Backend\Core\Engine\Authentication::getAllowedActions PHP Method

    public static function getAllowedActions()
    {
        // we will cache everything
        if (!empty(self::$allowedActions)) {
            return self::$allowedActions;
        }
        // get allowed actions
        $allowedActionsRows = (array) BackendModel::get('database')->getRecords('SELECT gra.module, gra.action, MAX(gra.level) AS level
            FROM users_sessions AS us
            INNER JOIN users AS u ON us.user_id = u.id
            INNER JOIN users_groups AS ug ON u.id = ug.user_id
            INNER JOIN groups_rights_actions AS gra ON ug.group_id = gra.group_id
            WHERE us.session_id = ? AND us.secret_key = ?
            GROUP BY gra.module, gra.action', array(\SpoonSession::getSessionId(), \SpoonSession::get('backend_secret_key')));
        // add all actions and their level
        $modules = BackendModel::getModules();
        foreach ($allowedActionsRows as $row) {
            // add if the module is installed
            if (in_array($row['module'], $modules)) {
                self::$allowedActions[$row['module']][$row['action']] = (int) $row['level'];
            }
        }
        return self::$allowedActions;
    }

 /**
  * Parse the authentication settings for the authenticated user
  */
 private function parseAuthentication()
 {
     // loop actions and assign to template
     foreach (Authentication::getAllowedActions() as $module => $allowedActions) {
         foreach ($allowedActions as $action => $level) {
             if ($level == '7') {
                 $this->assign('show' . \SpoonFilter::toCamelCase($module, '_') . \SpoonFilter::toCamelCase($action, '_'), true);
             }
         }
     }
 }