New in Symfony 2.6: New shortcut methods for controllers

September 25, 2014 · Published by

Javier Eguiluz

Warning: This post is about an unsupported Symfony version. Some of this information may be out of date. Read the most recent Symfony Docs.

Contributed by
Thomas Royer in #11593. and Grégoire Pineau in #11602.

Symfony comes with a very handy base Controller class that assists with some of the most common controller tasks. When your controllers extend from the Symfony\Bundle\FrameworkBundle\Controller\Controller class, you can take advantage of several helper methods, such as redirect(), getUser() and createNotFoundException().

These helpers are so useful, that we've decided to include five new controller helpers in Symfony 2.6 to boost your productivity:

1. redirectToRoute(), allows to return a redirection based on the name of the route instead of having to generate first the URL:

        1
2
3
4
5
6
7
8
9
        // Symfony 2.6
return $this->redirectToRoute('homepage');

return $this->redirectToRoute('product_show', array('id' => 12), 301);

// Previous Symfony versions
return $this->redirect($this->generateUrl('homepage'));

return $this->redirect($this->generateUrl('product_show', array('id' => 12)), 301);
    

2. addFlash(), allows to create a flash message of the given type, checking first if the user session is available:

        1
2
3
4
5
        // Symfony 2.6
$this->addFlash('info', 'The item was created successfully.');

// Previous Symfony versions
$this->get('session')->getFlashBag()->add('info', 'The item was created successfully.');
    

3. isGranted(), checks if the given attributes are granted against the current authentication token and the optionally supplied object:

        1
2
3
4
5
6
7
8
9
        // Symfony 2.6
if ($this->isGranted('ROLE_ADMIN')) {
    // ...
}

// Previous Symfony versions
if ($this->get('security.context')->isGranted('ROLE_ADMIN')) {
    // ...
}
    

4. denyAccessUnlessGranted(), throws an exception unless the attributes are granted against the current authentication token and the optionally supplied object:

        1
2
3
4
5
6
7
        // Symfony 2.6
$this->denyAccessUnlessGranted('ROLE_EDIT', $item, 'You cannot edit this item.');

// Previous Symfony versions
if (false === $this->get('security.context')->isGranted('ROLE_EDIT', $item)) {
    throw $this->createAccessDeniedException('You cannot edit this item.');
}
    

5. isCsrfTokenValid(), checks the validity of the given CSRF token:

        1
2
3
4
5
6
7
        // Symfony 2.6
$this->isCsrfTokenValid('token_id', 'TOKEN');

// Previous Symfony versions
use Symfony\Component\Security\Csrf\CsrfToken;

$this->get('security.csrf.token_manager')->isTokenValid(new CsrfToken('token_id', 'TOKEN'))
    

Published in #Living on the edge

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.

Comments

Artem Ostretsov said on Sep 25, 2014 at 06:18

Hooray to new [array init] syntax!

Javier Eguiluz Certified said on Sep 25, 2014 at 06:22

@Artem, the short array syntax has to do with PHP, not with Symfony. I use it to make the prevent the code to overflow the available space. Remember that you can only use it with PHP 5.4 or higher.

Ariel Ferrandini said on Sep 25, 2014 at 07:16

It will reduce our typing time :)
Thanks to the contributor and the DX initiative.

Loïc Vernet Certified said on Sep 25, 2014 at 08:50

@Javier : So the example should be modified as Symfony2 is supposed to support 5.3.3.

Yann Certified said on Sep 25, 2014 at 08:51

Simple and very usefull shotcut methods!
Thanks to the DX initiative

Javier Eguiluz Certified said on Sep 25, 2014 at 08:58

@Loïc you are right. I've just updated the example to use the old and verbose array() syntax.

Grégoire Pineau Certified said on Sep 25, 2014 at 09:01

@javier you forgot this pr: https://github.com/symfony/symfony/pull/11602 Controller::isCsrfTokenValid ;)

Javier Eguiluz Certified said on Sep 25, 2014 at 09:32

@Grégoire sorry for having missed you PR! I've just updated the blog post with the new isCsrfTokenValid() shortcut.

Kevin Archer said on Sep 25, 2014 at 11:57

Since PHP 5.3 reached end-of-life last month, perhaps the major version supported by Symfony should be raised to 5.4 which will at least receive security fixes until next September.

Dirk Luijk said on Sep 25, 2014 at 13:12

#10

This is really great, as it improves the code readability a lot. Thanks!

Damián Nohales said on Sep 25, 2014 at 14:42

#11

Oh no! my custom Controller class got totally useless :D

Kamil Kraśnik said on Sep 25, 2014 at 14:44

#12

Awesome helpers. Thanks!

Loïc Vernet Certified said on Sep 25, 2014 at 15:07

#13

BTW, if you like this, check out the KnpRadBundle.

Komarthi Ranga said on Sep 25, 2014 at 16:31

#14

good to know...Thank u........................

ibasaw said on Sep 26, 2014 at 14:05

#15

nice, thx !

Nicolas Dewez Certified said on Sep 26, 2014 at 17:26

#16

It's very simple and good !

Kyle Harrison said on Sep 26, 2014 at 18:00

#17

The flashBag and isGranted shortcuts are a godsend and worth the upgrade to 2.6 in of by themselves

rudak said on Sep 27, 2014 at 14:31

#18

My own controller which (extends the main controller) is already doing that sort of stuff..
but thank you :)

John said on Oct 3, 2014 at 19:11

#19

Why not using traits ? For example a trait "message" for flash Messages, a trait security for granted ans CSRF, a trait routing.. It will avoid to have multiple useless shortcut !

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.

New in Symfony 2.6: New shortcut methods for controllers

Comments

Comments are closed.

What is Symfony?

Learn Symfony

Screencasts

Community

Blog

Services

Deployed on