type != "album") { access::forbidden(); } $view = new View("permission_edit.html"); $view->item = $item; $view->groups = ORM::factory("group")->find_all(); $view->permissions = ORM::factory("permission")->find_all(); print $view; } function edit($id) { access::verify_csrf(); $item = ORM::factory("item", $id); access::required("edit", $item); foreach (ORM::factory("group")->find_all() as $group) { foreach (ORM::factory("permission")->find_all() as $permission) { $perm_name = "{$permission->name}_$group->id"; $value = $this->input->post($perm_name); // Set permissions here } } url::redirect("form/edit/permissions/$item->id"); } }