Good, in short words:
If I don't configure access from config file for backend at this mode:
'allowActions' => [
'site/*',
//'rbac/*'
//'admin/*'
// The actions listed here will be allowed to everyone including guests.
// So, 'admin/*' should not appear here in the production, of course.
// But in the earlier stages of your development, you may probably want to
// add a lot of actions here until you finally completed setting up rbac,
// otherwise you may not even take a first step.
]
I'm unable as admin user/role to access to any rbac or site URL, doesn't matter if I add via database such URL to auth_item table.
My backend baseUrl is set to /admin and via htaccess I can use the same domain to achieve it.
Aditional to it, I can see the admin index being guest but having restricted the index to guest.
Good, in short words: If I don't configure access from config file for backend at this mode:
I'm unable as admin user/role to access to any rbac or site URL, doesn't matter if I add via database such URL to auth_item table.
My backend baseUrl is set to /admin and via htaccess I can use the same domain to achieve it.
Aditional to it, I can see the admin index being guest but having restricted the index to guest.