[WIP][HttpFoundation] Move flash messages out of Session class and change to bucket system. #2592
Conversation
…to bucket system.
| * | ||
| * @param array $flashes | ||
| */ | ||
| public function initialize(array $flashes); |
There was a problem hiding this comment.
the public keyword should be omitted for interfaces
|
It makes for a much better API if developers don't have to know the internal of the class, ie, to know that they should be using 'status' or something as keys - that's where class constants are useful. Should I continue and flesh out some unit tests? |
| protected $closed; | ||
|
|
||
There was a problem hiding this comment.
you should not add trailing slashes here
There was a problem hiding this comment.
I dont see any trailing slashes, what am I missing? I think my IDE must have truncated the line or changed the line ending?
There was a problem hiding this comment.
and it applies to all the blank lines of your patch as most of them are not really blank lines.
There was a problem hiding this comment.
I think this is my IDE stripping spaces from empty lines.
There was a problem hiding this comment.
no, it is your IDE adding them. Stripping them is what you should do to follow the coding standards
|
I like the move of flash management outside of the session, even if we keep the current API. But as @lsmith77 suggested in the other PR about the same topic, we first need to define the use cases for flashes (and which problems it solve?) to be sure that we are all on the same page. As of today, I still don't understand why you would want to store more than one thing for a given flash name. I think everybody has the same technical definition: A flash is something that is stored to be displayed on the very next request and must be removed automatically after that. But beside this technical definition, when is it useful? Here is my intended use case (actually it's not mine, it's the one envisioned by Ruby on Rails which AFAIK introduced this concept some years ago.): forms submission. When a user submit a form, you want to display the result of the submission on the next page (this is needed because you redirect to a GET after a POST instead of displaying the result directly in response to the form submission). And that's it. Nothing more. For this use case, you don't need an array as you only have one result to display and you can only submit one form per request. |
|
On Nov 10, 2011, at 08:05 , Fabien Potencier wrote:
Form submissions are the main use case. For example I may add a new item and the system wants to alert me that because of some other things I havent done yet. Furthermore there could be a listener that adds a flash message in case there are certain important tasks that need to be done immediately that have nothing to do with the form submission. Finally and this is the most important aspect: Flash messages should not be displayed as part of the form, but inside the layout template to ensure that they are displayed consistently. Note also that "flash" messages can also be dynamically generated inside the frontend (for example because the frontend is unable to connect to the backend in the background), which is another reason why you want to display flash messages outside of the content area and inside the layout. As such the layout has no knowledge about who or what set the given flash message and must therefore be able to determine how to display the flash message based on as little message specific information as possible. The most obvious solution therefore is to define a static set of types that all Bundles (incl. 3rd party Bundles) can standardize on so that the formatting of the messages can be determined easily (most likely the type will simply be mapped to a CSS class). Here is the code we have in the layout.html.twig in FOSUserBundle: |
|
I'm sorry @lsmith77 but the use cases you describe sound more like a notification center to me. Agreed that flash messages should be a part of it, it's a rather broad spectrum approach and I'm not sure that it should be coupled to the session. Rather, the session should be able to send notifications, some of which could be sticky and some that would act like flashes. Anyway, I'm not sure we need that in the core. |
|
Sure you can argue that it shouldn't be in core.
