/**
* @param $user
*
*/
protected static function set_rules($user)
{
// Always get again the rules
// To comment if rules should be placed in session
// (will need logout / login) to set new rules.
// self::on_logout();
// Rules : From Session
if (self::$session->userdata('authority_rules')) {
$rules = self::$session->userdata('authority_rules');
} else {
// Models
self::$ci->load->model(array('role_model', 'rule_model'), '', TRUE);
// Roles rules
$rules = self::$ci->rule_model->get_from_role($user->get_role());
// To Session
self::$session->set_userdata('authority_rules', $rules);
}
// Check for Super Admin role
foreach ($rules as $rule) {
if ($rule['resource'] == 'all') {
self::$has_all = TRUE;
Authority::allow('manage', 'all');
break;
}
}
// Other role
if (!self::$has_all) {
foreach ($rules as $rule) {
// Read action
$rule['permission'] == 1 ? Authority::allow('access', $rule['resource']) : Authority::deny('access', $rule['resource']);
// Other actions
if (!empty($rule['actions'])) {
$actions = explode(',', $rule['actions']);
foreach ($actions as $action) {
$rule['permission'] == 1 ? Authority::allow($action, $rule['resource']) : Authority::deny($action, $rule['resource']);
}
}
}
}
}
