An access control list (ACL) uses roles to control access to resources.
Phalcon\Acl provides this functionality for us. With it, we can assign roles to the different types of visitors on our blog, and then use these roles to set up permissions on each action in each of our controllers. For our purposes, we are only going to create two roles, users and guests. A user will simply be a visitor that is logged in, a guest, or anyone else. We are only going to give guest access to perform the following actions:
A logged in user can do everything. To put
Phalcon\Acl to use in our ...