Once that is in place, people can use the flash messages just like they did before (more or less since they now would get an array for each key). Not sure if it would make sense to have a FlashBag with the old behavior and a FlashStackBag with the new, since it wouldn't be possible to have the same API for reading. |
|
I guess I didn't express myself clearly, my apologies. Aside from the fact what the API for the new flash messages should look like, I agree with @fabpot that we need to define some use cases first before deciding upon the API. In my opinion your use cases are not completely relevant to the topic. As much as I like and agree with the need for your more extensive approach to user notifications (like you described, a system that allows for event listeners and cross-application notifying), I think the responsibility for such a behavior is not the within the scope of a flash messages API. Therefor we should probably think of other possible use cases where multiple messages are indeed possible. |
|
Even if you ignore the use case for the listener, the rest of my use case is standard and should definitely be handled by core imho. |
|
There are many use cases when you develop complex applications. I can give you examples from Zikula. You might have an event handler (from a plugin or something) that needs to communicate something important to the user (a security warning for example). Flashes provide a perfect way to do this. In another example we have a system of installable modules. The list of modules needs to be regenerated so we can provide a list of installed and installable modules. It might be someone installs an invalid module type, so during the regenerate loop, we can throw up an error like There are also tasks which a controller might call APIs or trigger hooks/events that have no way of communicating an error to the user other than by flashes. You can argue that this should be done another way (collect API responses/trap exceptions and build a single flash in the controller), but the fact is, flashes provide a very convenient way of dealing with this. Several big systems use this kind of messaging:, Drupal is one of them. We cannot expect people to buy into Symfony2 components if they have to spend their time customising them for basic functionality which is expected and used extensively elsewhere. As for a standard for flash message types, I'd say there are two options, 2, or 4. |
|
As for me personally - I had to implement my own Messenger class just to be able to add flush messages of different kind (error, notices) in the amount of more than 1 message. The PR seem to be a good alternative. |
|
I have one caveat for defaults - it's bad practice to add defaults to a method signature if arguments after that are required e.g. This sort of thing is bad practice: Given the |
|
agreed. but imho we should offer some default type strings as class constants |
|
@Drak, what is wrong with changing the order of arguments? |
|
@olegstepura: I don't know, is it logical to change the order? My own preference is to have |
|
@Drak, it's logical to add the defaults. I'm lazy enough to add a simple I am talking about API, not implementation details And what's the case of not adding a default? Only the arguments order? the only bad example of moving !optional arguments which can have defaults to the end was new |
|
A few notes after reading through this.
In Drupal this is not the only case for session messages. We use the same interface for showing form validation errors, which are returned in the POST response with the rebuilt form. We also only do one POST request for each step in a multistep form.
In Drupal, we combine the info and status levels, but as long as Symfony offers at least those three levels we'll be able to use this component. |
| } | ||
|
|
||
| /** | ||
| * Adds a flash to the stack for a given type. |
There was a problem hiding this comment.
This comment is confusing as we aren't actually storing messages in a stack and they can be retrieved by index.
|
FYI - I'm going AFK for about 5 or so days, I will try to work more on this offline and update you when I get back. |
Changed the order of addFlash() a sensible default.
|
Replaced by PR #2714 |
Commits ------- cb6fdb1 [HttpFoundation] removed Session::close() c59d880 Docblocks. b8df162 Correct instanceof condition. 8a01dd5 renamed getFlashes() to getFlashBag() to avoid clashes 282d3ae updated CHANGELOG for 2.1 0f6c50a [HttpFoundation] added some method for a better BC 146a502 [FrameworkBundle] added some service aliases to avoid some BC breaks 93d81a1 [HttpFoundation] removed configuration for session storages in session.xml as we cannot provide a way to configure them (like before this PR anyway) 74ccf70 reverted 5b7ef11 (Simplify session storage class names now we have a separate namespace for sessions) 91f4f8a [HttpFoundation] changed default flash bag to auto-expires to keep BC 0494250 removed unused use statements 7878a0a [HttpFoundation] renamed pop() to all() and getAll() to all() 0d2745f [HttpFoundation] Remove constants from FlashBagInterface dad60ef [HttpFoundation] Add back get defaults and small clean-up. 5b7ef11 [HttpFoundation] Simplify session storage class names now we have a separate namespace for sessions. 27530cb [HttpFoundation] Moved session related classes to own sub-namespace. 4683915 [HttpFoundation] Free bags from session storage and move classes to their own namespaces. d64939a [DoctrineBridge] Refactored driver for changed interface. f9951a3 Fixed formatting. 398acc9 [HttpFoundation] Reworked flashes to maintain same behaviour as in Symfony 2.0 f98f9ae [HttpFoundation] Refactor for DRY code. 9dd4dbe Documentation, changelogs and coding standards. 