 189 text

Slide 190

Slide 190 text

78 FFI - Foreign Function Interface

Slide 191

Slide 191 text

Idea: what if we use PHP’s FFI to access… 79

Slide 192

Slide 192 text

Idea: what if we use PHP’s FFI to access… 79 … PHP itself!

Slide 193

Slide 193 text

Idea: what if we use PHP’s FFI to access… 79 … PHP itself!

Slide 194

Slide 194 text

80 lisachenko/z-engine composer show lisachenko/z-engine name : lisachenko/z-engine descrip. : Library that provides direct access to native PHP structures. versions : dev-master, 0.5.0,… type : library https://github.com/lisachenko/z-engine

Slide 195

Slide 195 text

81 lisachenko/z-engine

Slide 196

Slide 196 text

81 ‣ Build on top of PHP’s Reflection API, eg ReflectionClass, ReflectionMethod lisachenko/z-engine

Slide 197

Slide 197 text

81 ‣ Build on top of PHP’s Reflection API, eg ReflectionClass, ReflectionMethod ‣ Provides low-level binding to PHP’s structures like zval, zend_class_entry, zend_function and much more… lisachenko/z-engine

Slide 198

Slide 198 text

Slide 199

Slide 199 text

Slide 200

Slide 200 text

82 Un-ﬁnal class

Slide 201

Slide 201 text

82 Un-ﬁnal class

Slide 202

Slide 202 text

82 Un-ﬁnal class

Slide 203

Slide 203 text

82 Un-ﬁnal class

Slide 204

Slide 204 text

83 Serializable Closure class

Slide 205

Slide 205 text

83 Serializable Closure class

Slide 206

Slide 206 text

84 Serializable Closure class

Slide 207

Slide 207 text

84 Serializable Closure class

Slide 208

Slide 208 text

85 Custom Throwable objects

Slide 209

Slide 209 text

86 Custom Throwable objects

Slide 210

Slide 210 text

86 Custom Throwable objects

Slide 211

Slide 211 text

87 Native assembly methods in PHP

Slide 212

Slide 212 text

87 Native assembly methods in PHP

Slide 213

Slide 213 text

88 First ever assembly method in PHP

Slide 214

Slide 214 text

89 What to expect:

Slide 215

Slide 215 text

89 ‣ API for userland PHP extensions What to expect:

Slide 216

Slide 216 text

89 ‣ API for userland PHP extensions ‣ OpCode manipulation and transformation What to expect:

Slide 217

Slide 217 text

89 ‣ API for userland PHP extensions ‣ OpCode manipulation and transformation ‣ Shared objects (will survive between requests) What to expect:

Slide 218

Slide 218 text

89 ‣ API for userland PHP extensions ‣ OpCode manipulation and transformation ‣ Shared objects (will survive between requests) ‣ Native hooks for PHP callbacks What to expect:

Slide 219

Slide 219 text

89 ‣ API for userland PHP extensions ‣ OpCode manipulation and transformation ‣ Shared objects (will survive between requests) ‣ Native hooks for PHP callbacks ‣ Much more :) What to expect:

Slide 220

Slide 220 text

No content

Slide 221

Slide 221 text

No content

Slide 222

Slide 222 text

Thank you for the attention! https://github.com/goaop https://github.com/lisachenko https://twitter.com/lisachenko Leave feedback at: https://joind.in/talk/310fd