Access Control List
Create Access Control List Adapter
namespace Acme\Acl\Adapter;
use Prest\Acl\MountAwareTrait;
use Phalcon\Acl\Adapter\Memory as PhMemory;
use Prest\Acl\MountingEnabledAdapterInterface;
class Memory extends PhMemory implements MountingEnabledAdapterInterface
{
use MountAwareTrait;
}
Create roles
use Phalcon\Acl\Role;
use Preferans\Acl\Roles;
$acl = $di->get(Services::ACL);
$unauthorizedRole = new Role(Roles::UNAUTHORIZED);
$authorizedRole = new Role(Roles::AUTHORIZED);
$acl->addRole($unauthorizedRole);
$acl->addRole($authorizedRole);
$acl->addRole(new Role(Roles::ADMINISTRATOR), $authorizedRole);
$acl->addRole(new Role(Roles::MANAGER), $authorizedRole);
$acl->addRole(new Role(Roles::USER), $authorizedRole);
$acl->mountMany($api->getResources());
Restrict access on Resources
use Prest\Api\Resource;
use Preferans\Acl\Roles;
$api->resource(Resource::crud('/users', 'User')
->deny(Roles::UNAUTHORIZED, Roles::USER)
->endpoint(Endpoint::get('/me', 'me')
->allow(Roles::USER)
)
->endpoint(Endpoint::post('/authenticate', 'authenticate')
->allow(Roles::UNAUTHORIZED)
->deny(Roles::AUTHORIZED)
)
);