Access Control Lists Component



访问控制列表 (ACL)

Phalcon\Acl provides an easy and lightweight management of ACLs as well as the permissions attached to them. Access Control Lists (ACL) allow an application to control access to its areas and the underlying objects from requests.

In short, ACLs have two objects: The object that needs access, and the object that we need access to. In the programming world, these are usually referred to as Roles and Components. In the Phalcon world, we use the terminology Role and Component.

Use Case

An accounting application needs to have different groups of users have access to various areas of the application.

Role - Administrator Access - Accounting Department Access - Manager Access - Guest Access

Component - Login page - Admin page - Invoices page - Reports page

As seen above in the use case, an Role is defined as who needs to access a particular Component i.e. an area of the application. A Component is defined as the area of the application that needs to be accessed.

Using the Phalcon\Acl component, we can tie those two together, and strengthen the security of our application, allowing only specific roles to be bound to specific components.