Fantasy: Your client has an incredibly simple, intuitive, and cohesive ACL schema in mind. Permission and group names make sense, never change, and current users perpetually encounter properly restricted behavior. While we’re at it, you’re also able to code one-handed while scuba-diving the Caymans.
The Cold Hard Truth: Permission names are inconsistent, Groups are changed and reassigned, and your poor users are left dangling somewhere between “Why can I see the administrator’s Social Security Number?” and “The ‘Donate Large Sums of Money’ page is giving me permission denied!”
I created a simple solution to this problem with a few new symfony tasks now available via csSecurityTaskExtraPlugin. In a nutshell, the plugin allows you to more easily visualize the security coverage of your application. Here are some examples below:
$ ./symfony app:security frontend
The app:route-security task compares your security.ymls to all the routes in your application
$ ./symfony app:route-security frontend
You can also list who has access to which actions specified in security.yml with the group-security task.
$ ./symfony app:group-security frontend
Pass the name of an sfGuardGroup object as the second argument to narrow down your output
$ ./symfony app:group-security frontend author
List users who has access with the user-security task.
$ ./symfony app:user-security frontend
Pass the username or id of an sfGuardUser object as the second argument to narrow down your output
$ ./symfony app:group-security frontend andyadministrator
OR
$ ./symfony app:group-security frontend 3
It’s fairly basic right now. The product of a few hours’ work and a desire to get something new out into the community. What other enhancements would you like to see to give you more/better control of your site’s security coverage?
What a great week! So many things have been going on. If you live in Nashville especially, you have a lot to be excited about. The official releases of symfony 1.3 and 1.4 provide a lot of exciting new functionality in the framework, which you can read about here. But even more exciting is this year’s advent calendar, a large part of with being contributed by Nashville’s own Ryan Weaver! Be sure to check it out, and consider purchasing the book from amazon to support the community.
Also, my personal project Symplist is now launched, and in Alpha. Please check it out and provide feedback. Symplist is a plugin site that exists for the community. Its greatest asset will come with individuals like you rating and commenting on plugins. Another section of the site, which I’ve dubbed “Community Lists”, is something I hope will be a great help to the community. This section will function as a repository for dense information. An example of this is a list I’m putting together of Symfony Best Practices. The highest-rated items in each list sort to the top, as do the lists themselves. Check them out, rate and add items, and leave some feedback!
On a separate note, Jon Wage (Nashville native) has recently been pushing PHP Interoperability Standards with PHP 5.3’s namespacing support. I would recommend checking it out! If you personally have any PHP projects, or are currently developing one, consider incorporating these standards.
If you want to get involved, consider joining the Nashville Symfony User’s Group, which meets at Centre{source} the first Tuesday of every month! Symfony is taking off, and Nashville is right on board!
After skimming through Fabien’s very interesting slideshare presentation on PHP 5.3 (no, I can’t read French), and playing with Jon Wage’s PHP Interactive Terminal, I whipped up a fun little object-oriented array-wrapper class to do some neat ruby-esque things. It should be noted this code is for fun, and probably not sufficient for production use.
Using my array class, the following functions are now possible:
// Instantiate the object
$test = new A(1, 2, 3, 4, 5, 6, 8, 10, 20);
// return an array containing the multiples of 4
$test->reduce(function($i) { return $i%4==0; });
// Sum up all even values
$x = 0;
$test->each(function($i) use (&$x) {
if($i % 2 != 0)
continue;
$x+=$i;
});
echo $i; // outputs "42";
// return the index of the first item evaluated true
$isGreaterThan = function($x, $y) { return $x > $y; };
$test->match(function($i) use ($isGreaterThan) { return $isGreaterThan($i, 15); });
// returns an array of all values multiplied by two
$test->map(function($i) { return $i*2; });
// until the function evaluates true, execute the block on all variables
$test->until(function($i) { return $i > 15; })->do(function($i) {
echo "This number ($i) is less than or equal to 15";
});
Although we really gain nothing here we don’t already have with functions such as array_walk, array_map, array_filter, and so on, I personally get slightly aroused at this ruby-esque PHP implementation. While not quite as pretty as ruby blocks, anonymous functions (aka “closures”) offer similar functionality. To make it more rubyesque, I’ve overloaded my class’s __call, and __invoke methods:
// Instantiate an existing array
$test = new A($fortunes);
// return an array with "in bed" appended to all fortunes
$test->map(function($i, $key) { return $i." in bed."; });
// mutate the array object in place (similar to ruby's exclamation mark convention)
$test->_map(function($i, $key) { return $i." in bed."; });
// the underscore convention works for all functions that return an array
$test->_reduce(function($i, $key) { return strpos($i, 'happiness') !== false; });
// Ruby-like array access
$test = new A(10, 900, 5, 30);
echo $test(1, 2) // returns array [900, 5] (starts at index 1, length is 2)
// maybe supported someday, if I have time:
echo $test['0..2'] // returns array [10, 900, 5] (starts at index 0, up to index 2)
echo $test['1..,-1'] // returns array [10, 900, 5] (starts at index 0, up to last index, excludes ending index)
$test['2...3'] = new A(2, 2); //inserts array as the given indexes, to produce array [10, 900, 2, 2, 2, 20]
You can check out my half-baked class here. Any other fun ideas??
*** Update ***
Jwage did something similar by wrapping primitive types in php classes. Check out his code here!
It’s Easy! But it’s something we all have run into, and when we do we are filled with the dreaded realization that we have to use our brains again. I imagine a perfect world where we all use our brains as little as possible, and so, I give you the sfProtocolFilter. It requires three easy steps. Allow me to explain:
1) Download the class file. You can find the code here. You can put this class wherever, but I prefer to put it in /path/to/project/apps/myapp/lib/sfProtocolFilter.class.php.
2) Activate the filter in your application:
#/path/to/project/apps/myapp/config/filters.yml
#...
# insert your own filters here
protocol:
class: sfProtocolFilter
3) Turn SSL on in your application:
#/path/to/project/apps/myapp/config/app.yml
prod:
protocol:
secure: off
Make sure you only turn this on for your production environment, especially if you have a local dev install. You’ll be redirected to a nonexistent server if you activate this locally.
And that’s it! Now every time somebody visits your application, they’ll be redirected to a Secure Socket Layer. And you have managed to leave your brain out of the equation.
Well, BarCampNashville ‘09 is over. The afternoon included free beer, a mechanical bull, and lots and lots of tech talk. Travis Roberts and I presented our session in the form of a blood-boiling feud between Symfony and Rails, Ruby and PHP. In reality, both of us were very respectful, and have still remained friends (although I did put Belgian Flesh-Crabs under his bed).
Here are some photos of the event, but really all you need is this spellbinding image:
No, I am not offering Travis a joint with my left hand… It’s a mic for the U-Stream feed. Thanks to everyone who came out and supported us, to everyone who came out to Bar Camp Nashville, and to Bar Camp Nashville for letting us present! What a great event. A lot of local developers showed up, and it was a blast.
RSS Feed