public function loginAction()
{
if ($this->isPost()) {
$password = User::generatePassword($this->params['username'], $this->params['password']);
$user = $this->repo(User::classname())->byLoginAndPassword($this->params['username'], $password);
if ($user instanceof User) {
$this->_session->set('user', $user->id());
$url = $this->_session->get('referer') ?: '/';
$this->redirect($url);
} else {
$this->alert(Alert::ERROR, 'Error logging in');
}
}
}
/**
* @example
*/
public function changePrivilegesAction($user_id, $privileges)
{
$this->user = $this->repo(User::classname())->find($user_id);
$this->user->privileges = $privileges;
$this->render('index');
}
/**
* Creates a controller instance
* @static
* @final
* @param Cognosys\Request $request
* @param Cognosys\Response $response
* @param array $database_params
* @param Cognosys\Templates\Decorator
* @return Cognosys\Controller
* @throws Exceptions\UserError if the controller name is unknown
*/
public static final function factory(Request $request, Response $response, array $database_params)
{
$cog = $response->cog();
$controller = $response->controller();
$action = $response->action();
$params = $response->params();
$session = Session::instance();
if ($cog === null) {
throw new UserError("There is no such area: <em>{$response->originalController()}</em>");
}
// use the namespace inside the application
$controller_class = "App\\Cogs\\{$cog}\\Controllers\\{$controller}";
// renders the view even if there is no action
$instance = new $controller_class($database_params);
$instance->_request = $request;
$instance->_response = $response;
$instance->_session = $session;
$instance->_view = View::forController($request, $response);
$instance->_user = $instance->repo(User::classname())->find($session->get('user', false));
$instance->params = $instance->_getPost();
//LOW: require all models to use in instanceof?
return $instance;
}
