Open zolton007 opened 9 years ago
Maybe add in the "behavior" of the controller "access"-block? (e.g., from controller PermissionController):
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['index', 'view', 'create', 'update', 'delete', 'assign', 'search'],
'allow' => true,
'roles' => ['admin'],
],
],
],
or you can consult a more elegant solution?
In your config,you only use 'as access' to the routes anyone can have access. You have a *, comment/remove it.
'as access' => [
'class' => 'mdm\admin\components\AccessControl' ,
'allowActions' => [
//'*'
]
],
If I comment/remove '*', all controllers are not available even for the user with the "admin" role :-(
here is my web.php:
$config = [
//Other configs...
'as access' => [
'class' => 'mdm\admin\components\AccessControl',
'allowActions' => [
/*'admin/*',
'gii/*',
'user/*',
'debug/*',*/
'site/index', // home
'site/captcha', // captcha in contact
'user/security/*', // login and logout
'user/recovery/*', // change password
'user/settings/*', // edit self infos
'user/profile/*', // user Profile
]
],
//Other configs...
]
Btw, i'm using another module for user (dektrium /yii2-user), so i'm calling some routes there too. The first 4 lines in my AllowActions i commented after: 1- Create my user(with other module), 2- Check all routes as Assigned (in Menu Routes) 3 - Create a permissions with the routes i needed(Menu Permissions). 4 - Create Roles and delegate permissions for each one (menu Roles). 5 - Assign my user to a role who have all access, with means the '/*' (Menu Assignments/Grand Access).
Sure you can skip step 3 and create a Role directly with the routes (since routes are permissions).
Hello from Russia! Sorry for my English :) I need help! I installed the module from the archive (unpacked in the "vendor" directory ) . My "config/web.php":
In the configuration file I have a role by default "guest" and I made this role also through the admin panel. In the controller I check access as follows:
Question: How can I restrict access to the admin panel (admin/*)? For example there could come to only users with "admin" role.
Thanks in advance!