Using ACL in Phalcon 1.1.0

Hi I tried to replicate the ACL in sample application invo steps 1.) I copied the Security.php as an app plugin in my new phalcon project 2.) load the necessary plugins in loader.php code below


3.) Add event manager for adding the Security plug in and add a session in public/index.php

     * We register the events manager

    $di->set('dispatcher', function() use ($di) {

        $eventsManager = $di->getShared('eventsManager');

        $security = new Security($di);

         * We listen for events in the dispatcher using the Security plugin
        $eventsManager->attach('dispatch', $security);

        $dispatcher = new Phalcon\Mvc\Dispatcher();

        return $dispatcher;

     * Start the session the first time some component request the session service
    $di->set('session', function(){
        $session = new Phalcon\Session\Adapter\Files();
        return $session;

4.) modify the Security plugin to add hello controller in publicResources variable for Hello Controller to enable the guest view

//Public area resources
            $publicResources = array(
                'index' => array('index'),
                'hello' => array('index', 'login')

5.) Create a Hello Controller

class HelloController extends \Phalcon\Mvc\Controller

     protected function initialize()
        echo "CALL HELLO";


    public function indexAction()
        echo "INDEX";

    public function loginAction()
        echo "MOO";


6.) test the application url "http://localhost/appname/hello/login" output is "You don't have access to this module"

What seems to be the problem? Am I missing something?


You need to disable caching before you finish Acl configuration.

Look at app/plugins/Security.php and find method getAcl. It starts with:

  if (!isset($this->persistent->acl)) {

Just remove that check for now (only the check, not the method). And don't forget to return it back before project deployment.

About what it is read:


@Andrey it works that's weird... okay I'll check the docs why it happened


@Andrey thanks! Worked.

I tried to restart the server and nothing worked.