How do I limit the access?

[moplin]

How do I limit the access to settings just to an RBACK SUPERADMIN??

[moplin]

I am only hiding the route on route configuration. Any better way?

[ihorchepurnyi]

Hi, @moplin

1. You need to create your own SettingController that extends from DefaultController

   
   <?php

namespace backend\controllers;

use yii\filters\AccessControl; use yii2mod\settings\controllers\DefaultController;

class SettingController extends DefaultController { /**

• Returns a list of behaviors that this component should behave as.

• @return array */ public function behaviors(): array { $behaviors = parent::behaviors(); $behaviors['access'] = [ 'class' => AccessControl::class, 'rules' => [ [ 'allow' => true, 'roles' => ['super-admin'], // here you can setup your own role ], ], ];

  return $behaviors;

  } }

2. You need to change the configuration for the setting module as follows:

        'settings' => [
            'class' => 'yii2mod\settings\Module',
            'controllerMap' => [
                'default' => [
                    'class' => 'backend\controllers\SettingController', // path to your controller
                ],
            ]
        ],