add access control to backend

2015-11-02 14:32:19 +01:00
parent e34b150d74
commit 1ee0a6bbe9
13 changed files with 106 additions and 11 deletions
--- a/backend/controllers/ProductController.php
+++ b/backend/controllers/ProductController.php
@@ -25,9 +25,22 @@ class ProductController extends Controller
                    'delete' => ['post'],
                ],
            ],
+        		'access' => [
+        				'class' => \yii\filters\AccessControl::className(),
+        				'only' => [   'index','view','create','update'],
+        				'rules' => [
+        						// allow authenticated users
+        						[
+        								'allow' => true,
+        								'roles' => ['@'],
+        						],
+        						// everything else is denied
+        				],
+        		],
        ];
    }

+    
    /**
     * Lists all Product models.
     * @return mixed