/** * Security Aspect
* @aspect */class SecurityAspect {
protected $policies;
T3CON10 Frankfurt
Robert Lemke
Create Clean Code with Aspect-Oriented Programming
Samstag, 2. Oktober 2010
Robert Lemkechief architect of TYPO3 Phoenix and FLOW3
co-founder of the TYPO3 Association
34 years old
lives in Lübeck, Germany
1 wife, 1 daughter, 1 espresso machine
likes drumming
Samstag, 2. Oktober 2010
= PHP 5.3 Full Stack Application Framework
Samstag, 2. Oktober 2010
OOP Object-Oriented Programming
AOP Aspect-Oriented Programming
MVC Model View Controller
POPO Plain Old PHP Object
DI Dependency Injection DRY
YAGNI
CoC
TDD
YAA
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
/** * Creates a new post * * @param \F3\Blog\Domain\Model\Post $newPost A fresh Post object which has not yet been * added to the repository * @return void */public function createAction(\F3\Blog\Domain\Model\Post $newPost) { if ($this->policyService->isGranted($this->currentUser, __CLASS__, __METHOD__) { $this->blog->addPost($newPost); $this->flashMessageContainer->add('Your new post was created.'); $this->systemLogger->log('A new post was created.', LOG_INFO); $this->notificationService->notify('A new post was created.', '[email protected]'); } else { $this->systemLogger->log('Someone tried to create a post.', LOG_WARNING); throw new \F3\FLOW3\Security\Exception\AccessDeniedException('Tried to create.'); } $this->redirect('index');}
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
/** * Creates a new post * * @param \F3\Blog\Domain\Model\Post $newPost A fresh Post object which has not yet been * added to the repository * @return void */public function createAction(\F3\Blog\Domain\Model\Post $newPost) { if ($this->policyService->isGranted($this->currentUser, __CLASS__, __METHOD__) { $this->blog->addPost($newPost); $this->flashMessageContainer->add('Your new post was created.'); $this->systemLogger->log('A new post was created.', LOG_INFO); $this->notificationService->notify('A new post was created.', '[email protected]'); } else { $this->systemLogger->log('Someone tried to create a post.', LOG_WARNING); throw new \F3\FLOW3\Security\Exception\AccessDeniedException('Tried to create.'); } $this->redirect('index');}
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
AOPSamstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
Aspect-Oriented Programmingprogramming paradigm
separates concerns to improve modularization
OOP modularizes concerns into objects
AOP modularizes cross-cutting concerns into aspects
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
/** * Creates a new post * * @param \F3\Blog\Domain\Model\Post $newPost A fresh Post object which has not yet been * added to the repository * @return void */public function createAction(\F3\Blog\Domain\Model\Post $newPost) { $this->blog->addPost($newPost); $this->flashMessageContainer->add('Your new post was created.'); $this->redirect('index');}
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
Concerns?
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
ConcernsSeparation of Concerns
group features and behavior into manageable parts
have a specific purpose and business to take care of
Cross-Cutting Concerns
are the party poopers who want to have a say in everything
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
Cross-Cutting ConcernsLogging
Security
Persistence
Global Business Logic
Dirty Hacks
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
We don't want infrastructure codein our models.
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
We want to unit-test even cross-cutting concerns
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
We want to centralize security-related code
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
AOP Lingo
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
AspectPart of the application where cross-cutting concerns are implemented
In FLOW3 aspects are classes annotated with @aspect
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
Join PointIs a single point in the call graph
Method Execution
Exception
Represents an event, not a location
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
PointcutA set of join points where advices could be executed
can be composed
can be named
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
AdviceAction to take at a join points defined by the point cut
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
DEMO
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
Kinds of AdviceAdvice types supported by FLOW3:
@before@afterreturning@afterthrowing@after@around
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
Pointcut Designatorsmethod(F3\MyPackage\MyClass->myMethod())class(F3\MyPackage\MyClass)within(F3\MyPackage\MyInterface)classTaggedWith(someTag)methodTaggedWith(anotherTag)setting(Demo.Stuff.SomeSetting = "yeah, do it")ffiilter(F3\MyPackage\MyCustomFilterImplementation)
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
Runtime Evaluationsevaluate(coffee.kind == "Arabica")
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
Compound Pointcuts
! /**! * @around method(.*Controller->(new|create|edit|update|delete)Action()) && ⏎ !methodTaggedWith(anybodyMayAccessThis)! */! public function interceptMethodCalls($joinPoint) {
...}
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
DEMO
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
FLOW3's AOP implementationbased on proxy classes
unlike with most pre-processors line numbers stay the same
no scaffolding
0 Lines of generated code which need to be maintained by you
fast (on the second hit)
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
Samstag, 2. Oktober 2010
Inspiring people toshareHitchhiker's Guide to FLOW3
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
Progress
FLOW3 1.0.0
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
Further ReadingFLOW3 Websitehttp://flow3.typo3.org
FLOW3 Downloadhttp://flow3.typo3.org/downloadgit://git.typo3.org/FLOW3/Distributions/Base.git
TYPO3 Forgehttp://forge.typo3.org
Further Readinghttp://flow3.typo3.org/about/principles/further-reading
Samstag, 2. Oktober 2010
Create Clean Code with AOP T3CON10 Frankfurt
Questions
Email: [email protected]: http://robertlemke.de/blogTwitter: @t3rob
Slides: http://slideshare.net/rlmp
Samstag, 2. Oktober 2010
Samstag, 2. Oktober 2010