1ed6ee3 [DoctribeBridge][SecurityBundle][WebProfiler] Refactor code for HttpFoundation changes. 7aaf024 [FrameworkBundle] Refactored code for changes to HttpFoundation component. 669bc96 [HttpFoundation] Added pure Memcache, Memcached and Null storage drivers. e185c8d [HttpFoundation] Refactored component for session workflow. 85b5c43 [HttpFoundation] Added drivers for PHP native session save handlers, files, sqlite, memcache and memcached. 57ef984 [HttpFoundation] Added unit and functional testing session storage objects. 3a263dc [HttpFoundation] Introduced session storage base class and interfaces. c969423 [HttpFoundation] Added FlashBagInterface and concrete implementation. 39288bc [HttpFoundation] Added AttributesInterface and AttributesBagInterface and concrete implementations. Discussion ---------- [2.1][HttpFoundation] Refactor session handling and flash messages Bug fix: yes Feature addition: yes Backwards compatibility break: yes Symfony2 tests pass: yes Fixes the following tickets: #2607, #2591, #2717, #2773 References the following tickets: #2592, #2543, #2541, #2510, #2714, #2684 Todo: - __Introduction__ This extensive PR is a refactor with minimal BC breaks of the `[HttpFoundation]` component's session management which fixes several issues in the current implementation. This PR includes all necessary changes to other bundles and components is documented in the `CHANGELOG-2.1` and `UPGRADING-2.1`. __Summary of Changes__ __Session:__ - Session object now implements `SessionInterface` __Attributes:__ - Attributes now handled by `AttributeBagInterface` - Added two AttributeBag implementations: `AttributeBag` replicates the current Symfony2 attributes behaviour, and the second, `NamespacedAttributeBag` introduces structured namespaced representation using '/' in the key. Both are BC. `FrameworkBundle` defaults to the old behaviour. __Flash messages:__ - Flash messages now handled by `FlashBagInterface` - Introduced `FlashBag` which changes the way flash messages expire, they now expire on use rather than automatically, useful for ESI. - Introduced `AutoExpireFlashBag` (default) which replicates the old automatic expiry behaviour of flash messages. __Session Storage:__ - Introduced a base object, `AbstractSessionStorage` for session storage drivers - Introduced a `SessionSaveHandlerInterface` when using custom session save handlers - Introduced a `NullSessionStorage` driver which allows for unsaved sessions - Introduced new session storage drivers for Memcache and Memcached - Introduced new session storage drivers for PHP's native SQLite, Memcache and Memcached support __General:__ - Fixed bugs where session attributes are not saved and all cases where flash messages would get lost - Wrote new tests, refactored related existing tests and increased test coverage extensively. __Rationale/Details__ I'll explain more detail in the following sections. __Unit Tests__ All unit and functional tests pass. __Note on Functional Testing__ I've introduced `MockFileSessionStorage` which replaces `FilesystemSessionStorage` to emulate a PHP session for functional testing. Essentially the same methodology of functional testing has been maintained but without interrupting the other session storage drivers interaction with real PHP sessions. The service is now called `session.storage.mock_file`. __Session Workflow__ PHP sessions follow a specific workflow which is not being followed by the current session management implementation and is responsible for some unpredictable bugs and behaviours. Basically, PHP session workflow is as follows: `open`, `read`, `write`, `close`. In between these can occur, `destroy` and `garbage collection`. These actions are handled by `session save handlers` and one is always registered in all cases. By default, the `files` save handler (internally to PHP) is registered by PHP at the start of code execution. PHP offers the possibility to change the save handler to another internal type, for example one provided by a PHP extension (think SQLite, Memcache etc), or you can register a user type and set your own handlers. However __in all cases__ PHP requires the handlers. The handlers are called when the following things occur: - `open` and `read` when `session_start()` or the session autostarts when PHP outputs some display - `destroy` when `session_regenerate_id(true)` is called - `write` and `close` when PHP shuts down or when `session_write_close()` is called - `garbage collection` is called randomly according to configurable probability The next very important aspect of this PR is that `$_SESSION` plays an important part in this workflow because the contents of the $_SESSION is populated __after__ the `read` handler returns the previously saved serialised session data. The `write` handler is sent the serialised `$_SESSION` contents for save. Please note the serialisation is a different format to `serialize()`. For this reason, any session implementation cannot get rid of using `$_SESSION`. I wrote more details on this issue [here](#2607 (comment)) In order to make writing session storage drivers simple, I created a light base class `AbstractSessionStorage` and the `SessionSaveHandlerInterface` which allows you to quickly write native and custom save handler drivers. __Flash Messages [BC BREAK]__ Flash messages currently allow representation of a single message per `$name`. Fabien designed the original system so that `$name` was equivalent to flash message type. The current PR changes the fact that Flash messages expire explicitly when retrieved for display to the user as opposed to immediately on the next page load. The last issue fixes potential cases when flash messages are