0

I am using CodeIgniter 3.x, HMVC latest, ion Auth for authentication and to make application role based.
The application is dynamically role based. i.e. the database handles the roles ► users ► modules-controlers-CRUD_rights
Now one module function calls 2nd module function. the issue is when 1st module rights are READ and 2nd module is given no READ rights to the specific user. I am not able to figure out how to handle this kind of request.

For example.

Role1 ► SalesGuy ► SalesModule ► InvoiceController
Role2 ► User2 ► ClientsModule ► ClientController ► load_clients_function

Role1 has not READ access to ClientsModule.
Now, when In Coding I am accessing clients via the following code:

$clients_data = modules::load('ClientsModule/ClientController')->load_clients_function();

I am getting 404, because code of ClientsModule/ClientController constructor is following.

    $this->mymodule = $this->router->fetch_module(); //ClientsModule
    $this->myclass = $this->router->fetch_class(); //ClientController 

    $is_allowed = modules::load('myauth/')->mod_allowed($this->mymodule, $this->myclass); 
// ^^^ this function checks in DB that logged in user has access to modules/controller or not.
    if ($is_allowed !== '1') {
        show_404();
    }

I am not sure where I am missing something. Either my knowledge in using HMVC properly or knowledge of using OOPS is not up to mark. Please help me if anyone experienced of HMVC and/or CI.

TechCare99
  • 1,763
  • 6
  • 24
  • 33
  • `modules::load()` I think should be `modules::run('module/controller/method', $params, $...);` –  Oct 21 '15 at 08:02
  • There is not issue in loading or running the module actually. The issue is how to handle the request. which is coming from allowed module/controller/function to non-allowed module/controller/function. Right now can not access but actually it should be. But not able to figure out how to detect that this is request from another controller. – TechCare99 Oct 21 '15 at 11:41

0 Answers0