how restrict a user role to backend action

[zakrot]

Hi How restrict a user role such as 'user' to an action of backend I have tried this code in a controller :

public function behaviors() { return [ 'verbs' => [ ... ], 'access' => [ 'class' => \yii\filters\AccessControl::className(), 'rules' => [ [ 'allow' => false, 'actions' => ['index'], 'roles' => ['user'], 'denyCallback' => function () { return Yii::$app->controller->redirect(['/user/default/profile']); } ], ], ], ]; } But noting happened

[dungphanxuan]

Hi, that statert kit is standard for developer can begin application. You shound extend it than change it, Structure of start kit is not hard and you shouldn't change it if you are begin with yii.

[trntv]

Read yii docs about RBAC https://github.com/yiisoft/yii2/blob/master/docs/guide/security-authorization.md

and you can use it: https://github.com/trntv/yii2-starter-kit#globalaccessbehavior