lost due to an unexpected intervening page-load (an error for example). The API `get()` has a flag which allows you to override the `clear()` action. __Flash message translation__ This PR does not cover translation of flash messages because messages should be translated before calling the flash message API. This is because flash messages are used to present messages to the user after a specific action, and in any case, immediately on the next page load. Since we know the locale of the request in every case we can translate the message before storing. Secondly, translation is simply a string manipulation. Translation API calls should always have the raw untranslated string present because it allows for extraction of translation catalogs. For a complete answer see my answer [here](#2543 (comment)) __Session attribute and structured namespacing__ __This has been implemented without changing the current default behaviour__ but details are below for the alternative: Attributes are currently stored in a flat array which limits the potential of session attributes: Here are some examples to see why this 'structured namespace' methodology is extremely convenient over using a flat system. Let's look at an example with csrf tokens. Let's say we have multiple csrftokens stored by form ID (allowing multiple forms on the page and tabbed browsing). If we're using a flat system, you might have 'tokens' => array('a' => 'a6c1e0b6', 'b' => 'f4a7b1f3') With a flat system when you get the key `tokens`, you will get back an array, so now you have to analyse the array. So if you simply want to add another token, you have to follow three steps: get the session attribute `tokens`, have to add to the array, and lastly set the entire array back to the session. $tokens = $session->get('tokens'); $tokens['c'] = $value; $session->set('tokens', $tokens); Doable, but you can see it's pretty long winded. With structured namespacing you can simply do: $session->set('c', $value, '/tokens'); There are several ways to implement this, either with an additional `$namespace` argument, or by treating a character in the `$key` as a namespacer. `NamespacedAttributeBag` treats `/` as a namespacer so you can represent `user.tokens/a` for example. The namespace character is configurable in `NamespacedAttributeBag`. --------------------------------------------------------------------------- by marijn at 2011-12-18T15:43:17Z I haven't read the code yet but the description from this PR and your line of thought seem very well structured. Seems like a big +1 for me. --------------------------------------------------------------------------- by lsmith77 at 2011-12-19T16:01:19Z @deviantintegral could you look over this to see if it really addresses everything you wanted with PR #2510 ? --------------------------------------------------------------------------- by deviantintegral at 2011-12-24T20:12:03Z I've read through the documentation and upgrade notes, and I can't see anything that's obviously missing from #2510. Being able to support multiple flashes per type is the most important, and the API looks reasonable to me. Drupal does support supressing repeat messages, but that can easily be implemented in our code unless there's a compelling case for it to be a part of Symfony. I wonder if PHP memcache support is required in Symfony given the availability of memcached. I'm not familiar with how other parts of Symfony handle it, but there is often quite a bit of confusion between the two PHP extensions. It could be simpler to remove one, or add a bit of info describing or linking to why there are two nearly identical classes. Is it possible to make one class inherit from the other (memcached is a child of memcache)? --------------------------------------------------------------------------- by Fristi at 2011-12-24T20:29:46Z Interesting, maybe add: session events as I did with the current impl: https://github.com/Fristi/SessionBundle --------------------------------------------------------------------------- by drak at 2011-12-25T00:50:03Z @deviantintegral - I agree about the confusion between memcache and memcached but actually, it is necessary to support both because `memcached` is not available everywhere. For example on Debian Lenny and RHEL/CentOS 5, only memcache is available by default. This would preclude a massive amount of shared hosting environments. Also, it is not possible to inherit one from the other, they are completely different drivers. @Fristi - I also thought about the events, but they do not belong as part of the standalone component as this would create a coupling to the event dispatcher. The way you have done it, ie, in a bundle is the right way to achieve it. --------------------------------------------------------------------------- by matheo at 2011-12-25T01:12:00Z Impressive work, looks like a big improvement and deserves a big +1 --------------------------------------------------------------------------- by datiecher at 2011-12-26T11:57:12Z Took some time to grok all the changes in this PR but all in all it is a keeper. Specially the new flash message API, it's really nicer to work with it then the previous one. Nicely done @Drak! --------------------------------------------------------------------------- by lsmith77 at 2012-01-02T15:00:00Z @fabpot did you have time to review this yet? with all the work @Drak has done its important that he gets some feedback soon. its clear this PR breaks BC in ways we never wanted to allow. but i think this PR also clearly explains why its necessary none the less. --------------------------------------------------------------------------- by drak at 2012-01-02T15:41:53Z @fabpot - I have removed the WIP status