O'Reilly logo

Getting Started with Phalcon by Stephan Miller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Controlling user access

An access control list (ACL) uses roles to control access to resources. Phalcon\Acl provides this functionality for us. With it, we can assign roles to the different types of visitors on our blog, and then use these roles to set up permissions on each action in each of our controllers. For our purposes, we are only going to create two roles, users and guests. A user will simply be a visitor that is logged in, a guest, or anyone else. We are only going to give guest access to perform the following actions:

  • View the index page:
    • View the posts' index page
    • Comment on a post
    • View the users' index, which will be a login page, when a visitor is not logged in
  • Log in

A logged in user can do everything. To put Phalcon\Acl to use in our ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required