Lets see if i got it.

My app is an ecommerce application. The user is not authenticated yet, but i already have an id in the session to identify the shopping cart.

So in the bootstrap i could do:

Zend_Registry::set("transactionId","here can be a cookie value")

And then in my controller to retrieve the order i do:

Is that correct, right? In this case i am letting my service with dependency injection, how it should be.

Auth class was kind of example how to configure authentication which is used by service.

In controller that class is not touched at all, because authentication is configured in bootstrap. This class can be used in tests, to set and unset user id/other properties.

Now how it was written in a last example, is by something like:

public function _construct()
{
    $this->_setId(Auth::getIdentity());
}

Here we have dependency to Auth class, so ideally you’d want to either inject user object/id/whatever to constructor with help of DIC or inject auth class as object. Maybe even like this (use this myself usualy):

public function __construct($userId = null)
{
    // handle null case somehow/disallow it
    $this->_setId($userId);
}

In all cases, dependency to session doesn’t exist. Services (and Auth class if used) have ID, maybe some other properties, but they are just variables: cookies, sessions or any other logic you use to authenticate is decoupled.

This post was mostly referring to controller which uses session to handle logic. So the goal was to remove it and make controller session-blind. Is it clearer now? (confused whether I’m clear)

(passing directly to the constructor)

First your say “I looked at it again and though – why does controller need to know the userId?”

Ok with this phrase you say there’s no dependency injection.

After you say :

“For such things I use service layer: it has user info injected from bootstrap (or directly to a constructor) and operates with data only accessible to the user.”

Ok here you keep with no dependency injection. What i understard that is you set the user sessionId direct to the conctructor.

But at the end you say this is wrong because the service can get the auth instance inside himself:

“$auth = Auth::getInstance();
$auth->setIdentity(1);

$service = new Service(); // here service get’s identity from auth”

Ok as i have understood. You saying this is wrong. Service layer always should has dependency injection.

So i ask why in your first 2 examples you said that the controller doesn’t need to know the session id (passing directly to the controller) ? This is not a contradiction ?

Please clarify how to handle session Ids and pass them to service layer.

The service layer doesn’t supply access to data/objects, it coordinates other services

This means that no service could exist, or some of them need to do mutual coordination.
Myabe you could explain it a little more.

What you can do is inject a repository into a service.

So what you propose is that if you want to get an Order in your controller, you need to have one extra level of indirection?

OrderService -> OrderRepo -> {source}

Would you consider Doctrine_Table a repository?

Cheers

Currently I’m using a registry to store identity, and service’s constructor calls identity container method to obtain it. OR in tests i inject it (or null) manually.

So, how do you inject dependencies? The way I see it you are wiring the objects manually, for example:


// Create an instance of OrdersService and inject User
$service = new OrdersService();
$service->setUser($user);
$order = $service->getOrder($id);

$service = $locator->getService('Orders');
$order = $service->getOrder($id);


Is that how you are doing it?

Cheers