diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index b24f0104f..070a0b113 100644
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -127,6 +127,22 @@ class RBAC
                 'getCaledarList' => array(),
                 'getPMVariables' => array(),
                 'generateBpmn' => array()
+            ),
+            'home.php' => array(
+                'login' => array('PM_LOGIN'),
+                'index' => array('PM_CASES'),
+                'indexSingle' => array('PM_CASES'),
+                'appList' => array('PM_CASES'),
+                'appAdvancedSearch' => array('PM_ALLCASES'),
+                'getApps' => array('PM_ALLCASES'),
+                'getAppsData' => array('PM_ALLCASES'),
+                'startCase' => array('PM_CASES'),
+                'error' => array(),
+                'getUserArray' => array('PM_ALLCASES'),
+                'getCategoryArray' => array('PM_ALLCASES'),
+                'getAllUsersArray' => array('PM_ALLCASES'),
+                'getStatusArray' => array('PM_ALLCASES'),
+                'getProcessArray' => array('PM_ALLCASES')
             )
 
         );
diff --git a/workflow/engine/controllers/home.php b/workflow/engine/controllers/home.php
index 20f138a0d..42f32e571 100644
--- a/workflow/engine/controllers/home.php
+++ b/workflow/engine/controllers/home.php
@@ -3,7 +3,6 @@
 /**
  * Home controller
  *
- * @author Erik Amaru Ortiz <erik@colosa.com, aortiz.erik@gmail.com>
  * @inherits Controller
  * @access public
  */
@@ -24,9 +23,15 @@ class Home extends Controller
     private $lastSkin;
     private $usrId;
 
+    public function call ($name)
+    {
+        global $RBAC;
+        $RBAC->allows(basename(__FILE__), $name);
+        parent::call($name);
+    }
+
     public function __construct ()
     {
-        //die($_SESSION['user_experience']);
         // setting client browser information
         $this->clientBrowser = G::getBrowser();
 
@@ -484,7 +489,6 @@ class Home extends Controller
                     }
                 }
 
-                //$swType = $type === "todo" || $type === "draft";
                 if (!empty($listType)) {
                     //The change is made because the method 'getList()' does not
                     //support 'USR_UID', this method uses the numeric field 'USR_ID'.
@@ -569,7 +573,6 @@ class Home extends Controller
 
         $oCase = new Cases();
         $aNextStep = $oCase->getNextStep( $_SESSION['PROCESS'], $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['STEP_POSITION'] );
-        //../cases/cases_Open?APP_UID={$APP.APP_UID}&DEL_INDEX={$APP.DEL_INDEX}&action=todo
         $aNextStep['PAGE'] = '../cases/cases_Open?APP_UID=' . $aData['APPLICATION'] . '&DEL_INDEX=' . $aData['INDEX'] . '&action=draft';
         $_SESSION['BREAKSTEP']['NEXT_STEP'] = $aNextStep;