User Roles and Permission in CodeIgniter 2.1.4

Question 1

Since you already have experience with the Zend ACL, why not use it in your CodeIgniter project? (Link)

Just set up your roles, resources, and permissions in your "MY_Controller.php" file so they're available to all your controllers. Also set up your user in MY_Controller (e.g. $this->theUser) for the same reason.

Set up classes for your resources in your Libraries folder that "implements Zend_Acl_Resource_Interface" and a "User" class for your user that "implements Zend_Acl_Role_Interface".

After setting up the ACL in MY_Controller, retrieve role(s) for the user from your database and add them to your user:

$roles = $this->theUser->getRoles(); // get the assigned role(s) for the user (array)
$acl->addRole($this->theUser, $roles); // then apply them to the user

With that done, I typically put something like the following at the top of each controller:

if ( !$this->acl->isAllowed($this->theUser, 'article', 'modify') ) {
    redirect( '/home', 'refresh' ); // go back home
    exit;
}

Don't forget, you can even set up dynamic assertions (i.e. implements Zend_Acl_Assert_Interface) if a permission to a resource requires some logic. I typically put assertion classes immediately following their related resource class.

Question 2

Use Ion_Auth, it is an authentication library with a system of user roles. Should be easier for you to create permissions in your code.

This is only my 2-cents but Hooks are somehow similar to an event-driven approach. This means that they will be triggered at particular times in your code. In the documentation, you can see that CI has 7 hooks ready. Thus, you can inject any script of yours at those 7 moments.

Let's say that you can add a script during the hook pre_controller that checks for the user's browser's language, so that in all your controllers you already know the language to use.

Note that ion_auth also supports hooks.