- You can use '*' as second and third parameter in
Phalcon\Acl::deny methods. This will mean any resource and action respectively.
- Second argument in
Phalcon\Acl::addRole tells from which role inheritance access.
- You should serialize your ACL to some file or cache backend instead of creating it on each request.
- Also it's good idea to keep acl in seperated file.
Phalcon\Acl is able to send events to event manager, there are two events -
- You can use
Phalcon\Acl\AdapterInterface to implement your own acl adapter.
- You can protect your routes using acl with combination of proper listener in dispatcher