from this PR now and rebased against the current master branch. --------------------------------------------------------------------------- by Tobion at 2012-01-07T07:13:38Z From what I read from the IRC chat logs, the main concern of @fabpot is whether we really need multiple flash messages per type. I'm in favor of this PR and just want to add one point to this discussion. At the moment you can add multiple flash messages of different type/category/identifier. For example you can specify one error message and one info message after an operation. I think most agree that this can be usefull. But then it makes semantically no sense that you currently cannot add 2 info messages. This approach feels a bit half-done. So I think this PR eliminates this paradox. --------------------------------------------------------------------------- by drak at 2012-01-07T09:11:07Z For reference there is also a discussion started by @lsmith77 on the mailing list at https://groups.google.com/forum/#!topic/symfony-devs/cy4wokD0mQI --------------------------------------------------------------------------- by dlsniper at 2012-01-07T16:02:15Z @Drak I could also add the next scenario that I currently have to live with, in addition to @lsmith77 ones. I had this issue while working on our shopping cart implementation for a customer where the customer wanted to show the unavailability of the items as different lines in the 'flash-error' section of the cart. We had to set an array as the 'flash message' in order to display that information. So in this case for example having the flash messages types as array would actually make more sense that sending an array to the flasher. Plus the the other issue we had was that we also wanted to add another error in the message but we had to do a check to see if the flash message is an array already or we need to make it an array. I think it's better not to impose a limit of this sort and let the users be able to handle every scenario, even if some are rare, rather that forcing users to overcome limitations such as these. I really hope this PR gets approved faster and thanks everyone for their hard work :) --------------------------------------------------------------------------- by Tobion at 2012-01-07T21:01:07Z @dlsniper I think you misinterpreted my point. --------------------------------------------------------------------------- by dlsniper at 2012-01-07T21:04:04Z @Tobion I'm sorry I did that, I'll edit the message asap. Seems no sleep in 26 hours can cause brain not to function as intended :) --------------------------------------------------------------------------- by lsmith77 at 2012-02-01T14:38:52Z FYI the drupal guys are liking this PR (including the flash changes): http://drupal.org/node/335411 --------------------------------------------------------------------------- by drak at 2012-02-01T14:51:33Z @lsmith77 Fabien asked me to remove the changes to the flash messages so that they are as before - i.e. only one flash per name/type /cc @fabpot --------------------------------------------------------------------------- by fabpot at 2012-02-01T14:58:23Z To be clear, I've asked to split this PR in two parts: * one about the session refactoring (which is non-controversial and should be merged ASAP) * this one with only the flash refactoring --------------------------------------------------------------------------- by drak at 2012-02-02T11:29:26Z @fabpot this is ready to be merged now. I will open a separate PR later today for the flash messages as a bucket. --------------------------------------------------------------------------- by fabpot at 2012-02-02T11:34:39Z I must have missed something, but I still see a lot of changes related to the flash messages. --------------------------------------------------------------------------- by drak at 2012-02-02T11:39:10Z When I spoke to you you said you wanted to make the commit with flash messages with one message per name/type rather than multiple. The old flash messages behaviour is 100% maintained in `AutoExpireFlashBag` which can be the default in the framework if you wish. The `FlashBag` implementation makes Symfony2 ESI compatible. --------------------------------------------------------------------------- by stof at 2012-02-02T11:47:38Z @Drak splitting into 2 PRs means you should not refactor the flash messages in this one but in the dedicated one. --------------------------------------------------------------------------- by drak at 2012-02-02T12:29:43Z @stof Yes. I discussed with Fabien over chat there are basically no changes to flashes in `FlashBag` and `AutoExpireFlashBag` maintains the exact behaviour as before. The FlashBag just introduces ESI compatible flashes. There is no way to refactor the sessions without moving the flash messages to their own bag. The next PR will propose the changes to flashes that allow multiple messages per name/type. I can size the PR down a little more removing the new storage drivers and so on to make the PR smaller but that's really as far as I can go. To be clear, while the API has changed a little for flashes, the behaviour is the same.
Bug fix: no
Feature addition: yes
Backwards compatibility break: yes
Symfony2 tests pass: TODO
Fixes the following tickets: #1863
References: #2510, #2543
Todo: write tests, update changelog, update documentation
The main rationale for this PR can be found at #2543 (comment)
Summary: In this PR we move the flash messages to it's own driver, and we change flash messages to a bucket system. This PR clarifies Fabien's original intention of using $name as a type category for the flash message, but it's now extended to allow multiple messages per type. Renamed
$nameto$typefor clarity.